Microsoft Issues Mitigation for Actively Exploited IE Zero-Day

Microsoft published a security advisory containing mitigation measures for an actively exploited zero-day remote code execution (RCE) vulnerability impacting Internet Explorer. [...]

https://www.bleepingcomputer.com/news/security/microsoft-issues-mitigation-for-actively-exploited-ie-zero-day/

New Jersey Synagogue Suffers Sodinokibi Ransomware Attack

Temple Har Shalom in Warren, New Jersey had their network breached by the actors behind the Sodinokibi Ransomware who encrypted numerous computers on the network. [...]

https://www.bleepingcomputer.com/news/security/new-jersey-synagogue-suffers-sodinokibi-ransomware-attack/

New Nest Video Extortion Scam Plays Out Like a Spy Game

A new sextortion scam that breaks the typical mold has been detected at the beginning of the year. Fraudsters preying on the insecurity of connected devices used footage from Nest cameras, and led victims through a convoluted path of email accounts and web sites before making their ransom price known. [...]

https://www.bleepingcomputer.com/news/security/new-nest-video-extortion-scam-plays-out-like-a-spy-game/

Citrix Patches CVE-2019-19781 Flaw in Citrix ADC 11.1 and 12.0

Citrix released permanent fixes for the actively exploited CVE-2019-19781 vulnerability impacting Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances and allowing unauthenticated attackers to perform arbitrary code execution. [...]

https://www.bleepingcomputer.com/news/security/citrix-patches-cve-2019-19781-flaw-in-citrix-adc-111-and-120/

Mitsubishi Electric Warns of Data Leak After Security Breach

Mitsubishi Electric, a leading global company in the manufacture and sales of electrical and electronic products, disclosed a security breach that might have caused the leak of personal and confidential corporate information. [...]

https://www.bleepingcomputer.com/news/security/mitsubishi-electric-warns-of-data-leak-after-security-breach/

Emotet Malware Dabbles in Extortion With New Spam Template

The Emotet malware has started using a spam template that pretends to be an extortion demand from a "Hacker" who states that they hacked the recipient's computer and stole their data. [...]

https://www.bleepingcomputer.com/news/security/emotet-malware-dabbles-in-extortion-with-new-spam-template/

FTCode Ransomware Now Steals Saved Login Credentials

​​​​​​​FTCode ransomware victims now have one more thing to worry about with the malware having been upgraded to also steal saved user credentials from email clients and web browsers. [...]

https://www.bleepingcomputer.com/news/security/ftcode-ransomware-now-steals-saved-login-credentials/

US Retailer Hanna Andersson Hacked to Steal Credit Cards

US children's apparel maker and online retailer Hanna Andersson disclosed that its online purchasing platform was hacked and malicious code was deployed to steal customers' payment info for almost two months. [...]

https://www.bleepingcomputer.com/news/security/us-retailer-hanna-andersson-hacked-to-steal-credit-cards/

Infiltrating Networks: Easier Than Ever Due to Evil Markets

Attackers don't always need to breach the networks of their victims themselves to plant malware as there are plenty of professional intruders offering their services on underground markets. [...]

https://www.bleepingcomputer.com/news/security/infiltrating-networks-easier-than-ever-due-to-evil-markets/

600 Computers Taken Down After Florida Library Cyberattack

600 staff and public access computers were taken down at Volusia County Public Library (VCPL) branches from Daytona Beach, Florida, following a cyberattack that started around 7 AM on January  9. [...]

https://www.bleepingcomputer.com/news/security/600-computers-taken-down-after-florida-library-cyberattack/

BitPyLock Ransomware Now Threatens to Publish Stolen Data

A new ransomware called BitPyLock has quickly gone from targeting individual workstations to trying to compromise networks and stealing files before encrypting devices. [...]

https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Windows EFS Feature May Help Ransomware Attackers

Security researchers have created concept ransomware that takes advantage of a feature in Windows that encrypts files and folders to protect them from unauthorized physical access to the computer. [...]

https://www.bleepingcomputer.com/news/security/windows-efs-feature-may-help-ransomware-attackers/

Microsoft Tests Office 'Ads' in Windows 10 Wordpad

Microsoft is testing promotions for the free Office web apps being displayed directly in the menu bar for the Windows 10 Wordpad application. As you can imagine, the reaction to this news has been mixed, with some not thinking it's a big deal and others not happy with this approach. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-tests-office-ads-in-windows-10-wordpad/

Actively Exploited IE 11 Zero-Day Bug Gets Temporary Patch

A micropatch implementing Microsoft's workaround for the actively exploited zero-day remote code execution (RCE) vulnerability impacting Internet Explorer is now available via the 0patch platform until an official fix will be released. [...]

https://www.bleepingcomputer.com/news/security/actively-exploited-ie-11-zero-day-bug-gets-temporary-patch/

UPS Store Phishing Incident Exposes Customer Personal Info

Sensitive personal and financial information of UPS Store customers was exposed in a phishing incident affecting roughly 100 local store locations between September 29, 2019, and January 13, 2020. [...]

https://www.bleepingcomputer.com/news/security/ups-store-phishing-incident-exposes-customer-personal-info/

Wine 5.0 Released With Numerous Gaming Improvements for Linux

Wine 5.0 has been released today and contains over 7,400 bug fixes and numerous audio and graphics improvements that will increase performance in gaming on Linux. [...]

https://www.bleepingcomputer.com/news/linux/wine-50-released-with-numerous-gaming-improvements-for-linux/

This Citibank Phishing Scam Could Trick Many People

A new Citibank phishing scam is underway that utilizes a convincing domain name, TLS certs, and even requests OTP codes that could easily cause people to believe they are submitting their personal information on a legitimate page. [...]

https://www.bleepingcomputer.com/news/security/this-citibank-phishing-scam-could-trick-many-people/

FBI Warns Job Applicants of Scams Using Spoofed Company Sites

FBI's Internet Crime Complaint Center (IC3) today issued a public service announcement to warn about scammers using spoofed company websites and fake job listings to target applicants. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-job-applicants-of-scams-using-spoofed-company-sites/

ProtonVPN Apps Open Sourced for Added Transparency and Security

The code for ProtonVPN apps on all supported platforms - Android, iOS, macOS, and Windows - is now open source, the maker announces today, a move that follows a security audit from an independent party. [...]

https://www.bleepingcomputer.com/news/security/protonvpn-apps-open-sourced-for-added-transparency-and-security/

Windows 10 PowerToy Quick Launcher to Simplify Launching Apps

Microsoft is working on a quick launcher dubbed PowerLauncher for the Windows 10 open-source PowerToys toolset, to allow users to launch apps faster than using the Start menu. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-powertoy-quick-launcher-to-simplify-launching-apps/

Final Windows 7 Update Breaks Desktop Wallpaper Functionality

The final update for the Windows 7 operating system has broken some of the desktop wallpaper functionality and caused user's backgrounds to become a blank black screen. [...]

https://www.bleepingcomputer.com/news/microsoft/final-windows-7-update-breaks-desktop-wallpaper-functionality/