Hackers Are Securing Citrix Servers, Backdoor Them for Access

An unknown threat actor is currently scanning for and securing vulnerable Citrix ADC servers against CVE-2019-19781 exploitation attempts, while also backdooring them for future access. [...]

https://www.bleepingcomputer.com/news/security/hackers-are-securing-citrix-servers-backdoor-them-for-access/

FBI Says State Actors Hacked US Govt Network With Pulse VPN Flaw

FBI said in a flash security alert that nation-state actors have breached the networks of a US municipal government and a US financial entity by exploiting a critical vulnerability affecting Pulse Secure VPN servers. [...]

https://www.bleepingcomputer.com/news/security/fbi-says-state-actors-hacked-us-govt-network-with-pulse-vpn-flaw/

How Malware Gains Trust by Abusing the Windows CryptoAPI Flaw

The new Windows CryptoAPI CVE-2020-0601 vulnerability disclosed by the NSA can be abused by malware developers to sign their executables so that they appear to be from legitimate companies. This creates trust in the program, which may cause a user to be more willing to execute them. [...]

https://www.bleepingcomputer.com/news/security/how-malware-gains-trust-by-abusing-the-windows-cryptoapi-flaw/

New US Bill Wants to Assign State Cybersecurity Coordinators

Four U.S. Senators have introduced a bipartisan bill that will require the Department of Homeland Security (DHS) to appoint cybersecurity effort coordinators in every state to orchestrate cyberattack response and remediation efforts, and to improve coordination between federal, state, and local entities. [...]

https://www.bleepingcomputer.com/news/security/new-us-bill-wants-to-assign-state-cybersecurity-coordinators/

The Week in Ransomware - January 17th 2020 - Never Ends

Data exfiltration is still the big thing this week, with the Sodinokibi Ransomware publishing stolen files of one of their victims for the first time and Nemty planning on leaking stolen files as well.  [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-17th-2020-never-ends/

Microsoft Issues Mitigation for Actively Exploited IE Zero-Day

Microsoft published a security advisory containing mitigation measures for an actively exploited zero-day remote code execution (RCE) vulnerability impacting Internet Explorer. [...]

https://www.bleepingcomputer.com/news/security/microsoft-issues-mitigation-for-actively-exploited-ie-zero-day/

New Jersey Synagogue Suffers Sodinokibi Ransomware Attack

Temple Har Shalom in Warren, New Jersey had their network breached by the actors behind the Sodinokibi Ransomware who encrypted numerous computers on the network. [...]

https://www.bleepingcomputer.com/news/security/new-jersey-synagogue-suffers-sodinokibi-ransomware-attack/

New Nest Video Extortion Scam Plays Out Like a Spy Game

A new sextortion scam that breaks the typical mold has been detected at the beginning of the year. Fraudsters preying on the insecurity of connected devices used footage from Nest cameras, and led victims through a convoluted path of email accounts and web sites before making their ransom price known. [...]

https://www.bleepingcomputer.com/news/security/new-nest-video-extortion-scam-plays-out-like-a-spy-game/

Citrix Patches CVE-2019-19781 Flaw in Citrix ADC 11.1 and 12.0

Citrix released permanent fixes for the actively exploited CVE-2019-19781 vulnerability impacting Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances and allowing unauthenticated attackers to perform arbitrary code execution. [...]

https://www.bleepingcomputer.com/news/security/citrix-patches-cve-2019-19781-flaw-in-citrix-adc-111-and-120/

Mitsubishi Electric Warns of Data Leak After Security Breach

Mitsubishi Electric, a leading global company in the manufacture and sales of electrical and electronic products, disclosed a security breach that might have caused the leak of personal and confidential corporate information. [...]

https://www.bleepingcomputer.com/news/security/mitsubishi-electric-warns-of-data-leak-after-security-breach/

Emotet Malware Dabbles in Extortion With New Spam Template

The Emotet malware has started using a spam template that pretends to be an extortion demand from a "Hacker" who states that they hacked the recipient's computer and stole their data. [...]

https://www.bleepingcomputer.com/news/security/emotet-malware-dabbles-in-extortion-with-new-spam-template/

FTCode Ransomware Now Steals Saved Login Credentials

​​​​​​​FTCode ransomware victims now have one more thing to worry about with the malware having been upgraded to also steal saved user credentials from email clients and web browsers. [...]

https://www.bleepingcomputer.com/news/security/ftcode-ransomware-now-steals-saved-login-credentials/

US Retailer Hanna Andersson Hacked to Steal Credit Cards

US children's apparel maker and online retailer Hanna Andersson disclosed that its online purchasing platform was hacked and malicious code was deployed to steal customers' payment info for almost two months. [...]

https://www.bleepingcomputer.com/news/security/us-retailer-hanna-andersson-hacked-to-steal-credit-cards/

Infiltrating Networks: Easier Than Ever Due to Evil Markets

Attackers don't always need to breach the networks of their victims themselves to plant malware as there are plenty of professional intruders offering their services on underground markets. [...]

https://www.bleepingcomputer.com/news/security/infiltrating-networks-easier-than-ever-due-to-evil-markets/

600 Computers Taken Down After Florida Library Cyberattack

600 staff and public access computers were taken down at Volusia County Public Library (VCPL) branches from Daytona Beach, Florida, following a cyberattack that started around 7 AM on January  9. [...]

https://www.bleepingcomputer.com/news/security/600-computers-taken-down-after-florida-library-cyberattack/

BitPyLock Ransomware Now Threatens to Publish Stolen Data

A new ransomware called BitPyLock has quickly gone from targeting individual workstations to trying to compromise networks and stealing files before encrypting devices. [...]

https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Windows EFS Feature May Help Ransomware Attackers

Security researchers have created concept ransomware that takes advantage of a feature in Windows that encrypts files and folders to protect them from unauthorized physical access to the computer. [...]

https://www.bleepingcomputer.com/news/security/windows-efs-feature-may-help-ransomware-attackers/

Microsoft Tests Office 'Ads' in Windows 10 Wordpad

Microsoft is testing promotions for the free Office web apps being displayed directly in the menu bar for the Windows 10 Wordpad application. As you can imagine, the reaction to this news has been mixed, with some not thinking it's a big deal and others not happy with this approach. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-tests-office-ads-in-windows-10-wordpad/

Actively Exploited IE 11 Zero-Day Bug Gets Temporary Patch

A micropatch implementing Microsoft's workaround for the actively exploited zero-day remote code execution (RCE) vulnerability impacting Internet Explorer is now available via the 0patch platform until an official fix will be released. [...]

https://www.bleepingcomputer.com/news/security/actively-exploited-ie-11-zero-day-bug-gets-temporary-patch/

UPS Store Phishing Incident Exposes Customer Personal Info

Sensitive personal and financial information of UPS Store customers was exposed in a phishing incident affecting roughly 100 local store locations between September 29, 2019, and January 13, 2020. [...]

https://www.bleepingcomputer.com/news/security/ups-store-phishing-incident-exposes-customer-personal-info/

Wine 5.0 Released With Numerous Gaming Improvements for Linux

Wine 5.0 has been released today and contains over 7,400 bug fixes and numerous audio and graphics improvements that will increase performance in gaming on Linux. [...]

https://www.bleepingcomputer.com/news/linux/wine-50-released-with-numerous-gaming-improvements-for-linux/