Microsoft Security Essentials To Get Updates After Windows 7 EoS

Microsoft Security Essentials (MSE) will continue to receive definition updates for new malware after Windows 7 reaches End of Support, even though a Microsoft support bulletin states otherwise. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-security-essentials-to-get-updates-after-windows-7-eos/

Honda Exposes 26,000 Records of North American Customers

Automotive giant Honda exposed roughly 26,000 vehicle owner records containing personally identifiable information (PII) of North American customers after misconfiguring an Elasticsearch cluster on October 21, 2019. [...]

https://www.bleepingcomputer.com/news/security/honda-exposes-26-000-records-of-north-american-customers/

Siemens Contractor Jailed for Sabotage With Logic Bombs

Former Siemens contract employee David Tinley was sentenced to six months in prison for sabotaging his employer over a span of roughly two years using logic bombs planted in company spreadsheets. [...]

https://www.bleepingcomputer.com/news/security/siemens-contractor-jailed-for-sabotage-with-logic-bombs/

Canadian Insurance Firm Hit By Maze Ransomware, Denies Data Theft

An insurance and financial services company based out of Manitoba, Canada is the latest victim of the Maze Ransomware with allegedly 245 computers encrypted during a cyberattack in October. [...]

https://www.bleepingcomputer.com/news/security/canadian-insurance-firm-hit-by-maze-ransomware-denies-data-theft/

Vivaldi Now Impersonates Google Chrome to Avoid Being Blocked

With today's release of the new Vivaldi 2.10, the browser will impersonate Google Chrome when visiting certain sites. It does this to prevent the browser from being blocked based on its user agent. [...]

https://www.bleepingcomputer.com/news/software/vivaldi-now-impersonates-google-chrome-to-avoid-being-blocked/

Emotet Gang Changes Tactics Ahead of the Winter Holidays

With the end of the year approaching fast, the authors of Emotet have made some changes that may increase their revenue for the holidays. [...]

https://www.bleepingcomputer.com/news/security/emotet-gang-changes-tactics-ahead-of-the-winter-holidays/

Nexus Mods Game Modding Site Discloses Data Breach

The popular game modification site NexusMods has announced a security incident that may have exposed the registration information for its users. [...]

https://www.bleepingcomputer.com/news/security/nexus-mods-game-modding-site-discloses-data-breach/

Emotet Malware Uses Greta Thunberg Demonstration Invites as Lure

Emotet has started a new spam campaign that is banking off the popularity of environmental activist Greta Thunberg and her dedication to the climate movement. Unsuspecting users who think they are getting info about an upcoming demonstration, will instead find that they have become infected with Emotet and other malware. [...]

https://www.bleepingcomputer.com/news/security/emotet-malware-uses-greta-thunberg-demonstration-invites-as-lure/

Exploit Kit Starts Pushing Malware Via Fake Adult Sites

Spelevo exploit kit's operators have recently added a new infection vector as part of their attacks, attempting to social engineer potential targets into downloading and executing addition malware payloads from decoy adult sites. [...]

https://www.bleepingcomputer.com/news/security/exploit-kit-starts-pushing-malware-via-fake-adult-sites/

Lithuanian Jailed for Stealing $120 Million From Google, Facebook

A Lithuanian man was sentenced today to five years of prison time after tricking Google and Facebook employees into wiring over $120 million into bank accounts he controlled as part of several business email compromise (BEC) fraud attacks spanning from 2013 to 2015. [...]

https://www.bleepingcomputer.com/news/security/lithuanian-jailed-for-stealing-120-million-from-google-facebook/

Fake Star Wars Streaming Sites Steal Credit Cards From Fans

Attackers are actively exploiting the hype around the new Star Wars: The Rise of Skywalker movie as a bait designed to lure potential victims on fake streaming sites and steal their credit card data. [...]

https://www.bleepingcomputer.com/news/security/fake-star-wars-streaming-sites-steal-credit-cards-from-fans/

AdwCleaner 8.0.1 Fixes DLL Hijacking Vulnerability

Malwarebytes has released AdwCleaner 8.0.1 and in addition to various improvements to the tool's scanning engine, it also fixes a DLL hijacking vulnerability. [...]

https://www.bleepingcomputer.com/news/software/adwcleaner-801-fixes-dll-hijacking-vulnerability/

Former IT Employee Jailed for Taking Down Airline Systems

Scott Burns, a former employee of information and communications technology (ICT) provider Blue Chip was sentenced to 10 months in prison for taking down the computers of British airline Jet2.com Limited (aka Jet2) for over 12 hours. [...]

https://www.bleepingcomputer.com/news/security/former-it-employee-jailed-for-taking-down-airline-systems/

Windows Remote Desktop Services Used for Fileless Malware Attacks

Threat actors breaching company networks are deploying a cornucopia of malware over the remote desktop protocol (RDP), without leaving a trace on target hosts. [...]

https://www.bleepingcomputer.com/news/security/windows-remote-desktop-services-used-for-fileless-malware-attacks/

Tokyo 2020 Staff Warns of Phishing Disguised As Official Emails

Tokyo 2020 Summer Olympics staff published a warning today alerting of an ongoing phishing campaign delivering emails designed to look like they're coming from the Tokyo Organizing Committee of the Olympic and Paralympic Games (Tokyo 2020)​​​​​​​. [...]

https://www.bleepingcomputer.com/news/security/tokyo-2020-staff-warns-of-phishing-disguised-as-official-emails/

GozNym Gang Members Behind $100 Million Damages Sentenced

Three members of a cybercrime group that used the GozNym banking Trojan to steal millions from U.S. businesses were sentenced today in parallel and multi-national prosecutions in Pittsburgh and Tbilisi, Georgia. [...]

https://www.bleepingcomputer.com/news/security/goznym-gang-members-behind-100-million-damages-sentenced/

Apple Blackmailed for $100K in iTunes Cards to Avoid 'Data Leak'

22-year old Londoner Kerem Albayrak was sentenced today after attempting to blackmail Apple by threatening to factory reset 319 million iCloud accounts and selling the users' data. [...]

https://www.bleepingcomputer.com/news/security/apple-blackmailed-for-100k-in-itunes-cards-to-avoid-data-leak/

The Week in Ransomware - December 20th 2019 - Attacks Everywhere

This week's ransomware news continues to be dominated by targeted ransomware attacks against hospitals, cities, and businesses and the new tactic of releasing victim's data if they do not pay. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-20th-2019-attacks-everywhere/

How to Place Calls From Windows 10 Using the Your Phone App

Microsoft's Your Phone is an app designed for Windows 10 that lets you see Android phone notifications, photos and messages on your desktop. It also comes with the handy ability to mirror Android apps to your Windows 10 device. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-place-calls-from-windows-10-using-the-your-phone-app/

PayPal Phishing Attack Promises to Secure Accounts, Steals Everything

An ongoing phishing campaign is targeting PayPal customers with emails camouflaged as 'unusual activity' alerts warning them of suspicious logins from unknown devices and attempting to squeeze them dry of all their credentials and financial info. [...]

https://www.bleepingcomputer.com/news/security/paypal-phishing-attack-promises-to-secure-accounts-steals-everything/

Dropbox Zero-Day Vulnerability Gets Temporary Fix

A zero-day vulnerability exists in Dropbox for Windows that allows attackers to gain permissions reserved to SYSTEM, the most privileged account on the operating system. [...]

https://www.bleepingcomputer.com/news/security/dropbox-zero-day-vulnerability-gets-temporary-fix/