Ransomware Hit Over 1,000 U.S. Schools in 2019

Since January, 1,039 schools across the U.S. have been potentially hit by a ransomware attack after 72 school districts and/or educational institutions have publicly reported being a ransomware victim according to a report from security solutions provider Armor. [...]

https://www.bleepingcomputer.com/news/security/ransomware-hit-over-1-000-us-schools-in-2019/

Industrial Cyber-Espionage Campaign Targets Hundreds of Companies

Hundreds of industrial companies are currently the targets of cyber-espionage activity from an advanced threat actor. The adversary uses a new version of an older info-stealer to extract sensitive data and files. [...]

https://www.bleepingcomputer.com/news/security/industrial-cyber-espionage-campaign-targets-hundreds-of-companies/

New BlueKeep Scanner Lets You Find Vulnerable Windows PCs

A new scanning tool is now available for checking if your computer is vulnerable to the BlueKeep security issue in Windows Remote Desktop Services. [...]

https://www.bleepingcomputer.com/news/security/new-bluekeep-scanner-lets-you-find-vulnerable-windows-pcs/

FBI Warns of Risks Behind Using Free WiFi While Traveling

The U.S. Federal Bureau of Investigation recommends travelers to avoid connecting their phone, tablet, or computer to free wireless hotspots while traveling during the holiday season. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-risks-behind-using-free-wifi-while-traveling/

ScreenConnect MSP Software Used to Install Zeppelin Ransomware

Threat actors are utilizing the ScreenConnect (now called ConnectWise Control) MSP remote management software to compromise a network, steal data, and install the Zeppelin Ransomware on compromised computers. [...]

https://www.bleepingcomputer.com/news/security/screenconnect-msp-software-used-to-install-zeppelin-ransomware/

Attackers Posing as German Authorities Distribute Emotet Malware

An active malspam is distributing Emotet banking Trojan payloads via emails camouflaged to look like messages delivered by several German federal authorities warns the BSI, Germany's federal cybersecurity agency. [...]

https://www.bleepingcomputer.com/news/security/attackers-posing-as-german-authorities-distribute-emotet-malware/

Verizon Fios Internet is Having an Outage, Change DNS to Fix

Verizon Fios is currently having a network-wide DNS outage that is causing users to not be able to connect to websites, retrieve email, or play online games. [...]

https://www.bleepingcomputer.com/news/technology/verizon-fios-internet-is-having-an-outage-change-dns-to-fix/

Microsoft Security Essentials To Get Updates After Windows 7 EoS

Microsoft Security Essentials (MSE) will continue to receive definition updates for new malware after Windows 7 reaches End of Support, even though a Microsoft support bulletin states otherwise. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-security-essentials-to-get-updates-after-windows-7-eos/

Honda Exposes 26,000 Records of North American Customers

Automotive giant Honda exposed roughly 26,000 vehicle owner records containing personally identifiable information (PII) of North American customers after misconfiguring an Elasticsearch cluster on October 21, 2019. [...]

https://www.bleepingcomputer.com/news/security/honda-exposes-26-000-records-of-north-american-customers/

Siemens Contractor Jailed for Sabotage With Logic Bombs

Former Siemens contract employee David Tinley was sentenced to six months in prison for sabotaging his employer over a span of roughly two years using logic bombs planted in company spreadsheets. [...]

https://www.bleepingcomputer.com/news/security/siemens-contractor-jailed-for-sabotage-with-logic-bombs/

Canadian Insurance Firm Hit By Maze Ransomware, Denies Data Theft

An insurance and financial services company based out of Manitoba, Canada is the latest victim of the Maze Ransomware with allegedly 245 computers encrypted during a cyberattack in October. [...]

https://www.bleepingcomputer.com/news/security/canadian-insurance-firm-hit-by-maze-ransomware-denies-data-theft/

Vivaldi Now Impersonates Google Chrome to Avoid Being Blocked

With today's release of the new Vivaldi 2.10, the browser will impersonate Google Chrome when visiting certain sites. It does this to prevent the browser from being blocked based on its user agent. [...]

https://www.bleepingcomputer.com/news/software/vivaldi-now-impersonates-google-chrome-to-avoid-being-blocked/

Emotet Gang Changes Tactics Ahead of the Winter Holidays

With the end of the year approaching fast, the authors of Emotet have made some changes that may increase their revenue for the holidays. [...]

https://www.bleepingcomputer.com/news/security/emotet-gang-changes-tactics-ahead-of-the-winter-holidays/

Nexus Mods Game Modding Site Discloses Data Breach

The popular game modification site NexusMods has announced a security incident that may have exposed the registration information for its users. [...]

https://www.bleepingcomputer.com/news/security/nexus-mods-game-modding-site-discloses-data-breach/

Emotet Malware Uses Greta Thunberg Demonstration Invites as Lure

Emotet has started a new spam campaign that is banking off the popularity of environmental activist Greta Thunberg and her dedication to the climate movement. Unsuspecting users who think they are getting info about an upcoming demonstration, will instead find that they have become infected with Emotet and other malware. [...]

https://www.bleepingcomputer.com/news/security/emotet-malware-uses-greta-thunberg-demonstration-invites-as-lure/

Exploit Kit Starts Pushing Malware Via Fake Adult Sites

Spelevo exploit kit's operators have recently added a new infection vector as part of their attacks, attempting to social engineer potential targets into downloading and executing addition malware payloads from decoy adult sites. [...]

https://www.bleepingcomputer.com/news/security/exploit-kit-starts-pushing-malware-via-fake-adult-sites/

Lithuanian Jailed for Stealing $120 Million From Google, Facebook

A Lithuanian man was sentenced today to five years of prison time after tricking Google and Facebook employees into wiring over $120 million into bank accounts he controlled as part of several business email compromise (BEC) fraud attacks spanning from 2013 to 2015. [...]

https://www.bleepingcomputer.com/news/security/lithuanian-jailed-for-stealing-120-million-from-google-facebook/

Fake Star Wars Streaming Sites Steal Credit Cards From Fans

Attackers are actively exploiting the hype around the new Star Wars: The Rise of Skywalker movie as a bait designed to lure potential victims on fake streaming sites and steal their credit card data. [...]

https://www.bleepingcomputer.com/news/security/fake-star-wars-streaming-sites-steal-credit-cards-from-fans/

AdwCleaner 8.0.1 Fixes DLL Hijacking Vulnerability

Malwarebytes has released AdwCleaner 8.0.1 and in addition to various improvements to the tool's scanning engine, it also fixes a DLL hijacking vulnerability. [...]

https://www.bleepingcomputer.com/news/software/adwcleaner-801-fixes-dll-hijacking-vulnerability/

Former IT Employee Jailed for Taking Down Airline Systems

Scott Burns, a former employee of information and communications technology (ICT) provider Blue Chip was sentenced to 10 months in prison for taking down the computers of British airline Jet2.com Limited (aka Jet2) for over 12 hours. [...]

https://www.bleepingcomputer.com/news/security/former-it-employee-jailed-for-taking-down-airline-systems/

Windows Remote Desktop Services Used for Fileless Malware Attacks

Threat actors breaching company networks are deploying a cornucopia of malware over the remote desktop protocol (RDP), without leaving a trace on target hosts. [...]

https://www.bleepingcomputer.com/news/security/windows-remote-desktop-services-used-for-fileless-malware-attacks/