Adobe Magento Marketplace Exposed User Info in Data Breach

Magento Marketplace users were informed this week that a vulnerability allowed an unauthorized third party to gain access to some account information. [...]

https://www.bleepingcomputer.com/news/security/adobe-magento-marketplace-exposed-user-info-in-data-breach/

Law Enforcement Shuts Down Imminent Monitor Malware, Makes Arrests

Law enforcement agencies from numerous countries have shut down the Imminent Monitor Remote Access Trojan (RAT) and have arrested thirteen of its most prolific users. [...]

https://www.bleepingcomputer.com/news/security/law-enforcement-shuts-down-imminent-monitor-malware-makes-arrests/

Kali Linux Adds 'Undercover' Mode to Impersonate Windows 10

Kali Linux 2019.4 was released last week and with it comes an 'Undercover' mode that can be used to quickly make the Kali desktop look like Windows 10. [...]

https://www.bleepingcomputer.com/news/security/kali-linux-adds-undercover-mode-to-impersonate-windows-10/

New Chrome Password Stealer Sends Stolen Data to a MongoDB Database

A new trojan has been discovered that attempts to steal passwords stored in the Google Chrome browser. While this is nothing unique, what stands out is that the malware uses a remote MongoDB database to store the stolen passwords. [...]

https://www.bleepingcomputer.com/news/security/new-chrome-password-stealer-sends-stolen-data-to-a-mongodb-database/

Microsoft Remote Desktop 10.0 for iOS Released, Then Quietly Pulled

Last week Microsoft released the first update for the Remote Desktop Client for iOS in over a year. Soon after, Microsoft quickly pulled it with no explanation. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-remote-desktop-100-for-ios-released-then-quietly-pulled/

You Can Still Upgrade to Windows 10 For Free, Here's How

Back when Windows 10 was first released, Microsoft allowed users of Windows 7 or Windows 8.1 to upgrade to Windows 10 for free. Microsoft officially ended the free upgrade offer in December 2017, but a method still works that allows you to upgrade an older version of Windows to Windows 10 for free. [...]

https://www.bleepingcomputer.com/news/microsoft/you-can-still-upgrade-to-windows-10-for-free-heres-how/

Fake Steam Skin Giveaway Site Steals your Login Credentials

A fake Steam skin giveaway site has been created that states it gives away news skins every day, but in reality it just steals your login credentials. [...]

https://www.bleepingcomputer.com/news/security/fake-steam-skin-giveaway-site-steals-your-login-credentials/

Over 30,500 Online Piracy Sites Shut Down in Global Operation

Europol announced today that 30,506 Internet domain names have been shut down for distributing counterfeit and pirated items, as part of a joint global operation between law enforcement authorities from the EU and the United States. [...]

https://www.bleepingcomputer.com/news/security/over-30-500-online-piracy-sites-shut-down-in-global-operation/

Office 365 To Get Microsoft Recommended Security Profiles

Microsoft's development team is currently working on adding recommended security profiles for Exchange Online Protection (EOP) and Office 365 Advanced Threat Protection (ATP) later this month. [...]

https://www.bleepingcomputer.com/news/security/office-365-to-get-microsoft-recommended-security-profiles/

Actively Exploited StrandHogg Vulnerability Affects Android OS

A newly discovered Android vulnerability is actively exploited by malware such as the BankBot banking Trojan and it impacts all versions of the operating system up to and including Android 10. [...]

https://www.bleepingcomputer.com/news/security/actively-exploited-strandhogg-vulnerability-affects-android-os/

Microsoft Warns of Spear Phishing Attacks, Shares Tips to Dodge Them

Microsoft today warned users of the dangers behind spear phishing attacks used by threat actors to target specific individuals, in their attempts to infect them with malware, harvest sensitive information, or trick them into making fraudulent payments. [...]

https://www.bleepingcomputer.com/news/security/microsoft-warns-of-spear-phishing-attacks-shares-tips-to-dodge-them/

Facebook Ads Manager Targeted by New Info-Stealing Trojan

Attackers are distributing an information-stealing Trojan disguised as a PDF reader that steals Facebook and Amazon session cookies as well as sensitive data from the Facebook Ads Manager. [...]

https://www.bleepingcomputer.com/news/security/facebook-ads-manager-targeted-by-new-info-stealing-trojan/

Smith & Wesson Web Site Hacked to Steal Customer Payment Info

American gun manufacturer Smith & Wesson's online store has been compromised by attackers who have injected a malicious script that attempts to steal customer's payment information. [...]

https://www.bleepingcomputer.com/news/security/smith-and-wesson-web-site-hacked-to-steal-customer-payment-info/

Avast and AVG Firefox Extensions Pulled from Mozilla Addons Site

Mozilla has removed four extensions from Avast and AVG from the Firefox addon site over concerns that they were tracking a user's activity as they are browsed the web. [...]

https://www.bleepingcomputer.com/news/software/avast-and-avg-firefox-extensions-pulled-from-mozilla-addons-site/

Microsoft Forms Now Automatically Blocks Confirmed Phishing

Microsoft is rolling out automatic blocking for repeated Microsoft Forms phishing attempts to boost the product's security by stopping attackers from abusing forms and surveys to harvest sensitive data from their targets. [...]

https://www.bleepingcomputer.com/news/security/microsoft-forms-now-automatically-blocks-confirmed-phishing/

FTC Warns of Ongoing Scam Spreading Scary Terrorism Allegations

The U.S. Federal Trade Commission (FTC) warned consumers today of an active scam campaign targeting potential victims with letters designed to scare them with fake money laundering and terrorism allegations. [...]

https://www.bleepingcomputer.com/news/security/ftc-warns-of-ongoing-scam-spreading-scary-terrorism-allegations/

80% of All Android Apps Now Use Encrypted Network Traffic

Google has announced that as of October 2019, 80% of all Android apps are now using Transport Layer Security (TLS) to encrypt their network traffic. [...]

https://www.bleepingcomputer.com/news/security/80-percent-of-all-android-apps-now-use-encrypted-network-traffic/

Ryuk Ransomware Is Making Victims Left and Right

Doing some open-source intelligence (OSINT), a security researcher discovered that a provider of end-to-end solutions for emergency care facilities in the U.S. fell victim to Ryuk ransomware. [...]

https://www.bleepingcomputer.com/news/security/ryuk-ransomware-is-making-victims-left-and-right/

Microsoft Enhances Tracking Prevention in Microsoft Edge 79

Microsoft announced a series of tracking prevention improvements that rolled out with the release of Microsoft Edge 79, enhancements that should provide a balance between web compatibility and blocking more types of trackers. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-enhances-tracking-prevention-in-microsoft-edge-79/

Firefox 71 Released with Picture-in-Picture Support and More

Mozilla has officially released Firefox 71 for Windows, Mac, and Linux and with it comes support for the picture-in-picture API and improvements to the Enhanced Tracking Protection feature and the Lockwise password manager. [...]

https://www.bleepingcomputer.com/news/software/firefox-71-released-with-picture-in-picture-support-and-more/

Microsoft Releases December 2019 Office Updates With Auth Issue Fix

Microsoft released the December 2019 non-security Microsoft Office updates that fix issues and add stability and performance improvements to Windows Installer (MSI) editions of Office 2016. [...]

https://www.bleepingcomputer.com/news/security/microsoft-releases-december-2019-office-updates-with-auth-issue-fix/