Microsoft Outlook outage affecting Australians since Saturday

Microsoft's Outlook.com webmail service has been going through a three-day-long outage that has prevented Australian users from accessing or signing in over the weekend. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-outlook-outage-affecting-australians-since-saturday/

Over 500,000 Zoom accounts sold on hacker forums, the dark web

Over 500 hundred thousand Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free. [...]

https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/

Cloudflare drops Google's reCAPTCHA due to privacy concerns

Cloudflare announced that it has moved from Google's reCAPTCHA to hCaptcha, an independent alternative CAPTCHA provider focused on user privacy. [...]

https://www.bleepingcomputer.com/news/technology/cloudflare-drops-googles-recaptcha-due-to-privacy-concerns/

US consumers report $12M in COVID-19 scam losses since January

The U.S. Federal Trade Commission says that approximately $12 million were lost to Coronavirus-related scams according to consumer reports received since January 2020. [...]

https://www.bleepingcomputer.com/news/security/us-consumers-report-12m-in-covid-19-scam-losses-since-january/

Google reenables FTP support in Chrome due to pandemic

After disabling FTP support in Google Chrome 81, Google has decided to reenable it again to prevent outages and difficulties in accessing information during the Coronavirus pandemic. [...]

https://www.bleepingcomputer.com/news/google/google-reenables-ftp-support-in-chrome-due-to-pandemic/

Russian hackers tried to steal San Francisco airport Windows accounts

The hack of employee web sites belonging to the San Francisco International Airport has been attributed to a Russian hacker group who used the SMB protocol to steal Windows passwords. [...]

https://www.bleepingcomputer.com/news/security/russian-hackers-tried-to-steal-san-francisco-airport-windows-accounts/

FBI warns of ongoing COVID-19 scams targeting govt, health care

The U.S. Federal Bureau of Investigation (FBI) warned government agencies and health care organizations of ongoing BEC schemes exploiting the COVID-19 pandemic, as well as an overall increase in cryptocurrency and health care fraud scam activity targeting consumers. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-ongoing-covid-19-scams-targeting-govt-health-care/

Microsoft delays end of support for older Windows, software versions

Microsoft has delayed the end of support dates for Windows 10 version 1709/1809 and older software and services to reduce the stress already being felt by organizations during the Coronavirus pandemic. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-delays-end-of-support-for-older-windows-software-versions/

Windows 10 Cumulative Updates KB4549951 & KB4549949 Released

Patch Tuesday April 2020 Updates are now rolling out to all supported versions of Windows 10 and paid customers of Windows 7. The cumulative update with security fixes is rolling out to PCs with November 2019 Update, May 2019 Update and October 2018 Update. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb4549951-and-kb4549949-released/

RagnarLocker ransomware hits EDP energy giant, asks for €10M

Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a 1580 BTC ransom ($10.9M or €9.9M). [...]

https://www.bleepingcomputer.com/news/security/ragnarlocker-ransomware-hits-edp-energy-giant-asks-for-10m/

Microsoft April 2020 Patch Tuesday fixes 4 zero-days, 15 critical flaws

With the release of the April 2020 security updates, Microsoft has released fixes for 113 vulnerabilities in Microsoft products. Of these vulnerabilities, 15 are classified as Critical, 93 as Important, 3 as Moderate, and 2 as Low. Four of these vulnerability are classified as zero-days as they were publicly disclosed or exploited. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2020-patch-tuesday-fixes-4-zero-days-15-critical-flaws/

Intel April Platform Update fixes high severity security issues

Intel addressed nine security vulnerabilities with the April 2020 Platform Update, all of them being high and medium severity security flaws impacting multiple software products, firmware, and platforms. [...]

https://www.bleepingcomputer.com/news/security/intel-april-platform-update-fixes-high-severity-security-issues/

Microsoft Office April security updates fix critical RCE bugs

Microsoft released the April 2020 Office security updates on April 14, 2020, with a total of 55 security updates and 5 cumulative updates for 7 different products, and patching 5 critical bugs allowing attackers to run scripts as the current user and remotely execute arbitrary code on unpatched systems. [...]

https://www.bleepingcomputer.com/news/security/microsoft-office-april-security-updates-fix-critical-rce-bugs/

Microsoft Office security updates may break VBA programs, how to fix

Microsoft says that some VBA programs might break after installing the security updates for the CVE-2020-0760 Microsoft Office remote code execution vulnerability released as part of the April 2020 Patch Tuesday. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-office-security-updates-may-break-vba-programs-how-to-fix/

Cloudflare dashboard and APIs are down, some sites having issues

Cloudflare is experiencing outages in multiple components of its infrastructure including, the dashboard, API, and their Argo smart routing feature that are causing issues for some sites that are using them. [...]

https://www.bleepingcomputer.com/news/technology/cloudflare-dashboard-and-apis-are-down-some-sites-having-issues/

Exploit for Zoom Windows zero-day being sold for $500,000

An exploit for a zero-day remote code execution vulnerability affecting the Zoom Windows client is currently being sold for $500,000, together with one designed to abused a bug in the video conferencing platform's macOS client. [...]

https://www.bleepingcomputer.com/news/security/exploit-for-zoom-windows-zero-day-being-sold-for-500-000/

US issues guidance on North Korean hackers, offers $5M reward

The U.S. government has issued guidance on North Korean hacking activity in a joint advisory published by the U.S. Departments of State, Treasury, and Homeland Security, and the FBI. [...]

https://www.bleepingcomputer.com/news/security/us-issues-guidance-on-north-korean-hackers-offers-5m-reward/

Nemty Ransomware shuts down public RaaS operation, goes private

The Nemty Ransomware is shutting down its public Ransomware-as-a-Service (RaaS) operation and switching to an exclusive private operation where affiliates are hand-selected for their expertise. [...]

https://www.bleepingcomputer.com/news/security/nemty-ransomware-shuts-down-public-raas-operation-goes-private/

Windows Defender broken by recent updates, no fix yet

When performing a full antivirus scan using Windows Defender, a recent definition update or Windows update is causing the program to crash in the middle of a scan. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-defender-broken-by-recent-updates-no-fix-yet/

Zoom to let you report Zoom-bombing attackers crashing meetings

Zoom's efforts to improve the video conferencing platform's privacy and security will continue next week with the introduction of a user report feature aimed at helping prevent future zoom-bombing attacks. [...]

https://www.bleepingcomputer.com/news/security/zoom-to-let-you-report-zoom-bombing-attackers-crashing-meetings/