Fake Office Activation Wizard Docs Used to Spread Emotet Trojan

The Emotet botnet has switched to a new template used by malicious attachments that pretend to be a Microsoft Office Activation Wizard. [...]

https://www.bleepingcomputer.com/news/security/fake-office-activation-wizard-docs-used-to-spread-emotet-trojan/

Singapore's GovTech Launches Vulnerability Disclosure Program

Singapore's Government Technology Agency (GovTech) has launched a new vulnerability disclosure program on HackerOne so researchers can disclose vulnerabilities in government sites. [...]

https://www.bleepingcomputer.com/news/security/singapores-govtech-launches-vulnerability-disclosure-program/

Microsoft To Offer Windows 7 Extended Security Updates to SMBs

Microsoft announced that Windows 7 Extended Security Updates (ESU) will also be made available for small and midsize businesses (SMBs) to allow them to stay secure during the Windows 10 migration process. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-offer-windows-7-extended-security-updates-to-smbs/

Microsoft Releases October 2019 Office Updates With Fixes, Improvements

Microsoft released the October 2019 non-security Microsoft Office updates that fix issues and add improvements to Windows Installer (MSI) editions of Office 2013 2010, Office 2013, and Office 2016. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-october-2019-office-updates-with-fixes-improvements/

WhatsApp to Soon Let you Send Self-Destructing Messages

WhatsApp is working on a new feature that will allow users to send self-destructing messages. This feature is currently in development and has been spotted in the WhatsApp beta for Android 2.19.275. [...]

https://www.bleepingcomputer.com/news/software/whatsapp-to-soon-let-you-send-self-destructing-messages/

Microsoft Edge Dev Channel Updated With Media Autoplay Blocking

A new update is now available for Microsoft Edge Insiders within the Dev channel and the main focus of today's update is the introduction of dark mode for the new tab page (NTP) and media autoplay blocking settings. There are a host of stability improvements, fixes and enhancement as well. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-dev-channel-updated-with-media-autoplay-blocking/

Fake Browser Updates Infect Enterprises with Ransomware, Bankers

Attackers are utilizing hacked web sites that promote fake browser updates to infect targets with banking trojans. In some cases, post exploitation toolkits are later executed to encrypt the compromised network with ransomware. [...]

https://www.bleepingcomputer.com/news/security/fake-browser-updates-infect-enterprises-with-ransomware-bankers/

Of All State-Backed Hackers, the Chinese Hit Most Industries

Hackers working for the Chinese government deployed attacks against the largest number of industry verticals in the first half of the year. [...]

https://www.bleepingcomputer.com/news/security/of-all-state-backed-hackers-the-chinese-hit-most-industries/

Google's Password Manager Now Warns About Compromised Accounts

Google's Password Checkup feature is now integrated directly into your Google Account and will warn you if your saved passwords have security issues such as weak strength or have been compromised through data breaches. [...]

https://www.bleepingcomputer.com/news/google/googles-password-manager-now-warns-about-compromised-accounts/

Google Expands Privacy Controls Across Youtube, Maps, and Assistant

Google has announced new privacy and security features that allow you to use incognito mode in more properties, monitor your saved passwords for compromises, and manage how your data is used on YouTube. [...]

https://www.bleepingcomputer.com/news/security/google-expands-privacy-controls-across-youtube-maps-and-assistant/

New Silent Starling Gang Targets 500+ Vendors in BEC Scam Twist

In a variation of the classic business email compromise (BEC) scam, a cyber gang managed to compromise email accounts of more than 700 employees from over 500 companies in 14 countries. [...]

https://www.bleepingcomputer.com/news/security/new-silent-starling-gang-targets-500-vendors-in-bec-scam-twist/

American Express Customer Info Accessed by Employee for Possible Fraud

An American Express employee is being investigated for accessing card holder information and potentially using it to open accounts at other financial institutions. [...]

https://www.bleepingcomputer.com/news/security/american-express-customer-info-accessed-by-employee-for-possible-fraud/

Threat Group Uses Bit.ly, BlogSpot, Pastebin to Deliver Trojans, RATs

A malicious campaign targeting corporations from all over the world was observed while using a combination of pages hosted on Bit.ly, BlogSpot, and Pastebin to deliver Azorult and RevengeRAT malware. [...]

https://www.bleepingcomputer.com/news/security/threat-group-uses-bitly-blogspot-pastebin-to-deliver-trojans-rats/

Sodinokibi Ransomware Builds An All-Star Team of Affiliates

The Sodinokibi Ransomware (REvil) has been making news lately as they target the enterprise, MSPs, and government entities through their hand-picked team of all-star affiliates. These affiliates appear to have had a prior history with the GandCrab RaaS and use similar distribution methods. [...]

https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-builds-an-all-star-team-of-affiliates/

Zendesk Security Breach May Impact Orgs Like Uber, Slack, and FCC

Customer service software company Zendesk is sending users notifications regarding a security incident that might have impacted roughly 10,000 Zendesk Support and Chat accounts activated prior to November 1, 2016. [...]

https://www.bleepingcomputer.com/news/security/zendesk-security-breach-may-impact-orgs-like-uber-slack-and-fcc/

Windows 10X: Microsoft's New Windows OS for Dual-Screen PCs

At the Surface event in New York City, Microsoft announced Windows 10X, a new version of Windows 10 designed for dual-screen folding-screen devices. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10x-microsofts-new-windows-os-for-dual-screen-pcs/

Microsoft Launches New Dual-Screen Surface Devices

At today's Surface event in New York City, Microsoft unveiled the Surface Laptop 3, Surface Pro 7, Surface Pro X and two dual-screen devices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-launches-new-dual-screen-surface-devices/

Microsoft 365 To Get Tenant-Wide Idle Session Timeout Feature

Microsoft is working on including a new tenant-wide idle session timeout feature for Microsoft 365 web apps to prevent information exposure that might stem from unauthorized access to systems left unattended. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-365-to-get-tenant-wide-idle-session-timeout-feature/

FBI Warns U.S. Organizations About High Impact Ransomware

The U.S. Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) issued a public service announcement today regarding the increasing number of high-impact ransomware attacks against public and private U.S. organizations.   [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-us-organizations-about-high-impact-ransomware/

FTCode PowerShell Ransomware Resurfaces in Spam Campaign

An old PowerShell ransomware has resurfaced with a vengeance in a spam distribution aimed at Italian recipients. This ransomware is called FTCode and is completely PowerShell based, which means it can encrypt the computer without downloading any additional components. [...]

https://www.bleepingcomputer.com/news/security/ftcode-powershell-ransomware-resurfaces-in-spam-campaign/

Police Seize Bot Farm Behind Potentially Fatal Scam Messages

The cyber division of the Ukrainian police took to pieces an operation that made money by registering accounts used to send spam through various services, including email and social networks. [...]

https://www.bleepingcomputer.com/news/security/police-seize-bot-farm-behind-potentially-fatal-scam-messages/