Hostinger Data Breach Affects Almost 14 Million Customers

Hosting provider Hostinger today announced that it reset the login passwords of 14 million of its customers following a recent security breach that enabled unauthorized access to a client database. [...]

https://www.bleepingcomputer.com/news/security/hostinger-data-breach-affects-almost-14-million-customers/

New Nemty Ransomware May Spread via Compromised RDP Connections

A new ransomware has been spotted over the weekend, carrying references to the Russian president and antivirus software. The researchers call is Nemty. [...]

https://www.bleepingcomputer.com/news/security/new-nemty-ransomware-may-spread-via-compromised-rdp-connections/

Microsoft Warns of Windows 10 1703 End of Life for Enterprise

Microsoft warns the users of Windows 10, version 1703 Enterprise and Education editions to take action since this Windows 10 version will reach end of life on October 9, 2019. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-windows-10-1703-end-of-life-for-enterprise/

Phishing Campaign Delivers Quasar RAT Payloads via Fake Resumes

A new phishing campaign uses fake resume attachments designed to deliver Quasar Remote Administration Tool (RAT) malicious payloads onto the Windows computers of unsuspecting targets. [...]

https://www.bleepingcomputer.com/news/security/phishing-campaign-delivers-quasar-rat-payloads-via-fake-resumes/

Apple Releases iOS 12.4.1 to Patch Security Flaw Behind Jailbreak

Apple released iOS 12.4.1 today to fix a security flaw reintroduced with the release of iOS 12.4, and used by security researcher Pwn20wnd to develop and release a jailbreak tool for up-to-date iOS devices. [...]

https://www.bleepingcomputer.com/news/security/apple-releases-ios-1241-to-patch-security-flaw-behind-jailbreak/

Microsoft's Your Phone Is Down, Users Getting Connection Errors

Microsoft's Your Phone service has been down throughout the day according to the Microsoft 365 Service health portal, with users experiencing connection issues and errors since 7 AM UTC. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-your-phone-is-down-users-getting-connection-errors/

Google Chrome is Losing the 'Close Other Tabs' Option

In order to reduce the "clutter" in the Chrome tabs context menus, Google has decided to remove the "Close other tabs" option as well as other features because they are not commonly used. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-is-losing-the-close-other-tabs-option/

Microsoft Starts Testing Throttled Rollout of Windows 10 19H2

Microsoft has started testing the throttled delivery system with Windows Insiders in the Release Preview Ring and Windows 10 19H2 Build 18363.327 is now rolling out to a small number of users today. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-starts-testing-throttled-rollout-of-windows-10-19h2/

Lyceum/Hexane Threat Group Uses Common Hacking Tactics

A recently reported threat group focusing on critical infrastructure organizations in the Middle East uses simple techniques to compromise victims and deploy post-intrusion tools. [...]

https://www.bleepingcomputer.com/news/security/lyceum-hexane-threat-group-uses-common-hacking-tactics/

Trojan Dropper Malware Found in Android App With 100M Downloads

Researchers found a Trojan Dropper malicious module hidden within the Android app CamScanner downloaded over 100 million times by Google Play Store users. [...]

https://www.bleepingcomputer.com/news/security/trojan-dropper-malware-found-in-android-app-with-100m-downloads/

Imperva Discloses Security Incident Affecting Cloud WAF Customers

Cyber security firm Imperva disclosed today a security incident that led to data exposure affecting a subset of customers using its Cloud Web Application Firewall (WAF) product, previously known as Incapsula. [...]

https://www.bleepingcomputer.com/news/security/imperva-discloses-security-incident-affecting-cloud-waf-customers/

Check Point Patches Privilege Escalation Flaw in Endpoint Client

Check Point Software patched a vulnerability discovered in its Endpoint Security Initial Client software for Windows allowing potential attackers to escalate privileges and execute code using SYSTEM privileges. [...]

https://www.bleepingcomputer.com/news/security/check-point-patches-privilege-escalation-flaw-in-endpoint-client/

Android Trojan Infects Tens of Thousands of Devices in 4 Months

A new Trojan dropper dubbed xHelper was observed while slowly but steadily spreading to more and more Android devices since May, with over 32,000 smartphones and tablets having been found infected in the last four months. [...]

https://www.bleepingcomputer.com/news/security/android-trojan-infects-tens-of-thousands-of-devices-in-4-months/

New TrickBot Variant Targets Verizon, T-Mobile, and Sprint Users

A new Trickbot Trojan variant was spotted while focusing on stealing PIN codes from Verizon Wireless, T-Mobile, and Sprint users, marking a new step in this malware's development. [...]

https://www.bleepingcomputer.com/news/security/new-trickbot-variant-targets-verizon-t-mobile-and-sprint-users/

Malware Operation Making Millions Defeated by Design Flaw

The reign of Retadup botnet over more than 850,000 systems has reached an end as its command and control server (C2) was taken down by security researchers from antivirus maker Avast working with the French National Gendarmerie. [...]

https://www.bleepingcomputer.com/news/security/malware-operation-making-millions-defeated-by-design-flaw/

Attackers Target Govt and Financial Orgs With Orcus, Revenge RATs

Multiple malicious campaigns actively targeting government and financial entities around the world have been spotted while backdooring their victims' computers using Revenge and Orcus Remote Access Trojans (RAT). [...]

https://www.bleepingcomputer.com/news/security/attackers-target-govt-and-financial-orgs-with-orcus-revenge-rats/

Microsoft Lifts Update Block On Windows 7 With Symantec AV

Microsoft has raised the safeguard hold put in place to block Symantec or Norton antivirus users from updating their Windows 7 and Windows Server 2008 R2 devices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-lifts-update-block-on-windows-7-with-symantec-av/

Microsoft Wants exFAT in Linux Kernel, Opens File System Specs

Microsoft announced today that it supports the inclusion of its exFAT (Extended File Allocation Table) file system for USB flash drives and SD cards in the Linux kernel through the Open Invention Network. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-wants-exfat-in-linux-kernel-opens-file-system-specs/

Cisco Fixes Critical Bug in Virtual Service Container for IOS XE

Cisco today published an update for its IOS XE operating system to patch a critical vulnerability that could allow a remote attacker to bypass authentication on devices running an outdated version of the software. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-bug-in-virtual-service-container-for-ios-xe/

Starbucks Abandons Azure Site, Exposed Subdomain to Hijacking

An oversight from Starbucks exposed one of its subdomains to takeover threat, which could be further leveraged in attacks against customers and the company. [...]

https://www.bleepingcomputer.com/news/security/starbucks-abandons-azure-site-exposed-subdomain-to-hijacking/

Ghost Clicks Boost Ad Revenue for Android Apps with 1.5M Installs

Two apps in the Google Play that collectively had been installed over 1.5 million times used a creative method to load ads without even showing them to the user. [...]

https://www.bleepingcomputer.com/news/security/ghost-clicks-boost-ad-revenue-for-android-apps-with-15m-installs/