European Airport Systems Infected With Monero-Mining Malware

More than 50% of all computing systems at a European international airport were recently found to be infected with a Monero cryptominer linked to the Anti-CoinMiner campaign spotted during August 2018 by Zscaler. [...]

https://www.bleepingcomputer.com/news/security/european-airport-systems-infected-with-monero-mining-malware/

Google Chrome 77 Added New Site Isolation Security Features

Google has announced that with the release of Google Chrome 77, Site Isolation has been brought to Android and desktop users received additional protections when this feature is enabled. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-77-added-new-site-isolation-security-features/

Samsung to Patch Fingerprint Scanner Against Silicone Case Unlock Bug

Following media reports that the fingerprint reader in Samsung Galaxy S10 phones unlocks the device when scanning unregistered fingerprints through a silicone case, the South Korean company informs that it will release a patch to correct the problem. [...]

https://www.bleepingcomputer.com/news/security/samsung-to-patch-fingerprint-scanner-against-silicone-case-unlock-bug/

Microsoft Adds Azure AD Sign-In History to Detect Unusual Activity

Microsoft announced the addition of an Azure Active Directory (AD) sign-in history feature that would allow users to get an overview of past sign-ins and quickly detect any unusual login activity. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-adds-azure-ad-sign-in-history-to-detect-unusual-activity/

500+ Million UC Browser Android Users Exposed to MiTM Attacks. Again.

The highly popular UC Browser and UC Browser Mini Android apps, with a total of over 600 million Play Store installs, exposed their users to MiTM attacks by downloading an Android Package Kit (APK) from a third party server over unprotected channels. [...]

https://www.bleepingcomputer.com/news/security/500-million-uc-browser-android-users-exposed-to-mitm-attacks-again/

Fake WordPress Plugin Comes with Cryptocurrency Mining Function

Malicious plugins for WordPress websites are being used not just to maintain access on the compromised server but also to mine for cryptocurrency. [...]

https://www.bleepingcomputer.com/news/security/fake-wordpress-plugin-comes-with-cryptocurrency-mining-function/

Malicious Tor Browser Steals Cryptocurrency from Darknet Market Users

A trojanized version of the Tor Browser is targeting dark web market shoppers to steal their cryptocurrency and tracks the websites they visit. [...]

https://www.bleepingcomputer.com/news/security/malicious-tor-browser-steals-cryptocurrency-from-darknet-market-users/

Windows 10 KB4520062 Update May Break Microsoft Defender ATP

Microsoft says that Microsoft Defender Advanced Threat Protection (ATP) might stop running on Windows 10, version 1809 devices after installing the KB4520062 Cumulative Update. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4520062-update-may-break-microsoft-defender-atp/

REvil Ransomware Affiliates Partner with Corporate Intruders

Experienced network intruders and ransomware groups have struck an alliance helping each other monetize their skills by spreading malware to company networks. [...]

https://www.bleepingcomputer.com/news/security/revil-ransomware-affiliates-partner-with-corporate-intruders/

STOP Ransomware Decryptor Released for 148 Variants

The release of Emsisoft's STOP Ransomware decryption service is a huge achievement and will be a life saver for both the victims and the helpers on BleepingComputer. It should be noted, though, that while this decryptor can help with the majority of STOP variants, anyone who was infected after August 2019 cannot be helped. [...]

https://www.bleepingcomputer.com/news/security/stop-ransomware-decryptor-released-for-148-variants/

Microsoft 365 Authentication Outage, Users Unable to Login

Microsoft 365 is experiencing a multi-factor authentication (MFA) outage that blocks users from accessing multiple Microsoft 365 services such as Office 365 and Azure according to user reports. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-365-authentication-outage-users-unable-to-login/

Maze Ransomware Now Delivered by Spelevo Exploit Kit

The Spelevo exploit kit has been spotted by security researchers while infecting victims with Maze Ransomware payloads via a new malicious campaign that exploits a Flash Player use after free vulnerability. [...]

https://www.bleepingcomputer.com/news/security/maze-ransomware-now-delivered-by-spelevo-exploit-kit/

Hackers Backdoor Sites by Hiding Fake WordPress Plugins

Malicious plugins that hide in plain sight and act as backdoors are used by attackers to gain and maintain a foothold on WordPress websites, and to upload web shells and scripts for brute-forcing other sites. [...]

https://www.bleepingcomputer.com/news/security/hackers-backdoor-sites-by-hiding-fake-wordpress-plugins/

How to Update Windows 10 Drivers Manually

Drivers allow Windows to work with hardware components such as graphics card, memory card, storage, camera and other essential components recognized by the operating system. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-update-windows-10-drivers-manually/

Tools and Tactics of the Sodinokibi Ransomware Distributors

Using a network of honeypots, researchers from McAfee examined the tools and tactics used by the Sodinokibi Ransomware (REvil) affiliates to infect their victims with ransomware and compromise other machines on the network. [...]

https://www.bleepingcomputer.com/news/security/tools-and-tactics-of-the-sodinokibi-ransomware-distributors/

Hackers Breach Avast Antivirus Network Through Insecure VPN Profile

Hackers accessed the internal network of Czech cybersecurity company Avast, likely aiming for a supply chain attack targeting CCleaner. Detected on September 25, intrusion attempts started since May 14. [...]

https://www.bleepingcomputer.com/news/security/hackers-breach-avast-antivirus-network-through-insecure-vpn-profile/

Chinese Hackers Use New Malware to Backdoor Microsoft SQL Servers

New malware created by Chinese-backed Winnti Group has been discovered by researchers at ESET while being used to gain persistence on Microsoft SQL Server (MSSQL) systems. [...]

https://www.bleepingcomputer.com/news/security/chinese-hackers-use-new-malware-to-backdoor-microsoft-sql-servers/

New Windows 10 Secured-Core PCs Block Firmware-Level Attacks

Microsoft introduced a new range of devices called Secured-core PCs which come with built-in protection against firmware attacks that have been increasingly used by state-sponsored hacking groups. [...]

https://www.bleepingcomputer.com/news/security/new-windows-10-secured-core-pcs-block-firmware-level-attacks/

Office 365 Now Warns About Suspicious Emails with Unverified Senders

Microsoft is currently rolling out a new Office 365 feature dubbed 'Unverified Sender' and designed to help users identify potential spam or phishing emails that reach their Outlook client's inbox. [...]

https://www.bleepingcomputer.com/news/microsoft/office-365-now-warns-about-suspicious-emails-with-unverified-senders/

Hacker Breached Servers Belonging to Multiple VPN Providers

Servers belonging to the NordVPN and TorGuard VPN companies were hacked and attackers stole and leaked the private keys associated with certificates used to secure their web servers and VPN configuration files.  [...]

https://www.bleepingcomputer.com/news/security/hacker-breached-servers-belonging-to-multiple-vpn-providers/

Russian Hackers Use Iranian Threat Group's Tools, Servers as Cover

The Russian-backed Turla cyber-espionage group used stolen malware and hijacked infrastructure from the Iranian-sponsored OilRig to attack targets from dozens of countries according to a joint United Kingdom's National Cyber Security Centre (NCSC) and U.S. National Security Agency (NSA) advisory published today. [...]

https://www.bleepingcomputer.com/news/security/russian-hackers-use-iranian-threat-groups-tools-servers-as-cover/