T-Mobile Data Breach Exposes Customer Personal, Financial Info

T-Mobile has announced a data breach caused by an email vendor being hacked that exposed the personal and financial information for some of its customers. [...]

https://www.bleepingcomputer.com/news/security/t-mobile-data-breach-exposes-customer-personal-financial-info/

Attackers Deliver Malware via Fake Website Certificate Errors

Cybercriminals are distributing malware using fake security certificate update requests displayed on previously compromised websites, attempting to infect potential victims with backdoors and Trojans using a malicious installer. [...]

https://www.bleepingcomputer.com/news/security/attackers-deliver-malware-via-fake-website-certificate-errors/

PwndLocker Ransomware Gets Pwned: Decryption Now Available

Emsisoft has discovered a way to decrypt files encrypted by the new PwndLocker Ransomware so that victims can recover their files without paying a ransom. [...]

https://www.bleepingcomputer.com/news/security/pwndlocker-ransomware-gets-pwned-decryption-now-available/

Microsoft Shares Tactics Used in Human-Operated Ransomware Attacks

Microsoft today shared tips on how to defend against human-operated ransomware attacks known to be behind hundreds of millions of dollars in losses following campaigns targeting enterprises and government entities. [...]

https://www.bleepingcomputer.com/news/security/microsoft-shares-tactics-used-in-human-operated-ransomware-attacks/

Virgin Media Data Breach Exposes Info of 900,000 Customers

Virgin Media announced today that the personal information of roughly 900,000 of its customers was accessed without permission on at least one occasion because of a misconfigured and unsecured marketing database. [...]

https://www.bleepingcomputer.com/news/security/virgin-media-data-breach-exposes-info-of-900-000-customers/

Microsoft Issues Fix for Windows 10 Drivers Blocked by Core Isolation

Microsoft has issued guidance on how to resolve problems loading drivers in Windows 10 that are being blocked due to virtualization-based security protections. [...]

https://www.bleepingcomputer.com/news/security/microsoft-issues-fix-for-windows-10-drivers-blocked-by-core-isolation/

US Govt Adds Stricter Requirements for .gov Domain Registration

The U.S. government will start requiring notarized signatures as part of the registration process for .gov domains starting March 10, 2020, to prevent wire and mail fraud that might lead to such domains being registered by unauthorized organizations​​​​​​​ or individuals. [...]

https://www.bleepingcomputer.com/news/security/us-govt-adds-stricter-requirements-for-gov-domain-registration/

Windows 10 Insider Build 19577 Released With New Windows Security Icon

Microsoft has released Windows 10 Insider Preview Build 19577 to Insiders in the Fast ring, which includes the new Windows Security Fluent-based icon and diagnostic data changes. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-19577-released-with-new-windows-security-icon/

TrickBot Malware Targets Italy in Fake WHO Coronavirus Emails

A new spam campaign is underway that is preying on the fears of Coronavirus (COVID-19) to target people in Italy with the TrickBot information-stealing malware. [...]

https://www.bleepingcomputer.com/news/security/trickbot-malware-targets-italy-in-fake-who-coronavirus-emails/

Emotet Actively Using Upgraded WiFi Spreader to Infect Victims

Emotet's authors ​​​​​​​have upgraded the malware's Wi-Fi spreader by making it a fully-fledged module and adding new functionality as shown by multiple samples that were recently delivered to infected devices. [...]

https://www.bleepingcomputer.com/news/security/emotet-actively-using-upgraded-wifi-spreader-to-infect-victims/

Windows 10 KB4535996 Update Issues: Crashes, Slowdowns, Audio, More

Since the release of the Windows 10 KB4535996 cumulative update, Windows users have been reporting numerous problems including boot issues, crashes, performance problems, audio issues, and developer tools no longer working. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4535996-update-issues-crashes-slowdowns-audio-more/

Telus-Owned Koodo Mobile Announces Data Breach, Stolen Info for Sale

Telus-owned Koodo Mobile has suffered a data breach after their systems were hacked and customer data from August and September 2017 was stolen by the attackers. [...]

https://www.bleepingcomputer.com/news/security/telus-owned-koodo-mobile-announces-data-breach-stolen-info-for-sale/

FBI Warns of BEC Attacks Abusing Microsoft Office 365, Google G Suite

The US Federal Bureau of Investigation (FBI) warned private industry partners of threat actors abusing Microsoft Office 365 and Google G Suite as part of Business Email Compromise (BEC) attacks. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-bec-attacks-abusing-microsoft-office-365-google-g-suite/

US Govt Shares Tips to Defend Against Coronavirus Cyber Scams

The Department of Homeland Security's cybersecurity agency today shared tips on how to defend against scammers who use the coronavirus health crisis as bait to push their scams over the Internet. [...]

https://www.bleepingcomputer.com/news/security/us-govt-shares-tips-to-defend-against-coronavirus-cyber-scams/

The Week in Ransomware - March 6th 2020 - Breaches Everywhere

Ransomware continues to target the enterprise and local government in the hopes of a big windfall of bitcoins. In addition new variants of STOP, Dharma, and other families continue to be released. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-6th-2020-breaches-everywhere/

Zoho Fixes No-Auth RCE Zero-Day in ManageEngine Desktop Central

Web-based office suite and SaaS services provider Zoho released a security update to fix a remote code execution vulnerability found in its ManageEngine Desktop Central endpoint management solution. [...]

https://www.bleepingcomputer.com/news/security/zoho-fixes-no-auth-rce-zero-day-in-manageengine-desktop-central/

Ransomware Threatens to Reveal Company's 'Dirty' Secrets

The operators of the Sodinokibi Ransomware are threatening to publicly share a company's "dirty" financial secrets because they refused to pay the demanded ransom. [...]

https://www.bleepingcomputer.com/news/security/ransomware-threatens-to-reveal-companys-dirty-secrets/

Data-Stealing FormBook Malware Preys on Coronavirus Fears

Another email campaign pretending to be Coronavirus (COVID-19) information from the World Health Organization (WHO) is distributing a malware downloader that installs the FormBook information-stealing Trojan. [...]

https://www.bleepingcomputer.com/news/security/data-stealing-formbook-malware-preys-on-coronavirus-fears/

How to Use Google Chrome Extensions and Themes in Microsoft Edge

Microsoft's new Edge browser is now available and it comes with an add-on store where you can find Microsoft-approved extensions. As Edge is built on the same Chromium code base, it can also access the Chrome Web Store. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-use-google-chrome-extensions-and-themes-in-microsoft-edge/

New US Bill Aims to Protect Researchers who Disclose Govt Backdoors

New legislation has been introduced that amends the Espionage Act of 1917 to protect journalists, whistleblowers, and security researchers who discover and disclose classified government information. [...]

https://www.bleepingcomputer.com/news/government/new-us-bill-aims-to-protect-researchers-who-disclose-govt-backdoors/

Google Stops Issuing Security Warnings About Microsoft Edge

Google has toned down its rhetoric by no longer displaying a security warning on its extension store to Microsoft Edge users that tells them to switch to Chrome to be more secure. [...]

https://www.bleepingcomputer.com/news/google/google-stops-issuing-security-warnings-about-microsoft-edge/