Distributor of the Reveton Police Ransomware Jailed by UK's NCA
In August 2018, a former Microsoft employee, Raymond Odigie Uadiale, was charged with laundering money that was obtained through Reveton victims. According to his plea agreement, Uadiale admitted to working with a cybercriminal known as "K!NG", who was involved in the distribution of the Reveton ransomware. [...]
https://www.bleepingcomputer.com/news/security/distributor-of-the-reveton-police-ransomware-jailed-by-uks-nca/
In August 2018, a former Microsoft employee, Raymond Odigie Uadiale, was charged with laundering money that was obtained through Reveton victims. According to his plea agreement, Uadiale admitted to working with a cybercriminal known as "K!NG", who was involved in the distribution of the Reveton ransomware. [...]
https://www.bleepingcomputer.com/news/security/distributor-of-the-reveton-police-ransomware-jailed-by-uks-nca/
BleepingComputer
Distributor of the Reveton Police Ransomware Jailed by UK's NCA
In August 2018, a former Microsoft employee, Raymond Odigie Uadiale, was charged with laundering money that was obtained through Reveton victims. According to his plea agreement, Uadiale admitted to working with a cybercriminal known as "K!NG", who was involvedβ¦
Cryptominers Still Top Threat In March Despite Coinhive Demise
Although Coinhive shut down and its cryptominer dropped down on the sixth place in Check Point's latest Global Threat Index, coinminers continue to lead the pack with Cryptoloot, XMRig, and Jsecoin taking the first, third, and fifth place. [...]
https://www.bleepingcomputer.com/news/security/cryptominers-still-top-threat-in-march-despite-coinhive-demise/
Although Coinhive shut down and its cryptominer dropped down on the sixth place in Check Point's latest Global Threat Index, coinminers continue to lead the pack with Cryptoloot, XMRig, and Jsecoin taking the first, third, and fifth place. [...]
https://www.bleepingcomputer.com/news/security/cryptominers-still-top-threat-in-march-despite-coinhive-demise/
BleepingComputer
Cryptominers Still Top Threat In March Despite Coinhive Demise
Although Coinhive shut down and its cryptominer dropped down on the sixth place in Check Point's latest Global Threat Index, coinminers continue to lead the pack with Cryptoloot, XMRig, and Jsecoin taking the first, third, and fifth place.
Adobe Releases April 2019 Security Updates for Flash, Shockwave, and More
Adobe has published their monthly Patch Tuesday updates for the month of April 2019. These updates fix various security vulnerabilities in Adobe Flash Player, Shockwave Player, Dreamweaver, Adobe XD CC, Adobe Experience Manager Forms, and Adobe Bridge CC. [...]
https://www.bleepingcomputer.com/news/security/adobe-releases-april-2019-security-updates-for-flash-shockwave-and-more/
Adobe has published their monthly Patch Tuesday updates for the month of April 2019. These updates fix various security vulnerabilities in Adobe Flash Player, Shockwave Player, Dreamweaver, Adobe XD CC, Adobe Experience Manager Forms, and Adobe Bridge CC. [...]
https://www.bleepingcomputer.com/news/security/adobe-releases-april-2019-security-updates-for-flash-shockwave-and-more/
BleepingComputer
Adobe Releases April 2019 Security Updates for Flash, Shockwave, and More
Adobe has published their monthly Patch Tuesday updates for the month of April 2019. These updates fix various security vulnerabilities in Adobe Flash Player, Shockwave Player, Dreamweaver, Adobe XD CC, Adobe Experience Manager Forms, and Adobe Bridge CC.
Windows 10 April 2019 Cumulative Updates Released With Fixes
Today is second Tuesday of the month and the new cumulative updates are rolling out for supported versions of Windows 10, including the October 2018 Update, [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-april-2019-cumulative-updates-released-with-fixes/
Today is second Tuesday of the month and the new cumulative updates are rolling out for supported versions of Windows 10, including the October 2018 Update, [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-april-2019-cumulative-updates-released-with-fixes/
BleepingComputer
Windows 10 April 2019 Cumulative Updates Released With Fixes
Today is second Tuesday of the month and the new cumulative updates are rolling out for supported versions of Windows 10, including the October 2018 Update,
Microsoft's April 2019 Patch Tuesday Fixes 74 Vulnerabilities
Today is Microsoft's April 2019 Patch Tuesday, which means Windows admins are getting ready to pull their hair out while testing the new patches and security updates released by Microsoft. Included in this month's updates are fixes for two vulnerabilities that have been spotted being actively exploited in the wild. [...]
https://www.bleepingcomputer.com/news/microsoft/microsofts-april-2019-patch-tuesday-fixes-74-vulnerabilities/
Today is Microsoft's April 2019 Patch Tuesday, which means Windows admins are getting ready to pull their hair out while testing the new patches and security updates released by Microsoft. Included in this month's updates are fixes for two vulnerabilities that have been spotted being actively exploited in the wild. [...]
https://www.bleepingcomputer.com/news/microsoft/microsofts-april-2019-patch-tuesday-fixes-74-vulnerabilities/
BleepingComputer
Microsoft's April 2019 Patch Tuesday Fixes 74 Vulnerabilities
Today is Microsoft's April 2019 Patch Tuesday, which means Windows admins are getting ready to pull their hair out while testing the new patches and security updates released by Microsoft. Included in this month's updates are fixes for two vulnerabilitiesβ¦
Criminal Market Sells Over 60K Digital Identities For $5-$200
More than 60,000 stolen digital profiles are currently up for sale on Genesis Store, a private and invitation-only online cybercriminal market discovered and exposed by Kaspersky Lab researchers. [...]
https://www.bleepingcomputer.com/news/security/criminal-market-sells-over-60k-digital-identities-for-5-200/
More than 60,000 stolen digital profiles are currently up for sale on Genesis Store, a private and invitation-only online cybercriminal market discovered and exposed by Kaspersky Lab researchers. [...]
https://www.bleepingcomputer.com/news/security/criminal-market-sells-over-60k-digital-identities-for-5-200/
BleepingComputer
Criminal Market Sells Over 60K Digital Identities For $5-$200
More than 60,000 stolen digital profiles are currently up for sale on Genesis Store, a private and invitation-only online cybercriminal market discovered and exposed by Kaspersky Lab researchers.
Windows Server 2008 Requires KB4493730 to Get Future Updates
Administrators of Windows Server 2008 SP2 will be offered a new servicing stack update today that adds support for future SHA-2 code signed updates. If SHA-2 support is not added to the operating system, it will not be able to install updates starting in July 2019. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-server-2008-requires-kb4493730-to-get-future-updates/
Administrators of Windows Server 2008 SP2 will be offered a new servicing stack update today that adds support for future SHA-2 code signed updates. If SHA-2 support is not added to the operating system, it will not be able to install updates starting in July 2019. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-server-2008-requires-kb4493730-to-get-future-updates/
BleepingComputer
Windows Server 2008 Requires KB4493730 to Get Future Updates
Administrators of Windows Server 2008 SP2 will be offered a new servicing stack update today that adds support for future SHA-2 code signed updates. If SHA-2 support is not added to the operating system, it will not be able to install updates starting inβ¦
Demo Exploit Code Available for Privilege Escalation Bug in Windows
Proof-of-concept exploit code for a privilege escalation vulnerability affecting Windows operating system has been published today, soon after Microsoft rolled out its monthly batch of security patches. [...]
https://www.bleepingcomputer.com/news/microsoft/demo-exploit-code-available-for-privilege-escalation-bug-in-windows/
Proof-of-concept exploit code for a privilege escalation vulnerability affecting Windows operating system has been published today, soon after Microsoft rolled out its monthly batch of security patches. [...]
https://www.bleepingcomputer.com/news/microsoft/demo-exploit-code-available-for-privilege-escalation-bug-in-windows/
BleepingComputer
Demo Exploit Code Available for Privilege Escalation Bug in Windows
Proof-of-concept exploit code for a privilege escalation vulnerability affecting Windows operating system has been published today, soon after Microsoft rolled out its monthly batch of security patches.
Chrome Saying It's Managed by Your Organization May Indicate Malware
Recently users have noticed that Google Chrome has started stating that it is "Managed by your organization", which is a confusing for home computers who are not part of any organization. It turns out that with the release of Chrome 73, the browser will display this message whenever a group policy is configured for Chrome. [...]
https://www.bleepingcomputer.com/news/software/chrome-saying-its-managed-by-your-organization-may-indicate-malware/
Recently users have noticed that Google Chrome has started stating that it is "Managed by your organization", which is a confusing for home computers who are not part of any organization. It turns out that with the release of Chrome 73, the browser will display this message whenever a group policy is configured for Chrome. [...]
https://www.bleepingcomputer.com/news/software/chrome-saying-its-managed-by-your-organization-may-indicate-malware/
BleepingComputer
Chrome Saying It's Managed by Your Organization May Indicate Malware
Recently users have noticed that Google Chrome has started stating that it is "Managed by your organization", which is a confusing for home computers who are not part of any organization. It turns out that with the release of Chrome 73, the browser will displayβ¦
Two Thirds of Hotel Sites Leak Guest Booking Info to Third-Parties
Third-party services running on most hotel websites have access to guest booking information, including personal data and payment card details. The data they're privy to also allows them to cancel reservations. [...]
https://www.bleepingcomputer.com/news/security/two-thirds-of-hotel-sites-leak-guest-booking-info-to-third-parties/
Third-party services running on most hotel websites have access to guest booking information, including personal data and payment card details. The data they're privy to also allows them to cancel reservations. [...]
https://www.bleepingcomputer.com/news/security/two-thirds-of-hotel-sites-leak-guest-booking-info-to-third-parties/
BleepingComputer
Two Thirds of Hotel Sites Leak Guest Booking Info to Third-Parties
Third-party services running on most hotel websites have access to guest booking information, including personal data and payment card details. The data they're privy to also allows them to cancel reservations.
25% of Phishing Emails Bypass Office 365 Default Security
Roughly 25% of all phishing emails found in a batch of 55 million analyzed e-mails were marked as clean by the Office 365 Exchange Online Protection (EOP) and reached the users' inboxes, while another 5.3% were whitelisted instead of getting blocked because of admin configurations. [...]
https://www.bleepingcomputer.com/news/security/25-percent-of-phishing-emails-bypass-office-365-default-security/
Roughly 25% of all phishing emails found in a batch of 55 million analyzed e-mails were marked as clean by the Office 365 Exchange Online Protection (EOP) and reached the users' inboxes, while another 5.3% were whitelisted instead of getting blocked because of admin configurations. [...]
https://www.bleepingcomputer.com/news/security/25-percent-of-phishing-emails-bypass-office-365-default-security/
BleepingComputer
25% of Phishing Emails Bypass Office 365 Default Security
Roughly 25% of all phishing emails found in a batch of 55 million analyzed e-mails were marked as clean by the Office 365 Exchange Online Protection (EOP) and reached the users' inboxes, while another 5.3% were whitelisted instead of getting blocked becauseβ¦
New TajMahal Cyberespionage Kit Includes 80 Malicious Modules
TajMahal, a previously unknown cyberespionage platform featuring roughly 80 different malicious modules and active since at least 2013, was discovered by Kaspersky Lab's research team during late 2018. [...]
https://www.bleepingcomputer.com/news/security/new-tajmahal-cyberespionage-kit-includes-80-malicious-modules/
TajMahal, a previously unknown cyberespionage platform featuring roughly 80 different malicious modules and active since at least 2013, was discovered by Kaspersky Lab's research team during late 2018. [...]
https://www.bleepingcomputer.com/news/security/new-tajmahal-cyberespionage-kit-includes-80-malicious-modules/
BleepingComputer
New TajMahal Cyberespionage Kit Includes 80 Malicious Modules
TajMahal, a previously unknown cyberespionage platform featuring roughly 80 different malicious modules and active since at least 2013, was discovered by Kaspersky Lab's research team during late 2018.
New Extortion Email Threatens to Install WannaCry and DDoS Your Network
A new extortion email scam campaign is underway that states that your computer was hacked and that it was discovered you were hiding your taxes. The alleged hackers then demand 2 bitcoins or they will notify the "Tax Department", DDoS your network, and then install the WannaCry ransomware. [...]
https://www.bleepingcomputer.com/news/security/new-extortion-email-threatens-to-install-wannacry-and-ddos-your-network/
A new extortion email scam campaign is underway that states that your computer was hacked and that it was discovered you were hiding your taxes. The alleged hackers then demand 2 bitcoins or they will notify the "Tax Department", DDoS your network, and then install the WannaCry ransomware. [...]
https://www.bleepingcomputer.com/news/security/new-extortion-email-threatens-to-install-wannacry-and-ddos-your-network/
BleepingComputer
New Extortion Email Threatens to Install WannaCry and DDoS Your Network
A new extortion email scam campaign is underway that states that your computer was hacked and that it was discovered you were hiding your taxes. The alleged hackers then demand 2 bitcoins or they will notify the "Tax Department", DDoS your network, and thenβ¦
Google Wants To Block Potentially Risky Non-Secure Downloads
Google proposed the addition of automatic blocking of high-risk downloads from non-secure websites in future versions of its Chrome web browsers as revealed by a proposal from Google Chrome security engineer Emily Clark in the World Wide Web Consortium (W3C) public mailing list. [...]
https://www.bleepingcomputer.com/news/security/google-wants-to-block-potentially-risky-non-secure-downloads/
Google proposed the addition of automatic blocking of high-risk downloads from non-secure websites in future versions of its Chrome web browsers as revealed by a proposal from Google Chrome security engineer Emily Clark in the World Wide Web Consortium (W3C) public mailing list. [...]
https://www.bleepingcomputer.com/news/security/google-wants-to-block-potentially-risky-non-secure-downloads/
BleepingComputer
Google Wants To Block Potentially Risky Non-Secure Downloads
Google proposed the addition of automatic blocking of high-risk downloads from non-secure websites in future versions of its Chrome web browsers as revealed by a proposal from Google Chrome security engineer Emily Stark in the World Wide Web Consortium (W3C)β¦
DHS and FBI Issue Advisory on North Korean HOPLIGHT Malware
The U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. [...]
https://www.bleepingcomputer.com/news/security/dhs-and-fbi-issue-advisory-on-north-korean-hoplight-malware/
The U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. [...]
https://www.bleepingcomputer.com/news/security/dhs-and-fbi-issue-advisory-on-north-korean-hoplight-malware/
BleepingComputer
DHS and FBI Issue Advisory on North Korean HOPLIGHT Malware
The U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus.
Windows 10 Insider Build 18875 Released, Merges Fast and Skip Ahead Rings
Microsoft has released Windows 10 Insider Preview Build 18875 for Insiders in both the Fast and Skip Ahead rings. With build 1903 already released to Insiders and publicly being released in May, Microsoft has merged the Skip Ahead and Fast rings so that they are both now receiving the same 20H1 builds. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18875-released-merges-fast-and-skip-ahead-rings/
Microsoft has released Windows 10 Insider Preview Build 18875 for Insiders in both the Fast and Skip Ahead rings. With build 1903 already released to Insiders and publicly being released in May, Microsoft has merged the Skip Ahead and Fast rings so that they are both now receiving the same 20H1 builds. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18875-released-merges-fast-and-skip-ahead-rings/
BleepingComputer
Windows 10 Insider Build 18875 Released, Merges Fast and Skip Ahead Rings
Microsoft has released Windows 10 Insider Preview Build 18875 for Insiders in both the Fast and Skip Ahead rings. With build 1903 already released to Insiders and publicly being released in May, Microsoft has merged the Skip Ahead and Fast rings so that theyβ¦
Threat Group Uses Pastebin, GitHub In SneakyPastes Operation
[...]
https://www.bleepingcomputer.com/news/security/threat-group-uses-pastebin-github-in-sneakypastes-operation/
[...]
https://www.bleepingcomputer.com/news/security/threat-group-uses-pastebin-github-in-sneakypastes-operation/
BleepingComputer
Threat Group Uses Pastebin, GitHub In SneakyPastes Operation
A threat group considered the runt of the litter in terms of the complexity of its operations, in 2018 launched operation SneakyPastes, relying to a large extent on services like Pastebin and GitHub to host malware for various stages of the infection chain.
WPA3 Wi-Fi Standard Affected by New Dragonblood Vulnerabilities
Security researchers discovered vulnerabilities in the WPA3-Personal protocol which allow potential attackers to crack Wi-Fi network passwords and get access to the encrypted network traffic exchanged between the connected devices. [...]
https://www.bleepingcomputer.com/news/security/wpa3-wi-fi-standard-affected-by-new-dragonblood-vulnerabilities/
Security researchers discovered vulnerabilities in the WPA3-Personal protocol which allow potential attackers to crack Wi-Fi network passwords and get access to the encrypted network traffic exchanged between the connected devices. [...]
https://www.bleepingcomputer.com/news/security/wpa3-wi-fi-standard-affected-by-new-dragonblood-vulnerabilities/
BleepingComputer
WPA3 Wi-Fi Standard Affected by New Dragonblood Vulnerabilities
Security researchers discovered vulnerabilities in the WPA3-Personal protocol which allow potential attackers to crack Wi-Fi network passwords and get access to the encrypted network traffic exchanged between the connected devices.
Popular Yuzo WordPress Plugin Exploited to Redirect Users to Scams
A vulnerability in the popular WordPress plugin called Yuzo Related Posts is being targeted by attackers to inject JavaScript into the pages of the site. This JavaScript will cause visitors to be redirected to sites displaying scams, including tech support scams, and sites promoting unwanted software such as browser extensions. [...]
https://www.bleepingcomputer.com/news/security/popular-yuzo-wordpress-plugin-exploited-to-redirect-users-to-scams/
A vulnerability in the popular WordPress plugin called Yuzo Related Posts is being targeted by attackers to inject JavaScript into the pages of the site. This JavaScript will cause visitors to be redirected to sites displaying scams, including tech support scams, and sites promoting unwanted software such as browser extensions. [...]
https://www.bleepingcomputer.com/news/security/popular-yuzo-wordpress-plugin-exploited-to-redirect-users-to-scams/
BleepingComputer
Popular Yuzo WordPress Plugin Exploited to Redirect Users to Scams
A vulnerability in the popular WordPress plugin called Yuzo Related Posts is being targeted by attackers to inject JavaScript into the pages of the site. This JavaScript will cause visitors to be redirected to sites displaying scams, including tech supportβ¦
Office 365 Team Discovers Phishing Email Pushing WinRAR Exploit
A recent targeted attack against organizations in the satellite and communications industry echoes techniques seen in campaigns from cyberespionage group MuddyWater. [...]
https://www.bleepingcomputer.com/news/security/office-365-team-discovers-phishing-email-pushing-winrar-exploit/
A recent targeted attack against organizations in the satellite and communications industry echoes techniques seen in campaigns from cyberespionage group MuddyWater. [...]
https://www.bleepingcomputer.com/news/security/office-365-team-discovers-phishing-email-pushing-winrar-exploit/
BleepingComputer
Office 365 Team Discovers Phishing Email Pushing WinRAR Exploit
A recent targeted attack against organizations in the satellite and communications industry echoes techniques seen in campaigns from cyberespionage group MuddyWater.
VSDC Site Hacked Again to Spread Password Stealing Malware
The website of the free multimedia editor VSDC was breached again by hackers, this time the download links being used to distribute a banking trojan and an info stealer. [...]
https://www.bleepingcomputer.com/news/security/vsdc-site-hacked-again-to-spread-password-stealing-malware/
The website of the free multimedia editor VSDC was breached again by hackers, this time the download links being used to distribute a banking trojan and an info stealer. [...]
https://www.bleepingcomputer.com/news/security/vsdc-site-hacked-again-to-spread-password-stealing-malware/
BleepingComputer
VSDC Site Hacked Again to Spread Password Stealing Malware
The website of the free multimedia editor VSDC was breached again by hackers, this time the download links being used to distribute a banking trojan and an info stealer.