Check Point Fixes Privilege Escalation Bug in ZoneAlarm Free

A security issue in Check Point's free edition of ZoneAlarm antivirus and firewall solution allowed a user with limited rights on the machine to inject and execute code with the highest privileges. [...]

https://www.bleepingcomputer.com/news/security/check-point-fixes-privilege-escalation-bug-in-zonealarm-free/

Microsoft Adds OneDrive Cloud File Sharing to Skype

Microsoft's Skype communication software now comes with support for seamless file sharing of files stored on the OneDrive cloud platform via a dedicated extension which provides faster and simpler file distribution and team collaboration. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-adds-onedrive-cloud-file-sharing-to-skype/

Google Now Publicly Lists Sites Using Chrome Platform Features

Google collects anonymous usage statistics for UseCounter tracked features built into Chrome to see how often they are being used. Google is now also showing the list of web sites that are utilizing these types of features in order to let Chromium developers see how they are being used. [...]

https://www.bleepingcomputer.com/news/google/google-now-publicly-lists-sites-using-chrome-platform-features/

New Ursnif Malware Campaign Uses Fileless Infection to Avoid Detection

A new malware campaign distributing the Ursnif banking Trojan using PowerShell to achieve fileless persistence to hide from anti-malware solutions was detected by Cisco's Advanced Malware Protection Exploit Prevention engine [...]

https://www.bleepingcomputer.com/news/security/new-ursnif-malware-campaign-uses-fileless-infection-to-avoid-detection/

Drive-By-Download Protection Coming to Google Chrome

Google is in the process of adding support for blocking drive-by downloads originating from website iframes, one of the techniques preferred by attackers behind malvertising campaigns to drop malware payloads on vulnerable machines [...]

https://www.bleepingcomputer.com/news/security/drive-by-download-protection-coming-to-google-chrome/

Microsof Office 365 Now Available in the Mac App Store

Microsoft Office 365 was launched today on Apple's Mac App Store allowing macOS users to download and install Microsoft's Word, Outlook, Excel, PowerPoint, OneDrive, and OneNote apps on their Macs, and offering the option to purchase a subscription from within the applications. [...]

https://www.bleepingcomputer.com/news/microsoft/microsof-office-365-now-available-in-the-mac-app-store/

Windows 10 Insider Build 18323 Released With Light Theme Improvements

Microsoft has released Windows 10 Insider Preview Build 18323 (19H1) to insiders in the Fast ring. This build brings an updated Raw Image Extension, improvements to the Light Theme, and notifications to enable Tamper Protection in Windows Security. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18323-released-with-light-theme-improvements/

How Reserved Storage Works in the Next Version of Windows 10

When Windows 10 build 1903 is released, it will introduce a new feature called Reserved Storage. As the name suggests, Reserved Storage will automatically allocate a certain amount of storage space that will be used by updates, apps, temporary files, and system caches. [...]

https://www.bleepingcomputer.com/news/microsoft/how-reserved-storage-works-in-the-next-version-of-windows-10/

VeryMal Malvertiser Delivers Image-Based Malware

A malvertising group recently targeted Apple users in a campaign that delivered a payload hidden in advertisement images. The attack triggered at least 5 million times a day. [...]

https://www.bleepingcomputer.com/news/security/verymal-malvertiser-delivers-image-based-malware/

U.S. Government Systems Will Be 'At Risk for Years to Come'

The future of cybersecurity looks similarly bleak for the US intelligence community. "Nearly all information, communication networks, and systems will be at risk for years to come," the 2019 National Intelligence Strategy reads. [...]

https://www.bleepingcomputer.com/news/security/us-government-systems-will-be-at-risk-for-years-to-come/

PowerShell Command Leaks "April 2019 Update" as Next Windows 10 Update

The name of the next Windows 10 feature update known as build 1903 or 19H1 may be called the April 2019 Update based on the output of the Get-VMHostSupportedVersion PowerShell command. [...]

https://www.bleepingcomputer.com/news/microsoft/powershell-command-leaks-april-2019-update-as-next-windows-10-update/

GDPR Behind 42K Data Breach Notifications, 255 Investigations

Data Protection Authorities (DPAs) across Europe received 95,180 complaints regarding the mishandling of personal data and companies reported a record number of 41,502 data breaches since the General Data Protection Regulation (GDPR) was enacted on 25 May 2018 [...]

https://www.bleepingcomputer.com/news/security/gdpr-behind-42k-data-breach-notifications-255-investigations/

YouTube to Stop Recommending Conspiracy Theory Videos

YouTube has announced today that they will reduce recommendations of videos that promote misinformation and conspiracy theories such as the earth being flat or 9/11 never happening. [...]

https://www.bleepingcomputer.com/news/google/youtube-to-stop-recommending-conspiracy-theory-videos/

Microsoft To-Do Beta Finally Lets You Attach Files to Tasks

The long awaited ability to attach files to tasks is finally coming to the Microsoft To-Do task scheduling program. These files will then be accessible across all devices that are using the same Microsoft account. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-do-beta-finally-lets-you-attach-files-to-tasks/

Facebook Details the "Defense-in-Depth” Approach Used to Secure its Platform

Facebook revealed the "defense-in-depth" approach it uses to make sure that its platform and services are secure and to find, fix, and prevent security issues to reach live deployment and affect end users. [...]

https://www.bleepingcomputer.com/news/security/facebook-details-the-defense-in-depth-approach-used-to-secure-its-platform/

The Week in Ransomware - January 25th 2019 - STOP Won't Stop!

This week we see STOP Ransomware becoming the most widespread ransomware targeting consumers and the enterprise that we have seen in a long time. This is due to a constant stream of variants being released, with a large amount of victims being infected through adware bundles promoted through crack sites. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-25th-2019-stop-wont-stop/

Google Chrome Adding Support for Signed HTTP Exchanges

The Google Chrome team is working on shipping a Signed HTTP Exchanges (SXG) feature with a future Chrome release allowing the browser to load and navigate signed web documents designed to look as originating from a particular source, regardless of the server they're loaded from. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-adding-support-for-signed-http-exchanges/

Microsoft 365 Suffers Massive Two Day Outage, Outlook and Exchange Down

The Microsoft 365 online productivity suite experienced a massive outage throughout the last two days, with users reporting that they couldn't access their mailboxes through multiple protocols [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-365-suffers-massive-two-day-outage-outlook-and-exchange-down/

Exploits for Cisco RV320/RV325 Routers Trip Scans for Unpatched Hosts

Disclosure of proof-of-exploit code for security bugs in Cisco routers for small businesses prompted hackers to scan for vulnerable devices in an attempt to take full control of them. [...]

https://www.bleepingcomputer.com/news/security/exploits-for-cisco-rv320-rv325-routers-trip-scans-for-unpatched-hosts/

Dailymotion Resets Passwords After Credential Stuffing Attack

Dailymotion on Friday announced that some accounts were the target of a credential stuffing attack. The video platform's security team discovered the unauthorized access attempts and stopped them.. [...]

https://www.bleepingcomputer.com/news/security/dailymotion-resets-passwords-after-credential-stuffing-attack/