Microsoft Issues Windows Security Update for 0Day Vulnerability

Microsoft released two out of band security updates today for remote code execution (RCE) and denial of service (DoS) security vulnerabilities impacting Internet Explorer and Windows Defender, respectively. [...]

https://www.bleepingcomputer.com/news/security/microsoft-issues-windows-security-update-for-0day-vulnerability/

Finnish Govt. Releases Guide on Securing Microsoft Office 365

The National Cyber Security Centre Finland (NCSC-FI) which acts as Finland's National Communications Security Authority published today a detailed guide on how to secure Microsoft Office 365 against data breaches and credential phishing. [...]

https://www.bleepingcomputer.com/news/security/finnish-govt-releases-guide-on-securing-microsoft-office-365/

Beware of Google Alert Links Leading to Malware and Scams

Google Alerts is s useful service that allows you to receive emails or an updated RSS feed when new pages appear in the Google search index that are related to specified keywords you are following. Unfortunately, whenever there is a good thing, people try to take advantage of them to push users towards scams and malware [...]

https://www.bleepingcomputer.com/news/security/beware-of-google-alert-links-leading-to-malware-and-scams/

Emotet Tries to Infect You By Claiming It's Snowden's Book

Emotet has started a new spam campaign that pretends to be a scanned copy of Edward Snowden's new book. Unsuspecting users who open the attachment and enable its content will find that they have become infected with Emotet, most likely Trickbot, and possibly other malware. [...]

https://www.bleepingcomputer.com/news/security/emotet-tries-to-infect-you-by-claiming-its-snowdens-book/

Zebrocy Infects Targets with New Golang-Based Backdoor via Dropbox

A recently observed campaign from the Zebrocy APT operators relied on a revamped backdoor to maintain access to victim hosts and extract profiling information. [...]

https://www.bleepingcomputer.com/news/security/zebrocy-infects-targets-with-new-golang-based-backdoor-via-dropbox/

Avid Users Are Suddenly Finding That Their Macs Won’t Boot

Avid video editors have started reported that when they shutdown their Macs, they will no longer boot up afterwards.  It is not known exactly what is causing this issue, but it appears to be affecting older versions of Mac OS X who have the Avid Media Creator software installed. [...]

https://www.bleepingcomputer.com/news/software/avid-users-are-suddenly-finding-that-their-macs-won-t-boot/

Gmail for Android and iOS Gets a Dark Theme

Google announced today that they are rolling out a Dark theme to Gmail for Android and iOS users. This feature is currently rolling out to users of both the Android and iOS versions of Gmail. [...]

https://www.bleepingcomputer.com/news/google/gmail-for-android-and-ios-gets-a-dark-theme/

State-Backed Attackers Target US Entities with LookBack Malware

A spear-phishing campaign spanning more than five months has been targeting roughly 17 U.S. utility providers between April 5 and August 29 according to research from Proofpoint's Threat Insight Team. [...]

https://www.bleepingcomputer.com/news/security/state-backed-attackers-target-us-entities-with-lookback-malware/

Fake Employment Site Created to Target Veterans With Malware

A fake web site pretending to be an organization that offers job opportunities for U.S. veterans is distributing malware that let's the attackers gain full control over a victim's computer. [...]

https://www.bleepingcomputer.com/news/security/fake-employment-site-created-to-target-veterans-with-malware/

Instagram Phishing Attack Baits With Copyright Infringement Note

Instagram users are being targeted by a new phishing campaign that baits them into giving away their credentials using fake copyright infringement notices which implants a feeling of urgency designed to lower the users' guard. [...]

https://www.bleepingcomputer.com/news/security/instagram-phishing-attack-baits-with-copyright-infringement-note/

Windows 10 1809 Cumulative Update KB4516077 Released With Fixes

Microsoft has released a new cumulative update for Windows 10 version 1809 that fixes a huge amount of bugs and issues. Some of the highlighted issues that are fixes with this release are high CPU when switching apps, Calculator shutting down, incorrect file and folder properties in File Explorer, and Narrator not opening properly. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-1809-cumulative-update-kb4516077-released-with-fixes/

Shared Code Links Sodinokibi to GandCrab, Minus the Fun & Games

Hints of a connection between the defunct GandCrab and the Sodinokibi ransomware get stronger as researchers find code-level similarities and artifacts suggesting continued operations. [...]

https://www.bleepingcomputer.com/news/security/shared-code-links-sodinokibi-to-gandcrab-minus-the-fun-and-games/

Microsoft Rolls Out Windows Terminal 1909 With Long List of Fixes

Microsoft is rolling out the September 2019 release (1909) of its multi-tabbed Windows Terminal console app with a new settings schema, a new font, stylus support, and Windows 20H1 Console Windows Host (conhost) bug fixes. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-windows-terminal-1909-with-long-list-of-fixes/

Windows 10 to Boost Performance via Favored CPU Core Optimization

Windows 10 19H2 will include optimizations to how instructions are processed by the CPU in order to increase the performance and reliability of the operating system and its applications. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-to-boost-performance-via-favored-cpu-core-optimization/

Apple to Fix iOS Bug Granting Full Access to 3rd Party Keyboards

After releasing iOS 13.1 to fix a long list of bugs left unpatched in iOS 13, Apple says in a support document published today that an issue is impacting third-party iOS 13 and iPadOS keyboard extensions. [...]

https://www.bleepingcomputer.com/news/security/apple-to-fix-ios-bug-granting-full-access-to-3rd-party-keyboards/

Windows 10 Build 18990 Insider Released With UWP App Autostart

Microsoft has released Windows 10 Insider Preview Build 18990 (20H1) to Insiders in the Fast ring, which allows you to enable UWP apps to restart on sign-in and WSL improvements. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-build-18990-insider-released-with-uwp-app-autostart/

Hackers Exploit Unpatched Bug in Rich Reviews WordPress Plugin

Site administrators still using the Rich Reviews plugin for WordPress are easy targets as hackers are currently exploiting an unpatched vulnerability for malvertising campaigns. [...]

https://www.bleepingcomputer.com/news/security/hackers-exploit-unpatched-bug-in-rich-reviews-wordpress-plugin/

Adobe Fixes Critical Security Vulnerabilities in Coldfusion

Adobe released security updates for three vulnerabilities in ColdFusion. Two of these vulnerabilities are rated as Critical as they allow code execution and can bypass access controls. The other is an labeled critical as it allows information disclosure. [...]

https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-security-vulnerabilities-in-coldfusion/

vBulletin Zero-Day Exploited for Years, Gets Unofficial Patch

A zero-day exploit for the vBulletin forum platform was publicly disclosed and quickly used to attack affected versions of the forum software. It turns out, though, that this exploit has been known, utilized, and sold by researchers and attackers for years. [...]

https://www.bleepingcomputer.com/news/security/vbulletin-zero-day-exploited-for-years-gets-unofficial-patch/

CloudFlare's WARP Secures iOS and Android Web Traffic for Free

Cloudflare's WARP mobile app for iOS or Android designed to secure all the Internet traffic on one's mobile devices is now available for everyone. [...]

https://www.bleepingcomputer.com/news/security/cloudflares-warp-secures-ios-and-android-web-traffic-for-free/