Microsoft June 2018 Patch Tuesday Fixes 50 Security Issues

Microsoft has released the June 2018 Patch Tuesday security updates, and this month's release comes with fixes for 50 vulnerabilities. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-june-2018-patch-tuesday-fixes-50-security-issues/

Google Removes the Option of Installing Chrome Extensions via Remote Sites

Google announced plans today to gradually remove the option of installing Chrome extensions from a remote website, also known as an "inline installation." [...]

https://www.bleepingcomputer.com/news/google/google-removes-the-option-of-installing-chrome-extensions-via-remote-sites/

Today, the EU Will Vote If to Ban Kaspersky Products From Official EU Networks

In a plenary session of the European Parliament that will be held today in Strasbourg, France, members of the European Parliament (MEPs) will vote on a motion for resolution which includes a clause to ban the use of software programs "that have been confirmed as malicious, such as Kaspersky Lab." [...]

https://www.bleepingcomputer.com/news/government/today-the-eu-will-vote-if-to-ban-kaspersky-products-from-official-eu-networks/

Here's the Status of Meltdown and Spectre Mitigations in Windows

Yesterday's Patch Tuesday release included fixes for the latest Spectre vulnerability, known as Spectre variant 4, or SpectreNG. [...]

https://www.bleepingcomputer.com/news/security/heres-the-status-of-meltdown-and-spectre-mitigations-in-windows/

Cortana Hack Lets You Change Passwords on Locked PCs

Microsoft has patched a vulnerability in the Cortana smart assistant that could have allowed an attacker with access to a locked computer to use the smart assistant and access data on the device, execute malicious code, or even change the PC's password to access the device in its entirety. [...]

https://www.bleepingcomputer.com/news/security/cortana-hack-lets-you-change-passwords-on-locked-pcs/

Microsoft Brings the Fluent Design to Office 365 For a Cleaner & Easier Interface

Starting today Microsoft is bringing the Fluent Design from Windows 10 to Office 365. This design is aimed to offer more a streamlined interface with depth, the right amount of colors, and transition animations that make using Office a cleaner and easier experience. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-brings-the-fluent-design-to-office-365-for-a-cleaner-and-easier-interface/

UK Retailer Says Hacker Accessed 5.9Mil Card Details, 1.2Mil User Records

UK-based electronics retailer Dixons Carphone, the company behind the Currys PC World, OneStopPhoneShop, and Carphone Warehouse brands, announced a security incident earlier today. [...]

https://www.bleepingcomputer.com/news/security/uk-retailer-says-hacker-accessed-59mil-card-details-12mil-user-records/

17 Backdoored Docker Images Removed From Docker Hub

The Docker team has pulled 17 Docker container images that have been backdoored and used to install reverse shells and cryptocurrency miners on users' servers for the past year. [...]

https://www.bleepingcomputer.com/news/security/17-backdoored-docker-images-removed-from-docker-hub/

Microsoft Explains Whether a Vulnerability Turns Into a Windows Security Update

Microsoft has released the criteria used to determine whether a reported and confirmed vulnerability is resolved through a security update or in the next version of Windows. These criteria were released in order to provide insight into the decision making progress and to receive feed back from security researchers. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-explains-whether-a-vulnerability-turns-into-a-windows-security-update/

Kaspersky Halts Europol and NoMoreRansom Project Coop After EU Parliament Vote

Kaspersky Lab announced today that it was temporarily halting its cooperation with Europol following the voting of a controversial motion in the European Parliament today. [...]

https://www.bleepingcomputer.com/news/government/kaspersky-halts-europol-and-nomoreransom-project-coop-after-eu-parliament-vote/

Steam Will No Longer Support Windows XP and Vista in 2019

In what many would consider overdue, Steam will no longer support the Windows XP and Windows Vista operating systems starting on January 1st 2019. [...]

https://www.bleepingcomputer.com/news/gaming/steam-will-no-longer-support-windows-xp-and-vista-in-2019/

New Lazy FP State Restore Vulnerability Affects All Intel Core CPUs

What a horrible year in security for Intel. First we had the Meltdown and Spectre vulnerabilities that never seem to go away. Now Intel has announced a new speculative execution side channel vulnerability involving "Lazy FP state restore" that could allow a malicious program to read data being used by other processes. [...]

https://www.bleepingcomputer.com/news/security/new-lazy-fp-state-restore-vulnerability-affects-all-intel-core-cpus/

Microsoft Fixes Faulty Debian Package That Messed With Users' Settings

Microsoft fixed yesterday a faulty Debian package that was messing with users' OS settings during its installation routine. The faulty package that was causing all the problems was Open R v3.5. Open R is an enhanced version of the R programming language maintained by Microsoft. [...]

https://www.bleepingcomputer.com/news/linux/microsoft-fixes-faulty-debian-package-that-messed-with-users-settings/

New MysteryBot Android Malware Packs a Banking Trojan, Keylogger, and Ransomware

Cybercriminals are currently developing a new strain of malware targeting Android devices which blends the features of a banking trojan, keylogger, and mobile ransomware. [...]

https://www.bleepingcomputer.com/news/security/new-mysterybot-android-malware-packs-a-banking-trojan-keylogger-and-ransomware/

Dark Web Drug Vendor Pleads Guilty After Feds Traced His Bitcoin Transactions

Gal Vallerius, a 36-year-old French national pleaded guilty this week in the US of selling narcotics on the Dark Web under the nickname of OxyMonster. [...]

https://www.bleepingcomputer.com/news/legal/dark-web-drug-vendor-pleads-guilty-after-feds-traced-his-bitcoin-transactions/

DBGer Ransomware Uses EternalBlue and Mimikats to Spread Across Networks

The authors of the Satan ransomware have rebranded their "product" and they now go by the name of DBGer ransomware, according to security researcher MalwareHunter, who spotted this new version earlier today. [...]

https://www.bleepingcomputer.com/news/security/dbger-ransomware-uses-eternalblue-and-mimikats-to-spread-across-networks/

Microsoft's SwiftKey Is Becoming the New Touch Keyboard in Windows 10

With today's release of Windows Insider Build 17692, Microsoft announced that their Swiftkey keyboard application will now become the touch keyboard for Windows 10. Using Swiftkey, users will get autocorrection and predictive typing in multiple languages as the application learns a particular user's writing style.  [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-swiftkey-is-becoming-the-new-touch-keyboard-in-windows-10/

Windows 10 Insider Build 17692 Released. Here's Whats New!

Today Microsoft released Windows 10 Insider Preview Build 17692 (Redstone 5) to insiders in the fast and skip ahead rings. This build adds a bunch of new features such as SwiftKey becoming the new touch keyboard, Edge getting autoplay video controls, search improvements, and more. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-17692-released-heres-whats-new/

Following Chrome's Lead, Microsoft Edge Also Moves to Block Autoplay Videos

The Microsoft Edge browser will gain the ability to block auto-playing media, such as sounds and web videos. The feature was announced today for Edge browsers part of Insiders program, Microsoft's testing ground for new Windows 10 features. [...]

https://www.bleepingcomputer.com/news/microsoft/following-chromes-lead-microsoft-edge-also-moves-to-block-autoplay-videos/

Decryptor Released for the Everbe Ransomware

A decryptor for the Everbe Ransomware was released by Michael Gillespie that allows victims to get their files back for free.  It is not known how this ransomware is currently being distributed, but as long as victims have an unencrypted version of an encrypted file, they can use them to brute force the decryption key. [...]

https://www.bleepingcomputer.com/news/security/decryptor-released-for-the-everbe-ransomware/