Cracked Passwords for Poshmark Accounts Being Sold Online

Dehashed login details for customers of Poshmark, an online marketplace for buying and selling used clothes and accessories, have been circulating online following the data breach a few months ago. [...]

https://www.bleepingcomputer.com/news/security/cracked-passwords-for-poshmark-accounts-being-sold-online/

Back to School? Be Careful of Malware Hiding As Textbooks

Searching for textbooks and essays in electronic form on the Internet exposes students to a wide range of malicious attacks as Kaspersky Lab researchers found after analyzing data gathered over the past academic year. [...]

https://www.bleepingcomputer.com/news/security/back-to-school-be-careful-of-malware-hiding-as-textbooks/

Astaroth Trojan Uses Cloudflare Workers to Bypass AV Software

A new malicious campaign is actively distributing a new Astaroth Trojan variant by abusing the Cloudflare Workers serverless computing platform to avoid detection and block automated analysis attempts. [...]

https://www.bleepingcomputer.com/news/security/astaroth-trojan-uses-cloudflare-workers-to-bypass-av-software/

Data of 90K Mastercard Priceless Specials Members Shared Online

A database containing sensitive information of about 90,000 German Mastercard "Priceless Specials" loyalty program members shared online following a breach discovered on August 20 was added to data breach site Have I Been Pwned on September 1. [...]

https://www.bleepingcomputer.com/news/security/data-of-90k-mastercard-priceless-specials-members-shared-online/

Windows 10 Gets a Cloud Reset Feature, Here’s How it Works

The Windows 10 20H1 Update will introduce a new cloud recovery feature that allow users to reset their PC using Windows files downloaded from Microsoft's servers. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-gets-a-cloud-reset-feature-here-s-how-it-works/

Windows 10 1903 May Cause Microsoft Visio to Stall or Hang

Microsoft Visio users may experience delays or stalling while using the app with a keyboard on Windows 10, version 1903 according to an issue published today on the Microsoft 365 Service health dashboard. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-1903-may-cause-microsoft-visio-to-stall-or-hang/

Fake BleachBit Website Built to Distribute AZORult Info Stealer

Cybercriminals are taking advantage of the popularity of the BleachBit disk cleaning tool to spread Azorult information stealer. For this purpose, they created a static web page that purports to be the official website for the utility. [...]

https://www.bleepingcomputer.com/news/security/fake-bleachbit-website-built-to-distribute-azorult-info-stealer/

Nemty Ransomware Gets Distribution from RIG Exploit Kit

The operators of Nemty ransomware appear to have struck a distribution deal to target systems with outdated technology that can still be infected by exploit kits. [...]

https://www.bleepingcomputer.com/news/security/nemty-ransomware-gets-distribution-from-rig-exploit-kit/

USBAnywhere Bugs in Supermicro Servers Allow Remote USB Access

Baseboard management controllers (BMC) of some Supermicro servers are vulnerable to unauthorized virtual USB mounting attacks that can be carried out remotely. [...]

https://www.bleepingcomputer.com/news/security/usbanywhere-bugs-in-supermicro-servers-allow-remote-usb-access/

New Toolkit Pushes Malware via Fake Program Update Alerts in 30 Languages

A new social engineering toolkit called Domen has been discovered that uses fake browser and program update alerts on compromised sites to infect users with malware and remote access software. [...]

https://www.bleepingcomputer.com/news/security/new-toolkit-pushes-malware-via-fake-program-update-alerts-in-30-languages/

Zerodium Makes Android Zero Days More Expensive Than iOS

Exploit broker Zerodium has updated the payouts for eligible zero-day Android and iOS exploits, with rewards for Android 0days having surpassed the ones for iOS for the first time since 2015 when the company was founded. [...]

https://www.bleepingcomputer.com/news/security/zerodium-makes-android-zero-days-more-expensive-than-ios/

XKCD Forum Breach Exposes Emails, Passwords of 562,000 Users

The forums of the XKCD webcomic created by Randall Munroe in 2005 are currently offline after being impacted by a data breach which exposed the information of 561,991 users on July 1. [...]

https://www.bleepingcomputer.com/news/security/xkcd-forum-breach-exposes-emails-passwords-of-562-000-users/

Microsoft Uses Deep Learning For Malicious PowerShell Detection

Microsoft bets on deep learning to enhance the Microsoft Defender Advanced Threat Protection (ATP) malicious PowerShell detection feature using a new technique originally developed for natural language processing (NLP). [...]

https://www.bleepingcomputer.com/news/security/microsoft-uses-deep-learning-for-malicious-powershell-detection/

Firefox 69 Released with Enhanced Tracking Protection and Flash Disabled

Mozilla has officially released Firefox 69 for Windows, Mac, and Linux.  This version comes with enhanced tracking protection enabled by default, Flash disabled by default, ability to block autoplay videos without sound, and numerous performance and UI improvements. [...]

https://www.bleepingcomputer.com/news/software/firefox-69-released-with-enhanced-tracking-protection-and-flash-disabled/

Hacked SharePoint Sites Used to Bypass Secure Email Gateways

Phishers behind a new campaign have switched to using compromised SharePoint sites and OneNote documents to redirect potential victims from the banking sector to their landing pages. [...]

https://www.bleepingcomputer.com/news/security/hacked-sharepoint-sites-used-to-bypass-secure-email-gateways/

Microsoft Releases September 2019 Office Updates With Fixes, Improvements

Microsoft released the September 2019 non-security Microsoft Office updates with improvements and fixes for the Windows Installer (MSI) editions of Office 2013, and Office 2016. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-september-2019-office-updates-with-fixes-improvements/

Microsoft Investigating Windows 10 Cortana High CPU Issues

Microsoft has confirmed that they are investigating reports of high CPU usage in the SearchUI.exe component of Cortana after users install the Windows 10 v1903 KB4512941 cumulative update. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-investigating-windows-10-cortana-high-cpu-issues/

Hackers Get $1.9M in Bug Bounties at Live Hacking Sessions

More than 1,000 security bug bounty reports were submitted during a three-day live hacking event in Las Vegas. The total payout for the participating hackers was almost $2 million. Three organizations paid the money, one of them covering more than half of the total. [...]

https://www.bleepingcomputer.com/news/security/hackers-get-19m-in-bug-bounties-at-live-hacking-sessions/

Mozilla Will Support Existing Ad Blockers in Extensions Manifest v3

Mozilla has decided to split from Google and continue to support existing ad blockers in the upcoming extension changes being proposed by Google as part of the Extensions Manifest v3. [...]

https://www.bleepingcomputer.com/news/software/mozilla-will-support-existing-ad-blockers-in-extensions-manifest-v3/

Android SMS Phishing Can Stealthily Enable Malicious Settings

Android smartphones from multiple vendors, including Samsung, Huawei, LG, and Sony are susceptible to an advanced type attack that can alter device settings via a short text message. [...]

https://www.bleepingcomputer.com/news/security/android-sms-phishing-can-stealthily-enable-malicious-settings/

Google Chrome Starts Testing Third-Party Cookie Blocking

With yesterday's release of Firefox 69, Mozilla has started blocking third-party tracking cookies by default as part of their Enhanced Tracking Protection feature. Not to be outdone by Firefox, Google has also started to test a new feature that will block third-party tracking cookies within Google Chrome. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-starts-testing-third-party-cookie-blocking/