Google Working on Chrome Never-Slow Mode for Faster Browsing

According to a work in progress Chromium source code commit, Google Chrome might get a "Never-Slow Mode" flag in the future which, when enabled, would block the loading of website resources that exceed a pre-defined size limit. [...]

https://www.bleepingcomputer.com/news/google/google-working-on-chrome-never-slow-mode-for-faster-browsing/

Windows 3.0 File Manager Reborn in All Its Nostalgic Glory

In 2018, Microsoft open-sourced the original and first GUI-based Windows File Manager which debuted in Windows 3.0. The program, which is maintained on GitHub by Microsoft, is now available to download for Windows 10 devices from the Microsoft Store. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-30-file-manager-reborn-in-all-its-nostalgic-glory/

Microsoft Authenticator App Now Delivers Security Notifications

The Microsoft Authenticator app has been updated to deliver security notifications when important events such password changes, unusual sign-in activity, or phone number and email address changes happen. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-authenticator-app-now-delivers-security-notifications/

Firefox 66 to Automatically Block Auto-Playing Audible Video and Audio

Starting with Firefox 66, Mozilla's web browser will come with a new feature designed to automatically block audible video and audio content from auto-playing.on desktop and Android devices [...]

https://www.bleepingcomputer.com/news/software/firefox-66-to-automatically-block-auto-playing-audible-video-and-audio/

ExileRat Targeting Tibetan Supporters via Malicious PowerPoint Docs

A targeted attack against pro-Tibetan supporters has been discovered that installs the ExileRat remote access Trojan through malicious PowerPoint attachments. Once infected, the RAT will allow attackers to retrieve information, execute commands, and steal data from the infected computers. [...]

https://www.bleepingcomputer.com/news/security/exilerat-targeting-tibetan-supporters-via-malicious-powerpoint-docs/

Windows 10 Update Continues Having Issues After DNS Fixes

Windows 10 users continue to have problems performing Windows Update even after Microsoft reportedly has fixed the problem that users were having last week. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-update-continues-having-issues-after-dns-fixes/

Mozilla Adding CryptoMining and Fingerprint Blocking to Firefox

In numerous Mozilla bug tickets that were recently updated, Mozilla is getting closer to adding cryptomining and fingerprinting blocking to their Firefox browser. [...]

https://www.bleepingcomputer.com/news/security/mozilla-adding-cryptomining-and-fingerprint-blocking-to-firefox/

Huddle House Fast Food Chain Suffers Data Breach in POS System

Fast food restaurant chain Huddle House has disclosed that they were affected by a data breach in the point of sale system at some locations that allowed attackers to steal payment information. [...]

https://www.bleepingcomputer.com/news/security/huddle-house-fast-food-chain-suffers-data-breach-in-pos-system/

RDP Clients Exposed to Reverse RDP Attacks by Major Protocol Issues

Multiple major vulnerabilities were discovered in the Remote Desktop Protocol (RDP) protocol which can allow bad actors to take control of computers connecting to a malicious server using remote code execution and memory corruption. [...]

https://www.bleepingcomputer.com/news/security/rdp-clients-exposed-to-reverse-rdp-attacks-by-major-protocol-issues/

Mozilla Resumes Firefox 65 Rollout After AVs Disable HTTPS Scanning

Last week Mozilla halted the rollout of Firefox 65 for Windows after users started reporting insecure certificate errors due to antivirus software conflicts. Now that antivirus vendors have disabled HTTPS scanning for Firefox, Mozilla has enabled the automatic update of Firefox 65 again. [...]

https://www.bleepingcomputer.com/news/software/mozilla-resumes-firefox-65-rollout-after-avs-disable-https-scanning/

Google Launches Password Checkup Extension to Alert Users of Data Breaches

Google announced the release of the Password Checkup Chrome extension designed to keep an eye on current data breaches and announce its users if their accounts have been impacted by recent security breaches. [...]

https://www.bleepingcomputer.com/news/security/google-launches-password-checkup-extension-to-alert-users-of-data-breaches/

OpenOffice Vulnerable to Remote Code Execution, LibreOffice Patched

The latest version of OpenOffice is exposed to a remote code execution vulnerability that can be triggered using automated macro execution when users move the mouse over a maliciously crafted ODT document. The issue was patched in LibreOffice 6.0.7/6.1.3. [...]

https://www.bleepingcomputer.com/news/security/openoffice-vulnerable-to-remote-code-execution-libreoffice-patched/

Microsoft Confirms Windows Update Problems Were Caused by DNS Issues

In a new update last night to the Windows 10 and Windows Server 2019 update history support article, Microsoft has confirmed that this problem was caused by data corruption at an external DNS service provider. This caused incorrect records to be pushed to downstream DNS servers at other ISPs. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-windows-update-problems-were-caused-by-dns-issues/

Microsoft Released the February 2019 Non-Security Office Updates

Microsoft released the February Non-Security Microsoft Office updates containing improvements and fixes for MSI-based editions of Office 2010, Office 2013, and Office 2016. These updates do not apply to the Click-to-Run versions of the apps, such as Microsoft Office 365 Home. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-released-the-february-2019-non-security-office-updates/

GandCrab Ransomware Helps Shady Data Recovery Firms Hide Ransom Costs

The GandCrab ransomware TOR site allows dishonest data recovery companies to hide the actual ransom cost from victims and it is currently being disseminated through a large assortment of distribution channels. [...]

https://www.bleepingcomputer.com/news/security/gandcrab-ransomware-helps-shady-data-recovery-firms-hide-ransom-costs/

Cryptojacking Overtakes Ransomware, Malware-as-a-Service on the Rise

Cryptominers infected roughly ten times more organizations during 2018 than ransomware did, however only one in five security professionals knew that their company's systems have been impacted by a malware attack as reported by Check Point Research. [...]

https://www.bleepingcomputer.com/news/security/cryptojacking-overtakes-ransomware-malware-as-a-service-on-the-rise/

Power Company Has Security Breach Due to Downloaded Game

South African energy supplier Eskom Group has been hit with a double security breach consisting of an unsecured database containing customer information and a corporate computer infected with the Azorult information-stealing Trojan. [...]

https://www.bleepingcomputer.com/news/security/power-company-has-security-breach-due-to-downloaded-game/

30% of Automotive Companies Lacking a Dedicated Cybersecurity Team

30% of companies from the automotive industry do not have their own cybersecurity program or team, nor use the services of an external organization to secure the software used in their products even though today's cars are mobile computers on wheels that use software every second of the day, [...]

https://www.bleepingcomputer.com/news/security/30-percent-of-automotive-companies-lacking-a-dedicated-cybersecurity-team/

Mozilla's Site Isolation Coming to Firefox, First Milestone in February

Mozilla's Project Fission team is working on implementing a site isolation Firefox security feature similar to the one implemented by Google in version 67 of its Chrome web browser to mitigate speculative side-channel attacks launched by malicious websites. [...]

https://www.bleepingcomputer.com/news/security/mozillas-site-isolation-coming-to-firefox-first-milestone-in-february/

Researcher Declines to Share Zero-Day macOS Keychain Exploit with Apple

Security researcher Linus Henze demoed a zero-day macOS exploit impacting the Keychain password management system which can store passwords for applications, servers, and websites, as well as sensitive information related to banking accounts. [...]

https://www.bleepingcomputer.com/news/security/researcher-declines-to-share-zero-day-macos-keychain-exploit-with-apple/

59K Data Breaches Reported, 91 Fines Imposed Since GDPR Enactment

More than 59,000 data breach notifications have been reported to Data Protection Authorities (DPAs) across Europe by both public and privately-owned organizations since EU's GDPR was passed on May 25, 2018. Google's €50 million fine from January. was the largest ever imposed. [...]

https://www.bleepingcomputer.com/news/security/59k-data-breaches-reported-91-fines-imposed-since-gdpr-enactment/