Microsoft Releases February 2020 Office Updates With Security Fixes

Microsoft released the February 2020 Office security updates on February 11, 2020, with a total of 10 security updates and three cumulative updates for six different products, with three of them patching flaws allowing for remote code execution. [...]

https://www.bleepingcomputer.com/news/security/microsoft-releases-february-2020-office-updates-with-security-fixes/

BEC Fraud Profits from Gift Cards, Down 63% Over Holidays

Business email compromise (BEC) activity hit the breaks toward the end of 2019 but only in the last two weeks of the year and not before recording a peak. [...]

https://www.bleepingcomputer.com/news/security/bec-fraud-profits-from-gift-cards-down-63-percent-over-holidays/

Google Play Protect Blocked 1.9 Billion Malware Installs in 2019

Google's Play Protect mobile threat protection service blocked the installation of over 1.9 billion malicious apps downloaded from non-Play Store sources in 2019. [...]

https://www.bleepingcomputer.com/news/security/google-play-protect-blocked-19-billion-malware-installs-in-2019/

Office 365 Users Get Automated Protection From Malicious Docs

Microsoft announced that a new security feature dubbed Safe Documents will be available in private preview for Office 365 ProPlus customers starting today. [...]

https://www.bleepingcomputer.com/news/security/office-365-users-get-automated-protection-from-malicious-docs/

Microsoft Posts Updated Dev Roadmap for the Edge Browser

Microsoft has updated its development roadmap so that users can see what's planned for the Microsoft Edge browser. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-posts-updated-dev-roadmap-for-the-edge-browser/

Microsoft Urges Exchange Admins to Disable SMBv1 to Block Malware

Microsoft is recommending administrators disable the SMBv1 network communication protocol on Exchange servers to provide better protection against malware threats and attacks. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-urges-exchange-admins-to-disable-smbv1-to-block-malware/

WordPress Cookie Consent Plugin Fixes Critical Flaw for 700K Users

Critical bugs found in the WordPress GDPR Cookie Consent plugin used by over 700,000 websites allow potential attackers to delete and change content and inject malicious JavaScript code due to improper access controls. [...]

https://www.bleepingcomputer.com/news/security/wordpress-cookie-consent-plugin-fixes-critical-flaw-for-700k-users/

Windows 10 Insider Build 19564 Released With New Calendar App, GPU Settings

Microsoft has released Windows 10 Insider Preview Build 19564 to Insiders in the Fast ring, which offers a preview of the new Windows 10 Calendar app and an improved Graphics settings page. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-19564-released-with-new-calendar-app-gpu-settings/

Windows 10 KB4532693 Update Bug Hides User Data, Loads Wrong Profile

Reports are coming in that the Windows 10 KB4532693 cumulative update is loading an incorrect user profile and causing the user's desktop and Start Menu to be reset to default. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4532693-update-bug-hides-user-data-loads-wrong-profile/

SweynTooth Bug Collection Affects Hundreds of Bluetooth Products

Security researchers have disclosed a dozen flaws in the implementation of the Bluetooth Low Energy technology on multiple system-on-a-chip (SoC) circuits that power at least 480 from various vendors. [...]

https://www.bleepingcomputer.com/news/security/sweyntooth-bug-collection-affects-hundreds-of-bluetooth-products/

Mozilla Firefox to Support Chrome's Image Lazy Loading Feature

Mozilla is adding support for Google Chrome's native image lazy loading feature and it is now available for testing in the Firefox Nightly builds. [...]

https://www.bleepingcomputer.com/news/software/mozilla-firefox-to-support-chromes-image-lazy-loading-feature/

Sextortion Emails Sent by Emotet Earn 10 Times More Than Necurs

Sextortion scammers are now targeting potential victims with spam sent to their work emails via the Emotet botnet, a distribution channel 10 times more effective than previous ones according to research published today by IBM X-Force. [...]

https://www.bleepingcomputer.com/news/security/sextortion-emails-sent-by-emotet-earn-10-times-more-than-necurs/

US Charges Huawei With Conspiracy to Steal Trade Secrets, Racketeering

The U.S. Department of Justice charged Huawei and two U.S. subsidiaries with conspiracy to steal trade secrets and to violate the Racketeer Influenced and Corrupt Organizations Act (RICO). [...]

https://www.bleepingcomputer.com/news/technology/us-charges-huawei-with-conspiracy-to-steal-trade-secrets-racketeering/

Helix Bitcoin Mixer Owner Charged for Laundering Over $310 Million

36-year-old Larry Dean Harmon from Akron, Ohio, was charged with laundering more than $310 million worth of Bitcoin cryptocurrency while operating the dark web Helix Bitcoin mixer between 2014 and 2017. [...]

https://www.bleepingcomputer.com/news/security/helix-bitcoin-mixer-owner-charged-for-laundering-over-310-million/

Parallax RAT: Common Malware Payload After Hacker Forums Promotion

A remote access Trojan named Parallax is being widely distributed through malicious spam campaigns that when installed allow attackers to gain full control over an infected system. [...]

https://www.bleepingcomputer.com/news/security/parallax-rat-common-malware-payload-after-hacker-forums-promotion/

U.S. Store Chain Rutter’s Hit by Credit Card Stealing Malware

Rutter's, a U.S. convenience store, fast food restaurant, and gas station chain owner, has disclosed today that 71 locations were infected with a point-of-sale (POS) malware that was used by attackers to steal customers' credit card information. [...]

https://www.bleepingcomputer.com/news/security/us-store-chain-rutter-s-hit-by-credit-card-stealing-malware/

Windows 10 KB4524244 Update Causes Freezes, Installation Issues

Reports coming from users who have tried to install the Windows 10 KB4524244 ​​​​​​​security update say that HP and Apple computers are experiencing system freezes and errors during installation, as well as HP Sure Start Recovery Secure Boot keys errors that prevent booting. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4524244-update-causes-freezes-installation-issues/

Tech Conferences in Asia On Hold Due To Coronavirus Outbreak

This week, organizers of Black Hat Asia and DEF CON China security conferences announced that the coronavirus outbreak in the region is forcing them to put the events on hold. [...]

https://www.bleepingcomputer.com/news/security/tech-conferences-in-asia-on-hold-due-to-coronavirus-outbreak/

US Govt Updates Info on North Korean Malware

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released new info on North Korean malware with six new and updated Malware Analysis Reports (MARs) related to malicious cyber activity from North Korea. [...]

https://www.bleepingcomputer.com/news/security/us-govt-updates-info-on-north-korean-malware/

Mobile Phishing Campaign Uses over 200 Pages to Spoof Bank Sites

A phishing campaign focused on mobile banking used over 200 pages to impersonate legitimate websites for well-known banks in the U.S. and Canada. [...]

https://www.bleepingcomputer.com/news/security/mobile-phishing-campaign-uses-over-200-pages-to-spoof-bank-sites/

Plastic Surgery Patient Photos, Info Exposed by Leaky Database

Hundreds of thousands of documents with plastic surgery patients' personal information and highly sensitive photos were exposed online by an improperly secured Amazon Web Services (AWS) S3 bucket. [...]

https://www.bleepingcomputer.com/news/security/plastic-surgery-patient-photos-info-exposed-by-leaky-database/