Windows 10’s Pktmon sniffer gets real-time monitoring, PCAP support

Windows 10's built-in network packet sniffer Pktmon has been updated with real-time monitoring and PCAPNG capture file format support with today's release of Windows 10 2004. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-s-pktmon-sniffer-gets-real-time-monitoring-pcap-support/

Windows 10 2004 comes with Wi-Fi 6 and WPA3 support

Microsoft announced that Windows 10, version 2004 comes with Wi-Fi 6 and WPA3 support for gigabit speeds and better performance, as well as for more secure wireless network connectivity. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-comes-with-wi-fi-6-and-wpa3-support/

Microsoft is investigating ten Windows 10 2004 known issues

Right after releasing the Windows 10 May 2020 Update to home customers, Microsoft has already added ten know issues under investigation to the Windows 10 2004 release health dashboard. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-is-investigating-ten-windows-10-2004-known-issues/

New Octopus Scanner malware spreads via GitHub supply chain attack

Security researchers have found a new malware that finds and backdoors open-source NetBeans projects hosted on the GitHub web-based code hosting platform to spread to Windows, Linux, and macOS systems and deploy a Remote Administration Tool (RAT). [...]

https://www.bleepingcomputer.com/news/security/new-octopus-scanner-malware-spreads-via-github-supply-chain-attack/

NSA: Russian govt hackers exploiting critical Exim flaw since 2019

The U.S. National Security Agency (NSA) says that Russian military threat actors tracked as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA) software since at least August 2019. [...]

https://www.bleepingcomputer.com/news/security/nsa-russian-govt-hackers-exploiting-critical-exim-flaw-since-2019/

Michigan State University network breached in ransomware attack

Michigan State University received a deadline to pay ransomware attackers under the threat that files stolen from the institution's network will be leaked to the public. [...]

https://www.bleepingcomputer.com/news/security/michigan-state-university-network-breached-in-ransomware-attack/

Microsoft IIS servers hacked by Blue Mockingbird to mine Monero

This month news broke about a hacker group, namely Blue Mockingbird, exploiting a critical vulnerability in Microsoft IIS servers to plant Monero (XMR) cryptocurrency miners on compromised machines. [...]

https://www.bleepingcomputer.com/news/security/microsoft-iis-servers-hacked-by-blue-mockingbird-to-mine-monero/

Minted discloses data breach after 5M user records sold online

Minted, a US-based marketplace for independent artists, has disclosed a data breach after a hacker sold a database containing 5 million user records on a dark web marketplace. [...]

https://www.bleepingcomputer.com/news/security/minted-discloses-data-breach-after-5m-user-records-sold-online/

200K sites with buggy WordPress plugin exposed to wipe attacks

Two high severity security vulnerabilities found in the PageLayer plugin can let attackers to potentially wipe the contents or take over WordPress sites using vulnerable plugin versions. [...]

https://www.bleepingcomputer.com/news/security/200k-sites-with-buggy-wordpress-plugin-exposed-to-wipe-attacks/

Fake Valorant Mobile app pushes scams on eager gamers

As the eagerly anticipated tactical FPS game Valorant ends their closed beta, a fake mobile version is being distributed that displays nothing but scams to those who install it. [...]

https://www.bleepingcomputer.com/news/security/fake-valorant-mobile-app-pushes-scams-on-eager-gamers/

Cisco hacked by exploiting vulnerable SaltStack servers

Cisco said today that some of its Cisco Virtual Internet Routing Lab Personal Edition (VIRL-PE) backend servers were hacked by exploiting critical SaltStack vulnerabilities patched last month. [...]

https://www.bleepingcomputer.com/news/security/cisco-hacked-by-exploiting-vulnerable-saltstack-servers/

Windows 10 2004 update not offered? Here's how to get it now

Microsoft officially started rolling out Windows 10 version 2004, the Windows 10 May 2020 Update yesterday, but for many people, it is not being offered when they check via Windows Update. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-update-not-offered-heres-how-to-get-it-now/

Highly-targeted attacks on industrial sector hide payload in images

Attackers looking to steal employee credentials from organizations tied to the industrial sector deployed highly-targeted operations that delivered malicious PowerShell scripts in images. [...]

https://www.bleepingcomputer.com/news/security/highly-targeted-attacks-on-industrial-sector-hide-payload-in-images/

Microsoft mitigates Windows 10 2004 known issue impacting DISM

Microsoft acknowledged and mitigated a new Windows 10 known issue affecting the Deployment Image Servicing and Management (DISM) tool used to service Windows images prior to deployment. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-mitigates-windows-10-2004-known-issue-impacting-dism/

Windows 10 2004 upgrade may be blocked due to old graphics drivers

Microsoft is blocking Windows 10 2004 upgrades due to multiple conflicts caused by older or incompatible display drivers. Microsoft will not allow the May 2020 Update to be installed until these issues are resolved. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-upgrade-may-be-blocked-due-to-old-graphics-drivers/

Valak malware steals credentials from Microsoft Exchange servers

Classified initially as a malware loader, Valak has morphed into an information stealer that targets Microsoft Exchange servers to rob email login credentials and certificates from enterprises. [...]

https://www.bleepingcomputer.com/news/security/valak-malware-steals-credentials-from-microsoft-exchange-servers/

Google Chrome 84 to hide abusive notifications starting July

Google will start blocking abusive sites from delivering web notifications to Chrome 84 users starting July by automatically enrolling them in the quieter notifications UI launched in January 2020. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-84-to-hide-abusive-notifications-starting-july/

Nworm: TrickBot gang’s new stealthy malware spreading module

The Trickbot banking trojan has evolved once again with a new malware spreading module that uses a stealth mode to quietly infect Windows domain controllers without being detected. [...]

https://www.bleepingcomputer.com/news/security/nworm-trickbot-gang-s-new-stealthy-malware-spreading-module/

The Week in Ransomware - May 29th 2020 - Quiet before the storm?

For the most part, this week has been fairly quiet with not a lot of new ransomware released and only a few large-scale ransomware attacks. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-29th-2020-quiet-before-the-storm/

Amtrak resets user passwords after Guest Rewards data breach

The National Railroad Passenger Corporation (Amtrak) disclosed a data breach that led to the exposure of personal information of some Guest Rewards members. [...]

https://www.bleepingcomputer.com/news/security/amtrak-resets-user-passwords-after-guest-rewards-data-breach/