US Govt Alerts Financial Services of Ongoing Dridex Malware Attacks

The Department of Homeland Security's today alerted institutions from the financial services sector of risks stemming from ongoing Dridex malware attacks targeting private-sector financial firms through phishing e-mail spam campaigns. [...]

https://www.bleepingcomputer.com/news/security/us-govt-alerts-financial-services-of-ongoing-dridex-malware-attacks/

Evil Corp Hackers Charged For Stealing Over $100 Million

The U.S. Department of Justice (DoJ) charged Russian citizens Maksim V. Yakubets and Igor Turashev for deploying the Dridex malware (aka Bugat and Cridex), and for their involvement in international bank fraud and computer hacking schemes. [...]

https://www.bleepingcomputer.com/news/security/evil-corp-hackers-charged-for-stealing-over-100-million/

New Linux Vulnerability Lets Attackers Hijack VPN Connections

Security researchers found a new vulnerability allowing potential attackers to hijack VPN connections on affected *NIX devices and inject arbitrary data payloads into IPv4 and IPv6 TCP streams. [...]

https://www.bleepingcomputer.com/news/security/new-linux-vulnerability-lets-attackers-hijack-vpn-connections/

Disney+ Now Works in Linux After DRM Tweak

Linux users can now stream shows and movies from the Disney+ streaming service after Disney lowering the level of their DRM requirements.  [...]

https://www.bleepingcomputer.com/news/linux/disney-now-works-in-linux-after-drm-tweak/

Microsoft Starts Forced Feature Updates on Windows 10 1809

Microsoft says that Windows 10 1909 feature updates will start automatically installing on Windows 10 1809 devices beginning today to smooth out the update process to a more recent Windows 10 version. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-starts-forced-feature-updates-on-windows-10-1809/

Facebook Sues Company For Hijacking Accounts to Run Bad Ads

In a lawsuit filed today, Facebook alleges that a Chinese company used malware to compromise user accounts to run deceptive ads on the social media platform. [...]

https://www.bleepingcomputer.com/news/security/facebook-sues-company-for-hijacking-accounts-to-run-bad-ads/

Ransomware Writes Drama at Shakespeare Theatre

A ransomware attack over the weekend has taken down the ticketing system and patron database for the New Jersey Shakespeare Theatre and has also affected at least one other organization in the Madison area.  [...]

https://www.bleepingcomputer.com/news/security/ransomware-writes-drama-at-shakespeare-theatre/

U.S. Data Center Provider Hit by Ransomware Attack

CyrusOne, a large data center provider in the U.S., announced on Thursday that some of its systems were affected by a ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/us-data-center-provider-hit-by-ransomware-attack/

Some Hardware-based Password Managers Have Poor Security

Some hardware-based password managers lack proper protections for the sensitive data they store and allow reading it in plain text, even after they've been reset. [...]

https://www.bleepingcomputer.com/news/security/some-hardware-based-password-managers-have-poor-security/

BMW Infiltrated by Hackers Hunting for Automotive Trade Secrets

The German automotive giant BMW discovered and monitored a group of hackers who infiltrated the company's networks and stayed active since at least the spring of 2019. [...]

https://www.bleepingcomputer.com/news/security/bmw-infiltrated-by-hackers-hunting-for-automotive-trade-secrets/

NVIDIA Patches Severe Flaws in Mercedes Infotainment System Chips

NVIDIA released security updates for six high severity vulnerabilities found in the Tegra Linux Driver Package (L4T) for Jetson AGX Xavier, TK1, TX1, TX2, and Nano chips used in Mercedes-Benz's MBUX infotainment system and Bosch self-driving computer systems. [...]

https://www.bleepingcomputer.com/news/security/nvidia-patches-severe-flaws-in-mercedes-infotainment-system-chips/

Fake VPN Site Pushes CryptBot and Vidar Info-Stealing Trojans

A cyberthreat actor has created a web site that promotes a fake VPN program that installs the Vidar and CryptBot password-stealing trojans. These trojans will then attempt to steal saved browser credentials and other information from a victim's computer. [...]

https://www.bleepingcomputer.com/news/security/fake-vpn-site-pushes-cryptbot-and-vidar-info-stealing-trojans/

Microsoft to Make Office 365 Encrypted Emails Look Less Spammy

Microsoft is currently working on enhancing the way emails sent using the Office 365 Message Encryption service are seen by mail servers so that they are less likely to be marked as spam and sent to the Trash folder. [...]

https://www.bleepingcomputer.com/news/security/microsoft-to-make-office-365-encrypted-emails-look-less-spammy/

The Week in Ransomware - December 6th 2019 - 'We have seen better days'

With this article we are bringing you the latest ransomware news that occurred over the past two weeks. The news is a still a little light due to some of us taking vacations, but we should be back up to speed next week. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-6th-2019-we-have-seen-better-days/

FBI Recommends Securing Your Smart TVs and IoT Devices

The U.S. Federal Bureau of Investigation (FBI) recommends making sure that Internet of Things (IoT) devices and smart TVs in your home are properly configured to protect them and your other devices from potential attackers. [...]

https://www.bleepingcomputer.com/news/security/fbi-recommends-securing-your-smart-tvs-and-iot-devices/

Clever Microsoft Phishing Scam Creates a Local Login Form

A clever phishing campaign has been spotted that bundles the scam's landing page in the HTML attachment rather than redirecting users to another site that asks them to log in. [...]

https://www.bleepingcomputer.com/news/security/clever-microsoft-phishing-scam-creates-a-local-login-form/

Moscow Cops Sell Access to City CCTV, Facial Recognition Data

Anyone with a little money can buy access to Moscow's surveillance system of tens of thousands of cameras along and check footage stored over the previous five days. [...]

https://www.bleepingcomputer.com/news/security/moscow-cops-sell-access-to-city-cctv-facial-recognition-data/

Fake Elder Scrolls Online Devs Run PlayStation Phishing Scam

Scammers are masquerading as The Elder Scrolls Online developers and sending Playstation private messages that state your account will be banned if you do not provide your login credentials. [...]

https://www.bleepingcomputer.com/news/security/fake-elder-scrolls-online-devs-run-playstation-phishing-scam/

How to Use Twitter With Keyboard Shortcuts

If you are using Twitter on the desktop, then it may be helpful to know that there are over 25 different keyboard shortcuts that you can use to perform various functions including creating new tweets, opening the Messages section, and opening Notifications. [...]

https://www.bleepingcomputer.com/news/technology/how-to-use-twitter-with-keyboard-shortcuts/

TrickBot Trojan Abuses Google Suite, Baits With Annual Bonuses

A recently active malicious campaign baited targets with phishing messages promising annual bonuses, abusing Google Suite cloud services to infect them with Trickbot banking Trojan payloads. [...]

https://www.bleepingcomputer.com/news/security/trickbot-trojan-abuses-google-suite-baits-with-annual-bonuses/

Tool Illegally Enables Windows 7 Extended Security Updates

A method has been discovered that allows Windows 7 users to bypass eligibility checks and receive Extended Security Updates even if they have not paid for a license. [...]

https://www.bleepingcomputer.com/news/microsoft/tool-illegally-enables-windows-7-extended-security-updates/