Windows Settings Shortcuts Can Be Abused for Code Execution on Windows 10

A new file type format added in Windows 10 can be abused for running malicious code on users' computers, according to Matt Nelson, a security researcher for SpecterOps. [...]

https://www.bleepingcomputer.com/news/security/windows-settings-shortcuts-can-be-abused-for-code-execution-on-windows-10/

Thanatos Ransomware Decryptor Released by the Cisco Talos Group

Back in February we wrote about a new ransomware called Thanatos that was encrypting victim's data, but contained flaws that would not allow the authors to decrypt a victims files even if they paid. Thankfully, the Cisco Talos Group was able to find a method to break the encryption routine. [...]

https://www.bleepingcomputer.com/news/security/thanatos-ransomware-decryptor-released-by-the-cisco-talos-group/

Microsoft Releases Cumulative Update for Windows 10 Version 1803 (KB4284848)

Microsoft has started rolling out a new Windows 10 update titled "2018-06 Cumulative Update for Windows 10 Version 1803 (KB4284848)" that fixes a variety of issues in Windows 10. Some of the fixes included are for compatibility issues, remote desktop problems, Edge issues, and accessing files over the SMBv1 protocol. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-cumulative-update-for-windows-10-version-1803-kb4284848/

Unpatched Flaw Disclosed in WordPress CMS Core

Security researchers from RIPS disclosed today details about an unpatched security flaw impacting WordPress, the Internet's most popular content management system (CMS). [...]

https://www.bleepingcomputer.com/news/security/unpatched-flaw-disclosed-in-wordpress-cms-core/

Office of Cyberspace Reborn In Bill Approved by Senate Panel

The Senate Foreign Relations Committee voted today to advance bill H.R. 3776, the Cyber Diplomacy Act. This bill outlines the restoration of the State Department's Cyber Office under the new name of Office of Cyberspace and the Digital Economy and the reinstatement of a head of cyber related activities for the Department of State. [...]

https://www.bleepingcomputer.com/news/government/office-of-cyberspace-reborn-in-bill-approved-by-senate-panel/

NSA Exploit "DoublePulsar" Patched to Work on Windows IoT Systems

An infosec researcher who uses the online pseudonym of Capt. Meelo has modified an NSA hacking tool known as DoublePulsar to work on the Windows IoT operating system (formerly known as Windows Embedded). [...]

https://www.bleepingcomputer.com/news/security/nsa-exploit-doublepulsar-patched-to-work-on-windows-iot-systems/

Facebook, Google Manipulate Users to Share Personal Data Despite GDPR

Despite the new GDPR regulation entering into effect across Europe, Facebook and Google are manipulating users into sharing personal data by leveraging misleading wording and confusing interfaces, according to a report released today by the Norwegian Consumer Council (NCC). [...]

https://www.bleepingcomputer.com/news/technology/facebook-google-manipulate-users-to-share-personal-data-despite-gdpr/

Two Hackers Arrested for Hijacking Over 700,000 Online Accounts

Russian police have arrested two teenage hackers for breaching, hijacking, and selling access to over 700,000 online accounts at Russian-based online stores, payment systems, and bookmaking/betting portals. [...]

https://www.bleepingcomputer.com/news/security/two-hackers-arrested-for-hijacking-over-700-000-online-accounts/

Cisco ASA Flaw Exploited in the Wild After Publication of Two PoCs

Hackers are exploiting a vulnerability in Cisco software to crash and/or retrieve information from affected devices. Cisco is aware of the issue and has warned customers last week, Friday, June 22. [...]

https://www.bleepingcomputer.com/news/security/cisco-asa-flaw-exploited-in-the-wild-after-publication-of-two-pocs/

Huawei’s New Ryzen-Powered MateBook D Is Now Available in the U.S. for $629

Huawei is one of the companies that have always tried to innovate in terms of design. At Computex, Huawei announced a new variant of MateBook D with a 14-inch display and the model is now available as a Walmart exclusive in the United States. [...]

https://www.bleepingcomputer.com/news/hardware/huawei-s-new-ryzen-powered-matebook-d-is-now-available-in-the-us-for-629/

Ticketmaster Announces Data Breach Affecting 5% of All Users

Ticketing service Ticketmaster announced a data breach incident today that affected roughly 5% of its entire customer base, and has resulted in the theft of customer data, Ticketmaster login information, and payment details. [...]

https://www.bleepingcomputer.com/news/security/ticketmaster-announces-data-breach-affecting-5-percent-of-all-users/

Windows 10 Insider Build 17704 Is Now Available. Here’s Whats New!

Microsoft just released Windows 10 Insider Preview Build 17704 (Redstone 5) to Windows Insiders in the Fast and Skip Ahead Rings. Windows 10 Insider Preview Build 17704 comes with a huge amount of improvements and new features that include ones for Microsoft Edge, new Skype experience, improved Diagnostic Data Viewer, and more. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-17704-is-now-available-here-s-whats-new/

Windows Defender Detecting Legitimate Files as Trojan:Win32/Bluteal.B!rfn

Recently there have been a lot of reports of Windows Defender suddenly detecting files as Trojan:Win32/Bluteal.B!rfn. The detected files range from CPU miners, which would make sense, to legitimate Windows files, which do not. [...]

https://www.bleepingcomputer.com/news/security/windows-defender-detecting-legitimate-files-as-trojan-win32-blutealbrfn/

Microsot Pulls Windows 10 Sets From Redstone 5 Builds

Last year, Microsoft announced a new feature called "Sets" for Windows 10 that would enable applications to run in tabs in UWP apps and Win32 programs. After a long wait, the feature was implemented in Windows 10 Insider preview builds, but the feedback has led Microsoft to remove Sets from its latest Windows 10 preview build 17704,  [...]

https://www.bleepingcomputer.com/news/microsoft/microsot-pulls-windows-10-sets-from-redstone-5-builds/

Those Harder to Mitigate UPnP-Powered DDoS Attacks Are Becoming a Reality

Security researchers are continuing to see DDoS attacks that leverage the UPnP features of home routers to alter network packets and make DDoS attacks harder to detect and mitigate with classic solutions. [...]

https://www.bleepingcomputer.com/news/security/those-harder-to-mitigate-upnp-powered-ddos-attacks-are-becoming-a-reality/

Some Spectre In-Browser Mitigations Can Be Defeated

Some of the protections against the Spectre CPU vulnerability introduced in modern browsers can be defeated, security researchers revealed this week. [...]

https://www.bleepingcomputer.com/news/security/some-spectre-in-browser-mitigations-can-be-defeated/

ProtonMail DDoS Attacks Are a Case Study of What Happens When You Mock Attackers

For the past two days, secure email provider ProtonMail has been fighting off DDoS attacks that have visibly affected the company's services, causing short but frequent outages at regular intervals. [...]

https://www.bleepingcomputer.com/news/security/protonmail-ddos-attacks-are-a-case-study-of-what-happens-when-you-mock-attackers/

Every Android Device Since 2012 Impacted by RAMpage Vulnerability

Almost all Android devices released since 2012 are vulnerable to a new vulnerability named RAMpage, an international team of academics has revealed today. The vulnerability, tracked as CVE-2018-9442, is a variation of the Rowhammer attack. [...]

https://www.bleepingcomputer.com/news/security/every-android-device-since-2012-impacted-by-rampage-vulnerability/

Equifax Engineer Who Designed Breach Website Charged With Insider Trading

The US Securities and Exchange Commission (SEC) has indicted a former Equifax engineer on charges of insider trading. [...]

https://www.bleepingcomputer.com/news/legal/equifax-engineer-who-designed-breach-website-charged-with-insider-trading/

National Security Concerns Over Hackers Commandeering Satellites

The number of satellites transmitting GPS locations, cellphone signals and other sensitive information has been rapidly increasing, which has resulted in the creation of favorable circumstances for hackers. Even with all the advances in satellite technology, much of the US military's satellite technology remains vulnerable. [...]

https://www.bleepingcomputer.com/news/security/national-security-concerns-over-hackers-commandeering-satellites/