Microsoft extends security for Azure Storage file shares, data lakes

Microsoft today announced that advanced threat protection for Azure Storage now also allows customers to protect data stored in Azure Files file shares and Azure Data Lake Storage Gen2 API data stores. | Continue reading | 3 hours ago

Microsoft Office 365 will add support for disposable emails

Microsoft will provide Office 365 customers with support for using disposable emails to make it simpler to manage their inboxes and to keep track of email campaigns. | Continue reading | 4 hours ago

Windows 10's Feedback Hub: A forum for political trolls, spammers

When Microsoft made the Feedback Hub universal app available to Windows 10 Insiders in March 2016 and generally available two months later, the plan was for the app to be the perfect tool for users to report issues and share suggestions on how to improve Windows experience for al … | Continue reading | 7 hours ago

Malware adds Any.Run sandbox detection to evade analysis

Malware developers are now checking if their malware is running in the Any.Run malware analysis service to prevent their malware from being easily analyzed by researchers. | Continue reading | 1 day ago

How to use Windows 10’s Storage Sense to free up Disk Space

Windows has always allowed users to free up storage space by emptying temporary files, recycling bin, and the downloads folder's contents. With Windows 10, Microsoft has made things a little bit easier with a new automated feature called 'Storage Sense.' | Continue reading | 1 day ago

Zoom fixes zero-day RCE bug affecting Windows 7, more updates soon

​The Zoom web conference Client contained a zero-day vulnerability that could have allowed attackers to execute commands on vulnerable systems remotely. | Continue reading | 2 days ago

TrickBot malware mistakenly warns victims that they are infected

The notorious TrickBot malware mistakenly left a test module that is warning victims that they are infected and should contact their administrator. | Continue reading | 2 days ago

How to enable Windows 10's hidden features using Mach2

Windows 10 builds contain many hidden features that are used by Microsoft to debug code or test applications that have not been officially released yet. A new tool has been released that enables you to find and enable these hidden features in Windows 10. | Continue reading | 2 days ago

The Week in Ransomware - July 10th 2020 - A quiet week

It has been a pretty quiet week with few alleged attacks against corporate victims and mostly new variants of existing ransomware released. | Continue reading | 2 days ago

Apple: Closing MacBooks with camera covers leads to display damage

Apple warns customers to avoid closing their MacBook, MacBook Air, or MacBook Pro devices if they use a camera cover thicker than 0.1mm to avoid display damage. | Continue reading | 3 days ago

Microsoft will not support PHP 8.0 for Windows in 'any capacity'

Microsoft has announced that it will not offer support in 'any capacity' for PHP for Windows 8.0 when it is released. | Continue reading | 3 days ago

How to protect your Verizon number from SIM swapping attacks

Verizon now makes it possible for customers to defend against SIM swapping attacks by enabling the free Number Lock protection feature through the My Verizon app or the My Verizon website. | Continue reading | 3 days ago

Uber Eats outage in multiple countries, 'Internal Server Error" reports

The Uber Eats food delivery service is having an outage in multiple countries that is preventing orders from being placed in the app. | Continue reading | 3 days ago

eToro accounts peddled by the thousands on cybercrime forums

A threat actor is peddling 62,000 active eToro accounts on a known cybercrime forum. They are also likely collaborating with REvil ransomware on the corporate intrusion front. | Continue reading | 3 days ago

US Secret Service creates new Cyber Fraud Task Force

The U.S. Secret Service announced the creation of the Cyber Fraud Task Force (CFTF) after the merger of its Financial Crimes Task Forces (FCTFs) and Electronic Crimes Task Forces (ECTFs) into a single unified network. | Continue reading | 3 days ago

Mozilla reduces TLS certificate lifespan to 1 year in September

Mozilla has officially announced that starting September 1st, 2020, they will no longer consider any newly issued certificates with a lifespan greater than 398 days, or a little over one year, as valid. | Continue reading | 3 days ago

Over 1,300 phishing kits for sale on hacker forum

A member of a hacker forum is looking to make over $30,000 from selling a huge collection of more than 1,300 phishing kits. | Continue reading | 3 days ago

How to import and backup saved passwords in Google Chrome

​Google Chrome Password Manager lets you save usernames and passwords and automatically use them to log in to websites you visit. If you ever decide to switch from or to Google Chrome and want to take your saved passwords with you, this guide will help you. | Continue reading | 3 days ago

Conti ransomware shows signs of being a Ryuk successor

The Conti Ransomware is an upcoming threat targeting corporate networks with new features that allow it to perform quicker and more targeted attacks. There are also indications that this ransomware shares the same malware code as Ryuk, who has slowly been fading away, while Conti … | Continue reading | 4 days ago

Google will ban ads for stalkerware starting August 11

Google will update its Google Ads Enabling Dishonest Behavior policy to globally ban advertising for spyware and surveillance technology known as stalkerware starting with August 11, 2020. | Continue reading | 4 days ago

Microsoft testing new Windows 10 KDP anti-malware protection

Microsoft is testing a new Windows 10 security feature dubbed Kernel Data Protection (KDP) and designed to block malicious actors from altering Windows drivers and systems' protected kernel memory as part of their attacks. | Continue reading | 4 days ago

Persuasive Office 365 phishing uses fake Zoom suspension alerts

Microsoft Office 365 users are targeted by a new phishing campaign using fake Zoom notifications to warn those who work in corporate environments that their Zoom accounts have been suspended, with the end goal of stealing Office 365 logins. | Continue reading | 4 days ago

Evilnum hackers use the same malware supplier as FIN6, Cobalt

Hackers in the Evilnum group have developed a toolset that combines custom malware, legitimate utilities, and tools bought from a malware-as-a-service (MaaS) provider that caters for big fintech threat actors. | Continue reading | 4 days ago

Joker Android malware keeps evading Google Play Store defenses

The threat actor behind the Joker Android malware has once again succeeded to successfully slip spyware infected apps onto the Play Store, Google's official Android app store. | Continue reading | 4 days ago

Over 15 billion credentials in circulation on hacker forums

At least 15 billion credentials are currently circulating on various hacker forums, giving cybercriminals fodder for account takeover attacks and identity renting services. | Continue reading | 4 days ago

Palo Alto Networks fixes another severe flaw in PAN-OS devices

Palo Alto Networks (PAN) today addressed another severe vulnerability found in the PAN-OS GlobalProtect portal and affecting unpatched PAN next-generation firewalls. | Continue reading | 5 days ago

Microsoft warns of Office 365 phishing via malicious OAuth apps

Microsoft warns that with the shift to remote working, customers are exposed to additional security threats such as consent phishing, besides conventional credential theft and email phishing attacks. | Continue reading | 5 days ago

First look: Microsoft's Project Freta detects Linux malware for free

Microsoft Research has announced a cloud-based malware detection service called Project Freta to detect rootkits, cryptominers, and previously undetected malware strains lurking in your Linux cloud VM images. | Continue reading | 5 days ago

NVIDIA fixes code execution bug in GeForce Experience software

NVIDIA has addressed a vulnerability in the Windows NVIDIA GeForce Experience (GFE) software that could allow local attackers to execute arbitrary code, trigger a denial of service (DoS) state, or access privileged information on unpatched systems. | Continue reading | 5 days ago

Microsoft fixes Word, Skype hangs in July Office 2020 updates

Microsoft released the July 2020 non-security Microsoft Office updates with improvements and fixes for issues impacting Windows Installer (MSI) editions of Office 2016 and Office 2013 products. | Continue reading | 5 days ago

Risky domain for sale after Google fails to renew it

Google's registration of the Blogspot domain expired recently, and the domain was immediately purchased by a domain service provider: | Continue reading | 5 days ago

DOJ indict Fxmsp hacker for selling access to hacked orgs, AV firms

The US Department of Justice has indicted a hacker known as 'Fxmsp' for hacking into and selling access to over three hundred organizations worldwide. | Continue reading | 5 days ago

ThiefQuest info-stealing Mac wiper gets free decryptor

Poor coding of the ThiefQuest ransomware in disguise that targets macOS users allows recovery of encrypted files, which would remain lost in lack of a backup. | Continue reading | 5 days ago

Mitigating critical F5 BIG-IP RCE flaw not enough, bypass found

F5 BIG-IP customers who only applied recommended mitigations and haven't yet patched their devices against the unauthenticated remote code execution (RCE) CVE-2020-5902 vulnerability are now advised to update them against a recently found bypass. | Continue reading | 6 days ago

How to uninstall Microsoft Edge forced-installed via Windows Update

If Microsoft Edge was installed in Windows 10 via Windows Update, you can not remove it via standard methods. That does not mean you cannot remove it, though, as a technique has been discovered to uninstall the program via the command prompt. | Continue reading | 6 days ago

Microsoft takes down domains used in COVID-19-related cybercrime

Microsoft took control of domains used by cybercriminals as part of the infrastructure needed to launch phishing attacks designed to exploit vulnerabilities and public fear resulting from the COVID-19 pandemic. | Continue reading | 6 days ago

Windows 10: The beginning of the end for Control Panel

Microsoft has started testing the removal of the venerable System control panel on Windows 10 and instead redirecting users to the modern About page. | Continue reading | 6 days ago

US Treasury shares tips on spotting money mule and imposter scams

The US Financial Crimes Enforcement Network (FinCEN) today has issued a security alert designed to share potential indicators of imposter scams and money mule schemes with US financial institutions. | Continue reading | 6 days ago

Microsoft Defender ATP web content filtering is now free

The new Microsoft Defender Advanced Threat Protection (ATP) Web Content Filtering feature will be provided for free to all enterprise customers without the need for an additional partner license. | Continue reading | 7 days ago

EDP energy giant confirms Ragnar Locker ransomware attack

EDP Renewables North America (EDPR NA) confirmed a Ragnar Locker ransomware attack that affected its parent corporation's systems, the Portuguese multinational energy giant Energias de Portugal (EDP). | Continue reading | 7 days ago

Ransomware attack on insurance MSP Xchanging affects clients

Global IT services and solutions provider DXC Technology announced over the weekend a ransomware attack on systems from its Xchanging subsidiary. | Continue reading | 7 days ago

Microsoft's new Windows 10 Alt+Tab plan looks like a mess

In what is being called a productivity enhancement, Microsoft is testing a change to the Windows 10 Alt+Tab feature so that it also shows open Microsoft Edge browser tabs. | Continue reading | 7 days ago

Windows 10 2004 upgrade gets blocked due to unsupported settings

Some Windows 10 users are being blocked from applying the May 2020 Update when manually seeking to upgrade through Windows Update due to unsupported settings on Windows 10 2004. | Continue reading | 7 days ago

North Korean hackers linked to credit card stealing attacks on US stores

Hackers from North Korea have been stealing payment card information from customers of large retailers in the U.S. and Europe for at least a year, reveals new research released today. | Continue reading | 7 days ago

PoC exploits released for F5 BIG-IP vulnerabilities, patch now!

Two days after patches for critical F5 BIG-IP vulnerability were released, security researchers have started publicly posting proof-of-concept (PoC) exploits show how easy it is to exploit these devices. | Continue reading | 8 days ago

Windows 10's Microsoft Store Codecs patches are confusing users

Microsoft released security updates via the Microsoft Store last week, and it's confusing many users who want to make sure their devices are protected. | Continue reading | 8 days ago

.NET Core vulnerability lets attackers evade malware detection

A vulnerability in the .NET Core library allows malicious programs to be launched while evading detection by security software. | Continue reading | 8 days ago

New Behave! extension warns of website port scans, local attacks

A new browser extension called Behave! will warn you if a web site is using scripts to perform scans or attacks on local and private IP addresses on your network. | Continue reading | 9 days ago