Entercom Radio Network Hit By Second Cyber Attack This Year

Giant radio network Entercom has been targeted in a new cyberattack that may have impacted the back-office functions. Some stations were apparently forced to run recorded programs. [...]

https://www.bleepingcomputer.com/news/security/entercom-radio-network-hit-by-second-cyber-attack-this-year/

Maze Ransomware Releases Files Stolen from City of Pensacola

The actors behind the Maze Ransomware have released 2GB of files that were allegedly stolen from the City of Pensacola during their ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/maze-ransomware-releases-files-stolen-from-city-of-pensacola/

Microsoft Edge Starts Testing a Taskbar Pinning Wizard

Microsoft Edge has started testing a taskbar pinning wizard that helps you pin recommended sites and Microsoft apps to the Windows 10 taskbar. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-starts-testing-a-taskbar-pinning-wizard/

Windows 10 File Explorer Bugs to be Fixed After Holidays

Microsoft is working on fixes for various search-related bugs in File Explorer that were introduced when Windows 10 1909 was released. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-file-explorer-bugs-to-be-fixed-after-holidays/

Windows 10 2004 Under Development, Here Are the New Features

Windows 10 version 2004 Feature Update is expected to land in the Spring of 2020 and it comes with a long set of improvements. Here's everything new in this release. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-under-development-here-are-the-new-features/

New Magellan 2.0 SQLite Vulnerabilities Affect Many Programs

New vulnerabilities in the SQLite database engine affect a wide range of applications that utilize it as a component within their software packages. [...]

https://www.bleepingcomputer.com/news/security/new-magellan-20-sqlite-vulnerabilities-affect-many-programs/

Ryuk Ransomware Stops Encrypting Linux Folders

A new version of the Ryuk Ransomware was released that will purposely avoid encrypting folders commonly seen in *NIX operating systems. [...]

https://www.bleepingcomputer.com/news/security/ryuk-ransomware-stops-encrypting-linux-folders/

Mozilla Adds Additional DNS-Over-HTTPS Provider to Firefox

Mozilla has added an additional DNS provider to its DNS-Over-HTTPS implementation in Firefox. This gives Firefox users more options as to which DoH provider they use for secure DNS lookups. [...]

https://www.bleepingcomputer.com/news/software/mozilla-adds-additional-dns-over-https-provider-to-firefox/

How to Run Classic and Chromium Microsoft Edge Side-by-Side

Microsoft says the update will only hide the app on Windows 10 and the classic version of the browser won't be removed. For businesses and those who need it, there will be a new way to launch classic Edge after the Chromium Edge is installed. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-run-classic-and-chromium-microsoft-edge-side-by-side/

FIN7 Hackers' BIOLOAD Malware Drops Fresher Carbanak Backdoor

Malware researchers have uncovered a new tool used by the financially-motivated cybercriminal group known as FIN7 to load newer builds of the Carbanak backdoor. [...]

https://www.bleepingcomputer.com/news/security/fin7-hackers-bioload-malware-drops-fresher-carbanak-backdoor/

Ransomware Hits Maastricht University, All Systems Taken Down

Maastricht University (UM) announced that almost all of its Windows systems have been encrypted by ransomware following a cyber-attack that took place on Monday, December 23. [...]

https://www.bleepingcomputer.com/news/security/ransomware-hits-maastricht-university-all-systems-taken-down/

U.S. Coast Guard Says Ryuk Ransomware Took Down Maritime Facility

The U.S. Coast Guard published a marine safety alert to inform of a Ryuk Ransomware attack that took down the entire corporate IT network of a Maritime Transportation Security Act (MTSA) regulated facility. [...]

https://www.bleepingcomputer.com/news/security/us-coast-guard-says-ryuk-ransomware-took-down-maritime-facility/

Criminals Pull Hard Before Xmas, Attack U.S. Health Industry

Attackers are taking no breaks and actually pull harder before holidays, as shown by a San Antonio mental health services provider and a New Mexico hospital impacted by malware attacks according to reports and disclosures published before Christmas. [...]

https://www.bleepingcomputer.com/news/security/criminals-pull-hard-before-xmas-attack-us-health-industry/

Microsoft Outlook for the Web to Support Sending Email As Alias

Microsoft is working on adding support to the Outlook on the web browser-based client for sending emails via alias email addresses (also known as aliases or proxy addresses). [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-outlook-for-the-web-to-support-sending-email-as-alias/

Wyze Exposes User Data via Unsecured ElasticSearch Cluster

Smart home tech maker Wyze Labs confirmed that the user data of over 2.4 million of its users were exposed by an unsecured database connected to an Elasticsearch cluster for over three weeks, from December 4 to December 26. [...]

https://www.bleepingcomputer.com/news/security/wyze-exposes-user-data-via-unsecured-elasticsearch-cluster/

Microsoft Takes North Korean Hacking Group Thallium to Court

Microsoft sued a cyber-espionage group with North Korean links tracked as Thallium for breaking into its customers' accounts and networks via spear-phishing attacks with the end goal of stealing sensitive information, as shown by a complaint unsealed on December 27. [...]

https://www.bleepingcomputer.com/news/security/microsoft-takes-north-korean-hacking-group-thallium-to-court/

Special Olympics New York Hacked to Send Phishing Emails

Special Olympics of New York, a nonprofit organization focused on competitive athletes with intellectual disabilities, had its email server hacked around this year's Christmas holiday and later used to launch a phishing campaign against previous donors. [...]

https://www.bleepingcomputer.com/news/security/special-olympics-new-york-hacked-to-send-phishing-emails/

How to Join the Windows Insider Program with a Local Account

To join the program and install the preview builds, you need a Microsoft account and a PC running Windows 10. An independent developer has now created a command-line script 'Offline Insider Enroll' to enroll Windows 10 PCs in the Insider program without a Microsoft account. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-join-the-windows-insider-program-with-a-local-account/

Sextortion Email Scammers Try New Tactics to Bypass Spam Filters

Sextortion scammers have started to utilize new tactics to bypass spam filters and secure email gateways so that their scam emails are delivered to their intended recipients. [...]

https://www.bleepingcomputer.com/news/security/sextortion-email-scammers-try-new-tactics-to-bypass-spam-filters/

Starbucks Devs Leave API Key in GitHub Public Repo

One misstep from developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users. [...]

https://www.bleepingcomputer.com/news/security/starbucks-devs-leave-api-key-in-github-public-repo/

BleepingComputer's Ten Most Viewed Stories of 2019

2019 has come and gone and with it were many stories about new security improvements, data breaches, Windows improvements and bugs, vulnerabilities, fun software, and a wide range of interesting topics. This article lists the ten most viewed stories at BleepingComputer during 2019 with a brief summary of each. [...]

https://www.bleepingcomputer.com/news/technology/bleepingcomputers-ten-most-viewed-stories-of-2019/