Active Scans for Apache Tomcat Ghostcat Vulnerability Detected, Patch Now

Ongoing scans for Apache Tomcat servers unpatched against the Ghostcat vulnerability that allows potential attackers to take over servers have been detected over the weekend. [...]

https://www.bleepingcomputer.com/news/security/active-scans-for-apache-tomcat-ghostcat-vulnerability-detected-patch-now/

New PwndLocker Ransomware Targeting U.S. Cities, Enterprises

Driven by the temptation of big ransom payments, a new ransomware called PwndLocker has started targeting the networks of businesses and local governments with ransom demands over $650,000. [...]

https://www.bleepingcomputer.com/news/security/new-pwndlocker-ransomware-targeting-us-cities-enterprises/

Windows 10 Y3K Bug: Won't Install After January 18, 3001

A bizarre bug could affect some Windows 10 users that try to install the latest Windows release on computers where the BIOS date is set to January 19, 3001, or later on AMD or Intel motherboards. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-y3k-bug-wont-install-after-january-18-3001/

Microsoft MVP Summit Now A Virtual Conf Over Coronavirus Fears

Microsoft has decided to change its annual in-person MVP Summit held in Seattle, Washington into a virtual online conference over concerns about the continuing spread of the Coronavirus outbreak. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-mvp-summit-now-a-virtual-conf-over-coronavirus-fears/

US Charges Two With Laundering $100M for North Korean Hackers

Two Chinese nationals were charged today by the US Dept of Justice and sanctioned by the US Treasury for allegedly laundering over $100 million worth of cryptocurrency out of the nearly $250 million stolen by North Korean actors known as Lazarus Group after hacking a cryptocurrency exchange in 2018. [...]

https://www.bleepingcomputer.com/news/security/us-charges-two-with-laundering-100m-for-north-korean-hackers/

Nemty Ransomware Punishes Victims by Posting Their Stolen Data

The Nemty Ransomware is the latest cybercrime operation to create a data leak site to punish victims who refuse to pay ransoms. [...]

https://www.bleepingcomputer.com/news/security/nemty-ransomware-punishes-victims-by-posting-their-stolen-data/

Cisco Offering Free 90-day Webex Licenses Due to Coronavirus

To make it easier for those who are impacted by the spread of Coronavirus/COVID-19, Cisco has enhanced its free Webex account offerings and offering free 90-day business licenses. [...]

https://www.bleepingcomputer.com/news/software/cisco-offering-free-90-day-webex-licenses-due-to-coronavirus/

SETI@home Search for Alien Life Project Shuts Down After 21 Years

SETI@home has announced that they will no longer be distributing new work to clients starting on March 31st as they have enough data and want to focus on completing their back-end analysis of the data. [...]

https://www.bleepingcomputer.com/news/software/seti-home-search-for-alien-life-project-shuts-down-after-21-years/

Chinese Security Firm Says CIA Hackers Attacked China Since 2008

Chinese security vendor Qihoo 360 says that the US Central Intelligence Agency (CIA) has hacked Chinese organizations for the last 11 years, targeting various industry sectors and government agencies. [...]

https://www.bleepingcomputer.com/news/security/chinese-security-firm-says-cia-hackers-attacked-china-since-2008/

German BSI Tells Local Govt Authorities Not to Pay Ransoms

BSI, Germany's federal cybersecurity agency, recommends local governments and municipal institutions not to pay the ransoms asked by attackers after they get affected by ransomware attacks. [...]

https://www.bleepingcomputer.com/news/security/german-bsi-tells-local-govt-authorities-not-to-pay-ransoms/

UK NCSC Releases Tips on Securing Smart Security Cameras

The UK National Cyber Security Centre (NCSC) has released guidance on how to correctly set up smart security cameras and baby monitors to avoid having them hacked by attackers. [...]

https://www.bleepingcomputer.com/news/security/uk-ncsc-releases-tips-on-securing-smart-security-cameras/

Microsoft Releases March 2020 Office Updates With Fixes, Improvements

Microsoft released the March 2020 non-security Microsoft Office updates with improvements and fixes for the Windows Installer (MSI) editions of Office 2013 and Office 2016. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-march-2020-office-updates-with-fixes-improvements/

Ransomware Attackers Use Your Cloud Backups Against You

Backups are one the most, if not the most, important defense against ransomware, but if not configured properly, attackers will use it against you. [...]

https://www.bleepingcomputer.com/news/security/ransomware-attackers-use-your-cloud-backups-against-you/

Let's Encrypt to Revoke 3 Million TLS Certificates Due to Bug

Let's Encrypt will revoke over 3 million certificates on Wednesday, March 4th, due to a bug in their domain validation and issuance software.  [...]

https://www.bleepingcomputer.com/news/security/lets-encrypt-to-revoke-3-million-tls-certificates-due-to-bug/

Zero-Day Bug Allowed Attackers to Register Malicious Domains

A zero-day vulnerability impacting Verisign and several SaaS services including Google, Amazon, and DigitalOcean allowed potential attackers to register .com and .net homograph domain names (among others) that could be used in insider, phishing, and social-engineering attacks against organizations. [...]

https://www.bleepingcomputer.com/news/security/zero-day-bug-allowed-attackers-to-register-malicious-domains/

Microsoft Reveals a New Design for the Windows 10 Start Menu

Microsoft has unveiled its vision of a new Windows 10 Start Menu that utilizes a transparent background to showcase the new Fluent-based colorful icons. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-reveals-a-new-design-for-the-windows-10-start-menu/

Windows Explorer Used by Mailto Ransomware to Evade Detection

A newly discovered Mailto (NetWalker) ransomware strain can inject malicious code into the Windows Explorer process so that the malware can evade detection. [...]

https://www.bleepingcomputer.com/news/security/windows-explorer-used-by-mailto-ransomware-to-evade-detection/

Microsoft, Google Offer Free Remote Work Tools Due to Coronavirus

With employees either being quarantined after international travel or encouraged to work remotely due to the Coronavirus (COVID-19), Microsoft, Google, LogMeIn, and Cisco are offering free licenses to their meeting, collaboration, and remote work tools. [...]

https://www.bleepingcomputer.com/news/software/microsoft-google-offer-free-remote-work-tools-due-to-coronavirus/

Microsoft Releases PowerShell 7.0 With New Features, Update Alerts

Microsoft released PowerShell 7.0, the latest version of its cross-platform automation and configuration tool with new features including automatic new version notifications, bug fixes, and improvements. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-powershell-70-with-new-features-update-alerts/

J.Crew Disables User Accounts After Credential Stuffing Attack

US clothing retailer J.Crew announced that it was the victim of a credential stuffing attack around April 2019 that led to some of its customers' accounts and information being accessed by hackers. [...]

https://www.bleepingcomputer.com/news/security/jcrew-disables-user-accounts-after-credential-stuffing-attack/

Carnival Cruise Line Operator Discloses Potential Data Breach

The world's largest cruise ship operator Carnival Corporation & plc announced a potential data breach affecting some of its customers after hackers accessed employee email accounts. [...]

https://www.bleepingcomputer.com/news/security/carnival-cruise-line-operator-discloses-potential-data-breach/