New TajMahal Cyberespionage Kit Includes 80 Malicious Modules
TajMahal, a previously unknown cyberespionage platform featuring roughly 80 different malicious modules and active since at least 2013, was discovered by Kaspersky Lab's research team during late 2018. [...]
https://www.bleepingcomputer.com/news/security/new-tajmahal-cyberespionage-kit-includes-80-malicious-modules/
TajMahal, a previously unknown cyberespionage platform featuring roughly 80 different malicious modules and active since at least 2013, was discovered by Kaspersky Lab's research team during late 2018. [...]
https://www.bleepingcomputer.com/news/security/new-tajmahal-cyberespionage-kit-includes-80-malicious-modules/
BleepingComputer
New TajMahal Cyberespionage Kit Includes 80 Malicious Modules
TajMahal, a previously unknown cyberespionage platform featuring roughly 80 different malicious modules and active since at least 2013, was discovered by Kaspersky Lab's research team during late 2018.
New Extortion Email Threatens to Install WannaCry and DDoS Your Network
A new extortion email scam campaign is underway that states that your computer was hacked and that it was discovered you were hiding your taxes. The alleged hackers then demand 2 bitcoins or they will notify the "Tax Department", DDoS your network, and then install the WannaCry ransomware. [...]
https://www.bleepingcomputer.com/news/security/new-extortion-email-threatens-to-install-wannacry-and-ddos-your-network/
A new extortion email scam campaign is underway that states that your computer was hacked and that it was discovered you were hiding your taxes. The alleged hackers then demand 2 bitcoins or they will notify the "Tax Department", DDoS your network, and then install the WannaCry ransomware. [...]
https://www.bleepingcomputer.com/news/security/new-extortion-email-threatens-to-install-wannacry-and-ddos-your-network/
BleepingComputer
New Extortion Email Threatens to Install WannaCry and DDoS Your Network
A new extortion email scam campaign is underway that states that your computer was hacked and that it was discovered you were hiding your taxes. The alleged hackers then demand 2 bitcoins or they will notify the "Tax Department", DDoS your network, and thenβ¦
Google Wants To Block Potentially Risky Non-Secure Downloads
Google proposed the addition of automatic blocking of high-risk downloads from non-secure websites in future versions of its Chrome web browsers as revealed by a proposal from Google Chrome security engineer Emily Clark in the World Wide Web Consortium (W3C) public mailing list. [...]
https://www.bleepingcomputer.com/news/security/google-wants-to-block-potentially-risky-non-secure-downloads/
Google proposed the addition of automatic blocking of high-risk downloads from non-secure websites in future versions of its Chrome web browsers as revealed by a proposal from Google Chrome security engineer Emily Clark in the World Wide Web Consortium (W3C) public mailing list. [...]
https://www.bleepingcomputer.com/news/security/google-wants-to-block-potentially-risky-non-secure-downloads/
BleepingComputer
Google Wants To Block Potentially Risky Non-Secure Downloads
Google proposed the addition of automatic blocking of high-risk downloads from non-secure websites in future versions of its Chrome web browsers as revealed by a proposal from Google Chrome security engineer Emily Stark in the World Wide Web Consortium (W3C)β¦
DHS and FBI Issue Advisory on North Korean HOPLIGHT Malware
The U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. [...]
https://www.bleepingcomputer.com/news/security/dhs-and-fbi-issue-advisory-on-north-korean-hoplight-malware/
The U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. [...]
https://www.bleepingcomputer.com/news/security/dhs-and-fbi-issue-advisory-on-north-korean-hoplight-malware/
BleepingComputer
DHS and FBI Issue Advisory on North Korean HOPLIGHT Malware
The U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus.
Windows 10 Insider Build 18875 Released, Merges Fast and Skip Ahead Rings
Microsoft has released Windows 10 Insider Preview Build 18875 for Insiders in both the Fast and Skip Ahead rings. With build 1903 already released to Insiders and publicly being released in May, Microsoft has merged the Skip Ahead and Fast rings so that they are both now receiving the same 20H1 builds. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18875-released-merges-fast-and-skip-ahead-rings/
Microsoft has released Windows 10 Insider Preview Build 18875 for Insiders in both the Fast and Skip Ahead rings. With build 1903 already released to Insiders and publicly being released in May, Microsoft has merged the Skip Ahead and Fast rings so that they are both now receiving the same 20H1 builds. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18875-released-merges-fast-and-skip-ahead-rings/
BleepingComputer
Windows 10 Insider Build 18875 Released, Merges Fast and Skip Ahead Rings
Microsoft has released Windows 10 Insider Preview Build 18875 for Insiders in both the Fast and Skip Ahead rings. With build 1903 already released to Insiders and publicly being released in May, Microsoft has merged the Skip Ahead and Fast rings so that theyβ¦
Threat Group Uses Pastebin, GitHub In SneakyPastes Operation
[...]
https://www.bleepingcomputer.com/news/security/threat-group-uses-pastebin-github-in-sneakypastes-operation/
[...]
https://www.bleepingcomputer.com/news/security/threat-group-uses-pastebin-github-in-sneakypastes-operation/
BleepingComputer
Threat Group Uses Pastebin, GitHub In SneakyPastes Operation
A threat group considered the runt of the litter in terms of the complexity of its operations, in 2018 launched operation SneakyPastes, relying to a large extent on services like Pastebin and GitHub to host malware for various stages of the infection chain.
WPA3 Wi-Fi Standard Affected by New Dragonblood Vulnerabilities
Security researchers discovered vulnerabilities in the WPA3-Personal protocol which allow potential attackers to crack Wi-Fi network passwords and get access to the encrypted network traffic exchanged between the connected devices. [...]
https://www.bleepingcomputer.com/news/security/wpa3-wi-fi-standard-affected-by-new-dragonblood-vulnerabilities/
Security researchers discovered vulnerabilities in the WPA3-Personal protocol which allow potential attackers to crack Wi-Fi network passwords and get access to the encrypted network traffic exchanged between the connected devices. [...]
https://www.bleepingcomputer.com/news/security/wpa3-wi-fi-standard-affected-by-new-dragonblood-vulnerabilities/
BleepingComputer
WPA3 Wi-Fi Standard Affected by New Dragonblood Vulnerabilities
Security researchers discovered vulnerabilities in the WPA3-Personal protocol which allow potential attackers to crack Wi-Fi network passwords and get access to the encrypted network traffic exchanged between the connected devices.
Popular Yuzo WordPress Plugin Exploited to Redirect Users to Scams
A vulnerability in the popular WordPress plugin called Yuzo Related Posts is being targeted by attackers to inject JavaScript into the pages of the site. This JavaScript will cause visitors to be redirected to sites displaying scams, including tech support scams, and sites promoting unwanted software such as browser extensions. [...]
https://www.bleepingcomputer.com/news/security/popular-yuzo-wordpress-plugin-exploited-to-redirect-users-to-scams/
A vulnerability in the popular WordPress plugin called Yuzo Related Posts is being targeted by attackers to inject JavaScript into the pages of the site. This JavaScript will cause visitors to be redirected to sites displaying scams, including tech support scams, and sites promoting unwanted software such as browser extensions. [...]
https://www.bleepingcomputer.com/news/security/popular-yuzo-wordpress-plugin-exploited-to-redirect-users-to-scams/
BleepingComputer
Popular Yuzo WordPress Plugin Exploited to Redirect Users to Scams
A vulnerability in the popular WordPress plugin called Yuzo Related Posts is being targeted by attackers to inject JavaScript into the pages of the site. This JavaScript will cause visitors to be redirected to sites displaying scams, including tech supportβ¦
Office 365 Team Discovers Phishing Email Pushing WinRAR Exploit
A recent targeted attack against organizations in the satellite and communications industry echoes techniques seen in campaigns from cyberespionage group MuddyWater. [...]
https://www.bleepingcomputer.com/news/security/office-365-team-discovers-phishing-email-pushing-winrar-exploit/
A recent targeted attack against organizations in the satellite and communications industry echoes techniques seen in campaigns from cyberespionage group MuddyWater. [...]
https://www.bleepingcomputer.com/news/security/office-365-team-discovers-phishing-email-pushing-winrar-exploit/
BleepingComputer
Office 365 Team Discovers Phishing Email Pushing WinRAR Exploit
A recent targeted attack against organizations in the satellite and communications industry echoes techniques seen in campaigns from cyberespionage group MuddyWater.
VSDC Site Hacked Again to Spread Password Stealing Malware
The website of the free multimedia editor VSDC was breached again by hackers, this time the download links being used to distribute a banking trojan and an info stealer. [...]
https://www.bleepingcomputer.com/news/security/vsdc-site-hacked-again-to-spread-password-stealing-malware/
The website of the free multimedia editor VSDC was breached again by hackers, this time the download links being used to distribute a banking trojan and an info stealer. [...]
https://www.bleepingcomputer.com/news/security/vsdc-site-hacked-again-to-spread-password-stealing-malware/
BleepingComputer
VSDC Site Hacked Again to Spread Password Stealing Malware
The website of the free multimedia editor VSDC was breached again by hackers, this time the download links being used to distribute a banking trojan and an info stealer.
Hyperlink Auditing Pings Being Used to Perform DDoS Attacks
Researchers have found that the HTML feature called hyperlink auditing, or pings, is being used to perform DDoS attacks against various sites. This feature is normally used by sites to track link clicks, but is now found to be abused by attackers to send a massive amount of web requests to sites in order to take them offline. [...]
https://www.bleepingcomputer.com/news/security/hyperlink-auditing-pings-being-used-to-perform-ddos-attacks/
Researchers have found that the HTML feature called hyperlink auditing, or pings, is being used to perform DDoS attacks against various sites. This feature is normally used by sites to track link clicks, but is now found to be abused by attackers to send a massive amount of web requests to sites in order to take them offline. [...]
https://www.bleepingcomputer.com/news/security/hyperlink-auditing-pings-being-used-to-perform-ddos-attacks/
BleepingComputer
Hyperlink Auditing Pings Being Used to Perform DDoS Attacks
Researchers have found that the HTML feature called hyperlink auditing, or pings, is being used to perform DDoS attacks against various sites. This feature is normally used by sites to track link clicks, but is now found to be abused by attackers to sendβ¦
Microsoft's April 2019 Updates are Causing Windows to Freeze
Conflicts between antivirus software and the recent Microsoft April 2019 Patch Tuesday updates are causing Windows 7, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2 to freeze, be unable to boot, or hang on installing updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsofts-april-2019-updates-are-causing-windows-to-freeze/
Conflicts between antivirus software and the recent Microsoft April 2019 Patch Tuesday updates are causing Windows 7, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2 to freeze, be unable to boot, or hang on installing updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsofts-april-2019-updates-are-causing-windows-to-freeze/
BleepingComputer
Microsoft's April 2019 Updates are Causing Windows to Freeze
Conflicts between antivirus software and the recent Microsoft April 2019 Patch Tuesday updates are causing Windows 7, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2 to freeze, be unable to boot, or hang on installing updates.
Hyperlink Auditing Pings Being Used to Perform DDoS Attacks
Researchers have found that the HTML feature called hyperlink auditing, or pings, is being used to perform DDoS attacks against various sites. This feature is normally used by sites to track link clicks, but is now found to be abused by attackers to send a massive amount of web requests to sites in order to take them offline. [...]
https://www.bleepingcomputer.com/news/security/hyperlink-auditing-pings-being-used-to-perform-ddos-attacks/
Researchers have found that the HTML feature called hyperlink auditing, or pings, is being used to perform DDoS attacks against various sites. This feature is normally used by sites to track link clicks, but is now found to be abused by attackers to send a massive amount of web requests to sites in order to take them offline. [...]
https://www.bleepingcomputer.com/news/security/hyperlink-auditing-pings-being-used-to-perform-ddos-attacks/
BleepingComputer
Hyperlink Auditing Pings Being Used to Perform DDoS Attacks
Researchers have found that the HTML feature called hyperlink auditing, or pings, is being used to perform DDoS attacks against various sites. This feature is normally used by sites to track link clicks, but is now found to be abused by attackers to sendβ¦
Tax Fraud and ID Theft Services Getting Cheaper on the Dark Web
Financial and social security identity theft services are becoming more and more affordable every year on the dark web, leading to a drop in the skill level required for tax fraud schemes. [...]
https://www.bleepingcomputer.com/news/security/tax-fraud-and-id-theft-services-getting-cheaper-on-the-dark-web/
Financial and social security identity theft services are becoming more and more affordable every year on the dark web, leading to a drop in the skill level required for tax fraud schemes. [...]
https://www.bleepingcomputer.com/news/security/tax-fraud-and-id-theft-services-getting-cheaper-on-the-dark-web/
BleepingComputer
Tax Fraud and ID Theft Services Getting Cheaper on the Dark Web
Financial and social security identity theft services are becoming more and more affordable every year on the dark web, leading to a drop in the skill level required for tax fraud schemes.
New Microsoft Edge Favorites Bar Gets Better Display Options
Microsoft is working hard to differentiate its new Chromium-based Edge browser from Google Chrome by adding new features that are specific to Windows and the needs of its users. Such is the case with new Edge options that will allow more control of how the Favorites bar is displayed. [...]
https://www.bleepingcomputer.com/news/microsoft/new-microsoft-edge-favorites-bar-gets-better-display-options/
Microsoft is working hard to differentiate its new Chromium-based Edge browser from Google Chrome by adding new features that are specific to Windows and the needs of its users. Such is the case with new Edge options that will allow more control of how the Favorites bar is displayed. [...]
https://www.bleepingcomputer.com/news/microsoft/new-microsoft-edge-favorites-bar-gets-better-display-options/
BleepingComputer
New Microsoft Edge Favorites Bar Gets Better Display Options
Microsoft is working hard to differentiate its new Chromium-based Edge browser from Google Chrome by adding new features that are specific to Windows and the needs of its users. Such is the case with new Edge options that will allow more control of how theβ¦
Home Office Leaks the Emails of Hundreds of EU Citizens
The UK Home Office has sent an e-mail apology to 240 EU citizens who requested to be considered for settled status in the UK as part of the EU Settlement Scheme program after accidentally leaking their e-mail addresses because of a so-called "administrative error." [...]
https://www.bleepingcomputer.com/news/security/home-office-leaks-the-emails-of-hundreds-of-eu-citizens/
The UK Home Office has sent an e-mail apology to 240 EU citizens who requested to be considered for settled status in the UK as part of the EU Settlement Scheme program after accidentally leaking their e-mail addresses because of a so-called "administrative error." [...]
https://www.bleepingcomputer.com/news/security/home-office-leaks-the-emails-of-hundreds-of-eu-citizens/
BleepingComputer
Home Office Leaks the Emails of Hundreds of EU Citizens
The UK Home Office has sent an e-mail apology to 240 EU citizens who requested to be considered for settled status in the UK as part of the EU Settlement Scheme program after accidentally leaking their e-mail addresses because of a so-called "administrativeβ¦
Mozilla Firefox For ARM64 Beta Now Available
Today, Mozilla has promoted the ARM64-native build of Firefox to its beta channel and anyone with an ARM-powered Windows 10 device can test it. [...]
https://www.bleepingcomputer.com/news/software/mozilla-firefox-for-arm64-beta-now-available/
Today, Mozilla has promoted the ARM64-native build of Firefox to its beta channel and anyone with an ARM-powered Windows 10 device can test it. [...]
https://www.bleepingcomputer.com/news/software/mozilla-firefox-for-arm64-beta-now-available/
BleepingComputer
Mozilla Firefox For ARM64 Beta Now Available
Today, Mozilla has promoted the ARM64-native build of Firefox to its beta channel and anyone with an ARM-powered Windows 10 device can test it.
Hacked Uniden Commercial Site Serves Emotet Trojan
Uniden's website for commercial security products has been hacked to host a Word document that delivers what appears to be a garden variety of the Emotet trojan, also known as Geodo and Heodo. [...]
https://www.bleepingcomputer.com/news/security/hacked-uniden-commercial-site-serves-emotet-trojan/
Uniden's website for commercial security products has been hacked to host a Word document that delivers what appears to be a garden variety of the Emotet trojan, also known as Geodo and Heodo. [...]
https://www.bleepingcomputer.com/news/security/hacked-uniden-commercial-site-serves-emotet-trojan/
BleepingComputer
Hacked Uniden Commercial Site Serves Emotet Trojan
Uniden's website for commercial security products has been hacked to host a Word document that delivers what appears to be a garden variety of the Emotet trojan, also known as Geodo and Heodo.
Sextortion Scammers Change Tactics to Bypass Spam Protection
Low paydays in the first trimester of the year have prompted scammers in the sextortion email business to switch to new tricks to restore the revenue stream of the not too distant past. [...]
https://www.bleepingcomputer.com/news/security/sextortion-scammers-change-tactics-to-bypass-spam-protection/
Low paydays in the first trimester of the year have prompted scammers in the sextortion email business to switch to new tricks to restore the revenue stream of the not too distant past. [...]
https://www.bleepingcomputer.com/news/security/sextortion-scammers-change-tactics-to-bypass-spam-protection/
BleepingComputer
Sextortion Scammers Change Tactics to Bypass Spam Protection
Low paydays in the first trimester of the year have prompted scammers in the sextortion email business to switch to new tricks to restore the revenue stream of the not too distant past.
Thousands of WordPress Sites Exposed by Yellow Pencil Plugin Flaw
The Yellow Pencil Visual Theme Customizer plugin was removed on Monday from the WordPress.org repository because of a privilege escalation bug which would have allowed potential attackers to update arbitrary options on vulnerable installations. [...]
https://www.bleepingcomputer.com/news/security/thousands-of-wordpress-sites-exposed-by-yellow-pencil-plugin-flaw/
The Yellow Pencil Visual Theme Customizer plugin was removed on Monday from the WordPress.org repository because of a privilege escalation bug which would have allowed potential attackers to update arbitrary options on vulnerable installations. [...]
https://www.bleepingcomputer.com/news/security/thousands-of-wordpress-sites-exposed-by-yellow-pencil-plugin-flaw/
BleepingComputer
Thousands of WordPress Sites Exposed by Yellow Pencil Plugin Flaw
The Yellow Pencil Visual Theme Customizer plugin was removed on Monday from the WordPress.org repository because of a privilege escalation bug which would have allowed potential attackers to update arbitrary options on vulnerable installations.
Malware Creates Cryptominer Botnet Using EternalBlue and Mimikatz
A malware campaign is actively attacking Asian targets using the EternalBlue exploit and taking advantage of Living off the Land obfuscated PowerShell-based scripts to drop Trojans and a Monero coinminer on compromised machines. [...]
https://www.bleepingcomputer.com/news/security/malware-creates-cryptominer-botnet-using-eternalblue-and-mimikatz/
A malware campaign is actively attacking Asian targets using the EternalBlue exploit and taking advantage of Living off the Land obfuscated PowerShell-based scripts to drop Trojans and a Monero coinminer on compromised machines. [...]
https://www.bleepingcomputer.com/news/security/malware-creates-cryptominer-botnet-using-eternalblue-and-mimikatz/
BleepingComputer
Malware Creates Cryptominer Botnet Using EternalBlue and Mimikatz
A malware campaign is actively attacking Asian targets using the EternalBlue exploit and taking advantage of Living off the Land obfuscated PowerShell-based scripts to drop Trojans and a Monero coinminer on compromised machines.