Maze Ransomware Demands $6 Million Ransom From Southwire

Maze Ransomware operators claim responsibility for another cyber attack, this time against leading wire and cable manufacturer Southwire Company, LLC (Southwire) from Carrollton, Georgia. [...]

https://www.bleepingcomputer.com/news/security/maze-ransomware-demands-6-million-ransom-from-southwire/

Microsoft Warns of GALLIUM Threat Group Attacking Global Telcos

The Microsoft Threat Intelligence Center (MSTIC) today published an alert about ongoing attacks directed at telecommunication providers from around the world and operated by a threat group tracked by Microsoft as GALLIUM. [...]

https://www.bleepingcomputer.com/news/security/microsoft-warns-of-gallium-threat-group-attacking-global-telcos/

Google Achieves Its Goal of Erasing the WWW Subdomain From Chrome

With the release of Chrome 79, Google completes its goal of erasing www from browser by no longer allowing Chrome users to automatically show the www trivial subdomain in the address bar. [...]

https://www.bleepingcomputer.com/news/google/google-achieves-its-goal-of-erasing-the-www-subdomain-from-chrome/

Another Ransomware Will Now Publish Victims' Data If Not Paid

The operators of the REvil Ransomware, otherwise known as Sodinokibi, have announced that they will use stolen files and data as as leverage to get victims to pay ransoms. [...]

https://www.bleepingcomputer.com/news/security/another-ransomware-will-now-publish-victims-data-if-not-paid/

Microsoft Office 365 to Add Message Recall in Exchange Online

Microsoft is planning to add the highly popular Message Recall feature among Outlook for Windows users to the Exchange Online hosted cloud email service for businesses. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-office-365-to-add-message-recall-in-exchange-online/

New Echobot Variant Exploits 77 Remote Code Execution Flaws

The Echobot botnet is still after the low hanging fruit as a new variant has been spotted with an increased number of exploits that target unpatched devices, IoT for the most part. [...]

https://www.bleepingcomputer.com/news/security/new-echobot-variant-exploits-77-remote-code-execution-flaws/

VISA Warns of Ongoing Cyber Attacks on Gas Pump PoS Systems

The point-of-sale (POS) systems of North American fuel dispenser merchants are under an increased and ongoing threat of being targeted by an attack coordinated by cybercrime groups according to a security alert published by VISA. [...]

https://www.bleepingcomputer.com/news/security/visa-warns-of-ongoing-cyber-attacks-on-gas-pump-pos-systems/

Google Now Bans Some Linux Web Browsers From Their Services

Google is now banning the popular Linux browsers named Konqueror, Falkon, and Qutebrowser from logging into Google services because they may not be secure. [...]

https://www.bleepingcomputer.com/news/google/google-now-bans-some-linux-web-browsers-from-their-services/

Apple to Fix Bug That Bypasses Communication Controls for Kids

Apple rolled out the Communication Limits feature in iOS 13.3 on Tuesday with a bug that allows kids to bypass parental controls that prevent them from talking to anyone that is not in the contacts list. [...]

https://www.bleepingcomputer.com/news/apple/apple-to-fix-bug-that-bypasses-communication-controls-for-kids/

Attackers Steal Credit Cards in Rooster Teeth Data Breach

Rooster Teeth Productions have suffered a data breach that allowed attackers to steal credit card and other payment information from shoppers on the company's online store. [...]

https://www.bleepingcomputer.com/news/security/attackers-steal-credit-cards-in-rooster-teeth-data-breach/

Attackers Terrify Homeowners After Hacking Ring Devices

In a series of hacks targeting Ring camera devices, attackers are terrifying homeowners and making them feel violated in their own homes after taunting them or speaking to their children over the device's speakers. [...]

https://www.bleepingcomputer.com/news/security/attackers-terrify-homeowners-after-hacking-ring-devices/

New Orleans Suffers Ransomware Attack, Emergency Services Intact

The City of New Orleans, Louisiana has suffered a ransomware attack that has led to the shut down of the city's servers and computer, but the city states emergency services remain intact. [...]

https://www.bleepingcomputer.com/news/security/new-orleans-suffers-ransomware-attack-emergency-services-intact/

The Week in Ransomware - December 13th 2019 - Data Extortion

This has been a busy week with large scale attacks targeting local governments, new variants released, and another ransomware stating that they will use stolen data as leverage to get victims to pay. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-13th-2019-data-extortion/

Microsoft Pushes Windows 10 Autopilot Update by Mistake, How to Remove

Microsoft mistakenly installed the a Windows 10 update for Autopilot on consumer versions of Windows. After learning of their mistake, Microsoft pulled the update from being offered incorrectly, but by that point the update was already mistakenly installed on user's devices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-pushes-windows-10-autopilot-update-by-mistake-how-to-remove/

Ryuk Ransomware Likely Behind New Orleans Cyberattack

Based on files uploaded to the VirusTotal scanning service, the ransomware attack on the City of New Orleans was likely done by the Ryuk Ransomware threat actors. [...]

https://www.bleepingcomputer.com/news/security/ryuk-ransomware-likely-behind-new-orleans-cyberattack/

High-School Students Find Spy Cams in Their Hotel Rooms

High-school students from Wisconsin attending a conference in Minneapolis found spycams in their rooms at a downtown hotel, prompting a police investigation. [...]

https://www.bleepingcomputer.com/news/security/high-school-students-find-spy-cams-in-their-hotel-rooms/

Update Intel's Rapid Storage Software to Fix System Takeover Bug

A DLL hijacking vulnerability exists in an older version of the Intel Rapid Storage Technology (Intel RST) software that could allow attackers to execute malware at elevated privileges in Windows. [...]

https://www.bleepingcomputer.com/news/security/update-intels-rapid-storage-software-to-fix-system-takeover-bug/

Over 435K Security Certs Can Be Compromised With Less Than $3,000

After analyzing millions of RSA keys and certificates generated on low entropy lightweight IoT devices, security researchers at Keyfactor discovered that more than a quarter-million of them shared their prime factors making it easy to derive their private key and compromise them. [...]

https://www.bleepingcomputer.com/news/security/over-435k-security-certs-can-be-compromised-with-less-than-3-000/

Emotet Trojan is Inviting You To A Malicious Christmas Party

Just in time for the holidays, the Emotet Trojan gang has started to send Christmas themed emails that they hope will entice you to open their attachments and become infected. They even want you to wear your ugliest Christmas sweater! [...]

https://www.bleepingcomputer.com/news/security/emotet-trojan-is-inviting-you-to-a-malicious-christmas-party/

TP-Link Router Bug Lets Attackers Login Without Passwords

TP-Link patched a critical vulnerability impacting some of its Archer routers that could allow potential attackers to void their admin passwords and remotely take control of the devices over LAN via a Telnet connection. [...]

https://www.bleepingcomputer.com/news/security/tp-link-router-bug-lets-attackers-login-without-passwords/

Google to Force OAuth in G Suite to Increase Security

Google announced that it will block less secure apps (LSAs) from accessing G Suite account data starting February 2021, following an initial stage of limiting their access during June 2020. [...]

https://www.bleepingcomputer.com/news/security/google-to-force-oauth-in-g-suite-to-increase-security/