Microsoft to Bundle Office With Windows Into New "Microsoft 365" Service

Today at the company's Inspire business conference, Microsoft announced a new service called "Microsoft 365" that bundles together three of its previous standalone services: Office 365, Windows 10, and Enterprise Mobility + Security. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-bundle-office-with-windows-into-new-microsoft-365-service/

Prolific Russian Hacker Gets Nine Years in Prison

Alexander Tverdokhlebov, 29, a former Russian national, now a US citizen living in Los Angeles, was sentenced to nine years in prison for operating a banking trojan botnet, and stealing money from victims' bank accounts. [...]

https://www.bleepingcomputer.com/news/security/prolific-russian-hacker-gets-nine-years-in-prison/

Australian Man Arrested for Helping Group of Tech Support & Ransomware Operators

Australian police have arrested a man from the city of Mackay on allegations of laundering money for the operators of a tech support and ransomware scheme. [...]

https://www.bleepingcomputer.com/news/security/australian-man-arrested-for-helping-group-of-tech-support-and-ransomware-operators/

Man Pleads Guilty to Manipulating Lottery Winning Tickets via Hacked Computer

Eddie Tipton, 54, admitted to creating malware in the form of a DLL file, which he loaded on the secure computers of the Multi-State Lottery Association (MSLA), a company that runs lotteries in 33 states, but also in the District of Columbia, Puerto Rico and the U.S. Virgin Islands. [...]

https://www.bleepingcomputer.com/news/legal/man-pleads-guilty-to-manipulating-lottery-winning-tickets-via-hacked-computer/

The Second Most Popular Mac Malware Is a Cryptocurrency Miner

According to statistics released by Symantec today, the second most widespread Mac malware today is a cryptocurrency miner called DevilRobber, which saw a huge spike in activity last month. [...]

https://www.bleepingcomputer.com/news/security/the-second-most-popular-mac-malware-is-a-cryptocurrency-miner/

UK Radio Station Hijacked Eight Times in the Past Month to Play Obscene Song

An unknown hacker has hijacked the radio frequency of a UK radio station to play an obscene song eight times during the past month, according to the radio station's manager who recently revealed the hacks in an interview with BBC Radio. [...]

https://www.bleepingcomputer.com/news/security/uk-radio-station-hijacked-eight-times-in-the-past-month-to-play-obscene-song/

Magala Trojan Uses Virtual Desktops to Secretly Click on Search Results Ads

A new click-fraud trojan is infecting Windows computers and using virtual desktops to click on ads in search results to earn a profit for its creator(s). [...]

https://www.bleepingcomputer.com/news/security/magala-trojan-uses-virtual-desktops-to-secretly-click-on-search-results-ads/

PSA: Don't Open SPAM Containing Password Protected Word Docs

I wanted to alert everyone of a new malware distributing SPAM that I just received that contains a password protected Word document, which pretends to be about a payment I would be receiving shortly. As I always love free money, I had to take a look and see what I was getting for free.   [...]

https://www.bleepingcomputer.com/news/security/psa-dont-open-spam-containing-password-protected-word-docs/

Data of 14 Million Verizon Customers Exposed in Server Snafu

Sensitive data for around 14 million Verizon customers was exposed online because a third-party contractor forgot to limit external access to an Amazon S3 server. [...]

https://www.bleepingcomputer.com/news/security/data-of-14-million-verizon-customers-exposed-in-server-snafu/

Decrypted: Emsisoft Releases a Decryptor for NemucodAES Ransomware

Fabian Wosar of Emsisoft has been able to crack the decryption used by the NemucodAES ransomware so that victims can get their files back for free. This guide will walk you through using the decryptor and provide a brief explanation on the NemucodAES Ransomware. [...]

https://www.bleepingcomputer.com/news/security/decrypted-emsisoft-releases-a-decryptor-for-nemucodaes-ransomware/

Scammer Uses Fake Tor Browser to Lure Victims to Supposed Dark Web Marketplace

A new malicious app disguised as a modified version of the Tor Browser is targeting users looking to buy illegal products off the Dark Web. [...]

https://www.bleepingcomputer.com/news/security/scammer-uses-fake-tor-browser-to-lure-victims-to-supposed-dark-web-marketplace/

Hackers Are Using Automated Scans to Target Unfinished WordPress Installs

Experts from security firm Wordfence say they have observed a new type of web attack that took aim at unfinished WordPress installations. [...]

https://www.bleepingcomputer.com/news/security/hackers-are-using-automated-scans-to-target-unfinished-wordpress-installs/

Vault 7: CIA Developed Android Malware That Works as an SMS Proxy

WikiLeaks published today the manual of another CIA hacking tool part of the Vault 7 leak series. This tool is referenced internally at the CIA under the name of HighRise and is an Android application for intercepting and redirecting SMS messages to a remote web server. [...]

https://www.bleepingcomputer.com/news/security/vault-7-cia-developed-android-malware-that-works-as-an-sms-proxy/

"Particle" Chrome Extension Sold to New Dev Who Immediately Turns It Into Adware

A company is going around buying abandoned Chrome extensions from their original developers and converting these add-ons into adware. [...]

https://www.bleepingcomputer.com/news/security/-particle-chrome-extension-sold-to-new-dev-who-immediately-turns-it-into-adware/

Microsoft Adds Protection Against Process Hollowing and Atom Bombing

Microsoft has worked on adding security protections against two forms of code injection techniques known as process hollowing and atom bombing. [...]

https://www.bleepingcomputer.com/news/security/microsoft-adds-protection-against-process-hollowing-and-atom-bombing/

App Finds More Than 50,000 Computers Vulnerable to ETERNALBLUE Exploit

The developer of a tool named Eternal Blues that scans for computers vulnerable to the NSA's ETERNALBLUE exploit has published statistics gathered from the app's usage. [...]

https://www.bleepingcomputer.com/news/security/app-finds-more-than-50-000-computers-vulnerable-to-eternalblue-exploit/

Microsoft Adds Password Recovery Option to Windows 10 Lockscreen

Microsoft added a password recovery option to the Windows 10 locksreen for users that use a Microsoft account to log into their computer. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-adds-password-recovery-option-to-windows-10-lockscreen/

AlphaBay Dark Web Market Taken Down After Law Enforcement Raids

AlphaBay, an online marketplace that sold illegal products on the Dark Web, has been taken offline following raids in three countries, according to several reports. [...]

https://www.bleepingcomputer.com/news/security/alphabay-dark-web-market-taken-down-after-law-enforcement-raids/

New Ovidiy Stealer Malware Sold on Russian Site

A Russia-speaking malware developer going by the name of "TheBottle" has started selling a new infostealer with the name of Ovidiy Stealer. [...]

https://www.bleepingcomputer.com/news/security/new-ovidiy-stealer-malware-sold-on-russian-site/

21-Year-Old Bug in Kerberos Protocol Gets Patch in Windows, Linux

Two implementations of the Kerberos authentication protocol received patches this week against a vulnerability that allowed a threat actor to bypass authentication procedures. [...]

https://www.bleepingcomputer.com/news/security/21-year-old-bug-in-kerberos-protocol-gets-patch-in-windows-linux/

Google to Replace SMS Codes With Mobile Prompts in 2-Step-Verification Procedure

Starting next week Google will overhaul its two-step verification (2SV) procedure and replace one-time codes sent via SMS with prompts shown on the user's smartphone. [...]

https://www.bleepingcomputer.com/news/google/google-to-replace-sms-codes-with-mobile-prompts-in-2-step-verification-procedure/