DRBControl Espionage Operation Hits Gambling, Betting Companies

An advanced threat actor has been targeting gambling and betting companies in multiple regions of the globe with malware that links to two Chinese hacker groups. [...]

https://www.bleepingcomputer.com/news/security/drbcontrol-espionage-operation-hits-gambling-betting-companies/

Over 20,000 WordPress Sites Run Trojanized Premium Themes

A threat actor that has infected more than 20,000 WordPress sites by running the same trick for at least three years: distributing trojanized versions of premium WordPress themes and plugins. [...]

https://www.bleepingcomputer.com/news/security/over-20-000-wordpress-sites-run-trojanized-premium-themes/

Zero-Day in WordPress Plugin Exploited to Create Admin Accounts

A zero-day vulnerability in the ThemeREX Addons, a WordPress plugin installed on thousands of sites, is actively exploited by attackers to create user accounts with admin permissions and potentially fully taking over the vulnerable website. [...]

https://www.bleepingcomputer.com/news/security/zero-day-in-wordpress-plugin-exploited-to-create-admin-accounts/

Windows 10 KB4532693 Update Bug Reportedly Deletes User Files

The Windows 10 KB4532693 update appears to be buggier than originally thought as users are reporting that the update is deleting their files. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4532693-update-bug-reportedly-deletes-user-files/

Swiss Govt Says Ransomware Victims Ignored Warnings, Had Poor Security

Switzerland's Reporting and Analysis Centre for Information Assurance (MELANI) today warned of ongoing ransomware attacks targeting the systems of Swiss small, medium-sized, and large companies. [...]

https://www.bleepingcomputer.com/news/security/swiss-govt-says-ransomware-victims-ignored-warnings-had-poor-security/

Microsoft Adds Enterprise Windows 10 Tamper Protection Controls

Microsoft announced today that support for the Windows 10 Tamper Protection feature has been added to Microsoft Defender ATP Threat & Vulnerability Management for additional info on exposed machines in their organization. [...]

https://www.bleepingcomputer.com/news/security/microsoft-adds-enterprise-windows-10-tamper-protection-controls/

Microsoft Rolls Out New Windows 10 Optional Update Experience

Starting today, Microsoft will begin rolling out the new Windows 10 optional updates experience that allows users to pick and choose what non-security updates and drivers they wish to install. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-new-windows-10-optional-update-experience/

Credit Card Skimmer Found on Nine Sites, Researchers Ignored

Security researchers discovered a new batch of nine websites infected with malicious JavaScript that steals payment card info from online shoppers. [...]

https://www.bleepingcomputer.com/news/security/credit-card-skimmer-found-on-nine-sites-researchers-ignored/

Tesla Pays $10K for Microsoft SQL Server Reporting Services Bug

Tesla paid a $10,000 bounty for a vulnerability in Microsoft SQL Server Reporting Services (SSRS) that had received a patch five days before getting the bug submission. [...]

https://www.bleepingcomputer.com/news/security/tesla-pays-10k-for-microsoft-sql-server-reporting-services-bug/

New Actors Attack Industrial Control Systems, Old Ones Mature

Industrial control systems (ICS) across the world have become a larger target in 2019 as researchers discovered new threat actors attacking this sector while old ones have evolved and expanded their operations. [...]

https://www.bleepingcomputer.com/news/security/new-actors-attack-industrial-control-systems-old-ones-mature/

Microsoft Defender ATP for Linux Now In Public Preview

Microsoft Defender ATP for Linux is now available in a public preview that allows administrators and security professionals to test the product in six different Linux distributions. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-atp-for-linux-now-in-public-preview/

Google Tells Microsoft Edge Users To Get Chrome for Better Security

The browser wars are starting to heat up again as both Google and Microsoft promote their software at the expense of their competitors. Such is the case with a new notification shown in the Chrome Web Store telling Microsoft Edge users to switch to Google Chrome. [...]

https://www.bleepingcomputer.com/news/microsoft/google-tells-microsoft-edge-users-to-get-chrome-for-better-security/

Hackers Get Free MGM Resorts Guest Database with 10M+ Records

An archive with over 10 million records of guests at the MGM Resorts hotels is currently distributed for free on a hacking forum. [...]

https://www.bleepingcomputer.com/news/security/hackers-get-free-mgm-resorts-guest-database-with-10m-records/

Credit Card Skimmer Found on Nine Sites, Researchers Ignored

Security researchers discovered a new batch of nine websites infected with malicious JavaScript that steals payment card info from online shoppers. [...]

https://www.bleepingcomputer.com/news/security/credit-card-skimmer-found-on-nine-sites-researchers-ignored/

WhatsApp Phishing URLs Skyrocket With Over 13,000% Surge

The number of WhatsApp phishing URLs has skyrocketed in Q4 2019 after a 13,467.6% huge QoQ surge in the number of unique phishing URLs targeting its users being discovered by email security company Vade Secure since Q3 2019. [...]

https://www.bleepingcomputer.com/news/security/whatsapp-phishing-urls-skyrocket-with-over-13-000-percent-surge/

FTC Refunds Victims of Office Depot Tech Support Scam

The FTC has begun to issue refunds to people who were convinced into purchasing computer repair services at Office Depot based on fake malware scans. [...]

https://www.bleepingcomputer.com/news/security/ftc-refunds-victims-of-office-depot-tech-support-scam/

Microsoft Unveils Their New Windows 10 System Icons

Microsoft has started rolling out new Fluent-based icons for Windows 10 apps and system applications to Insiders on the Fast Ring. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-unveils-their-new-windows-10-system-icons/

New Mexico Sues Google for Mining Children's Data

Google is facing a new lawsuit for allegedly using its Google for Education platform to gather the personal and private data from students under the age of thirteen. [...]

https://www.bleepingcomputer.com/news/legal/new-mexico-sues-google-for-mining-childrens-data/

Google Cleans Play Store of Nearly 600 Apps for Ad Policy Violation

Google reacted severely against nearly 600 Android apps in Play Store that were violating two ad-related policies by kicking them out of the repository. [...]

https://www.bleepingcomputer.com/news/security/google-cleans-play-store-of-nearly-600-apps-for-ad-policy-violation/

Android Malware: Joker Still Fools Google's Defense, New Clicker Found

Joker malware that subscribes Android users to premium services without consent is giving Google a hard time as new samples constantly bypass scrutiny and end up in Play Store. [...]

https://www.bleepingcomputer.com/news/security/android-malware-joker-still-fools-googles-defense-new-clicker-found/

SlickWraps Allegedly Hacked, Financial and Customer Info Exposed

A security researcher has stated that they have allegedly hacked SlickWraps and after receiving no response to emails, publicly disclosed how they gained access to the site and the data that was exposed. [...]

https://www.bleepingcomputer.com/news/security/slickwraps-allegedly-hacked-financial-and-customer-info-exposed/