Critical Bug In Harbor Container Registry Gives Admin Access

Attackers can exploit a critical security vulnerability in Harbor cloud native registry for container images to obtain admin privileges on a vulnerable hosting system. [...]

https://www.bleepingcomputer.com/news/security/critical-bug-in-harbor-container-registry-gives-admin-access/

Celebrity Instagram Accounts Being Hacked to Push Scams

The streak of hacked celebrity Instagram accounts continues as cybercriminals temporarily hijacked Nicole Scherzinger's social media profile and promised access to an alleged sex tape of the singer-songwriter. [...]

https://www.bleepingcomputer.com/news/security/celebrity-instagram-accounts-being-hacked-to-push-scams/

Emotet Trojan Evolves Since Being Reawakend, Here is What We Know

With the reawakening of the Emotet botnet, the distribution methods, payloads, malicious document templates, and email templates continue to evolve. This article will go over some of the changes that have been observed by various security researchers over the past couple of days. [...]

https://www.bleepingcomputer.com/news/security/emotet-trojan-evolves-since-being-reawakend-here-is-what-we-know/

Thinkful Resets All User Passwords After Security Breach

Online developer bootcamp company Thinkful is sending out email notifications that state an unauthorized user was able to gain access to employee accounts credentials. Due to this, they are requiring all users to reset their passwords the next time they login. [...]

https://www.bleepingcomputer.com/news/security/thinkful-resets-all-user-passwords-after-security-breach/

Windows 10 Insider Build 18985 Released With Improved Bluetooth Pairing

Microsoft has released Windows 10 Insider Preview Build 18985 (20H1) to Insiders in the Fast ring, which includes a new optional update experience, a Snip & Sketch update, and a new Bluetooth pairing experience. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18985-released-with-improved-bluetooth-pairing/

Selfie Android Apps with 1.5M+ Installs Push Ads, Can Record Audio

A couple of Android apps found in Google Play included functionality that stealthy recording audio without user consent. The apps posed as selfie camera filters and had been installed over 1.5 million times. [...]

https://www.bleepingcomputer.com/news/security/selfie-android-apps-with-15m-installs-push-ads-can-record-audio/

Windows 10 is Getting a New Optional Update Experience

Microsoft is changing the windows update experience in Windows 10 so that "optional" updates are shown in a dedicated screen that will allow you to pick which update you would like to install [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-is-getting-a-new-optional-update-experience/

Forcepoint Fixes Privilege Escalation Bug in Windows VPN Client

A vulnerability affecting all versions of Forcepoint VPN Client for Windows, save the latest release, can be used to achieve persistence and evade detection. [...]

https://www.bleepingcomputer.com/news/security/forcepoint-fixes-privilege-escalation-bug-in-windows-vpn-client/

Twitter Removes State-backed Actors Conducting Information Campaigns

Twitter has removed another batch of state-sponsored actors performing information campaigns on Twitter.  The detected operations announced today involved Qatar, Iran, Yemen, Ecuador, Saudi Arabia, Spain, China, and Hong Kong. [...]

https://www.bleepingcomputer.com/news/technology/twitter-removes-state-backed-actors-conducting-information-campaigns/

Windows 7 and Server 2008 Get 0patch Security Fixes After EoS

Microsoft ending support for Windows 7 and Server 2008 early next year will also stop delivery of security patches through the normal channel. But users have an alternative to get security fixes on a regular basis in the form of micropatches. [...]

https://www.bleepingcomputer.com/news/security/windows-7-and-server-2008-get-0patch-security-fixes-after-eos/

Windows 7 Voting Systems to Get Free Security Updates Through 2020 Elections

Microsoft announced today that they will be providing free extended security updates for Windows 7 machines that are part of a federally certified voting system. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-7-voting-systems-to-get-free-security-updates-through-2020-elections/

Meet Stop Ransomware: The Most Active Ransomware Nobody Talks About

Have you ever heard of the STOP Ransomware? Probably not, as few write about it, most researchers don't cover it, and for the most part it targets consumers through cracked software, adware bundles, and shady sites. [...]

https://www.bleepingcomputer.com/news/security/meet-stop-ransomware-the-most-active-ransomware-nobody-talks-about/

The Week in Ransomware - September 20th 2019 - Fairly Quiet

This has been a fairly quiet week with no real big news other than further updates from Nemty, the introduction of TFlower, and another Ordinypt campaign targeting Germany. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-20th-2019-fairly-quiet/

Microsoft Marks Two Windows 10 1903 Issues as Resolved

Microsoft has marked a Windows 10 Chinese IME issue and a Windows Desktop Search or Start Menu issue as resolved in the Windows 10 Health Dashboard. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-marks-two-windows-10-1903-issues-as-resolved/

Jira Server and Service Desk Fix Critical Security Bugs

Atlassian released updates for Jira Service Desk and Jira Service Desk Data Center to fix a critical-severity security bug that can be exploited by anyone with access to a vulnerable customer portal. [...]

https://www.bleepingcomputer.com/news/security/jira-server-and-service-desk-fix-critical-security-bugs/

Microsoft Edge to Let You Block Potentially Unwanted Programs

Microsoft Edge is testing a new feature in their Canary build that allows you to block potentially unwanted programs (PUPs) from being downloaded by the browser. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-to-let-you-block-potentially-unwanted-programs/

Microsoft Edge's Collection Feature Helps You Stay Organized

Microsoft recently updated Edge for Windows and MacOS with a new feature called 'Collections' to help users collect and compare shopping items, collect and combine information from platforms like Wikipedia, and put together your event or research information in a dedicated panel for later reference. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edges-collection-feature-helps-you-stay-organized/

Malicious Android Apps Evade Google Play Protect via Remote Commands

More than two dozen malicious Android applications with over 2.1 million installs in total were observed by security researchers while displaying aggressive full-screen ads after downloading configuration files. [...]

https://www.bleepingcomputer.com/news/security/malicious-android-apps-evade-google-play-protect-via-remote-commands/

Microsoft to Force Modern Auth in Exchange Online to Enhance Security

Microsoft announced that Basic Authentication will be turned off in Exchange Online for Exchange ActiveSync (EAS), POP, IMAP, and Remote PowerShell starting October 13, 2020. [...]

https://www.bleepingcomputer.com/news/security/microsoft-to-force-modern-auth-in-exchange-online-to-enhance-security/

Windows 10 Task Manager Lets You Copy Performance Data as Text

The Windows 10 Task Manager Performance tab allows you to right-click on the various categories and copy the information into formatted text. This text can then be paste into online forums where you are receiving help, share it with others, or more easily copy down the hardware installed in your computer. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-task-manager-lets-you-copy-performance-data-as-text/