June Windows preview updates fix VPN, RDP, RRAS, and Wi-Fi issues
The optional Windows update previews released by Microsoft this week come with more than the regular performance improvements and bug fixes. […] …
Bleeping Computer
Conti ransomware hacking spree breaches over 40 orgs in a month
The Conti cybercrime syndicate runs one of the most aggressive ransomware operations and has grown highly organized, to the point that affiliates were able to hack more than 40 companies in a little over a month. […] …
Microsoft reveals cause behind this week’s Microsoft 365 outage
Microsoft has revealed that this week’s Microsoft 365 worldwide outage was caused by an infrastructure power outage that led to traffic management servicing failovers in multiple regions. […] …
Windows emergency update fixes Microsoft 365 issues on Arm devices
Microsoft has released an out-of-band (OOB) Windows update to address a known issue that would cause Azure Active Directory and Microsoft 365 sign-in issues on Arm devices after installing the June 2022 Patch Tuesday updates. […] …
Google Chrome extensions can be fingerprinted to track you online
A researcher has discovered how to use your installed Google Chrome extensions to generate a fingerprint of your device that can be used to track you online. […] …
QNAP NAS devices targeted by surge of eCh0raix ransomware attacks
This week a new series of ech0raix ransomware has started targeting vulnerable QNAP Network Attached Storage (NAS) devices according to user reports and sample submissions on the ID-Ransomware platform. […] …
The Week in Ransomware – June 17th 2022 – Have I Been Ransomed?
Ransomware operations are constantly evolving their tactics to pressure victims to pay. For example, this week, we saw a new extortion tactic come into play with the creation of dedicated websites to extort victims with searchable data. […] …
Sophos Firewall zero-day bug exploited weeks before fix
Chinese hackers used a zero-day exploit for a critical-severity vulnerability in Sophos Firewall to compromise a company and breach cloud-hosted web servers operated by the victim. […] …
Cisco Secure Email bug can let attackers bypass authentication
Cisco notified customers this week to patch a critical vulnerability that could allow attackers to bypass authentication and login into the web management interface of Cisco email gateway appliances with non-default configurations. […] …
Ransomware gang creates site for employees to search for their stolen data
The ALPHV ransomware gang, aka BlackCat, has brought extortion to a new level by creating a dedicated website that allows the customers and employees of their victim to check if their data was stolen in an attack […] …
Kaiser Permanente data breach exposes health data of 69K people
Kaiser Permanente, one of America’s leading not-for-profit health plans and health care providers, has recently disclosed a data breach that exposed the health information of more than 69,000 individuals. […] …
PyPI package ‘keep’ mistakenly included a password stealer
PyPI packages ‘keep,’ ‘pyanxdns,’ ‘api-res-py’ were found to contain a password-stealer and a backdoor due to the presence of malicious ‘request’ dependency within some versions. […] …
WiFi probing exposes smartphone users to tracking, info leaks
Researchers at the University of Hamburg in Germany have conducted a field experiment capturing hundreds of thousands of passersby’s WiFi connection probe requests to determine the type of data transmitted without the device owners realizing it. […] …
The Week in Ransomware – June 10th 2022 – Targeting Linux
It has been relatively quiet this week with many companies and researchers at the RSA conference. However, we still had some interesting ransomware reports released this week. […] …
Microsoft starts rolling out Windows 11 File Explorer tabs
Microsoft is finally rolling out the new File Explorer tabbed interface with the release of Windows 11 Insider Preview Build 25136 to the Dev Channel. […] …
Kali Linux team to stream free penetration testing course on Twitch
Offensive Security, the creators of Kali Linux, announced today that they would be offering free access to their live-streamed ‘Penetration Testing with Kali Linux (PEN-200/PWK)’ training course later this month. […] …