Hackers exploit zero-day in Sophos XG Firewall, fix released
Sophos has fixed a zero-day SQL injection vulnerability in their XG Firewall after receiving reports that hackers actively exploited it in attacks. [...]
https://www.bleepingcomputer.com/news/security/hackers-exploit-zero-day-in-sophos-xg-firewall-fix-released/
Sophos has fixed a zero-day SQL injection vulnerability in their XG Firewall after receiving reports that hackers actively exploited it in attacks. [...]
https://www.bleepingcomputer.com/news/security/hackers-exploit-zero-day-in-sophos-xg-firewall-fix-released/
BleepingComputer
Hackers exploit zero-day in Sophos XG Firewall, fix released
Sophos has fixed a zero-day SQL injection vulnerability in their XG Firewall after receiving reports that hackers actively exploited it in attacks.
How to prevent new Windows 10 updates from ruining your day
Microsoft allows Windows 10 Home, Pro and Enterprise customers to control when and how Windows 10 installs monthly and half-yearly updates. If a driver or update causes problems, you can delay updates, you can uninstall it and block Windows from downloading it again. [...]
https://www.bleepingcomputer.com/news/microsoft/how-to-prevent-new-windows-10-updates-from-ruining-your-day/
Microsoft allows Windows 10 Home, Pro and Enterprise customers to control when and how Windows 10 installs monthly and half-yearly updates. If a driver or update causes problems, you can delay updates, you can uninstall it and block Windows from downloading it again. [...]
https://www.bleepingcomputer.com/news/microsoft/how-to-prevent-new-windows-10-updates-from-ruining-your-day/
BleepingComputer
How to prevent new Windows 10 updates from ruining your day
Microsoft allows Windows 10 Home, Pro and Enterprise customers to control when and how Windows 10 installs monthly and half-yearly updates. If a driver or update causes problems, you can delay updates, you can uninstall it and block Windows from downloadingβ¦
Microsoft Teams patched against image-based account takeover
After looking at how Microsoft Teams handles image resources, security researchers found a way to take over accounts by sending recipients a regular GIF. [...]
https://www.bleepingcomputer.com/news/security/microsoft-teams-patched-against-image-based-account-takeover/
After looking at how Microsoft Teams handles image resources, security researchers found a way to take over accounts by sending recipients a regular GIF. [...]
https://www.bleepingcomputer.com/news/security/microsoft-teams-patched-against-image-based-account-takeover/
BleepingComputer
Microsoft Teams patched against image-based account takeover
After looking at how Microsoft Teams handles image resources, security researchers found a way to take over accounts by sending recipients a regular GIF.
AsnarΓΆk malware exploits firewall zero-day to steal credentials
Some Sophos firewall products were attacked with a new Trojan malware, dubbed AsnarΓΆk by researchers cyber-security firm Sophos, to steal usernames and hashed passwords starting with April 22 according to an official timeline. [...]
https://www.bleepingcomputer.com/news/security/asnar-k-malware-exploits-firewall-zero-day-to-steal-credentials/
Some Sophos firewall products were attacked with a new Trojan malware, dubbed AsnarΓΆk by researchers cyber-security firm Sophos, to steal usernames and hashed passwords starting with April 22 according to an official timeline. [...]
https://www.bleepingcomputer.com/news/security/asnar-k-malware-exploits-firewall-zero-day-to-steal-credentials/
BleepingComputer
AsnarΓΆk malware exploits firewall zero-day to steal credentials
Some Sophos firewall products were attacked with a new Trojan malware, dubbed AsnarΓΆk by researchers cyber-security firm Sophos, to steal usernames and hashed passwords starting with April 22 according to an official timeline.
Shade Ransomware shuts down, releases 750K decryption keys
The operators behind the Shade Ransomware (Troldesh) have shut down their operations, released over 750,000 decryption keys, and apologized for the harm they caused their victims. [...]
https://www.bleepingcomputer.com/news/security/shade-ransomware-shuts-down-releases-750k-decryption-keys/
The operators behind the Shade Ransomware (Troldesh) have shut down their operations, released over 750,000 decryption keys, and apologized for the harm they caused their victims. [...]
https://www.bleepingcomputer.com/news/security/shade-ransomware-shuts-down-releases-750k-decryption-keys/
BleepingComputer
Shade Ransomware shuts down, releases 750K decryption keys
The operators behind the Shade Ransomware (Troldesh) have shut down their operations, released over 750,000 decryption keys, and apologized for the harm they caused their victims.
Microsoft investigating Windows 10 KB4549951 BSOD reports
Microsoft is investigating Bluetooth issues, failures to install, blue screen reports received from users who have installed or attempted to install the KB4549951 cumulative update released during this month's Patch Tuesday. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-investigating-windows-10-kb4549951-bsod-reports/
Microsoft is investigating Bluetooth issues, failures to install, blue screen reports received from users who have installed or attempted to install the KB4549951 cumulative update released during this month's Patch Tuesday. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-investigating-windows-10-kb4549951-bsod-reports/
BleepingComputer
Microsoft investigating Windows 10 KB4549951 BSOD reports
Microsoft is investigating Bluetooth issues, failures to install, blue screen reports received from users who have installed or attempted to install the KB4549951 cumulative update released during this month's Patch Tuesday.
Twitter kills SMS-based tweeting in most countries
Twitter announced today that it has turned off the Twitter via SMS service because of security concerns, a service which allowed the social network's users to tweet using text messages since its early beginnings. [...]
https://www.bleepingcomputer.com/news/security/twitter-kills-sms-based-tweeting-in-most-countries/
Twitter announced today that it has turned off the Twitter via SMS service because of security concerns, a service which allowed the social network's users to tweet using text messages since its early beginnings. [...]
https://www.bleepingcomputer.com/news/security/twitter-kills-sms-based-tweeting-in-most-countries/
BleepingComputer
Twitter kills SMS-based tweeting in most countries
Twitter announced today that it has turned off the Twitter via SMS service because of security concerns, a service which allowed the social network's users to tweet using text messages since its early beginnings.
WordPress plugin bug lets hackers create rogue admin accounts
WordPress owners are advised to secure their websites by updating the Real-Time Find and Replace plugin to prevent attackers from injecting malicious code into their sites by exploiting a Cross-Site Request Forgery flaw. [...]
https://www.bleepingcomputer.com/news/security/wordpress-plugin-bug-lets-hackers-create-rogue-admin-accounts/
WordPress owners are advised to secure their websites by updating the Real-Time Find and Replace plugin to prevent attackers from injecting malicious code into their sites by exploiting a Cross-Site Request Forgery flaw. [...]
https://www.bleepingcomputer.com/news/security/wordpress-plugin-bug-lets-hackers-create-rogue-admin-accounts/
BleepingComputer
WordPress plugin bug lets hackers create rogue admin accounts
WordPress owners are advised to secure their websites by updating the Real-Time Find and Replace plugin to prevent attackers from injecting malicious code into their sites by exploiting a Cross-Site Request Forgery flaw.
Fake Fedex and UPS delivery issues used in COVID-19 phishing
As people socially isolate and work from home, shopping online and home deliveries have increased. Scammers are capitalizing on this by creating new scams using Coronavirus delivery issues as a lure to get people to visit malicious links or open malware. [...]
https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
As people socially isolate and work from home, shopping online and home deliveries have increased. Scammers are capitalizing on this by creating new scams using Coronavirus delivery issues as a lure to get people to visit malicious links or open malware. [...]
https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
BleepingComputer
Fake Fedex and UPS delivery issues used in COVID-19 phishing
As people socially isolate and work from home, shopping online and home deliveries have increased. Scammers are capitalizing on this by creating new scams using Coronavirus delivery issues as a lure to get people to visit malicious links or open malware.
Lucy malware for Android adds file-encryption for ransomware ops
A threat actor focusing on Android systems has expanded their malware-as-a-service (MaaS) business with file-encrypting capabilities for ransomware operations. [...]
https://www.bleepingcomputer.com/news/security/lucy-malware-for-android-adds-file-encryption-for-ransomware-ops/
A threat actor focusing on Android systems has expanded their malware-as-a-service (MaaS) business with file-encrypting capabilities for ransomware operations. [...]
https://www.bleepingcomputer.com/news/security/lucy-malware-for-android-adds-file-encryption-for-ransomware-ops/
BleepingComputer
Lucy malware for Android adds file-encryption for ransomware ops
A threat actor focusing on Android systems has expanded their malware-as-a-service (MaaS) business with file-encrypting capabilities for ransomware operations.
Hacking group used Google Play Store to push spyware for years
A malicious campaign dubbed PhantomLance has been targeting users of Android devices with spyware payloads embedded in applications delivered via multiple platforms including Google's Play Store and the alternative Android app store APKpure. [...]
https://www.bleepingcomputer.com/news/security/hacking-group-used-google-play-store-to-push-spyware-for-years/
A malicious campaign dubbed PhantomLance has been targeting users of Android devices with spyware payloads embedded in applications delivered via multiple platforms including Google's Play Store and the alternative Android app store APKpure. [...]
https://www.bleepingcomputer.com/news/security/hacking-group-used-google-play-store-to-push-spyware-for-years/
BleepingComputer
Hacking group used Google Play Store to push spyware for years
A malicious campaign dubbed PhantomLance has been targeting users of Android devices with spyware payloads embedded in applications delivered via multiple platforms including Google's Play Store and the alternative Android app store APKpure.
Microsoft releases guidance on blocking ransomware attacks
Microsoft warned today of ongoing human-operated ransomware campaigns targeting healthcare organizations and critical services, and shared tips on how to block new breaches by patching vulnerable internet-facing systems. [...]
https://www.bleepingcomputer.com/news/security/microsoft-releases-guidance-on-blocking-ransomware-attacks/
Microsoft warned today of ongoing human-operated ransomware campaigns targeting healthcare organizations and critical services, and shared tips on how to block new breaches by patching vulnerable internet-facing systems. [...]
https://www.bleepingcomputer.com/news/security/microsoft-releases-guidance-on-blocking-ransomware-attacks/
BleepingComputer
Microsoft releases guidance on blocking ransomware attacks
Microsoft warned today of ongoing human-operated ransomware campaigns targeting healthcare organizations and critical services, and shared tips on how to block new breaches by patching vulnerable internet-facing systems.
Adobe fixes critical vulnerabilities in Magento and Illustrator
Adobe has released security updates for Adobe Illustrator, Bridge, and Magento that fix numerous vulnerabilities, including ones that could allow remote code execution. [...]
https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-vulnerabilities-in-magento-and-illustrator/
Adobe has released security updates for Adobe Illustrator, Bridge, and Magento that fix numerous vulnerabilities, including ones that could allow remote code execution. [...]
https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-vulnerabilities-in-magento-and-illustrator/
BleepingComputer
Adobe fixes critical vulnerabilities in Magento and Illustrator
Adobe has released security updates for Adobe Illustrator, Bridge, and Magento that fix numerous vulnerabilities, including ones that could allow remote code execution.
Rogue affiliates are running fake antivirus expiration scams
Rogue security software affiliates are sending emails that falsely tell recipients that their antivirus software is expiring and then prompt them to renew their license so that the affiliate can earn a commission from the sale. [...]
https://www.bleepingcomputer.com/news/security/rogue-affiliates-are-running-fake-antivirus-expiration-scams/
Rogue security software affiliates are sending emails that falsely tell recipients that their antivirus software is expiring and then prompt them to renew their license so that the affiliate can earn a commission from the sale. [...]
https://www.bleepingcomputer.com/news/security/rogue-affiliates-are-running-fake-antivirus-expiration-scams/
BleepingComputer
Rogue affiliates are running fake antivirus expiration scams
Rogue security software affiliates are sending emails that falsely tell recipients that their antivirus software is expiring and then prompt them to renew their license so that the affiliate can earn a commission from the sale.
Microsoft warns of malware surprise pushed via pirated movies
Microsoft warns that malicious actors are taking advantage of the boost in traffic seen by movie piracy sites to infect victims with malware delivered via fake movie torrents. [...]
https://www.bleepingcomputer.com/news/security/microsoft-warns-of-malware-surprise-pushed-via-pirated-movies/
Microsoft warns that malicious actors are taking advantage of the boost in traffic seen by movie piracy sites to infect victims with malware delivered via fake movie torrents. [...]
https://www.bleepingcomputer.com/news/security/microsoft-warns-of-malware-surprise-pushed-via-pirated-movies/
BleepingComputer
Microsoft warns of malware surprise pushed via pirated movies
Microsoft warns that malicious actors are taking advantage of the boost in traffic seen by movie piracy sites to infect victims with malware delivered via fake movie torrents.
RDP brute-force attacks are skyrocketing due to remote working
Internet-exposed and poorly configured RDP servers from all over the globe are the target of an increasing number of brute-forcing attacks that have started since the beginning of March. [...]
https://www.bleepingcomputer.com/news/security/rdp-brute-force-attacks-are-skyrocketing-due-to-remote-working/
Internet-exposed and poorly configured RDP servers from all over the globe are the target of an increasing number of brute-forcing attacks that have started since the beginning of March. [...]
https://www.bleepingcomputer.com/news/security/rdp-brute-force-attacks-are-skyrocketing-due-to-remote-working/
BleepingComputer
RDP brute-force attacks are skyrocketing due to remote working
Internet-exposed and poorly configured RDP servers from all over the globe are the target of an increasing number of brute-forcing attacks that have started since the beginning of March.
Microsoft releases Sysmon 11 with auto-backup of deleted files
Microsoft has released Sysmon 11, and it now comes with an important feature that allows you to monitor for and automatically archive deleted files on a monitored system. [...]
https://www.bleepingcomputer.com/news/software/microsoft-releases-sysmon-11-with-auto-backup-of-deleted-files/
Microsoft has released Sysmon 11, and it now comes with an important feature that allows you to monitor for and automatically archive deleted files on a monitored system. [...]
https://www.bleepingcomputer.com/news/software/microsoft-releases-sysmon-11-with-auto-backup-of-deleted-files/
BleepingComputer
Microsoft releases Sysmon 11 with auto-backup of deleted files
Microsoft has released Sysmon 11, and it now comes with an important feature that allows you to monitor for and automatically archive deleted files on a monitored system.
Numerous sites leak user emails to advertising, analytics services
Multiple online services and products are leaking email data belonging to their users to third-party advertising and analytics companies, shows a recent research published today. [...]
https://www.bleepingcomputer.com/news/security/numerous-sites-leak-user-emails-to-advertising-analytics-services/
Multiple online services and products are leaking email data belonging to their users to third-party advertising and analytics companies, shows a recent research published today. [...]
https://www.bleepingcomputer.com/news/security/numerous-sites-leak-user-emails-to-advertising-analytics-services/
BleepingComputer
Numerous sites leak user emails to advertising, analytics services
Multiple online services and products are leaking email data belonging to their users to third-party advertising and analytics companies, shows a recent research published today.
Microsoft releases Windows 10 Build 19619 with freeze fixes
Microsoft has released Windows 10 Insider Preview Build 19619 to Insiders in the Fast ring with fixes for frequent freezes on some systems, music controls to the Your Phone app, and quick access to COVID-19 info from search. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-build-19619-with-freeze-fixes/
Microsoft has released Windows 10 Insider Preview Build 19619 to Insiders in the Fast ring with fixes for frequent freezes on some systems, music controls to the Your Phone app, and quick access to COVID-19 info from search. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-build-19619-with-freeze-fixes/
BleepingComputer
Microsoft releases Windows 10 Build 19619 with freeze fixes
Microsoft has released Windows 10 Insider Preview Build 19619 to Insiders in the Fast ring with fixes for frequent freezes on some systems, music controls to the Your Phone app, and quick access to COVID-19 info from search.
Windows 10 Search now gives easy access to COVID-19 info
Windows 10 is now making it easier to access the latest Coronavirus information via new buttons show in Windows Search. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-search-now-gives-easy-access-to-covid-19-info/
Windows 10 is now making it easier to access the latest Coronavirus information via new buttons show in Windows Search. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-search-now-gives-easy-access-to-covid-19-info/
BleepingComputer
Windows 10 Search now gives easy access to COVID-19 info
Windows 10 is now making it easier to access the latest Coronavirus information via new buttons show in Windows Search.