Credit Card Data Exposed Online Is Tested Within 2 Hours

Be it fake or real, payment card data does not survive untouched for long on the web, a recent experiment showed. The bad guys are testing everything they find on the internet, just to make sure they don't miss an opportunity to cash in. [...]

https://www.bleepingcomputer.com/news/security/credit-card-data-exposed-online-is-tested-within-2-hours/

Facebook's Tor Site Down for Over a Week Due to Expired TLS Cert

Facebook has announced that its Tor gateway will be down for one to two weeks due to an expired TLS certificate. This is a bit strange as it normally should not take two weeks to renew a certificate. [...]

https://www.bleepingcomputer.com/news/security/facebooks-tor-site-down-for-over-a-week-due-to-expired-tls-cert/

Bug Sent WhatsApp Into Crash Loop, Caused Chat History Loss

Security researchers found a bug in WhatsApp that could be used to crash the messaging app in a loop on the phone of every member of a group. [...]

https://www.bleepingcomputer.com/news/security/bug-sent-whatsapp-into-crash-loop-caused-chat-history-loss/

How to Block Windows 10 Update Force Installing the New Edge Browser

When Microsoft Edge reaches general availability in January, Microsoft has stated that the browser will automatically be installed on Windows 10 devices via Windows Update. Here is how to block it from being automatically installed. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-block-windows-10-update-force-installing-the-new-edge-browser/

Lazarus Hackers Target Linux, Windows With New Dacls Malware

A new Remote Access Trojan (RAT) malware dubbed Dacls and connected to the Lazarus Group has been spotted by researchers while being used to target both Windows and Linux devices. [...]

https://www.bleepingcomputer.com/news/security/lazarus-hackers-target-linux-windows-with-new-dacls-malware/

Chinese Rancor APT Refreshes Malware Kit for Espionage Attacks

A Chinese-linked hacking group deployed a new malware strain dubbed Dudell as part of attacks targeting Cambodian government organizations between December 2018 and January 2019. [...]

https://www.bleepingcomputer.com/news/security/chinese-rancor-apt-refreshes-malware-kit-for-espionage-attacks/

Windows 10's Fast Ring Becomes a Microsoft Dev Playground

Microsoft officially kicks off the new Windows 10 Fast Ring with the release of their latest Insider build. Under this new Fast Ring, Insiders will always receive the latest code from Microsoft developers who are creating new features in Windows 10. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10s-fast-ring-becomes-a-microsoft-dev-playground/

LifeLabs Data Breach Exposes Personal Info of 15 Million Customers

Canadian clinical laboratory services provider LifeLabs has announced a data breach that exposed the personal information for up to 15 million Canadians after an unauthorized user gained access to their systems. [...]

https://www.bleepingcomputer.com/news/security/lifelabs-data-breach-exposes-personal-info-of-15-million-customers/

Ransomware Hit Over 1,000 U.S. Schools in 2019

Since January, 1,039 schools across the U.S. have been potentially hit by a ransomware attack after 72 school districts and/or educational institutions have publicly reported being a ransomware victim according to a report from security solutions provider Armor. [...]

https://www.bleepingcomputer.com/news/security/ransomware-hit-over-1-000-us-schools-in-2019/

Industrial Cyber-Espionage Campaign Targets Hundreds of Companies

Hundreds of industrial companies are currently the targets of cyber-espionage activity from an advanced threat actor. The adversary uses a new version of an older info-stealer to extract sensitive data and files. [...]

https://www.bleepingcomputer.com/news/security/industrial-cyber-espionage-campaign-targets-hundreds-of-companies/

New BlueKeep Scanner Lets You Find Vulnerable Windows PCs

A new scanning tool is now available for checking if your computer is vulnerable to the BlueKeep security issue in Windows Remote Desktop Services. [...]

https://www.bleepingcomputer.com/news/security/new-bluekeep-scanner-lets-you-find-vulnerable-windows-pcs/

FBI Warns of Risks Behind Using Free WiFi While Traveling

The U.S. Federal Bureau of Investigation recommends travelers to avoid connecting their phone, tablet, or computer to free wireless hotspots while traveling during the holiday season. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-risks-behind-using-free-wifi-while-traveling/

ScreenConnect MSP Software Used to Install Zeppelin Ransomware

Threat actors are utilizing the ScreenConnect (now called ConnectWise Control) MSP remote management software to compromise a network, steal data, and install the Zeppelin Ransomware on compromised computers. [...]

https://www.bleepingcomputer.com/news/security/screenconnect-msp-software-used-to-install-zeppelin-ransomware/

Attackers Posing as German Authorities Distribute Emotet Malware

An active malspam is distributing Emotet banking Trojan payloads via emails camouflaged to look like messages delivered by several German federal authorities warns the BSI, Germany's federal cybersecurity agency. [...]

https://www.bleepingcomputer.com/news/security/attackers-posing-as-german-authorities-distribute-emotet-malware/

Verizon Fios Internet is Having an Outage, Change DNS to Fix

Verizon Fios is currently having a network-wide DNS outage that is causing users to not be able to connect to websites, retrieve email, or play online games. [...]

https://www.bleepingcomputer.com/news/technology/verizon-fios-internet-is-having-an-outage-change-dns-to-fix/

Microsoft Security Essentials To Get Updates After Windows 7 EoS

Microsoft Security Essentials (MSE) will continue to receive definition updates for new malware after Windows 7 reaches End of Support, even though a Microsoft support bulletin states otherwise. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-security-essentials-to-get-updates-after-windows-7-eos/

Honda Exposes 26,000 Records of North American Customers

Automotive giant Honda exposed roughly 26,000 vehicle owner records containing personally identifiable information (PII) of North American customers after misconfiguring an Elasticsearch cluster on October 21, 2019. [...]

https://www.bleepingcomputer.com/news/security/honda-exposes-26-000-records-of-north-american-customers/

Siemens Contractor Jailed for Sabotage With Logic Bombs

Former Siemens contract employee David Tinley was sentenced to six months in prison for sabotaging his employer over a span of roughly two years using logic bombs planted in company spreadsheets. [...]

https://www.bleepingcomputer.com/news/security/siemens-contractor-jailed-for-sabotage-with-logic-bombs/

Canadian Insurance Firm Hit By Maze Ransomware, Denies Data Theft

An insurance and financial services company based out of Manitoba, Canada is the latest victim of the Maze Ransomware with allegedly 245 computers encrypted during a cyberattack in October. [...]

https://www.bleepingcomputer.com/news/security/canadian-insurance-firm-hit-by-maze-ransomware-denies-data-theft/

Vivaldi Now Impersonates Google Chrome to Avoid Being Blocked

With today's release of the new Vivaldi 2.10, the browser will impersonate Google Chrome when visiting certain sites. It does this to prevent the browser from being blocked based on its user agent. [...]

https://www.bleepingcomputer.com/news/software/vivaldi-now-impersonates-google-chrome-to-avoid-being-blocked/

Emotet Gang Changes Tactics Ahead of the Winter Holidays

With the end of the year approaching fast, the authors of Emotet have made some changes that may increase their revenue for the holidays. [...]

https://www.bleepingcomputer.com/news/security/emotet-gang-changes-tactics-ahead-of-the-winter-holidays/