Billing Provider Billtrust Suffers Outage After Malware Attack

U.S. financial services provider Billtrust experienced an outage affecting all of its services after some of the company's computing systems were impacted by a malware attack on October 17. [...]

https://www.bleepingcomputer.com/news/security/billing-provider-billtrust-suffers-outage-after-malware-attack/

Scammers Behind €10 Million BEC Fraud Arrested in Spain

Three people, part of a Business Email Compromise (BEC) scammer group that stole roughly €10.7 million ($11,900,000) from 12 companies, were arrested in Spain by the Guardia Civil as part of Operation Lavanco. [...]

https://www.bleepingcomputer.com/news/security/scammers-behind-10-million-bec-fraud-arrested-in-spain/

MedusaLocker Ransomware Wants Its Share of Your Money

A new ransomware called MedusaLocker is being actively distributed and victims have been seen from all over the world. It is not known at this time, how the attacker is distributing the ransomware. [...]

https://www.bleepingcomputer.com/news/security/medusalocker-ransomware-wants-its-share-of-your-money/

U.S. Superior Court Systems Hacked to Spread Phishing Emails

A Texas man was sentenced today to 145 months in federal prison for hacking the Los Angeles Superior Court (LASC) computer system and using its servers to deliver around 2 million malspam emails. [...]

https://www.bleepingcomputer.com/news/security/us-superior-court-systems-hacked-to-spread-phishing-emails/

Chrome 78 Released With DoH Trial, Tab Hover Cards, and More

Google has released Chrome 78 to the Stable desktop channel, with new improvements, features, and 37 security fixes. Included in this release is the DoH trial for all users on supported DNS providers, a basic Tab Hover Cards, and some other features behind experimental flags. [...]

https://www.bleepingcomputer.com/news/software/chrome-78-released-with-doh-trial-tab-hover-cards-and-more/

Windows 10 Insider Build 19008 Released With Fixes

Microsoft has released Windows 10 Insider Preview Build 19008 (20H1) to Insiders in the Fast ring and brings various fixes and improvements, but no new features. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-19008-released-with-fixes/

New CPDoS Web Cache Poisoning Attacks Impact Sites Using Popular CDNs

Details have emerged about a new class of web cache poisoning attacks that could be used to deny users access to resources delivered through a content delivery network (CDN). [...]

https://www.bleepingcomputer.com/news/security/new-cpdos-web-cache-poisoning-attacks-impact-sites-using-popular-cdns/

Office 365 Adds Malware ZAP Toggle to Security & Compliance Center

Microsoft's developers are adding a new malware Zero-hour Auto Purge (ZAP) toggle to the Office 365 Security & Compliance Center to allow configuration without using a PowerShell ​​​​​​​cmdlet. [...]

https://www.bleepingcomputer.com/news/security/office-365-adds-malware-zap-toggle-to-security-and-compliance-center/

FBI Warns Govt Agencies, SMBs to Defend Against E-Skimming Threats

The U.S. Federal Bureau of Investigation (FBI) issued a warning to increase awareness on current e-skimming threats targeting both small and medium-sized businesses and government agencies that process online payments, as well as defense tips to fend them off. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-govt-agencies-smbs-to-defend-against-e-skimming-threats/

FBI Updates Initiative to Protect U.S. Elections from Cyberattacks

FBI has updated and expanded the resources and tools designed to help political campaigns, private businesses, and individuals to better understand and mitigate risks posed by foreign entities' cyber intrusions and disinformation efforts during the 2020 U.S. election season. [...]

https://www.bleepingcomputer.com/news/security/fbi-updates-initiative-to-protect-us-elections-from-cyberattacks/

Discord Turned Into an Info-Stealing Backdoor by New Malware

A new malware is targeting Discord users by modifying the Windows Discord client so that it is transformed into a backdoor and an information-stealing Trojan. [...]

https://www.bleepingcomputer.com/news/security/discord-turned-into-an-info-stealing-backdoor-by-new-malware/

FTC Issues Guidance On Protecting Against SIM Swap Attacks

The U.S. Federal Trade Commission (FTC) issued guidance on how to protect yourself from SIM swapping attacks used by scammers to take control of your phone number, to bypass SMS-based multi-factor authentication (MFA) on your account, and steal your credentials. [...]

https://www.bleepingcomputer.com/news/security/ftc-issues-guidance-on-protecting-against-sim-swap-attacks/

Hacker Plants Keylogger Devices on Company Systems Faces 12yr in Jail

A hacker admitted to planting hardware keyloggers on computers belonging to two companies to get unauthorized to their networks and steal proprietary data. He now faces 12 years of prison time. [...]

https://www.bleepingcomputer.com/news/security/hacker-plants-keylogger-devices-on-company-systems-faces-12yr-in-jail/

Android Apps Identify Google IPs to Delay Malicious Behavior

Dozens of Android apps designed to flood phone screens with ads hide their malicious behavior when a Google IP is detected. Collectively, they were installed 8 million times. [...]

https://www.bleepingcomputer.com/news/security/android-apps-identify-google-ips-to-delay-malicious-behavior/

iOS Clicker Trojan Malware Found in 17 Apps in Apple's App Store

More than a dozen iOS apps infected with clicker Trojan malware and distributed via the Apple App Store were found to perform ad fraud-related tasks in the background, using the command and control servers of a similar Android ad fraud campaign. [...]

https://www.bleepingcomputer.com/news/security/ios-clicker-trojan-malware-found-in-17-apps-in-apples-app-store/

Cash App Scammers Deal Their Cons on Twitter, Instagram, YouTube

Fraudsters taking advantage of the legitimate 'free money' campaigns for the Cash App peer-to-peer payment service target users Twitter, Instagram, and YouTube with fake promises of financial gains. [...]

https://www.bleepingcomputer.com/news/security/cash-app-scammers-deal-their-cons-on-twitter-instagram-youtube/

Microsoft Phishing Attacks Target United Nations and Charities

An ongoing phishing campaign is targeting the United Nations and several humanitarian aid organizations including UNICEF and UN World Food using landing pages impersonating legitimate Microsoft Office 365 login pages. [...]

https://www.bleepingcomputer.com/news/security/microsoft-phishing-attacks-target-united-nations-and-charities/

Windows 10 1903 KB4522355 Update Released with Start Menu Fixes

Microsoft has released the KB4522355 cumulative update for Windows 10 1903 (May 2019 Update) that introduces a variety of quality improvements and bug fixes. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-1903-kb4522355-update-released-with-start-menu-fixes/

GitLab Backtracks on Forced Tracking After Negative Feedback

GitLab, the provider of a web-based DevOps platform, reversed course on its decision to implement product usage tracking in the form of third-party telemetry for paying customers who use the company's proprietary products. [...]

https://www.bleepingcomputer.com/news/security/gitlab-backtracks-on-forced-tracking-after-negative-feedback/

How To Fix "Aw Snap!" Crash in Google Chrome 78

Google Chrome updated to version 78 a few days ago and some users have been experiencing "Aw, Snap!" crashes instead of the promised features. [...]

https://www.bleepingcomputer.com/news/google/how-to-fix-aw-snap-crash-in-google-chrome-78/

Ransomware Attack Shuts Down City of Johannesburg's Systems

The City of Johannesburg municipality shut down the website, its e-services platform, and the billing system (SAP ISU and CRM) following a ransomware attack that also led to unauthorized information access according to a ransom note. [...]

https://www.bleepingcomputer.com/news/security/ransomware-attack-shuts-down-city-of-johannesburgs-systems/