Microsoft Fixes Windows 10 Update and Intel Driver Battery Drain

Microsoft finally fixed two known issues acknowledged over five months ago, causing higher than normal battery drain and update installation failure issues on Windows 10 devices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-update-and-intel-driver-battery-drain/

Windows 10 Insider Build 19023 Released With Optional Updates Test

Microsoft has released Windows 10 Insider Preview Build 19023 (20H1) to Insiders in the Fast ring, which will test a new "optional" update experience for Windows drivers. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-19023-released-with-optional-updates-test/

Latest Intel CPUs Affected by New TSX Speculative Attack

A new speculative vulnerability called ZombieLoad 2, or TSX Asynchronous Abort, has been disclosed today that targets the Transactional Synchronization Extensions (TSX) feature in Intel processors. [...]

https://www.bleepingcomputer.com/news/security/latest-intel-cpus-affected-by-new-tsx-speculative-attack/

PureLocker Ransomware Can Lock Files on Windows, Linux, and macOS

Cybercriminals have developed ransomware that can be ported to all major operating systems and is currently used in targeted attacks against production servers. [...]

https://www.bleepingcomputer.com/news/security/purelocker-ransomware-can-lock-files-on-windows-linux-and-macos/

Microsoft Releases the November 2019 Security Updates for Office

Microsoft released the November 2019 Office security updates, bundling a total of 17 security updates and five cumulative updates for seven different products, 15 of them patching flaw allowing unauthorized access to information. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-the-november-2019-security-updates-for-office/

TPM-FAIL Security Flaws Impact Modern Devices With Intel CPUs

Researchers discovered two new vulnerabilities known as TPM-FAIL in Intel firmware-based TPM (fTPM) and STMicroelectronics' TPM chips that could be used by hackers to steal their targets' cryptographic keys. [...]

https://www.bleepingcomputer.com/news/security/tpm-fail-security-flaws-impact-modern-devices-with-intel-cpus/

Microsoft Fixes Windows 10 1809 Issue That Broke Defender ATP

Microsoft resolved a known issue causing Microsoft Defender Advanced Threat Protection (ATP) to stop running and fail to send reporting data on some Windows devices after installing the KB4520062 optional non-security update. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-1809-issue-that-broke-defender-atp/

Microsoft Auto-Updating Windows 10 1803 Devices to May 2019 Update

Windows 10, version 1803, also known as the April 2018 Update, has now reached end of service for Home, Pro, Pro Education, and Pro for Workstations editions, and will no longer receive any future quality and security updates. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-auto-updating-windows-10-1803-devices-to-may-2019-update/

Strange AnteFrigus Ransomware Only Targets Specific Drives

A new and strange ransomware called AnteFrigus is now being distributed through malvertising that redirects users to the the RIG exploit kit. Unlike other ransomware, AnteFrigus does not target the C: drive, but only other drives commonly associated with removable devices and mapped network drives. [...]

https://www.bleepingcomputer.com/news/security/strange-antefrigus-ransomware-only-targets-specific-drives/

Microsoft Issues Guidance for Intel CPU Driver Security Flaws

Microsoft issued guidance to help users protect their systems against denial of service (DoS) and information disclosure security flaws affecting Intel CPUs, disclosed during this week's Patch Tuesday. [...]

https://www.bleepingcomputer.com/news/security/microsoft-issues-guidance-for-intel-cpu-driver-security-flaws/

Carding Bots Testing Payment Info Ahead of Big Shopping Events

As the main events of this year's holiday shopping season are closing in, cybercriminals are also getting ready for the plunder by validating their stolen card details with low-value purchases on retailer's websites. [...]

https://www.bleepingcomputer.com/news/security/carding-bots-testing-payment-info-ahead-of-big-shopping-events/

New Threat Actor Impersonates Govt Agencies to Deliver Malware

A new threat actor is using email to impersonate government agencies in the United States, Germany, and Italy to deliver ransomware, backdoors, and banking Trojans through malicious attachments. [...]

https://www.bleepingcomputer.com/news/security/new-threat-actor-impersonates-govt-agencies-to-deliver-malware/

Symantec Fixes Privilege Escalation Flaw in Endpoint Protection

Symantec fixed a local privilege escalation security flaw affecting all Symantec Endpoint Protection software versions prior to 14.2 RU2, and allowing attackers to escalate privileges on compromised devices and execute malicious code using SYSTEM privileges. [...]

https://www.bleepingcomputer.com/news/security/symantec-fixes-privilege-escalation-flaw-in-endpoint-protection/

Qualcomm Bug Exposes Critical Data on Samsung, LG Phones

Researchers stressing the code related to Qualcomm's implementation of the secure execution area on mobile devices found a new vulnerability that could allow access to critical data. [...]

https://www.bleepingcomputer.com/news/security/qualcomm-bug-exposes-critical-data-on-samsung-lg-phones/

Brave Urges Congress to Require Ad Blocking Browsers for Govt Employees

In a letter to the U.S. Congress, Brave urged Homeland Security Committee members to make it mandatory for all federal employees to use a browser that blocks advertising by default.  [...]

https://www.bleepingcomputer.com/news/software/brave-urges-congress-to-require-ad-blocking-browsers-for-govt-employees/

US Health Network, Supplier Expose PII, PHI Data in Breaches

Select Health Network and Solara Medical Supplies disclosed data incidents caused by breaches of their employees' email accounts that lead to exposure of both personally identifiable information (PII) and protected health information (PHI). [...]

https://www.bleepingcomputer.com/news/security/us-health-network-supplier-expose-pii-phi-data-in-breaches/

ProtonMail Thanks Paid Accounts by Giving 5GB Extra Storage

As thanks for helping grow the ProtonMail platform, the encrypted email platform is giving their existing paid subscribers 5GB of extra storage space for free. [...]

https://www.bleepingcomputer.com/news/software/protonmail-thanks-paid-accounts-by-giving-5gb-extra-storage/

Intel Patched 77 Vulnerabilities in November 2019 Platform Update

Intel addressed 77 vulnerabilities during the November 2019 Patch Tuesday, with more than two dozen of them being high severity and critical security flaws impacting Windows and Linux. [...]

https://www.bleepingcomputer.com/news/security/intel-patched-77-vulnerabilities-in-november-2019-platform-update/

Two Charged Over Crypto Theft via SIM Swapping, Death Threats

Two men from Massachusetts were arrested and charged by the Boston U.S. District Court with stealing high-value social media accounts and hundreds of thousands worth of cryptocurrency from at least ten victims by using SIM swapping, death threats, and hacking. [...]

https://www.bleepingcomputer.com/news/security/two-charged-over-crypto-theft-via-sim-swapping-death-threats/

Silly Phishing Scam Warns That Your Password Will be Changed

A silly phishing campaign is underway where the attackers state that your password will expire and be changed unless you login and confirm that you want to keep it the same. [...]

https://www.bleepingcomputer.com/news/security/silly-phishing-scam-warns-that-your-password-will-be-changed/