Microsoft rolls out Office LTSC 2021 for Windows and Mac
Microsoft today started rolling out Office LTSC (Long Term Servicing Channel) for Windows and macOS, the non-subscription Office version for commercial and government customers. […] …
Bleeping Computer
Former U.S. intel operatives to pay $1.6M for hacking for foreign govt
The U.S. government has entered a Deferred Prosecution Agreement (DPA) with three former intelligence operatives to resolve criminal charges relating to their offering of hacking services to a foreign government. […] …
Microsoft fixes remaining Windows PrintNightmare vulnerabilities
Microsoft has released a security update to fix the last remaining PrintNightmare zero-day vulnerabilities that allowed attackers to gain administrative privileges on Windows devices quickly. […] …
Google patches 10th Chrome zero-day exploited in the wild this year
Google has released Chrome 93.0.4577.82 for Windows, Mac, and Linux to fix eleven security vulnerabilities, two of them being zero-days exploited in the wild. […] …
Windows 11 Android support spotted online ahead of launch
Ahead of the beta testing with Insiders, Microsoft has already published the placeholder for the Android subsystem in the Microsoft Store. According to the Microsoft Store listing, Windows 11’s Android support will require at least 8GB of RAM. For the best experience, 16GB is RAM is recommended. […] …
REvil ransomware is back in full attack mode and leaking data
The REvil ransomware gang has fully returned and is once again attacking new victims and publishing stolen files on a data leak site. […] …
The Week in Ransomware – September 10th 2021 – REvil returns
This week marked the return of the notorious REvil ransomware group, who disappeared in July after conducting a massive attack using a Kaseya zero-day vulnerability. […] …
Windows MSHTML zero-day defenses bypassed as new info emerges
New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor’s ultimate goal of taking over corporate networks. […] …
Zoho patches actively exploited critical ADSelfService Plus bug
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical vulnerability in Zoho’s ManageEngine ADSelfService Plus password management solution that allows them to take control of the system. […] …
Microsoft shares temp fix for ongoing Office 365 zero-day attacks
Microsoft today shared mitigation for a remote code execution vulnerability in Windows that is being exploited in targeted attacks against Office 365 and Office 2019 on Windows 10. […] …
New Chainsaw tool helps IR teams analyze Windows event logs
Incident responders and blue teams have a new tool called Chainsaw that speeds up searching through Windows event log records to identify threats. […] …
Google’s TensorFlow drops YAML support due to code execution flaw
TensorFlow, a popular Python-based machine learning and artificial intelligence project developed by Google has dropped support for YAML, to patch a critical code execution vulnerability. YAML is a convenient choice among developers looking for a human-readable data serialization language. […] …
Watch out for new malware campaign’s ‘Windows 11 Alpha’ attachment
Relying on a simple recipe that has proved successful time and time again, threat actors have deployed a malware campaign recently that used a Windows 11 theme to lure recipients into activating malicious code placed inside Microsoft Word documents. […] …
Microsoft breaks Windows 11 Start Menu, Taskbar with Teams promo
Microsoft accidentally broke the Start menu and taskbar on systems of Windows Insiders after pushing a Teams promo to the desktops of users running Windows 11 preview builds. […] …
FBI warns of ransomware gangs targeting food, agriculture orgs
The FBI says ransomware gangs are actively targeting and disrupting the operations of organizations in the food and agriculture sector, causing financial loss and directly affecting the food supply chain. […] …
FTC bans stalkerware maker Spyfone from surveillance business
FTC has banned stalkerware maker Spyfone and CEO Scott Zuckerman from the surveillance business after failing to protect customers’ devices from hackers and sharing info on their location and activity. […] …