Microsoft Outlook for the Web to Support Sending Email As Alias

Microsoft is working on adding support to the Outlook on the web browser-based client for sending emails via alias email addresses (also known as aliases or proxy addresses). [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-outlook-for-the-web-to-support-sending-email-as-alias/

Wyze Exposes User Data via Unsecured ElasticSearch Cluster

Smart home tech maker Wyze Labs confirmed that the user data of over 2.4 million of its users were exposed by an unsecured database connected to an Elasticsearch cluster for over three weeks, from December 4 to December 26. [...]

https://www.bleepingcomputer.com/news/security/wyze-exposes-user-data-via-unsecured-elasticsearch-cluster/

Microsoft Takes North Korean Hacking Group Thallium to Court

Microsoft sued a cyber-espionage group with North Korean links tracked as Thallium for breaking into its customers' accounts and networks via spear-phishing attacks with the end goal of stealing sensitive information, as shown by a complaint unsealed on December 27. [...]

https://www.bleepingcomputer.com/news/security/microsoft-takes-north-korean-hacking-group-thallium-to-court/

Special Olympics New York Hacked to Send Phishing Emails

Special Olympics of New York, a nonprofit organization focused on competitive athletes with intellectual disabilities, had its email server hacked around this year's Christmas holiday and later used to launch a phishing campaign against previous donors. [...]

https://www.bleepingcomputer.com/news/security/special-olympics-new-york-hacked-to-send-phishing-emails/

How to Join the Windows Insider Program with a Local Account

To join the program and install the preview builds, you need a Microsoft account and a PC running Windows 10. An independent developer has now created a command-line script 'Offline Insider Enroll' to enroll Windows 10 PCs in the Insider program without a Microsoft account. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-join-the-windows-insider-program-with-a-local-account/

Sextortion Email Scammers Try New Tactics to Bypass Spam Filters

Sextortion scammers have started to utilize new tactics to bypass spam filters and secure email gateways so that their scam emails are delivered to their intended recipients. [...]

https://www.bleepingcomputer.com/news/security/sextortion-email-scammers-try-new-tactics-to-bypass-spam-filters/

Starbucks Devs Leave API Key in GitHub Public Repo

One misstep from developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users. [...]

https://www.bleepingcomputer.com/news/security/starbucks-devs-leave-api-key-in-github-public-repo/

BleepingComputer's Ten Most Viewed Stories of 2019

2019 has come and gone and with it were many stories about new security improvements, data breaches, Windows improvements and bugs, vulnerabilities, fun software, and a wide range of interesting topics. This article lists the ten most viewed stories at BleepingComputer during 2019 with a brief summary of each. [...]

https://www.bleepingcomputer.com/news/technology/bleepingcomputers-ten-most-viewed-stories-of-2019/

Ransomware Attackers Offer Holiday Discounts and Greetings

To celebrate the holidays, ransomware operators are providing discounts or season's greetings to entice victims into paying a ransom demand. [...]

https://www.bleepingcomputer.com/news/security/ransomware-attackers-offer-holiday-discounts-and-greetings/

Popular U.S. Restaurant Owner Hit by Credit Card Stealing Malware

Landry's, a U.S. restaurant chain and property owner has disclosed that they were infected with a point-of-sale (POS) malware that allowed attackers to steal customer's credit card information. [...]

https://www.bleepingcomputer.com/news/security/popular-us-restaurant-owner-hit-by-credit-card-stealing-malware/

Poloniex Forces Password Reset After Data Leak Found Online

The Poloniex cryptocurrency trading platform has reset some of their user's passwords after a list of alleged username and password combinations was found circulating on Twitter. [...]

https://www.bleepingcomputer.com/news/security/poloniex-forces-password-reset-after-data-leak-found-online/

Python 2.7 Reaches End of Life After 20 Years of Development

As of January 1st, 2020, Python 2.7 has officially reached the end of life and will no longer receive security updates, bug fixes, or other improvements going forward. [...]

https://www.bleepingcomputer.com/news/software/python-27-reaches-end-of-life-after-20-years-of-development/

Maze Ransomware Sued by Victim for Releasing Stolen Data

The anonymous operators behind the Maze Ransomware are being sued by a victim for illegally accessing their network, stealing data, encrypting computers, and publishing the stolen data after a ransom was not paid.  [...]

https://www.bleepingcomputer.com/news/security/maze-ransomware-sued-by-victim-for-releasing-stolen-data/

Colorado Town Wires Over $1 Million to BEC Scammers

Colorado Town of Erie lost more than $1 million to a business email compromise scam (BEC) that ended with the town's employees sending the funds to a bank account controlled by scammers. [...]

https://www.bleepingcomputer.com/news/security/colorado-town-wires-over-1-million-to-bec-scammers/

U.S. Government Issues Warning About Possible Iranian Cyberattacks

Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency issued a warning about a potential new wave of Iranian cyber-attacks targeting U.S. assets after Maj. Gen. Qassim Suleimani was killed by a U.S. airstrike at the Baghdad airport in Iraq. [...]

https://www.bleepingcomputer.com/news/security/us-government-issues-warning-about-possible-iranian-cyberattacks/

FBI Warns of Maze Ransomware Focusing on U.S. Companies

Organizations in the private sector received an alert from the F.B.I. about operators of the Maze ransomware focusing on companies in the U.S. to encrypt information on their systems after stealing it first. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-maze-ransomware-focusing-on-us-companies/

Microsoft Products Reaching End of Life in 2020

Several major Microsoft products will reach their end of support during 2020, with Office 2010, Visual Studio 2010, Windows 7, Windows Server 2008 (including 2008R2), and multiple Windows 10 versions including 1803 and 1903 being some of the most important ones. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-products-reaching-end-of-life-in-2020/

Clop Ransomware Now Kills Windows 10 Apps and 3rd Party Tools

The Clop Ransomware continues to evolve with a new and integrated process killer that targets some interesting processes belonging to Windows 10 apps, text editors, programming IDEs and languages, and office applications. [...]

https://www.bleepingcomputer.com/news/security/clop-ransomware-now-kills-windows-10-apps-and-3rd-party-tools/

The Week in Ransomware - January 3rd 2020 - Busy Holiday Season

Normally ransomware activity slows down over the December break, but this year was an exception with a quite a few interesting, and sad, stories such as FBI alerts being issued, companies being shut down, and organizations being encrypted by a variety of ransomware, and stolen data being released. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-3rd-2020-busy-holiday-season/

Linux Gamers Banned in Battlefield V if Using Wine and DXVK

Linux users who are running Battlefield V under Wine with DXVK are being permanently banned from Electronic Art's Battlefield V because the anti-cheat system is mistakenly detecting them as cheating. [...]

https://www.bleepingcomputer.com/news/gaming/linux-gamers-banned-in-battlefield-v-if-using-wine-and-dxvk/

Kali Linux to Default to Non-Root User With 2020.1 Release

The Kali Linux distribution is going to switch to a new security model by defaulting to a non-root user starting with the upcoming 2020.1 release. [...]

https://www.bleepingcomputer.com/news/linux/kali-linux-to-default-to-non-root-user-with-20201-release/