Windows 10 Cumulative Update Build 17134.619 Released With Fixes
Windows 10 April 2018 Update Build 17134.619 is now rolling out to the general public with a bunch of new fixes and improvements. Windows 10 KB4487029 (Build 17134.619) includes fixes for Internet Explorer and other core components. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-update-build-17134619-released-with-fixes/
Windows 10 April 2018 Update Build 17134.619 is now rolling out to the general public with a bunch of new fixes and improvements. Windows 10 KB4487029 (Build 17134.619) includes fixes for Internet Explorer and other core components. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-update-build-17134619-released-with-fixes/
BleepingComputer
Windows 10 Cumulative Update Build 17134.619 Released With Fixes
Windows 10 April 2018 Update Build 17134.619 is now rolling out to the general public with a bunch of new fixes and improvements. Windows 10 KB4487029 (Build 17134.619) includes fixes for Internet Explorer and other core components.
Formjacking Surpasses Ransomware and Cryptojacking as Top Threat of 2018
A new year in review report from Symantec shows that formjacking accompanied by supply chain attacks were the fastest growing threats of 2018, while living-off-the-land (LotL) attacks saw a large boost in adoption from threat actors, with PowerShell scripts usage, for example, seeing a formidable 1000% increase. [...]
https://www.bleepingcomputer.com/news/security/formjacking-surpasses-ransomware-and-cryptojacking-as-top-threat-of-2018/
A new year in review report from Symantec shows that formjacking accompanied by supply chain attacks were the fastest growing threats of 2018, while living-off-the-land (LotL) attacks saw a large boost in adoption from threat actors, with PowerShell scripts usage, for example, seeing a formidable 1000% increase. [...]
https://www.bleepingcomputer.com/news/security/formjacking-surpasses-ransomware-and-cryptojacking-as-top-threat-of-2018/
BleepingComputer
Formjacking Surpasses Ransomware and Cryptojacking as Top Threat of 2018
A new year in review report from Symantec shows that formjacking accompanied by supply chain attacks were the fastest growing threats of 2018, while living-off-the-land (LotL) attacks saw a large boost in adoption from threat actors, with PowerShell scriptsβ¦
JD Finance Android App Caught Storing Screenshots With Banking Info
JD Finance apologized to the users of its Android application on Sunday after one customer found out that screenshots taken of his account on the China Merchants Bank app were being added to the cache of the JD Finance app while it was running in the background. [...]
https://www.bleepingcomputer.com/news/security/jd-finance-android-app-caught-storing-screenshots-with-banking-info/
JD Finance apologized to the users of its Android application on Sunday after one customer found out that screenshots taken of his account on the China Merchants Bank app were being added to the cache of the JD Finance app while it was running in the background. [...]
https://www.bleepingcomputer.com/news/security/jd-finance-android-app-caught-storing-screenshots-with-banking-info/
BleepingComputer
JD Finance Android App Caught Storing Screenshots With Banking Info
JD Finance apologized to the users of its Android application on Sunday after one customer found out that screenshots taken of his account on the China Merchants Bank app were being added to the cache of the JD Finance app while it was running in the background.
New AI-Powered Site Generates Horrific Images of Cats
A new web site called thiscatdoesnotexist.com is using artificial intelligence to create images of cats on the fly. Due to the many variations of a cat's position, their surroundings, and the furniture in the background, many of these pictures look like they are coming straight out of a horror movie. [...]
https://www.bleepingcomputer.com/news/technology/new-ai-powered-site-generates-horrific-images-of-cats/
A new web site called thiscatdoesnotexist.com is using artificial intelligence to create images of cats on the fly. Due to the many variations of a cat's position, their surroundings, and the furniture in the background, many of these pictures look like they are coming straight out of a horror movie. [...]
https://www.bleepingcomputer.com/news/technology/new-ai-powered-site-generates-horrific-images-of-cats/
BleepingComputer
New AI-Powered Site Generates Horrific Images of Cats
A new web site called thiscatdoesnotexist.com is using artificial intelligence to create images of cats on the fly. Due to the many variations of a cat's position, their surroundings, and the furniture in the background, many of these pictures look like theyβ¦
Windows 10 Insider Preview Build 18342 Released With Numerous Improvements
Microsoft has released Windows 10 Insider Preview Build 18342 (19H1) to Insiders in the Fast ring. This build adds numerous Windows Sandbox fixes, changes to gaming, and the ability to access WSL files in File Explorer. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-preview-build-18342-released-with-numerous-improvements/
Microsoft has released Windows 10 Insider Preview Build 18342 (19H1) to Insiders in the Fast ring. This build adds numerous Windows Sandbox fixes, changes to gaming, and the ability to access WSL files in File Explorer. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-preview-build-18342-released-with-numerous-improvements/
BleepingComputer
Windows 10 Insider Preview Build 18342 Released With Numerous Improvements
Microsoft has released Windows 10 Insider Preview Build 18342 (19H1) to Insiders in the Fast ring. This build adds numerous Windows Sandbox fixes, changes to gaming, and the ability to access WSL files in File Explorer.
New Attack Kit Combines Trojans and Tools to Spread Miners, Steal Data
A new malware-powered attack kit that stitches up two Trojans and a coinminer to mine for data and Monero was observed while scanning for vulnerable machines from China, Taiwan, Italy, and Hong Kong, and spreading itself over the Internet and on local area networks. [...]
https://www.bleepingcomputer.com/news/security/new-attack-kit-combines-trojans-and-tools-to-spread-miners-steal-data/
A new malware-powered attack kit that stitches up two Trojans and a coinminer to mine for data and Monero was observed while scanning for vulnerable machines from China, Taiwan, Italy, and Hong Kong, and spreading itself over the Internet and on local area networks. [...]
https://www.bleepingcomputer.com/news/security/new-attack-kit-combines-trojans-and-tools-to-spread-miners-steal-data/
BleepingComputer
New Attack Kit Combines Trojans and Tools to Spread Miners, Steal Data
A new malware-powered attack kit that stitches up two Trojans and a coinminer to mine for data and Monero was observed while scanning for vulnerable machines from China, Taiwan, Italy, and Hong Kong, and spreading itself over the Internet and on local areaβ¦
Microsoft Edge Secret Whitelist Allows Facebook to Autorun Flash
Microsoft's Edge web browser comes with a hidden whitelist file designed to allow Facebook to circumvent the built-in click-to-play security policy to autorun Flash content without having to ask for user consent. [...]
https://www.bleepingcomputer.com/news/security/microsoft-edge-secret-whitelist-allows-facebook-to-autorun-flash/
Microsoft's Edge web browser comes with a hidden whitelist file designed to allow Facebook to circumvent the built-in click-to-play security policy to autorun Flash content without having to ask for user consent. [...]
https://www.bleepingcomputer.com/news/security/microsoft-edge-secret-whitelist-allows-facebook-to-autorun-flash/
BleepingComputer
Microsoft Edge Secret Whitelist Allows Facebook to Autorun Flash
Microsoft's Edge web browser comes with a hidden whitelist file designed to allow Facebook to circumvent the built-in click-to-play security policy to autorun Flash content without having to ask for user consent.
Mozilla Firefox 67 to Warn About Breached Sites Using New Add-On
Firefox Monitor is a Mozilla service that has partnered with Have I been Pwned to alert users when their email address has been discovered in a data breach. In the past, Firefox Monitor was a standalone service, but starting in Firefox 67 it will now be included as an extension. [...]
https://www.bleepingcomputer.com/news/software/mozilla-firefox-67-to-warn-about-breached-sites-using-new-add-on/
Firefox Monitor is a Mozilla service that has partnered with Have I been Pwned to alert users when their email address has been discovered in a data breach. In the past, Firefox Monitor was a standalone service, but starting in Firefox 67 it will now be included as an extension. [...]
https://www.bleepingcomputer.com/news/software/mozilla-firefox-67-to-warn-about-breached-sites-using-new-add-on/
BleepingComputer
Mozilla Firefox 67 to Warn About Breached Sites Using New Add-On
Firefox Monitor is a Mozilla service that has partnered with Have I been Pwned to alert users when their email address has been discovered in a data breach. In the past, Firefox Monitor was a standalone service, but starting in Firefox 67 it will now be includedβ¦
GandCrab Ransomware Affiliates Continue to Push Decryptable Versions
GandCrab Ransomware affiliates are doing their victims a favor by screwing up and distributing a version of the ransomware that can be decrypted for free. [...]
https://www.bleepingcomputer.com/news/security/gandcrab-ransomware-affiliates-continue-to-push-decryptable-versions/
GandCrab Ransomware affiliates are doing their victims a favor by screwing up and distributing a version of the ransomware that can be decrypted for free. [...]
https://www.bleepingcomputer.com/news/security/gandcrab-ransomware-affiliates-continue-to-push-decryptable-versions/
BleepingComputer
GandCrab Ransomware Affiliates Continue to Push Decryptable Versions
GandCrab Ransomware affiliates are doing their victims a favor by screwing up and distributing a version of the ransomware that can be decrypted for free.
Drupal Fixes Highly Critical Vulnerability
Administrators of websites running the Drupal content management software (CMS) are urged to take immediate action to mitigate a newly discovered a vulnerability that can lead to remote execution of PHP code under specific circumstances. [...]
https://www.bleepingcomputer.com/news/security/drupal-fixes-highly-critical-vulnerability/
Administrators of websites running the Drupal content management software (CMS) are urged to take immediate action to mitigate a newly discovered a vulnerability that can lead to remote execution of PHP code under specific circumstances. [...]
https://www.bleepingcomputer.com/news/security/drupal-fixes-highly-critical-vulnerability/
BleepingComputer
Drupal Fixes βHighly Criticalβ Vulnerability
Administrators of websites running the Drupal content management software (CMS) are urged to take immediate action to mitigate a newly discovered a vulnerability that can lead to remote execution of PHP code under specific circumstances.
Windows Servers Vulnerable to IIS Resource Exhaustion DoS Attacks
Microsoft published a security advisory on its Security Response Center which discloses that Windows Server and Windows 10 servers running Internet Information Services (IIS) are vulnerable to denial of service (DOS) attacks. [...]
https://www.bleepingcomputer.com/news/security/windows-servers-vulnerable-to-iis-resource-exhaustion-dos-attacks/
Microsoft published a security advisory on its Security Response Center which discloses that Windows Server and Windows 10 servers running Internet Information Services (IIS) are vulnerable to denial of service (DOS) attacks. [...]
https://www.bleepingcomputer.com/news/security/windows-servers-vulnerable-to-iis-resource-exhaustion-dos-attacks/
BleepingComputer
Windows Servers Vulnerable to IIS Resource Exhaustion DoS Attacks
Microsoft published a security advisory on its Security Response Center which discloses that Windows Server and Windows 10 servers running Internet Information Services (IIS) are vulnerable to denial of service (DOS) attacks.
Adobe Patches Critical Information Disclosure Flaw in Reader, Again
Adobe issued a security update to address a bypass for the CVE-2019-7089 zero-day patch issued on February 12, which would lead to sensitive information disclosure in the context of the current user in vulnerable Adobe Acrobat and Reader for Windows and macOS [...]
https://www.bleepingcomputer.com/news/security/adobe-patches-critical-information-disclosure-flaw-in-reader-again/
Adobe issued a security update to address a bypass for the CVE-2019-7089 zero-day patch issued on February 12, which would lead to sensitive information disclosure in the context of the current user in vulnerable Adobe Acrobat and Reader for Windows and macOS [...]
https://www.bleepingcomputer.com/news/security/adobe-patches-critical-information-disclosure-flaw-in-reader-again/
BleepingComputer
Adobe Patches Critical Information Disclosure Flaw in Reader, Again
Adobe issued a security update to address a bypass for the CVE-2019-7089 zero-day patch issued on February 12, which would lead to sensitive information disclosure in the context of the current user in vulnerable Adobe Acrobat and Reader for Windows and macOS
Malware Campaigns Target Users of Pornhub, XVideos, Other Adult Websites
People who visit adult websites are being exposed on a daily basis to malware, phishing, and malicious spam campaigns, with premium accounts used on these websites that get stolen ending up on dark web markets. [...]
https://www.bleepingcomputer.com/news/security/malware-campaigns-target-users-of-pornhub-xvideos-other-adult-websites/
People who visit adult websites are being exposed on a daily basis to malware, phishing, and malicious spam campaigns, with premium accounts used on these websites that get stolen ending up on dark web markets. [...]
https://www.bleepingcomputer.com/news/security/malware-campaigns-target-users-of-pornhub-xvideos-other-adult-websites/
BleepingComputer
Malware Campaigns Target Users of PornHub, XVideos, Other Adult Websites
People who visit adult websites are being exposed on a daily basis to malware, phishing, and malicious spam campaigns, with premium accounts used on these websites that get stolen ending up on dark web markets.
Apple Adds Better Cross-Site Tracking Prevention in iOS 12.2 Beta and Safari 12.1
The beta releases of iOS 12.2 and Safari 12.1 on macOS High Sierra and Mojave include an updated version of the WebKit Intelligent Tracking Prevention (ITP) feature that will further decrease trackers' ability to trace user identities across websites. [...]
https://www.bleepingcomputer.com/news/security/apple-adds-better-cross-site-tracking-prevention-in-ios-122-beta-and-safari-121/
The beta releases of iOS 12.2 and Safari 12.1 on macOS High Sierra and Mojave include an updated version of the WebKit Intelligent Tracking Prevention (ITP) feature that will further decrease trackers' ability to trace user identities across websites. [...]
https://www.bleepingcomputer.com/news/security/apple-adds-better-cross-site-tracking-prevention-in-ios-122-beta-and-safari-121/
BleepingComputer
Apple Adds Better Cross-Site Tracking Prevention in iOS 12.2 Beta and Safari 12.1
The beta releases of iOS 12.2 and Safari 12.1 on macOS High Sierra and Mojave include an updated version of the WebKit Intelligent Tracking Prevention (ITP) feature that will further decrease trackers' ability to trace user identities across websites.
Cr1ptT0r Ransomware Targets Embedded Systems, Infects D-Link NAS Gear
A new ransomware called Cr1ptT0r built for embedded systems targets network attached storage (NAS) equipment exposed to the internet to encrypt data available on it. [...]
https://www.bleepingcomputer.com/news/security/cr1ptt0r-ransomware-targets-embedded-systems-infects-d-link-nas-gear/
A new ransomware called Cr1ptT0r built for embedded systems targets network attached storage (NAS) equipment exposed to the internet to encrypt data available on it. [...]
https://www.bleepingcomputer.com/news/security/cr1ptt0r-ransomware-targets-embedded-systems-infects-d-link-nas-gear/
BleepingComputer
Cr1ptT0r Ransomware Targets Embedded Systems, Infects D-Link NAS Gear
A new ransomware called Cr1ptT0r built for embedded systems targets network attached storage (NAS) equipment exposed to the internet to encrypt data available on it.
19-Year Old WinRAR RCE Vulnerability Gets Micropatch Which Keeps ACE Support
A micropatch was released to fix a 19-year old arbitrary code execution vulnerability impacting 500 million users of the WinRAR compression tool and to keep ACE support after the app's devs removed it when they patched the security issue. [...]
https://www.bleepingcomputer.com/news/security/19-year-old-winrar-rce-vulnerability-gets-micropatch-which-keeps-ace-support/
A micropatch was released to fix a 19-year old arbitrary code execution vulnerability impacting 500 million users of the WinRAR compression tool and to keep ACE support after the app's devs removed it when they patched the security issue. [...]
https://www.bleepingcomputer.com/news/security/19-year-old-winrar-rce-vulnerability-gets-micropatch-which-keeps-ace-support/
BleepingComputer
19-Year Old WinRAR RCE Vulnerability Gets Micropatch Which Keeps ACE Support
A micropatch was released to fix a 19-year old arbitrary code execution vulnerability impacting 500 million users of the WinRAR compression tool and to keep ACE support after the app's devs removed it when they patched the security issue.
DDoS Attacks Ranked As Highest Threat by Enterprises
US and EMEA security professionals interviewed by the Neustar International Security Council (NISC) in January 2019 said that DDoS attacks are perceived as the highest threat to their organizations, with roughly half of their companies having been attacked in 2018. [...]
https://www.bleepingcomputer.com/news/security/ddos-attacks-ranked-as-highest-threat-by-enterprises/
US and EMEA security professionals interviewed by the Neustar International Security Council (NISC) in January 2019 said that DDoS attacks are perceived as the highest threat to their organizations, with roughly half of their companies having been attacked in 2018. [...]
https://www.bleepingcomputer.com/news/security/ddos-attacks-ranked-as-highest-threat-by-enterprises/
BleepingComputer
DDoS Attacks Ranked As Highest Threat by Enterprises
US and EMEA security professionals interviewed by the Neustar International Security Council (NISC) in January 2019 said that DDoS attacks are perceived as the highest threat to their organizations, with roughly half of their companies having been attackedβ¦
Windows 10 20H1 Build 18841 Released to Skip Ahead Insiders
Windows 10 20H1 Build 18841 is out for Insiders part of the Skip Ahead and it comes with normal bug fixes as Microsoft isn't ready to test new features yet. This build is from the 20H1 development branch. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-20h1-build-18841-released-to-skip-ahead-insiders/
Windows 10 20H1 Build 18841 is out for Insiders part of the Skip Ahead and it comes with normal bug fixes as Microsoft isn't ready to test new features yet. This build is from the 20H1 development branch. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-20h1-build-18841-released-to-skip-ahead-insiders/
BleepingComputer
Windows 10 20H1 Build 18841 Released to Skip Ahead Insiders
Windows 10 20H1 Build 18841 is out for Insiders part of the Skip Ahead and it comes with normal bug fixes as Microsoft isn't ready to test new features yet. This build is from the 20H1 development branch.
Office 365 Phishing Page Comes with Live Chat Support
Scammers handling a phishing website for Office 365 credentials added live support to add to the illusion of legitimacy necessary to trick victims. [...]
https://www.bleepingcomputer.com/news/security/office-365-phishing-page-comes-with-live-chat-support/
Scammers handling a phishing website for Office 365 credentials added live support to add to the illusion of legitimacy necessary to trick victims. [...]
https://www.bleepingcomputer.com/news/security/office-365-phishing-page-comes-with-live-chat-support/
BleepingComputer
Office 365 Phishing Page Comes with Live Chat Support
Scammers handling a phishing website for Office 365 credentials added live support to add to the illusion of legitimacy necessary to trick victims.
Windows 10 Build 18343 Released to Insiders with Windows Sandbox Improvements
Windows 10 19H1 Build 18343 is now rolling out to the Windows Insiders in the Fast Ring with improvements for Windows Sandbox and general bug fixes. Windows 10 Build 18343 comes from the 19H1 development and changes in this release will be shipped to the public with Windows 10 April 2019 Update. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-build-18343-released-to-insiders-with-windows-sandbox-improvements/
Windows 10 19H1 Build 18343 is now rolling out to the Windows Insiders in the Fast Ring with improvements for Windows Sandbox and general bug fixes. Windows 10 Build 18343 comes from the 19H1 development and changes in this release will be shipped to the public with Windows 10 April 2019 Update. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-build-18343-released-to-insiders-with-windows-sandbox-improvements/
BleepingComputer
Windows 10 Build 18343 Released to Insiders with Windows Sandbox Improvements
Windows 10 19H1 Build 18343 is now rolling out to the Windows Insiders in the Fast Ring with improvements for Windows Sandbox and general bug fixes. Windows 10 Build 18343 comes from the 19H1 development and changes in this release will be shipped to theβ¦