Users Forcibly Being Logged Into Chrome When Signing Into a Google Service

With the release of Chrome 69, it was discovered that when you log into your Google account, or any Google service for that matter, you will also be automatically logged into Chrome whether you want to or not. [...]

https://www.bleepingcomputer.com/news/security/users-forcibly-being-logged-into-chrome-when-signing-into-a-google-service/

New Mozilla Firefox Attack Causes Desktop Client to Crash

A new attack has been created that can crash or freeze the Mozilla Firefox desktop browser simply by visiting a web page that contains an embedded JavaScript script.  [...]

https://www.bleepingcomputer.com/news/security/new-mozilla-firefox-attack-causes-desktop-client-to-crash/

Cloudflare Improves Privacy by Encrypting the SNI During TLS Negotation

Cloudflare announces today support for encrypted Server Name Indication, a mechanism that makes it more difficult to track user's browsing. [...]

https://www.bleepingcomputer.com/news/security/cloudflare-improves-privacy-by-encrypting-the-sni-during-tls-negotation/

Microsoft's New Threat Protection Service Gives Security Overview for Orgs

At today's Ignite 2018 conference, Microsoft announced a new end-to-end security solution called Microsoft Threat Protection. Microsoft Threat Protection is designed to provide a view of an organization's overall threat landscape so that administrators can easily spot new threats and attacks. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-new-threat-protection-service-gives-security-overview-for-orgs/

Microsoft Rolls Out Confidential Computing for Azure

At the Ignite developer's conference today, Microsoft announces that the Azure cloud platform will soon integrate data protection features that keep information safe from the looming threat of a data breach. [...]

https://www.bleepingcomputer.com/news/security/microsoft-rolls-out-confidential-computing-for-azure/

Microsoft Reveals a Unified AI-Powered Search Experience Across all Platforms

Last year, Microsoft used Ignite to highlight its new AI initiatives and a new search experience for Office. Today at the Ignite 2018 conference, Microsoft detailed about a redefined search experience that will be used across all Microsoft services and within Windows. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-reveals-a-unified-ai-powered-search-experience-across-all-platforms/

macOS Mojave Privacy Bypass Flaw Allows Access to Protected Files

A security researcher shows on Mojave's release day that Apple's latest privacy protection implementations in macOS are not sufficiently strong. [...]

https://www.bleepingcomputer.com/news/security/macos-mojave-privacy-bypass-flaw-allows-access-to-protected-files/

Office 2019 for Windows and Mac Is Now Available

Microsoft today announced the Office 2019 productivity suite for commercial customers and you can now try the update on your Windows and Mac device. The new version of Office comes with several features that have been previously released on Office 365. [...]

https://www.bleepingcomputer.com/news/microsoft/office-2019-for-windows-and-mac-is-now-available/

Zoho Suspended by Domain Registrar Over Phishy Emails

In a bizarre sequence of events, after the CRM software company Zoho was taken offline by their domain registrar, they posted to Twitter asking for help getting their service back up and running again. When Zoho customer's contacted TierraNet, they were told the CRM service was taken down due to phishing violations. [...]

https://www.bleepingcomputer.com/news/security/zoho-suspended-by-domain-registrar-over-phishy-emails/

GandCrab V5 Released With Random Extensions and New HTML Ransom Note

GandCrab v5 has been released with a few noticeable changes. The first change is that the ransomware now uses a random 5 character extension for encrypted files and a new HTML ransom note. [...]

https://www.bleepingcomputer.com/news/security/gandcrab-v5-released-with-random-extensions-and-new-html-ransom-note/

GPG Mail Update Surprises Mac Users with Paid Plan

Mac users with GPG Mail installed on their systems woke up to a rude surprise when they updated the application last Friday and noticed that it had switched to a paid plan. [...]

https://www.bleepingcomputer.com/news/security/gpg-mail-update-surprises-mac-users-with-paid-plan/

United Nations WordPress Site Exposes Thousands of Resumes

Disclosure vulnerabilities in a web app from the United Nations leave open to public access CVs from job applicants and the organization failed to plug the leak despite receiving a private report on the issues. [...]

https://www.bleepingcomputer.com/news/security/united-nations-wordpress-site-exposes-thousands-of-resumes/

Chrome 69 Keeps Google's Cookies After You Clear Browser Data

It has been discovered that when you try to clear all cookies in the Chrome browser, every cookie will be deleted except for authentication cookies created by Google. This means that after clearing cookies, you will be logged out of every site that you are currently logged into, except for Google. [...]

https://www.bleepingcomputer.com/news/google/chrome-69-keeps-googles-cookies-after-you-clear-browser-data/

Security Engineer Hacks Hotel WiFi, Fined for Exposing Admin Password

A security engineer from Chinese multinational company Tencent hacked into the WiFi system of a hotel in Singapore and received a fine for publicly disclosing administrator login passwords. [...]

https://www.bleepingcomputer.com/news/security/security-engineer-hacks-hotel-wifi-fined-for-exposing-admin-password/

Night Eye Extension Adds a Dark Mode to Websites

There's a new extension in the marketplace that brings dark mode to websites like BleepingComputer, Facebook, Google, Quora and others. Called Night Eye, the extension basically tweaks the contrast within the websites to dark grey. [...]

https://www.bleepingcomputer.com/news/software/night-eye-extension-adds-a-dark-mode-to-websites/

Over 80 Cisco Products Affected by FragmentSmack DoS Bug

Cisco is currently looking into its product line to determine the ones using Linux kernel 3.9 or above, which is vulnerable to the FragmentSmack denial-of-service (DoS) bug. [...]

https://www.bleepingcomputer.com/news/security/over-80-cisco-products-affected-by-fragmentsmack-dos-bug/

Mozilla Launches Firefox Monitor Data Breach Notification Service

Mozilla has announced today the release of Firefox Monitor, a free service to help users find out whether or not their accounts have been part of a breach. This new service was created in partnership with Troy Hunt's Have I been Pwned, whose data is being supplied to Mozilla to power the Firefox Monitor service.  [...]

https://www.bleepingcomputer.com/news/software/mozilla-launches-firefox-monitor-data-breach-notification-service/

Magecart Attacks Grow Rampant in September

Attacks that compromise websites with scripts that steal payment card data from checkout pages have increased to hundreds of thousands of attempts in little over a month. [...]

https://www.bleepingcomputer.com/news/security/magecart-attacks-grow-rampant-in-september/

Chrome 70 Lets you Control Automatic Login and Deletes Google Cookies

In a blog entry posted today, Chrome product manager Zake Koch explains that even though they introduced unwanted changes with good intentions, based on user feedback they have decided to roll them back and give users more control over how their browser behaves.  [...]

https://www.bleepingcomputer.com/news/google/chrome-70-lets-you-control-automatic-login-and-deletes-google-cookies/

GandCrab v5 Ransomware Utilizing the ALPC Task Scheduler Exploit

The GandCrab v5 ransomware has started to use the recently disclosed Task Scheduler ALPC vulnerability to gain System privileges on an infected computer.  This vulnerability was recently patched by Microsoft in the September 2018 Patch Tuesday, but many companies may not have installed the patch. [...]

https://www.bleepingcomputer.com/news/security/gandcrab-v5-ransomware-utilizing-the-alpc-task-scheduler-exploit/