Nitro PDF Pro to Get Micropatches for 7 Potential RCE Bugs

The current version of Nitro PDF Pro has at least one vulnerability that could be used to attempt remote code execution on the victim host. A fix from a third party is on its way.. [...]

https://www.bleepingcomputer.com/news/security/nitro-pdf-pro-to-get-micropatches-for-7-potential-rce-bugs/

Creating Custom Windows Sandbox Configurations in Windows 10

This article will teach you how to use configuration files to modify the behavior of the Windows Sandbox feature in Windows 10. [...]

https://www.bleepingcomputer.com/news/microsoft/creating-custom-windows-sandbox-configurations-in-windows-10/

How to Make Windows 10 Pause Updates for a Period of Time

Pausing Windows 10 update makes sense, especially when you really don't want the update. Fortunately, Microsoft lets you pause or delay Windows Updates, and here's how. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-make-windows-10-pause-updates-for-a-period-of-time/

Sodinokibi Ransomware: Following the Affiliate Money Trail

After a Sodinokibi ransomware affiliate posted partial transaction IDs for ransomware payments, researchers were able to use that information to follow the money trail for affiliates and in some cases, how they spend their illicit earnings. [...]

https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-following-the-affiliate-money-trail/

Iranian Hackers Create Credible Phishing to Steal Library Access

The Silent Librarian threat group is constantly updating its tactics and techniques, to the point of using on its login phishing pages info and alerts that is accurate and relevant to potential victims. [...]

https://www.bleepingcomputer.com/news/security/iranian-hackers-create-credible-phishing-to-steal-library-access/

Microsoft Now Enables Windows 10 Tamper Protection By Default

Microsoft has announced today that the Windows 10 Tamper Protection security feature is now officially generally available for the Enterprise and consumers. Along with this announcement, Microsoft will be enabling this security feature on all Windows 10 devices by default. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-now-enables-windows-10-tamper-protection-by-default/

Winnti Group Uses New PortReuse Malware Against Asian Manufacturer

Winnti Group hackers have updated their arsenal with a new modular Windows backdoor that they used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. [...]

https://www.bleepingcomputer.com/news/security/winnti-group-uses-new-portreuse-malware-against-asian-manufacturer/

Microsoft Office 2010 to Reach End of Support in One Year

Microsoft announced today that extended support for Office 2010 will end on October 13, 2020, at the same time recommending organizations to migrate to Office 365 ProPlus or Office 2019. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-office-2010-to-reach-end-of-support-in-one-year/

Facebook Users Being Locked Out After Reporting Fake Accounts

Numerous people are reporting that for the past nine days users are being locked out of Facebook after reporting fake user profiles to the social site. [...]

https://www.bleepingcomputer.com/news/technology/facebook-users-being-locked-out-after-reporting-fake-accounts/

Global Shipping Firm Pitney Bowes Affected by Ransomware Attack

Global shipping and mailing services company Pitney Bowes announced today that it was the victim of a ransomware attack that encrypted some of its systems, leading to a partial system outage that impacted customer access to some services. [...]

https://www.bleepingcomputer.com/news/security/global-shipping-firm-pitney-bowes-affected-by-ransomware-attack/

Mozilla Rolls Out Code Injection Attack Protection in Firefox

Mozilla rolled out protection measures to block code injection attacks in the Firefox web browser, with the attack surface being reduced by removing eval()-like functions and inline scripts occurrences. [...]

https://www.bleepingcomputer.com/news/security/mozilla-rolls-out-code-injection-attack-protection-in-firefox/

Linux SUDO Bug Lets You Run Commands as Root, Most are Unaffected

A vulnerability has been discovered in the Linux sudo command that could allow unprivileged users to execute commands as root. Thankfully, this vulnerability only works in non-standard configurations and most Linux servers are unaffected. [...]

https://www.bleepingcomputer.com/news/linux/linux-sudo-bug-lets-you-run-commands-as-root-most-are-unaffected/

Samsung Galaxy S10 Fingerprint Reader Defeated by Silicon Case

A couple in the UK experienced a weird bug on their Samsung Galaxy S10 that allows bypassing the fingerprint reader to unlock the phone regardless of the biometric data registered in the device. [...]

https://www.bleepingcomputer.com/news/security/samsung-galaxy-s10-fingerprint-reader-defeated-by-silicon-case/

Chinese Hackers Use New Cryptojacking Tactics to Evade Detection

Chinese-speaking cybercrime group Rocke, known for operating multiple large-scale malicious crypto-mining campaigns, has now switched to new Tactics, Techniques, and Procedures (TTPs), including new C2 infrastructure and updated malware to evade detection. [...]

https://www.bleepingcomputer.com/news/security/chinese-hackers-use-new-cryptojacking-tactics-to-evade-detection/

Your Personal Information's Worth to Cybercriminals

Cybercriminals have multiple markets to sell or trade illicit goods and prices on underground forums are mostly influenced by supply and demand, just like in the legal economy. [...]

https://www.bleepingcomputer.com/news/security/your-personal-informations-worth-to-cybercriminals/

Adobe Fixes 45 Critical Vulnerabilities in Acrobat and Reader

Adobe has released security updates to resolve vulnerabilities that could allow attackers to gain unauthorized access, execute commands on vulnerable computers, or elevate their privileges. [...]

https://www.bleepingcomputer.com/news/security/adobe-fixes-45-critical-vulnerabilities-in-acrobat-and-reader/

Scammers Use Fake Checkra1n iOS Jailbreak in Click Fraud Campaign

Scammers have already been spotted baiting Apple users using a recently developed iOS jailbreak dubbed checkra1n as the lure in a campaign designed to help the crooks earn money via click-fraud and boost App Store rankings for several apps. [...]

https://www.bleepingcomputer.com/news/security/scammers-use-fake-checkra1n-ios-jailbreak-in-click-fraud-campaign/

Windows 10 1809 Update KB4520062 Fixes a Startup Black Screen Issue

Microsoft released this month's optional Windows 10 cumulative updates with KB4520062 being the most noteworthy as it fixes an issue leading to a black screen being displayed at startup during the first sign in after installing an update.  [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-1809-update-kb4520062-fixes-a-startup-black-screen-issue/

Symantec Fixes Bad IPS Definitions That Cause a Windows BSOD

Symantec fixed an issue causing Blue Screens Of Death (BSOD) for customers running the company's Endpoint Protection Client software on Windows versions ranging from Windows 7 to Windows 10 per reports. [...]

https://www.bleepingcomputer.com/news/security/symantec-fixes-bad-ips-definitions-that-cause-a-windows-bsod/

OnionShare Lets Anyone Host Anonymous Sites on the Dark Web

A new version of the OnionShare program now allows you to easily create basic anonymous dark web sites on Tor so that they cannot be censored. This is particularly useful for those who wish to publish information anonymously, but do not want to deal with the mechanics of setting up their own dark web server. [...]

https://www.bleepingcomputer.com/news/software/onionshare-lets-anyone-host-anonymous-sites-on-the-dark-web/