Samsung Update App with 10M+ Installs Charges for Free Firmware

An Android app with over 10 million installations on Google Play attempts to trick Samsung phone users into paying for their firmware updates, which are available free of charge from the vendor. [...]

https://www.bleepingcomputer.com/news/security/samsung-update-app-with-10m-installs-charges-for-free-firmware/

Automated Magecart Campaign Hits Over 960 Breached Stores

A large-scale payment card skimming campaign that successfully breached 962 e-commerce stores was discovered today by Magento security research company Sanguine Security. [...]

https://www.bleepingcomputer.com/news/security/automated-magecart-campaign-hits-over-960-breached-stores/

Over $800,000 Stolen by Scammers in Atlanta Area City BEC Fraud

Over $800,000 were stolen from the City of Griffin, Georgia, by scammers in a BEC (Business Email Compromise) attack by redirecting two transactions to their own bank accounts according to local media sources. [...]

https://www.bleepingcomputer.com/news/security/over-800-000-stolen-by-scammers-in-atlanta-area-city-bec-fraud/

The Week in Ransomware - July 5th 2019 - Shadiness in the Sunshine State

This week is a double edition covering the ransomware news between June 22nd and July 5th. The biggest news is Florida getting beat up by ransomware, the increasing usage of exploit kits, and a strong push by Sodinokibi. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-5th-2019-shadiness-in-the-sunshine-state/

Maryland Govt Agency Breach Exposes Names, SSNs of 78K People

The Maryland Department of Labor (Maryland DoL) published a press release today explaining that sensitive information of roughly 78,000 customers including names and social security numbers was accessed by an unauthorized party. [...]

https://www.bleepingcomputer.com/news/security/maryland-govt-agency-breach-exposes-names-ssns-of-78k-people/

Beware of Fake Microsoft OneNote Audio Note Phishing Emails

Phishing scammers are coming up with more innovative methods to convince their targets to provide login credentials. Such is the case with a new OneNote Audio Note phishing campaign that is currently underway. [...]

https://www.bleepingcomputer.com/news/security/beware-of-fake-microsoft-onenote-audio-note-phishing-emails/

How to Manually Install Windows 10 Cumulative Updates

With Windows Update Catalog, Microsoft makes it easy to download and install Windows Updates manually. In this Windows 10 guide, we'll explain the steps required to install cumulative updates manually. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-manually-install-windows-10-cumulative-updates/

Industry Breach Alert Published by US National Trade Association ALTA

American Land Title Association (ALTA) published a warning about hundreds of title company records having been supposedly stolen as part of a phishing campaign targeting ALTA members. [...]

https://www.bleepingcomputer.com/news/security/industry-breach-alert-published-by-us-national-trade-association-alta/

Google Chrome Tests New Play Controls for YouTube Videos

Google Chrome is testing a new feature called Global Media Controls that allows you to open a small overlay window that contains playback controls and information about a YouTube video you are watching. [...]

https://www.bleepingcomputer.com/news/software/google-chrome-tests-new-play-controls-for-youtube-videos/

Mozilla Firefox Protection Report to Show Blocked Tracker Stats

[...]

https://www.bleepingcomputer.com/news/software/mozilla-firefox-protection-report-to-show-blocked-tracker-stats/

Libra Cryptocurrency Scams Already Active Ahead Of 2020 Launch

No sooner had Facebook announced Libra cryptocurrency and the matching digital Calibra wallet that cybercriminals tried to get a head start on a new phishing theme. [...]

https://www.bleepingcomputer.com/news/security/libra-cryptocurrency-scams-already-active-ahead-of-2020-launch/

Backdoored Torrents Infect Movie, TV Fans with GoBot2 Malware

TV show and movie fans are being targeted by a malicious campaign that distributes a GoBot2 backdoor variant via files downloaded from several South Korean and Chinese torrent sites. [...]

https://www.bleepingcomputer.com/news/security/backdoored-torrents-infect-movie-tv-fans-with-gobot2-malware/

Microsoft Windows 1.11 App Celebrates Stranger Things Season 3

Today, Microsoft has published a brand-new app called 'Windows 1.11' in the Microsoft Store to promote the third installment of Stranger Things, available right now on Netflix. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-111-app-celebrates-stranger-things-season-3/

Microsoft Discovers Fileless Astaroth Trojan Campaign

A fileless malware campaign used by attackers to drop the information stealing Astaroth Trojan into the memory of infected computers was detected by Microsoft Defender ATP Research Team researchers. [...]

https://www.bleepingcomputer.com/news/security/microsoft-discovers-fileless-astaroth-trojan-campaign/

Dridex Banking Trojan, RMS RAT Dropped via Fake eFax Messages

Researchers from Cofense have discovered a new malspam campaign that delivers fake eFax messages designed to drop a banking Trojan and RAT cocktail via malicious Microsoft Word document attachments. [...]

https://www.bleepingcomputer.com/news/security/dridex-banking-trojan-rms-rat-dropped-via-fake-efax-messages/

Over 90 Million Records Leaked by Chinese Public Security Department

A publicly accessible and unsecured ElasticSearch server owned by the Jiangsu Provincial Public Security Department of the Chinese province Jiangsu leaked two databases containing over 90 million people and business records. [...]

https://www.bleepingcomputer.com/news/security/over-90-million-records-leaked-by-chinese-public-security-department/

U.S. Coast Guard Issues Safety Alert Following Cyber Incident

The U.S. Coast Guard issued a marine safety alert including cybersecurity guidance following a cyber incident experienced by a deep draft vessel during February which affected the ship's entire network. [...]

https://www.bleepingcomputer.com/news/security/us-coast-guard-issues-safety-alert-following-cyber-incident/

Marriott Faces $123 Million GDPR Fine for 2018 Data Breach

The UK Information Commissioner's Office (ICO) intends to fine Marriott International Inc £99,200,396 ($123,705,869 / €110,385,736) for infringing the General Data Protection Regulation (GDPR) according to a press release published today. [...]

https://www.bleepingcomputer.com/news/security/marriott-faces-123-million-gdpr-fine-for-2018-data-breach/

Mozilla Firefox 68 Released With Security and Extension Enhancements

Mozilla has officially released Firefox 68 for Windows, Mac, Linux, and iOS.  This version comes with tracking protection changes, extension changes, better dark mode support, security improvements, enterprise enhancements, and better developer support. [...]

https://www.bleepingcomputer.com/news/software/mozilla-firefox-68-released-with-security-and-extension-enhancements/

Trickbot Trojan Gets IcedID Proxy Module to Steal Banking Info

Trickbot trojan continues to evolve as its operators started to deploy a custom proxy module to their victims. The new component is derived from BokBot's code for web injection attacks and works with popular web browsers. [...]

https://www.bleepingcomputer.com/news/security/trickbot-trojan-gets-icedid-proxy-module-to-steal-banking-info/

Security Updates Released for Adobe Bridge, Dreamweaver, and AEM

Adobe has published their monthly Patch Tuesday updates for the month of May 2019. These updates includes fixes for vulnerabilities in Adobe Bridge CC, Adobe Experience Manager, and Adobe Dreamweaver. [...]

https://www.bleepingcomputer.com/news/security/security-updates-released-for-adobe-bridge-dreamweaver-and-aem/