Microsoft is killing WordPad in Windows after 28 years (www.bleepingcomputer.com)
WinRAR flaw lets hackers run programs when you open RAR archives (www.bleepingcomputer.com)
Scraped data of 2.6 million Duolingo users released on hacking forum (www.bleepingcomputer.com)
The scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted phishing attacks using the exposed information.
Apple rejects new name 'X' for Twitter iOS app because... rules (www.bleepingcomputer.com)
cross-posted from: lemmy.zip/post/834308...
New acoustic attack steals data from keystrokes with 95% accuracy (www.bleepingcomputer.com)
New acoustic attack steals data from keystrokes with 95% accuracy::A team of researchers from British universities has trained a deep learning model that can steal data from keyboard keystrokes recorded using a microphone with an accuracy of 95%.
Microsoft leaks 38TB of private data via unsecured Azure storage (www.bleepingcomputer.com)
Decentralized Matrix messaging network says it now has 115M users (www.bleepingcomputer.com)
Microsoft to kill off VBScript in Windows to block malware delivery (www.bleepingcomputer.com)
Microsoft Defender no longer flags Tor Browser as malware (www.bleepingcomputer.com)
Over 40,000 admin portal accounts use 'admin' as a password (www.bleepingcomputer.com)
Over 40,000 admin portal accounts use ‘admin’ as a password::Security researchers found that IT administrators are using tens of thousands of weak passwords to protect access to portals, leaving the door open to cyberattacks on enterprise networks.
New Nitrogen malware pushed via Google Ads for ransomware attacks (www.bleepingcomputer.com)
Genetics firm 23andMe says user data stolen in credential stuffing attack (www.bleepingcomputer.com)
Discord will switch to temporary file links to block malware delivery (www.bleepingcomputer.com)
Discord will switch to temporary file links to block malware delivery::Discord will switch to temporary file links for all users by the end of the year to block attackers from using its CDN (content delivery network) for hosting and pushing malware.
Ukrainian activists hack Trigona ransomware gang, wipe servers (www.bleepingcomputer.com)
Free Download Manager site redirected Linux users to malware for years (www.bleepingcomputer.com)
A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware....
Hackers steal Signal, WhatsApp user data with fake Android chat app (www.bleepingcomputer.com)
Hackers are using a fake Android app named ‘SafeChat’ to infect devices with spyware malware that steals call logs, texts, and GPS locations from phones....
Signal tests usernames that keep your phone number private (www.bleepingcomputer.com)
New 'Looney Tunables' Linux bug gives root on major distros (www.bleepingcomputer.com)
From BeepingComputer.
Google Gmail continuously nagging to enable Enhanced Safe Browsing (www.bleepingcomputer.com)
The difference between the two security features is that Safe Browsing will compare a visited site to a locally stored list of domains, compared to Enhanced Safe Browser, which will check if a site is malicious in real-time against Google’s cloud services....
1Password discloses security incident linked to Okta breach (www.bleepingcomputer.com)
Apple rejects new name 'X' for Twitter iOS app because... rules (www.bleepingcomputer.com)
cross-posted from: lemmy.zip/post/834308...
Hosting firm says it lost all customer data after ransomware attack (www.bleepingcomputer.com)
Microsoft leaks 38TB of private data via unsecured Azure storage (www.bleepingcomputer.com)
Microsoft leaks 38TB of private data via unsecured Azure storage::The Microsoft AI research division accidentally leaked dozens of terabytes of sensitive data starting in July 2020 while contributing open-source AI learning models to a public GitHub repository.