Updates
- New Admin Takeover Vulnerability Exposed in Synology's DiskStation Manager
- Microsoft fixes Windows 10 security update installation issue
- October Windows Server updates cause Hyper-V VM boot issues
- Microsoft fixes known issue causing Outlook freezes, slow starts
- Patch Now: APTs Continue to Pummel WinRAR Bug
- Critical RCE flaws found in SolarWinds access audit solution
- Cisco identifies another IOS XE vulnerability, with patches coming this weekend
Threats
- WS_FTP: Ransomware-Attacken auf ungepatchte Server
- Threat Actors Deliver DarkGate Malware via Skype, Teams Chats
- Watch Out: Attackers Are Hiding Malware in 'Browser Updates'
- Malicious 'Airstrike Alert' App Targets Israelis
- Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild
- Malicious Notepad++ Google ads evade detection for months
- The Most Popular IT Admin Password Is Totally Depressing
- Over 40,000 admin portal accounts use 'admin' as a password
- Fraudsters target Booking.com customers claiming hotel stay could be cancelled
- North Korean hackers exploit critical TeamCity flaw to breach networks
- Signal says there is no evidence rumored zero-day bug is real
- Discord still a hotbed of malware activity — Now APTs join the fun
Incidents
- D-Link Confirms Data Breach: Employee Falls Victim to Phishing Attack
- Okta says its support system was breached using stolen credentials
Cyber Crime
- Ragnar Locker ransomware’s dark web extortion sites seized by police
- E-Root admin faces 20 years for selling stolen RDP, SSH accounts
- Ex-Navy IT head gets 5 years for selling people’s data on darkweb