Instagram Phishing Attack Baits With Copyright Infringement Note

Instagram users are being targeted by a new phishing campaign that baits them into giving away their credentials using fake copyright infringement notices which implants a feeling of urgency designed to lower the users' guard. [...]

https://www.bleepingcomputer.com/news/security/instagram-phishing-attack-baits-with-copyright-infringement-note/

Windows 10 1809 Cumulative Update KB4516077 Released With Fixes

Microsoft has released a new cumulative update for Windows 10 version 1809 that fixes a huge amount of bugs and issues. Some of the highlighted issues that are fixes with this release are high CPU when switching apps, Calculator shutting down, incorrect file and folder properties in File Explorer, and Narrator not opening properly. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-1809-cumulative-update-kb4516077-released-with-fixes/

Shared Code Links Sodinokibi to GandCrab, Minus the Fun & Games

Hints of a connection between the defunct GandCrab and the Sodinokibi ransomware get stronger as researchers find code-level similarities and artifacts suggesting continued operations. [...]

https://www.bleepingcomputer.com/news/security/shared-code-links-sodinokibi-to-gandcrab-minus-the-fun-and-games/

Microsoft Rolls Out Windows Terminal 1909 With Long List of Fixes

Microsoft is rolling out the September 2019 release (1909) of its multi-tabbed Windows Terminal console app with a new settings schema, a new font, stylus support, and Windows 20H1 Console Windows Host (conhost) bug fixes. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-windows-terminal-1909-with-long-list-of-fixes/

Windows 10 to Boost Performance via Favored CPU Core Optimization

Windows 10 19H2 will include optimizations to how instructions are processed by the CPU in order to increase the performance and reliability of the operating system and its applications. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-to-boost-performance-via-favored-cpu-core-optimization/

Apple to Fix iOS Bug Granting Full Access to 3rd Party Keyboards

After releasing iOS 13.1 to fix a long list of bugs left unpatched in iOS 13, Apple says in a support document published today that an issue is impacting third-party iOS 13 and iPadOS keyboard extensions. [...]

https://www.bleepingcomputer.com/news/security/apple-to-fix-ios-bug-granting-full-access-to-3rd-party-keyboards/

Windows 10 Build 18990 Insider Released With UWP App Autostart

Microsoft has released Windows 10 Insider Preview Build 18990 (20H1) to Insiders in the Fast ring, which allows you to enable UWP apps to restart on sign-in and WSL improvements. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-build-18990-insider-released-with-uwp-app-autostart/

Hackers Exploit Unpatched Bug in Rich Reviews WordPress Plugin

Site administrators still using the Rich Reviews plugin for WordPress are easy targets as hackers are currently exploiting an unpatched vulnerability for malvertising campaigns. [...]

https://www.bleepingcomputer.com/news/security/hackers-exploit-unpatched-bug-in-rich-reviews-wordpress-plugin/

Adobe Fixes Critical Security Vulnerabilities in Coldfusion

Adobe released security updates for three vulnerabilities in ColdFusion. Two of these vulnerabilities are rated as Critical as they allow code execution and can bypass access controls. The other is an labeled critical as it allows information disclosure. [...]

https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-security-vulnerabilities-in-coldfusion/

vBulletin Zero-Day Exploited for Years, Gets Unofficial Patch

A zero-day exploit for the vBulletin forum platform was publicly disclosed and quickly used to attack affected versions of the forum software. It turns out, though, that this exploit has been known, utilized, and sold by researchers and attackers for years. [...]

https://www.bleepingcomputer.com/news/security/vbulletin-zero-day-exploited-for-years-gets-unofficial-patch/

CloudFlare's WARP Secures iOS and Android Web Traffic for Free

Cloudflare's WARP mobile app for iOS or Android designed to secure all the Internet traffic on one's mobile devices is now available for everyone. [...]

https://www.bleepingcomputer.com/news/security/cloudflares-warp-secures-ios-and-android-web-traffic-for-free/

Hackers Replace Windows Narrator to Get SYSTEM Level Access

Chinese hackers are replacing the legitimate Narrator app on targeted Windows systems with a trojanized version that gives them remote access with privileges of the most powerful account on the operating system. [...]

https://www.bleepingcomputer.com/news/security/hackers-replace-windows-narrator-to-get-system-level-access/

Microsoft Phishing Attack Uses Google Redirects to Evade Detection

A new phishing campaign uses Google search query redirects to send potential victims to a phishing landing page designed to collect Microsoft Office 365 credentials via encoded URLs. [...]

https://www.bleepingcomputer.com/news/security/microsoft-phishing-attack-uses-google-redirects-to-evade-detection/

Ransomware Decryptors Released for Yatron, WannaCryFake, & FortuneCrypt

Security vendors released decryptors for three ransomware infections today that allow victims to recover their files for free. These decryptors are for the WannaCryFake, Yatron, and FortuneCrypt Ransomware infections. [...]

https://www.bleepingcomputer.com/news/security/ransomware-decryptors-released-for-yatron-wannacryfake-and-fortunecrypt/

Buggy Google Chrome Update Behind Recent Unbootable Macs

A wave of reported Macs being no longer able to boot was caused by a recent Google Chrome update that was corrupting a necessary operating system folder. Once the update was installed, affected users found they were no longer able to boot into macOS. [...]

https://www.bleepingcomputer.com/news/security/buggy-google-chrome-update-behind-recent-unbootable-macs/

Microsoft to Extend Office 365 ATP Safe Links to Office Online

Microsoft is currently working on extending the Office 365 Advanced Threat Protection (ATP) Safe Links protection to Office Online apps, with the new feature to be released in October. [...]

https://www.bleepingcomputer.com/news/security/microsoft-to-extend-office-365-atp-safe-links-to-office-online/

Botnet Uses Recent vBulletin Exploit to Block Other Hackers

A botnet has been detected utilizing the recently disclosed vBulletin exploit to secure vulnerable servers so that they cannot be used by other attackers. This allows the botnet to grow their army of compromised servers without fear that other attackers will utilize the same server. [...]

https://www.bleepingcomputer.com/news/security/botnet-uses-recent-vbulletin-exploit-to-block-other-hackers/

Vodafone's Mobile App Briefly Exposed Customer Information

For a brief period on Wednesday morning, Vodafone customers in New Zealand using the mobile carrier's app could see details for other customers. [...]

https://www.bleepingcomputer.com/news/security/vodafones-mobile-app-briefly-exposed-customer-information/

Outlook on the Web to Block File Extensions for PowerShell, Python, and More

Microsoft will soon be blocking an additional 38 file extension from being downloaded as attachments in Outlook on the Web in order to protect users from malicious files. These additional extensions includes files used by Java, PowerShell, Python, and various vulnerabilities. [...]

https://www.bleepingcomputer.com/news/microsoft/outlook-on-the-web-to-block-file-extensions-for-powershell-python-and-more/

Microsoft Enables Tracking Prevention by Default in New Edge Beta

Microsoft released the first update to the Microsoft Edge Beta channel that brings the web browser to the 78.0.276.8 build, enables the tracking prevention feature by default, and adds new sign-in and sync features. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-enables-tracking-prevention-by-default-in-new-edge-beta/