Security Alerts and Updates

July, 2018  (Click listings for more information).
16   Microsoft releases patches for Windows 10 versions 1803, 1709, & 1703.
16   Microsoft just released 27 new security patches.
16   Microsoft is finally adding call recording to Skype.
15   Chrome and Firefox gain Timeline integration via add-on.
15   Passwords for thousands of Dahua devices cached in IoT search engine.
15   Office for Android gets a bunch of new features in the July update.
13   Patch Lady post – if you’ve patched….
13   The Week in Ransomware – CoinVault Court Case & More.
13   Microsoft yanks KB 4018385, republishes all of this month’s patch downloads.
12   Firefox Focus gets new features and comes to the latest BlackBerry.
12   Microsoft patches “Lazy FP State Restore” bug affecting Intel CPUs.
12   Patch Tuesday crop teems with bugs, snooping patches return.
11    Google enables “Site Isolation” feature for Chrome desktop.
11    New Spectre 1.1 and Spectre 1.2 CPU flaws disclosed.
10   Microsoft releases patches for Windows 7 and 8.1.
10    Microsoft releases patches for all Windows 10 builds.
10   Adobe pushes fixes for Flash Player, Acrobat, Reader, more.
10  Microsoft updates list of dangerous files it blocks inside Office 365 docs.
09  Apple Releases Multiple Security Updates.
09  Smart TVs are spying on you through your phone.
09  Timehop security breach affects entire 21 million userbase.
06  The Week in Ransomware – Nozelesn & GandCrab V4.
06  Apple Releases Security Update for Boot Camp.
06  Microsoft Launcher for Android Gets a Big Update.
05  Microsoft resumes delivering Windows 7 Defender definition updates.
04  Chrome and Firefox pull Stylish add-on after report it logged browser history.
04  Someone else may be reading your Gmails.
03  Malware authors weaponizing Windows SettingContent-ms files.
03  Download bomb trick returns in Chrome; also affects Firefox, Opera, Vivaldi & Brave.
03  Mozilla fixes security vulnerabilities in Thunderbird 52.9.
02  Samsung Messages app sends photos to random contacts.
02  Facebook admits it shared user data with 61 companies.
02  Newer Diameter Telephony Protocol just as vulnerable as SS7.
01   New Medicare cards are in the mail for Kansas residents.

AV Real-World Protection Test February-June 2018

June, 2018  (Click listings for more information).
29  Adidas Announces Data Breach.
29  PROPagate code injection technique detected for the first time.
28  Your PC is infected if ‘All-Radio 4.27 Portable’ can’t be removed.
28  Android devices since 2012 impacted by RAMpage vulnerability.
28  Microsoft updates drivers and firmware for Surface devices.
28  Some Spectre In-Browser Mitigations Can Be Defeated.
28  Plant Your Flag, Mark Your Territory.
27  Windows Defender Detecting Legitimate Files as Trojan.
27  WPA3, a Wi-Fi security standard, will replace WPA2.
27  NSA Exploit Patched to Work on Windows IoT Systems.
26  Windows Settings Shortcuts Can Be Abused on Windows 10.
26  ♦ Microsoft releases Windows 10 build 17134.137 – KB4284848.
26  Firefox 61 Released for Windows, Mac, and Linux.
26  “Have I Been Pwned” being added to Firefox & 1Password.
23  Apple Confirms Major Issues With MacBook Keyboards.
23  Systems lacking SSE2 support not receiving Windows updates.
23  Android & iOS applications are exposing over 113 GBs of data.
22  The Week in Ransomware – Scarab Everywhere!
22  Updated browser should keep users safe from most exploit kits.
22  Fake WannaCry blackmail campaign is really just WannaSpam.
22  Someone is using insecure cameras to spy on device owners.
21   Microsoft releases Windows 10 builds 16299.522, 15063.1182.
20  Google Updates File Signature Checks for Android Apps.
20  Google, Roku, Sonos to fix DNS Rebinding Attack Vector.
19  ZeroFont Technique Bypasses Office 365 Security Filters.
19   AT&T, Sprint, Verizon to stop sharing customer location data.
18   MacOS still leaks secrets stored on encrypted drives.
18   Google to fix location data leak in Google Home, Chromecast.
18   Adware wreaks havoc among Windows 10 users in the US.
15   AV Real-World Protection Test May 2018 – Factsheet.
15   The Week in Ransomware – DBGer, Scarab, and More.
14    Windows 10 April 2018 Update is now fully available.
14   Android malware packs a banking trojan, keylogger & ransomware.
13   VPNFilter Malware Still Making Waves.
13   New Vulnerability Affects All Intel Core CPUs.
13   Cortana hack lets you change passwords on locked PCs.
13   Status of Meltdown and Spectre Mitigations in Windows.
12   ♦ Microsoft releases Windows 10 builds 17134.112, 16299.492.
12   Mac Security Tool bugs show Malware as Apple Software.
12   Trik Spam Botnet Leaks 43 Million Email Addresses.
12   Microsoft and Adobe Flash Player issue security patches.
11    Apple Bans Apps That Mine Cryptocurrencies.
11   Thousands of Android devices are exposing their debug port.
08  The Week in Ransomware – CryBrazil, CryptConsole, etc.
08  Malspam Campaigns Bypass AV Filters and Install RATs.
08  F-Secure fixes serious vulnerability in antivirus products.
07  Google Releases Security Update for Chrome.
07  Facebook Bug Caused New Posts to be Shared Publicly.
07  Security vulnerabilities fixed in Firefox 60.0.2.
07  Adobe Patches Zero-Day Flash Flaw.
07  Patches available for bugs in popular brand of IP cameras.
06  VPNFilter malware is much worse than previously thought.
05  Microsoft releases Windows 10 build 17134.83 – KB4338548.
05  Credentials for 92 million users of DNA testing firm exposed.
04  How to protect yourself from Ticketfly type megabreaches.
01   Firmware & driver updates for Microsoft Surface 3 tablet.
01   Apple Releases Security Updates for macOS.
01   The Week in Ransomware – from Russia with Love, etc.

May, 2018  (Click listings for more information).
30  Remote code vulnerability disclosed in Windows JScript.
30  Hackers targeting gas stations & credit cards at the pump.
29  Apple releases iOS 11.4 with Messages in iCloud & AirPlay 2.
29  Rebooting your router to remove VPNFilter is not enough.
29  Google Chrome 67 released for Windows, Mac, and Linux.
26  Why Is Your Location Data No Longer Private?
25  Facebook 2FA no longer needs a phone number.
25  Z-Shave Attack Could Impact Over 100 Million IoT Devices.
24  Amazon Alexa recorded a conversation and sent it to a contact.
24    Microsoft Update Fixes Windows 10 Intel & Toshiba SSD Issues.
24  FBI Takes Control of APT28’s VPNFilter Botnet.
23  Hackers infect 500,000 consumer routers all over the world.
22  Microsoft to Block Flash in Office 365.
22  Mobile Giants: Please Don’t Share the Where.
22  DrayTek router user? Patch now to keep the crooks out.
21     Microsoft releases a Windows 10 update for version 1709.
21   Google and Microsoft Reveal New Spectre Attack.  
21   GPON Routers Attacked With New Zero-Day.
20  Using Google Chrome Cleanup to scan for unwanted software.
20  Phishing Roundup, Some Current Phishing Threats.
19   Clicking on a PDF infects older versions of Windows.
18   How to delete the ‘mshelper’ malware from macOS.
18   Security vulnerabilities fixed in Thunderbird 52.8.
17   Coinminer Campaign Makes 500,000 Victims in Three Days.
17   Tracking firm leaked location data of all major U.S. mobile carriers.
16     Windows 10 April Update halted for devices with Intel & Toshiba SSDs.
16  Adware launches in-browser mining sites mimicking Cloudflare.
16  Chrome update fixes issue that broke many web-based games.
16   Microsoft Releases KB4100347, KB4134660, and KB4134661.
14   Adobe security updates for Acrobat, Reader, & Photoshop.
14   Facebook suspends apps that may have mishandled user data.
13   Card Breach Announced at Chili’s Restaurant Chain.
11    EternalBlue exploit is bigger than ever, 1 year after WannaCry.
11    Malicious apps get back on the Play Store with name change.
11    Surface Book 2 gets fixes for Windows 10 April 2018 Update.
11    Internet Explorer zero-day:  browser is under attack.
10   Wanted that Windows 10 update but have an Intel SSD?
10   Malicious Chrome extensions infect 100,000-plus users.
10   At least five IoT botnets are attacking Dasan GPON routers.
10   Google Releases Security Update for Chrome.
09  Security vulnerabilities fixed in Firefox 60.
09  Think you’ve got your credit freezes covered? Think again.
09  OS vendors release patches after misinterpreting Intel docs.
09    Some Windows 10 PCs can’t boot after installing updates.
09  Critical bug in 7-Zip – make sure you’re up to date!
08  Microsoft Patch Tuesday and Adobe Flash Player Updates.
08  Office 365 zero-day used in real-world phishing campaigns.
08  Patch Tuesday: Here’s what’s new for Windows 7 and 8.1.
05    Here’s how to roll back the Windows 10 April 2018 Update.
04    Stay away from Windows 10 Update on this Patch Tuesday.
04  Half a million pacemakers need a security patch.
03  Chrome is Crashing on Windows 10’s April 2018 Update.
03  Drive-by attack uses GPU to compromise an Android phone.
03  Twitter to All Users: Change Your Password Now!
02  Update patches Windows Host Compute Service Shim library.
02  VirusTotal releases VTZilla 2.0 extension for Firefox Quantum.
01   Google Maps open redirect flaw abused by scammers.