DHS and FBI Issue Advisory on North Korean HOPLIGHT Malware
The U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. [...]
https://www.bleepingcomputer.com/news/security/dhs-and-fbi-issue-advisory-on-north-korean-hoplight-malware/
The U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. [...]
https://www.bleepingcomputer.com/news/security/dhs-and-fbi-issue-advisory-on-north-korean-hoplight-malware/
BleepingComputer
DHS and FBI Issue Advisory on North Korean HOPLIGHT Malware
The U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus.
Windows 10 Insider Build 18875 Released, Merges Fast and Skip Ahead Rings
Microsoft has released Windows 10 Insider Preview Build 18875 for Insiders in both the Fast and Skip Ahead rings. With build 1903 already released to Insiders and publicly being released in May, Microsoft has merged the Skip Ahead and Fast rings so that they are both now receiving the same 20H1 builds. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18875-released-merges-fast-and-skip-ahead-rings/
Microsoft has released Windows 10 Insider Preview Build 18875 for Insiders in both the Fast and Skip Ahead rings. With build 1903 already released to Insiders and publicly being released in May, Microsoft has merged the Skip Ahead and Fast rings so that they are both now receiving the same 20H1 builds. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18875-released-merges-fast-and-skip-ahead-rings/
BleepingComputer
Windows 10 Insider Build 18875 Released, Merges Fast and Skip Ahead Rings
Microsoft has released Windows 10 Insider Preview Build 18875 for Insiders in both the Fast and Skip Ahead rings. With build 1903 already released to Insiders and publicly being released in May, Microsoft has merged the Skip Ahead and Fast rings so that theyβ¦
Threat Group Uses Pastebin, GitHub In SneakyPastes Operation
[...]
https://www.bleepingcomputer.com/news/security/threat-group-uses-pastebin-github-in-sneakypastes-operation/
[...]
https://www.bleepingcomputer.com/news/security/threat-group-uses-pastebin-github-in-sneakypastes-operation/
BleepingComputer
Threat Group Uses Pastebin, GitHub In SneakyPastes Operation
A threat group considered the runt of the litter in terms of the complexity of its operations, in 2018 launched operation SneakyPastes, relying to a large extent on services like Pastebin and GitHub to host malware for various stages of the infection chain.
WPA3 Wi-Fi Standard Affected by New Dragonblood Vulnerabilities
Security researchers discovered vulnerabilities in the WPA3-Personal protocol which allow potential attackers to crack Wi-Fi network passwords and get access to the encrypted network traffic exchanged between the connected devices. [...]
https://www.bleepingcomputer.com/news/security/wpa3-wi-fi-standard-affected-by-new-dragonblood-vulnerabilities/
Security researchers discovered vulnerabilities in the WPA3-Personal protocol which allow potential attackers to crack Wi-Fi network passwords and get access to the encrypted network traffic exchanged between the connected devices. [...]
https://www.bleepingcomputer.com/news/security/wpa3-wi-fi-standard-affected-by-new-dragonblood-vulnerabilities/
BleepingComputer
WPA3 Wi-Fi Standard Affected by New Dragonblood Vulnerabilities
Security researchers discovered vulnerabilities in the WPA3-Personal protocol which allow potential attackers to crack Wi-Fi network passwords and get access to the encrypted network traffic exchanged between the connected devices.
Popular Yuzo WordPress Plugin Exploited to Redirect Users to Scams
A vulnerability in the popular WordPress plugin called Yuzo Related Posts is being targeted by attackers to inject JavaScript into the pages of the site. This JavaScript will cause visitors to be redirected to sites displaying scams, including tech support scams, and sites promoting unwanted software such as browser extensions. [...]
https://www.bleepingcomputer.com/news/security/popular-yuzo-wordpress-plugin-exploited-to-redirect-users-to-scams/
A vulnerability in the popular WordPress plugin called Yuzo Related Posts is being targeted by attackers to inject JavaScript into the pages of the site. This JavaScript will cause visitors to be redirected to sites displaying scams, including tech support scams, and sites promoting unwanted software such as browser extensions. [...]
https://www.bleepingcomputer.com/news/security/popular-yuzo-wordpress-plugin-exploited-to-redirect-users-to-scams/
BleepingComputer
Popular Yuzo WordPress Plugin Exploited to Redirect Users to Scams
A vulnerability in the popular WordPress plugin called Yuzo Related Posts is being targeted by attackers to inject JavaScript into the pages of the site. This JavaScript will cause visitors to be redirected to sites displaying scams, including tech supportβ¦
Office 365 Team Discovers Phishing Email Pushing WinRAR Exploit
A recent targeted attack against organizations in the satellite and communications industry echoes techniques seen in campaigns from cyberespionage group MuddyWater. [...]
https://www.bleepingcomputer.com/news/security/office-365-team-discovers-phishing-email-pushing-winrar-exploit/
A recent targeted attack against organizations in the satellite and communications industry echoes techniques seen in campaigns from cyberespionage group MuddyWater. [...]
https://www.bleepingcomputer.com/news/security/office-365-team-discovers-phishing-email-pushing-winrar-exploit/
BleepingComputer
Office 365 Team Discovers Phishing Email Pushing WinRAR Exploit
A recent targeted attack against organizations in the satellite and communications industry echoes techniques seen in campaigns from cyberespionage group MuddyWater.
VSDC Site Hacked Again to Spread Password Stealing Malware
The website of the free multimedia editor VSDC was breached again by hackers, this time the download links being used to distribute a banking trojan and an info stealer. [...]
https://www.bleepingcomputer.com/news/security/vsdc-site-hacked-again-to-spread-password-stealing-malware/
The website of the free multimedia editor VSDC was breached again by hackers, this time the download links being used to distribute a banking trojan and an info stealer. [...]
https://www.bleepingcomputer.com/news/security/vsdc-site-hacked-again-to-spread-password-stealing-malware/
BleepingComputer
VSDC Site Hacked Again to Spread Password Stealing Malware
The website of the free multimedia editor VSDC was breached again by hackers, this time the download links being used to distribute a banking trojan and an info stealer.
Hyperlink Auditing Pings Being Used to Perform DDoS Attacks
Researchers have found that the HTML feature called hyperlink auditing, or pings, is being used to perform DDoS attacks against various sites. This feature is normally used by sites to track link clicks, but is now found to be abused by attackers to send a massive amount of web requests to sites in order to take them offline. [...]
https://www.bleepingcomputer.com/news/security/hyperlink-auditing-pings-being-used-to-perform-ddos-attacks/
Researchers have found that the HTML feature called hyperlink auditing, or pings, is being used to perform DDoS attacks against various sites. This feature is normally used by sites to track link clicks, but is now found to be abused by attackers to send a massive amount of web requests to sites in order to take them offline. [...]
https://www.bleepingcomputer.com/news/security/hyperlink-auditing-pings-being-used-to-perform-ddos-attacks/
BleepingComputer
Hyperlink Auditing Pings Being Used to Perform DDoS Attacks
Researchers have found that the HTML feature called hyperlink auditing, or pings, is being used to perform DDoS attacks against various sites. This feature is normally used by sites to track link clicks, but is now found to be abused by attackers to sendβ¦
Microsoft's April 2019 Updates are Causing Windows to Freeze
Conflicts between antivirus software and the recent Microsoft April 2019 Patch Tuesday updates are causing Windows 7, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2 to freeze, be unable to boot, or hang on installing updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsofts-april-2019-updates-are-causing-windows-to-freeze/
Conflicts between antivirus software and the recent Microsoft April 2019 Patch Tuesday updates are causing Windows 7, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2 to freeze, be unable to boot, or hang on installing updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsofts-april-2019-updates-are-causing-windows-to-freeze/
BleepingComputer
Microsoft's April 2019 Updates are Causing Windows to Freeze
Conflicts between antivirus software and the recent Microsoft April 2019 Patch Tuesday updates are causing Windows 7, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2 to freeze, be unable to boot, or hang on installing updates.
Hyperlink Auditing Pings Being Used to Perform DDoS Attacks
Researchers have found that the HTML feature called hyperlink auditing, or pings, is being used to perform DDoS attacks against various sites. This feature is normally used by sites to track link clicks, but is now found to be abused by attackers to send a massive amount of web requests to sites in order to take them offline. [...]
https://www.bleepingcomputer.com/news/security/hyperlink-auditing-pings-being-used-to-perform-ddos-attacks/
Researchers have found that the HTML feature called hyperlink auditing, or pings, is being used to perform DDoS attacks against various sites. This feature is normally used by sites to track link clicks, but is now found to be abused by attackers to send a massive amount of web requests to sites in order to take them offline. [...]
https://www.bleepingcomputer.com/news/security/hyperlink-auditing-pings-being-used-to-perform-ddos-attacks/
BleepingComputer
Hyperlink Auditing Pings Being Used to Perform DDoS Attacks
Researchers have found that the HTML feature called hyperlink auditing, or pings, is being used to perform DDoS attacks against various sites. This feature is normally used by sites to track link clicks, but is now found to be abused by attackers to sendβ¦
Tax Fraud and ID Theft Services Getting Cheaper on the Dark Web
Financial and social security identity theft services are becoming more and more affordable every year on the dark web, leading to a drop in the skill level required for tax fraud schemes. [...]
https://www.bleepingcomputer.com/news/security/tax-fraud-and-id-theft-services-getting-cheaper-on-the-dark-web/
Financial and social security identity theft services are becoming more and more affordable every year on the dark web, leading to a drop in the skill level required for tax fraud schemes. [...]
https://www.bleepingcomputer.com/news/security/tax-fraud-and-id-theft-services-getting-cheaper-on-the-dark-web/
BleepingComputer
Tax Fraud and ID Theft Services Getting Cheaper on the Dark Web
Financial and social security identity theft services are becoming more and more affordable every year on the dark web, leading to a drop in the skill level required for tax fraud schemes.
New Microsoft Edge Favorites Bar Gets Better Display Options
Microsoft is working hard to differentiate its new Chromium-based Edge browser from Google Chrome by adding new features that are specific to Windows and the needs of its users. Such is the case with new Edge options that will allow more control of how the Favorites bar is displayed. [...]
https://www.bleepingcomputer.com/news/microsoft/new-microsoft-edge-favorites-bar-gets-better-display-options/
Microsoft is working hard to differentiate its new Chromium-based Edge browser from Google Chrome by adding new features that are specific to Windows and the needs of its users. Such is the case with new Edge options that will allow more control of how the Favorites bar is displayed. [...]
https://www.bleepingcomputer.com/news/microsoft/new-microsoft-edge-favorites-bar-gets-better-display-options/
BleepingComputer
New Microsoft Edge Favorites Bar Gets Better Display Options
Microsoft is working hard to differentiate its new Chromium-based Edge browser from Google Chrome by adding new features that are specific to Windows and the needs of its users. Such is the case with new Edge options that will allow more control of how theβ¦
Home Office Leaks the Emails of Hundreds of EU Citizens
The UK Home Office has sent an e-mail apology to 240 EU citizens who requested to be considered for settled status in the UK as part of the EU Settlement Scheme program after accidentally leaking their e-mail addresses because of a so-called "administrative error." [...]
https://www.bleepingcomputer.com/news/security/home-office-leaks-the-emails-of-hundreds-of-eu-citizens/
The UK Home Office has sent an e-mail apology to 240 EU citizens who requested to be considered for settled status in the UK as part of the EU Settlement Scheme program after accidentally leaking their e-mail addresses because of a so-called "administrative error." [...]
https://www.bleepingcomputer.com/news/security/home-office-leaks-the-emails-of-hundreds-of-eu-citizens/
BleepingComputer
Home Office Leaks the Emails of Hundreds of EU Citizens
The UK Home Office has sent an e-mail apology to 240 EU citizens who requested to be considered for settled status in the UK as part of the EU Settlement Scheme program after accidentally leaking their e-mail addresses because of a so-called "administrativeβ¦
Mozilla Firefox For ARM64 Beta Now Available
Today, Mozilla has promoted the ARM64-native build of Firefox to its beta channel and anyone with an ARM-powered Windows 10 device can test it. [...]
https://www.bleepingcomputer.com/news/software/mozilla-firefox-for-arm64-beta-now-available/
Today, Mozilla has promoted the ARM64-native build of Firefox to its beta channel and anyone with an ARM-powered Windows 10 device can test it. [...]
https://www.bleepingcomputer.com/news/software/mozilla-firefox-for-arm64-beta-now-available/
BleepingComputer
Mozilla Firefox For ARM64 Beta Now Available
Today, Mozilla has promoted the ARM64-native build of Firefox to its beta channel and anyone with an ARM-powered Windows 10 device can test it.
Hacked Uniden Commercial Site Serves Emotet Trojan
Uniden's website for commercial security products has been hacked to host a Word document that delivers what appears to be a garden variety of the Emotet trojan, also known as Geodo and Heodo. [...]
https://www.bleepingcomputer.com/news/security/hacked-uniden-commercial-site-serves-emotet-trojan/
Uniden's website for commercial security products has been hacked to host a Word document that delivers what appears to be a garden variety of the Emotet trojan, also known as Geodo and Heodo. [...]
https://www.bleepingcomputer.com/news/security/hacked-uniden-commercial-site-serves-emotet-trojan/
BleepingComputer
Hacked Uniden Commercial Site Serves Emotet Trojan
Uniden's website for commercial security products has been hacked to host a Word document that delivers what appears to be a garden variety of the Emotet trojan, also known as Geodo and Heodo.
Sextortion Scammers Change Tactics to Bypass Spam Protection
Low paydays in the first trimester of the year have prompted scammers in the sextortion email business to switch to new tricks to restore the revenue stream of the not too distant past. [...]
https://www.bleepingcomputer.com/news/security/sextortion-scammers-change-tactics-to-bypass-spam-protection/
Low paydays in the first trimester of the year have prompted scammers in the sextortion email business to switch to new tricks to restore the revenue stream of the not too distant past. [...]
https://www.bleepingcomputer.com/news/security/sextortion-scammers-change-tactics-to-bypass-spam-protection/
BleepingComputer
Sextortion Scammers Change Tactics to Bypass Spam Protection
Low paydays in the first trimester of the year have prompted scammers in the sextortion email business to switch to new tricks to restore the revenue stream of the not too distant past.
Thousands of WordPress Sites Exposed by Yellow Pencil Plugin Flaw
The Yellow Pencil Visual Theme Customizer plugin was removed on Monday from the WordPress.org repository because of a privilege escalation bug which would have allowed potential attackers to update arbitrary options on vulnerable installations. [...]
https://www.bleepingcomputer.com/news/security/thousands-of-wordpress-sites-exposed-by-yellow-pencil-plugin-flaw/
The Yellow Pencil Visual Theme Customizer plugin was removed on Monday from the WordPress.org repository because of a privilege escalation bug which would have allowed potential attackers to update arbitrary options on vulnerable installations. [...]
https://www.bleepingcomputer.com/news/security/thousands-of-wordpress-sites-exposed-by-yellow-pencil-plugin-flaw/
BleepingComputer
Thousands of WordPress Sites Exposed by Yellow Pencil Plugin Flaw
The Yellow Pencil Visual Theme Customizer plugin was removed on Monday from the WordPress.org repository because of a privilege escalation bug which would have allowed potential attackers to update arbitrary options on vulnerable installations.
Malware Creates Cryptominer Botnet Using EternalBlue and Mimikatz
A malware campaign is actively attacking Asian targets using the EternalBlue exploit and taking advantage of Living off the Land obfuscated PowerShell-based scripts to drop Trojans and a Monero coinminer on compromised machines. [...]
https://www.bleepingcomputer.com/news/security/malware-creates-cryptominer-botnet-using-eternalblue-and-mimikatz/
A malware campaign is actively attacking Asian targets using the EternalBlue exploit and taking advantage of Living off the Land obfuscated PowerShell-based scripts to drop Trojans and a Monero coinminer on compromised machines. [...]
https://www.bleepingcomputer.com/news/security/malware-creates-cryptominer-botnet-using-eternalblue-and-mimikatz/
BleepingComputer
Malware Creates Cryptominer Botnet Using EternalBlue and Mimikatz
A malware campaign is actively attacking Asian targets using the EternalBlue exploit and taking advantage of Living off the Land obfuscated PowerShell-based scripts to drop Trojans and a Monero coinminer on compromised machines.
Bill Introduced to Protect the Privacy Rights of Americans
On the heels of an abundance of data breach and data leak incidents, Senator Edward J. Markey (D-Mass.) today introduced the Privacy Bill of Rights Act, a new bill designed to protect the individual and collective privacy rights of American consumers. [...]
https://www.bleepingcomputer.com/news/security/bill-introduced-to-protect-the-privacy-rights-of-americans/
On the heels of an abundance of data breach and data leak incidents, Senator Edward J. Markey (D-Mass.) today introduced the Privacy Bill of Rights Act, a new bill designed to protect the individual and collective privacy rights of American consumers. [...]
https://www.bleepingcomputer.com/news/security/bill-introduced-to-protect-the-privacy-rights-of-americans/
BleepingComputer
Bill Introduced to Protect the Privacy Rights of Americans
On the heels of an abundance of data breach and data leak incidents, Senator Edward J. Markey (D-Mass.) today introduced the Privacy Bill of Rights Act, a new bill designed to protect the individual and collective privacy rights of American consumers.
Windows is Slower After April 2019 Updates According to Users
Users are reporting that after installing this week's Microsoft's April 2019 Patch Tuesday updates, Windows has suddenly become slow and programs are taking forever to open. [...]
https://www.bleepingcomputer.com/news/security/windows-is-slower-after-april-2019-updates-according-to-users/
Users are reporting that after installing this week's Microsoft's April 2019 Patch Tuesday updates, Windows has suddenly become slow and programs are taking forever to open. [...]
https://www.bleepingcomputer.com/news/security/windows-is-slower-after-april-2019-updates-according-to-users/
BleepingComputer
Windows is Slower After April 2019 Updates According to Users
Users are reporting that after installing this week's Microsoft's April 2019 Patch Tuesday updates, Windows has suddenly become slow and programs are taking forever to open.
The Week in Ransomware - April 12th 2019 - Targeting Reveton
Been a busy week with a few decryptors released, lots of variants of existing ransomware released, and a few in-developments ones discovered. The biggest news was the announcement that the UK has jailed one of the distributors of the Reveton ransomware. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-12th-2019-targeting-reveton/
Been a busy week with a few decryptors released, lots of variants of existing ransomware released, and a few in-developments ones discovered. The biggest news was the announcement that the UK has jailed one of the distributors of the Reveton ransomware. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-12th-2019-targeting-reveton/
BleepingComputer
The Week in Ransomware - April 12th 2019 - Targeting Reveton
Been a busy week with a few decryptors released, lots of variants of existing ransomware released, and a few in-developments ones discovered. The biggest news was the announcement that the UK has jailed one of the distributors of the Reveton ransomware.