Security News > 2020 > October

If your PC games are lagging or running slow, you can free up resources in Windows 10 using a new XBOX Game Bar task manager that overlays on top of running games. This week, Microsoft has started to rollout XBOX Game Bar version 5.420.9252.0 to all Windows 10 users via the Microsoft Store.

Windows 10 comes with both the Control Panel and modern Settings, but the modern Settings app provides an unpolished experience with key features missing. God Mode lets you access all management features in one location and it's still better than the modern Windows 10 Settings.

Phishing campaigns have started to use Basecamp as part of malicious phishing campaigns that distribute malware or steal your login credentials. As Basecamp offers a free license, users get free hosting that they can use to distribute any type of file they want.

The Windows 10 Calculator has been ported to Linux and can be installed from the Canonical Snap Store. In March 2019, Microsoft open-sourced the Windows 10 Calculator and invited other developers to contribute to its development.

Marking a pivot from COVID-19 scams, researchers track a single threat actor through the evolution from the pandemic to PayPal, and on to more timely voter scams - all with the same infrastructure. "The range of information credential-phishing themes - PayPal, COVID-19, voting - illustrate how actors often simply pivot from one theme to the next, all while using similar infrastructure and backend functionality," Sherrod DeGrippo, senior director of threat research and detection for Proofpoint, told Threatpost.

The Chinese have been illegally squid fishing near the Galapagos Islands. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my...

One flaw exists in Microsoft's Visual Studio Code is a free source-code editor made by Microsoft for Windows, Linux and macOS. The other is in the Microsoft Windows Codecs Library; the codecs module provides stream and file interfaces for transcoding data in Windows programs. According to Microsoft, one "Important" severity flaw stems from the way that Microsoft Windows Codecs Library handles objects in memory.

A critical vulnerability in a SonicWall enterprise VPN firewall can be exploited to crash the device or remotely execute code on it, reverse engineers said this week. In a statement SonicWall said it "Was contacted by a third-party research team regarding issues related to SonicWall next-generation virtual firewall models." The spokesman went on to say that SonicWall's own engineers discovered even more vulns while reproducing Tripwire's findings, going on to develop patches for the whole lot.

Hackers sent Joe Biden's presidential campaign staffers malicious emails that impersonated anti-virus software company McAfee, and used a mix of legitimate services to avoid detection. The unsuccessful advanced persistent threat group attacks on Biden's campaign were first uncovered in June, along with cyberattacks targeting Donald Trump's campaign.

Because as we know, women in the STEM and particularly the cybersecurity fields, are very, very low, statistics are less than 2%. SEE: 10 STEM projects to try out at home. The intent of this camp is to do a few things: one, to raise awareness of cybersecurity; two, to engage students in cybersecurity; and three, it's also to lessen the gap in cybersecurity for women and minorities.