Kali Linux Adds Single Installer Image, Default Non-Root User

Kali Linux 2020.1 was released today by Kali Linux team at Offensive Security with a new Kali Single Installer image for all desktop environments and a previously announced move to a non-root default user. [...]

https://www.bleepingcomputer.com/news/security/kali-linux-adds-single-installer-image-default-non-root-user/

Ransomware Bitcoin Wallet Frozen by UK Court to Recover Ransom

A victim's insurance company convinced the UK courts to freeze a bitcoin wallet containing over $800K worth of a ransomware payment. [...]

https://www.bleepingcomputer.com/news/security/ransomware-bitcoin-wallet-frozen-by-uk-court-to-recover-ransom/

Android Flash Tool Lets You Install Android Using a Browser

Google announced the release of a web-based tool that can be used by developers to install Android Open Source Project (AOSP) builds on recent Pixel phones and some Android development devices from the web browser, without building and flashing manually. [...]

https://www.bleepingcomputer.com/news/google/android-flash-tool-lets-you-install-android-using-a-browser/

Windows 10 Optional Cumulative Update KB4532695 Released

Microsoft is rolling out a new optional cumulative update for Windows 10 November 2019 Update (version 1909) and May 2019 Update (version 1903. The optional monthly update for Windows 10 comes with non-security fixes and important general bug fixes for Windows 10 November 2019 Update and May 2019 Update. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-optional-cumulative-update-kb4532695-released/

Google Pays $6.5 Million to Hackers for Reporting Security Bugs

More than $6.5 million were paid to researchers for reporting security bugs through Google's Vulnerability Reward Program (VRP) in 2019, the company said in an announcement published today. [...]

https://www.bleepingcomputer.com/news/security/google-pays-65-million-to-hackers-for-reporting-security-bugs/

Windows 10 1909 KB4532695 Update Fixes File Explorer Bugs

Today's Windows 1909 cumulative update fixes some of the bugs that made File Explorer search unusable since the November 2019 Update was released, but there is still more room for improvement. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-1909-kb4532695-update-fixes-file-explorer-bugs/

Apple iOS 13.3.1 Released With Fix for Location Tracking

Apple has released iOS 13.3.1 with numerous bug fixes including a new setting that allows you to disable the constant location checks being performed by the iPhone 11 U1 chip. [...]

https://www.bleepingcomputer.com/news/apple/apple-ios-1331-released-with-fix-for-location-tracking/

Ubuntu Invites Windows 7 Users With Linux Switch Guides

Canonical today published the first part of a tutorial series designed to help Windows 7 users migrate to Ubuntu Linux after Microsoft's decade-old OS reached end of support this month and stopped receiving security and bug fixes. [...]

https://www.bleepingcomputer.com/news/linux/ubuntu-invites-windows-7-users-with-linux-switch-guides/

Magento 2.3.4 Fixes Critical Code Execution Vulnerabilities

Magento today updated its e-commerce software for all supported platforms with fixes for multiple vulnerabilities. Some of them have critical severity and hackers could exploit them to run arbitrary code. [...]

https://www.bleepingcomputer.com/news/security/magento-234-fixes-critical-code-execution-vulnerabilities/

FBI Warns of Rise in Social Security Scams Spoofing Its Phone Number

The U.S. Federal Bureau of Investigation (FBI) on Tuesday has issued a warning about a spike in its phone number being used for Social Security fraud. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-rise-in-social-security-scams-spoofing-its-phone-number/

Critical Remote Code Execution Bug Fixed in OpenBSD SMTP Server

A critical vulnerability in the free OpenSMTPD email server present in many Unix-based systems can be exploited to run shell commands with root privileges. [...]

https://www.bleepingcomputer.com/news/security/critical-remote-code-execution-bug-fixed-in-openbsd-smtp-server/

200K WordPress Sites Exposed to Takeoker Attacks by Plugin Bug

A high severity cross-site request forgery (CSRF) bug allows attackers to take over WordPress sites running an unpatched version of the Code Snippets plugin because of missing referer checks on the import menu. [...]

https://www.bleepingcomputer.com/news/security/200k-wordpress-sites-exposed-to-takeoker-attacks-by-plugin-bug/

Google Chrome Tests Replacing URLs With Search Queries in Address Bar

Google has started testing a feature that will display the search query in the Chrome address bar rather than the actual page's URL when performing searches on Google. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-tests-replacing-urls-with-search-queries-in-address-bar/

New 'I Got Phished' Service Alerts Companies of Phished Employees

A new service called 'I Got Phished' has launched that will alert domain and security administrators when an employee in their organization falls for a phishing attack. [...]

https://www.bleepingcomputer.com/news/security/new-i-got-phished-service-alerts-companies-of-phished-employees/

Emotet Uses Coronavirus Scare to Infect Japanese Targets

A malspam campaign is actively distributing Emotet payloads via emails that warn the targets of Coronavirus infection reports in various prefectures from Japan, including Gifu, Osaka, and Tottori. [...]

https://www.bleepingcomputer.com/news/security/emotet-uses-coronavirus-scare-to-infect-japanese-targets/

AlphaBay Dark Web Market Mod Faces 20 Years After Pleading Guilty

Bryan Connor Herrell, a 25-year-old from Fresno, California, pleaded guilty this week in the US to racketeering charges related to the now-defunct dark web marketplace Alphabay. [...]

https://www.bleepingcomputer.com/news/security/alphabay-dark-web-market-mod-faces-20-years-after-pleading-guilty/

Malware Tries to Trump Security Software With POTUS Impeachment

The TrickBot malware has been spotted using text from articles about President Trump's impeachment to bypass the scanning engines of security software. [...]

https://www.bleepingcomputer.com/news/security/malware-tries-to-trump-security-software-with-potus-impeachment/

Linux Kernel 5.6 Source Tree Includes WireGuard VPN

The lean-coded, fast, modern, and secure WireGuard VPN protocol has made it into the Linux kernel as Linus Torvalds merged it into the git repository for version 5.6. [...]

https://www.bleepingcomputer.com/news/security/linux-kernel-56-source-tree-includes-wireguard-vpn/

Avast Shuts Down Jumpshot After Getting Caught Selling User's Data

Avast has announced that they are shutting down their Jumpshot subsidiary that was selling user data collected by Avast's antivirus software products. [...]

https://www.bleepingcomputer.com/news/security/avast-shuts-down-jumpshot-after-getting-caught-selling-users-data/

Russia Blocks ProtonMail and ProtonVPN, Tor to the Rescue

Proton Technologies​​​​​​​' security-focused ProtonMail end-to-end encrypted email service and ProtonVPN VPN service have been blocked by the Russian government within Russia since yesterday. [...]

https://www.bleepingcomputer.com/news/security/russia-blocks-protonmail-and-protonvpn-tor-to-the-rescue/

The Adware Families That Changed the Antivirus Industry

This story takes us back to 2003 and for a better understanding, you would need to be aware of the fact that the cybersecurity industry back then was shaped very differently from today. [...]

https://www.bleepingcomputer.com/news/security/the-adware-families-that-changed-the-antivirus-industry/