TrickBot Gang Created a Custom Post-Exploitation Framework

Instead of relying on premade and well-known toolkits, the threat actors behind the TrickBot trojan decided to develop a private post-exploitation toolkit called PowerTrick to spread malware laterally throughout a network. [...]

https://www.bleepingcomputer.com/news/security/trickbot-gang-created-a-custom-post-exploitation-framework/

Sodinokibi Ransomware Says Travelex Will Pay, One Way or Another

The attackers behind the Sodinokibi Ransomware are applying pressure on Travelex to pay a multi-million dollar ransom by stating they will release or sell stolen data that allegedly contains customer's personal information. [...]

https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-says-travelex-will-pay-one-way-or-another/

Windows 10 Feature Updates Stop Including Drivers Needing Approval

Microsoft says that drivers requiring approval will no longer be released during and around Windows 10 feature update rollouts and Patch Tuesdays (Monthly Quality and Security updates issued on the second Tuesday of each month). [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-feature-updates-stop-including-drivers-needing-approval/

KDE Plasma Welcomes Windows 7 Refugees to the Linux Side

The KDE Community wants Windows 7 users to migrate to the Plasma desktop environment after Microsoft's 10-year-old OS will reach end of support next week and stops receiving security and bug fixes. [...]

https://www.bleepingcomputer.com/news/linux/kde-plasma-welcomes-windows-7-refugees-to-the-linux-side/

Google Removed Over 1.7K Joker Malware Infected Apps from Play Store

Roughly 1,700 applications infected with the Joker Android malware (also known as Bread) have been detected and removed by Google's Play Protect from the Play Store since the company started tracking it in early 2017. [...]

https://www.bleepingcomputer.com/news/security/google-removed-over-17k-joker-malware-infected-apps-from-play-store/

Card-Stealing Scripts Infect Perricone's European Skin Care Sites

Multiple European websites for the Perricone MD anti-aging skin-care brand have been compromised with scripts that steal customer payment card info when making a purchase. [...]

https://www.bleepingcomputer.com/news/security/card-stealing-scripts-infect-perricones-european-skin-care-sites/

Ako Ransomware: Another Day, Another Infection Attacking Businesses

Like moths to a flame, new ransomware targeting businesses keep appearing every day as their enticed by the prospects of million-dollar ransom payments. An example of this is a new ransomware called Ako that is targeting the entire network rather than just individual workstations. [...]

https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/

Google Chrome Will Support Windows 7 After End of Life

Google has officially stated that they will continue to support the Chrome browser in Windows 7 to give businesses more time to migrate to Windows 10. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-will-support-windows-7-after-end-of-life/

Microsoft Enables Security Defaults in Azure Active Directory

Microsoft introduced new secure default settings dubbed 'Security Defaults' to Azure Active Directory (Azure AD), now available for all license levels, including trial tenants. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-enables-security-defaults-in-azure-active-directory/

VVVVVV Source Code Released to Mark 10th Anniversary

Distractionware has released the source code for their VVVVVV platform game to mark its 10th anniversary. You can now download the game engine to make your own modifications or get a better understanding of how the game works. [...]

https://www.bleepingcomputer.com/news/gaming/vvvvvv-source-code-released-to-mark-10th-anniversary/

US Govt Warns of Attacks on Unpatched Pulse VPN Servers

The US Cybersecurity and Infrastructure Security Agency (CISA) today alerted organizations to patch their Pulse Secure VPN servers as a defense against ongoing attacks trying to exploit a known remote code execution (RCE) vulnerability. [...]

https://www.bleepingcomputer.com/news/security/us-govt-warns-of-attacks-on-unpatched-pulse-vpn-servers/

Beware of Amazon Prime Support Scams in Google Search Ads

A malicious ad campaign is underway in Google Search results that lead users to fake Amazon support sites and tech support scams. [...]

https://www.bleepingcomputer.com/news/security/beware-of-amazon-prime-support-scams-in-google-search-ads/

Sodinikibi Ransomware Hits New York Airport Systems

Albany International Airport staff announced that the New York airport's administrative servers were hit by Sodinokibi Ransomware following a cyberattack that took place over Christmas. [...]

https://www.bleepingcomputer.com/news/security/sodinikibi-ransomware-hits-new-york-airport-systems/

Maze Ransomware Publishes 14GB of Stolen Southwire Files

The Maze Ransomware operators have released an additional 14GB of files that they claim were stolen from one of their victims for not paying a ransomware demand. [...]

https://www.bleepingcomputer.com/news/security/maze-ransomware-publishes-14gb-of-stolen-southwire-files/

Australia Bushfire Donors Affected by Credit Card Skimming Attack

Attackers have compromised a website collecting donations for the victims of the Australia bushfires and injected a malicious script that steals the payment information of the donors. [...]

https://www.bleepingcomputer.com/news/security/australia-bushfire-donors-affected-by-credit-card-skimming-attack/

Citrix ADC CVE-2019-19781 Exploits Released, Fix Now!

Numerous working exploits for the Citrix ADC (NetScaler) CVE-2019-1978 vulnerability are finally here and have been publicly posted in numerous locations. There is no patch available for this vulnerability, but Citrix has provided mitigations, which should be applied now! [...]

https://www.bleepingcomputer.com/news/security/citrix-adc-cve-2019-19781-exploits-released-fix-now/

Android Trojan Kills Google Play Protect, Spews Fake App Reviews

An Android malware strain camouflaged as a system app is used by threat actors to disable the Google Play Protect service, generate fake reviews, install malicious apps, show ads, and more. [...]

https://www.bleepingcomputer.com/news/security/android-trojan-kills-google-play-protect-spews-fake-app-reviews/

The Week in Ransomware - January 10th 2020 - Now Data Breaches

This week we have seen new ransomware operators targeting businesses, stolen data published, and the Sodinokibi Ransomware being confirmed as behind the Travelex cyber attack. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-10th-2020-now-data-breaches/

Sodinokibi Ransomware Publishes Stolen Data for the First Time

For the first time, the operators behind the Sodinokibi Ransomware have released files stolen from one of their victims because a ransom was not paid in time. [...]

https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-publishes-stolen-data-for-the-first-time/

Windows 7 Reminder: Get a Free Windows 10 Upgrade While You Can

With the Windows 7 end of life fast approaching, users need to decide whether they want to upgrade them to Windows 10 or get a new PC. For now, users can still use a method to upgrade their Windows 7 machines to Windows 10 for free. It is not known how long this method will work, though, so users should upgrade as soon as possible. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-7-reminder-get-a-free-windows-10-upgrade-while-you-can/

Android Trojan Steals Your Money to Fund International SMS Attacks

An Android banking Trojan dubbed Faketoken has recently been observed by security researchers while draining its victims' accounts to fuel offensive mass text campaigns targeting mobile devices from all over the world. [...]

https://www.bleepingcomputer.com/news/security/android-trojan-steals-your-money-to-fund-international-sms-attacks/