Windows Update downgrade attack “unpatches” fully-updated systems
SafeBreach security researcher Alon Leviev revealed at Black Hat 2024 that two zero-days could be exploited in downgrade attacks to “unpatch” fully updated Windows 10,…
Category: Bleeping Computer
UK IT provider faces $7.7 million fine for 2022 ransomware breach
The UK’s Information Commissioner’s Office (ICO) has announced a provisional decision to impose a fine of £6.09M ($7.74 million) on Advanced Computer Software Group Ltd…
McLaren hospitals disruption linked to INC ransomware attack
Image: MidjourneyOn Tuesday, IT and phone systems at McLaren Health Care hospitals were disrupted following an attack linked to the INC Ransom ransomware operation. McLaren…
Microsoft 365 anti-phishing feature can be bypassed with CSS
Researchers have demonstrated a method to bypass an anti-phishing measure in Microsoft 365 (formerly Office 365), elevating the risk of users opening malicious emails. Specifically,…
macOS Sequoia brings better Gatekeeper, stalkerware protections
Apple’s macOS Sequoia, now in beta testing, will make it harder to bypass Gatekeeper warnings and add system alerts for potential stalkerware threats. Gatekeeper is…
How MSPs and MSSPs offer vCISO services with skilled CISOs in short supply
A new eBook by Cynomi, “What does it take to be a full-fledged Virtual CISO?” lays out exactly how service providers can easily, rapidly, and economically expand…
Critical Progress WhatsUp RCE flaw now under active exploitation
Threat actors are actively attempting to exploit a recently fixed Progress WhatsUp Gold remote code execution vulnerability on exposed servers for initial access to corporate networks. The…
Google Chrome will let you send money to your favourite website
Google has confirmed plans to implement Web Monetization in Chrome, allowing website owners to receive micro-payments as tips or rewards for their content as an…
INTERPOL recovers over $40 million stolen in a BEC attack
A global stop-payment mechanism created by INTERPOL successfully recovered over $40 million stolen in a BEC attack on a company in Singapore. INTERPOL says this is…
Proton VPN adds ‘Discreet Icons’ to hide app on Android devices
Proton VPN has announced a series of updates to its Windows and Android apps to help users combat censorship, circumvent blocks, and protect themselves from…
Samsung to pay $1,000,000 for RCEs on Galaxy’s secure vault
Samsung has launched a new bug bounty program for its mobile devices with rewards of up to $1,000,000 for reports demonstrating critical attack scenarios. The…
France’s Grand Palais discloses cyberattack during Olympic games
The Grand Palais Réunion des musées nationaux (Rmn) in France is warning that it suffered a cyberattack on Saturday night, August 3, 2024. Grand Palais…