By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Microsoft is all set to make some changes to the Windows update rollout process, offering users more control over the update process. The Redmond giant recently revealed the name of the upcoming major release of Windows 10. It’s called the Windows 10 May 2019 Update. There will be no Windows 10 April 2019 Update. Microsoft decided to postpone the release of the OS due to technical issues. Once the Windows 10 April 2019 Update is available for the general public, users will be able to decide whether they want to install it on their devices or not. This feature has been added as a part of the recent changes that made to the Windows update rollout process. As we already reported, Windows 10 users can now pause all the updates on their systems for up to 35 days. Microsoft acknowledged the fact that the changes have been implemented based on user feedback. As a matter of fact, Windows users have been complaining about the disruptive Windows update process for many years. Users can now choose when they want to initiate the installation process for the Windows 10 May 2019 Update. Additionally, Microsoft plans to send notifications to the users as soon as a major update has been released. Now, let’s talk about other features included in the latest Windows 10 update. Cortana digital assistant is going to be separated from Windows Search and a new sandbox functionality will be added. Microsoft will start rolling out the update to the Release Preview ring Insiders next week. The public rollout is expected to start next month. Learn more by visiting OUR FORUM.

An online black market offering cybercrime goods and services was found on Facebook, spreading over 74 groups and totaling around 385,000 members, according to a report by Cisco Talos security researchers. "The majority of these groups use fairly obvious group names, including 'Spam Professional,' 'Spammer & Hacker Professional,' 'Buy Cvv On THIS SHOP PAYMENT BY BTC,' and 'Facebook hack (Phishing),' says Cisco Talos. More to the point, the members of these Facebook groups sell, buy, and exchange anything from account credentials and phishing tools and services credit card info and fake IDs. "Others products and services were also promoted. We saw spammers offering access to large email lists, criminals offering assistance moving large amounts of cash, and sales of shell accounts at various organizations, including government," also said the Cisco Talos researchers. What's even more surprising is that it is very simple to find and join these cybercrime-focused Facebook groups, especially since Facebook's algorithms will automatically suggest joining similar groups from the same network designed to promote illegal cybercrime tools and services. While Cisco Talos first tried to take down the groups using the social network's abuse report feature, the security researchers had to eventually reach out to Facebook and disclosed their findings after their initial attempts weren't fully successful. This led to the eventual takedown of most of the Facebook groups involved in the virtual black market, but, as reported by Cisco Talos, new groups have been created and some of them are still active and need to be closed by the social network's security team. Read more on OUR FORUM.

A common phone call scam that people have been receiving states that your Social Security number is suspended for suspicious activity. It then prompts you to speak to a government agent in order to receive help resolving the issue. This scam has been going on for over a year, if not longer, and are robocalls that pretend to be from a government official who states that suspicious or fraudulent activity associated with your social security number has been detected. The robocall then prompts you to call back or speak to an agent in order to resolve the issue. As the FTC notes, Social Security numbers cannot be suspended, so any calls stating that they are is simply a scam. The attackers are just trying to trick you into providing your birth date, bank account numbers, social security numbers, and other sensitive information. "Thing is, Social Security numbers do not get suspended," the FTC states in an advisory. "This is just a variation of a government imposter scam that’s after your SSN, bank account number, or other personal information. In this variation of the scheme, the caller pretends to be protecting you from a scam while he’s trying to lure you into one." Visit OUR FORUM to read and hear the scam messages.

Microsoft today announced Windows 10 May 2019 Update, along with a new strategy for Windows Update release schedule and more transparency in this regards. Microsoft also officially announced the release date of the next feature update for Windows 10 and it won’t arrive this month. Windows 10 May 2019 Update comes with a series of improvements to Start menu, Action Center, Settings app and more. It also introduces a new Windows light theme experience, Windows Sandbox, and several other features. Windows 10 May 2019 Update is expected to begin rolling out for free to compatible devices in late May 2019. Insiders have been testing Windows 10 version 1903 over the last several months and the update is finally ready for the Release Preview Ring. After a month of testing with Release Preview Ring Insiders, the fully baked update will be ready for public consumption by the end of May. “I’m pleased to announce that the Windows 10 May 2019 Update will start to be available next week in the Release Preview Ring for those in the Windows Insider Program. We will begin broader availability in late May for commercial customers, users who choose the new May 2019 Update for their Windows 10 PC via “check for updates,” and customers whose devices are nearing the end of support on a given release,” Microsoft said in a blog post. Follow this and further releases on OUR FORUM.

Phishing campaigns, some launched as recently as March, aimed at stealing credentials from Verizon mobile customers by spoofing the company's support service. Being mobile-focused and using an identifier for an official service from Verizon is what prompted researchers to categorize it as sophisticated above average. The link delivering the phishing kit includes the abbreviation 'ecrm,' which Verizon uses as a sub-domain - ecrm.verizonwireless[.]com - for its Electronic Customer Relationship Management platform. Researchers at Lookout mobile security company noticed one such attack in late November 2018; another one occurred in February this year and the activity intensified in March when three waves were recorded in two consecutive days. Loaded on the desktop, the phishing page looks suspicious, but on mobile devices, it renders as if it were genuine and could easily fool the receiver into sending the attacker the login credentials (phone number or user ID, and password) for the Verizon account. "This kit targeted Verizon customers through malicious links masquerading as Verizon Customer Support. This shows that the attackers did their research," writes Jeremy Richards, a principal security researcher at Lookout. Verizon customers are constantly targeted by phishing campaigns and the company is perfectly aware of this. A page is available with variations of the fraud attempts to warn users to be on guard. Customers of AT&T have also been targeted in a phishing campaign that was active on Monday. Microsoft researchers found it via Windows Defender Advanced Threat Protection platform. For more including domain names visit OUR FORUM.

Cybersecurity is in a terrible state, possibly the worst it's ever been. Literally not a day goes by without another report of a security breach or a data spill or a hack spilling corporate secrets. There is plenty of blame to go around, of course. Let's start with the obvious ones, the crooks and scammers – from petty criminals to organized crime – who are able to extort us with ransomware or steal corporate data or our credit-card details with phishing attacks. Few police forces have the time, money and skill to catch these groups or bring them to justice. Then there are state-backed hackers who switch between espionage and cyber warfare – and the governments that either turn a blind eye to their activities or positively encourage them. Who else to blame? Perhaps the tech companies that are desperate to rush a new product to market to beat their rivals, and think that cutting corners on testing security is a good way to do it. And it's not just startups, either; witness the constant stream of security patches that flow from all the big tech companies every month, fixing problems with software that simply wasn't secure enough when it was sold. What about the enterprise? There are software patches for all of the most regularly abused software flaws, just as there was a patch for the flaw that allowed WannaCry to spread. And yet those flaws go unpatched because firms don't want to spend the time and money fixing those flaws and patching those systems. Follow up on OUR FORUM.

 

GTranslate