Zoho Fixes No-Auth RCE Zero-Day in ManageEngine Desktop Central

Web-based office suite and SaaS services provider Zoho released a security update to fix a remote code execution vulnerability found in its ManageEngine Desktop Central endpoint management solution. [...]

https://www.bleepingcomputer.com/news/security/zoho-fixes-no-auth-rce-zero-day-in-manageengine-desktop-central/

Ransomware Threatens to Reveal Company's 'Dirty' Secrets

The operators of the Sodinokibi Ransomware are threatening to publicly share a company's "dirty" financial secrets because they refused to pay the demanded ransom. [...]

https://www.bleepingcomputer.com/news/security/ransomware-threatens-to-reveal-companys-dirty-secrets/

Data-Stealing FormBook Malware Preys on Coronavirus Fears

Another email campaign pretending to be Coronavirus (COVID-19) information from the World Health Organization (WHO) is distributing a malware downloader that installs the FormBook information-stealing Trojan. [...]

https://www.bleepingcomputer.com/news/security/data-stealing-formbook-malware-preys-on-coronavirus-fears/

How to Use Google Chrome Extensions and Themes in Microsoft Edge

Microsoft's new Edge browser is now available and it comes with an add-on store where you can find Microsoft-approved extensions. As Edge is built on the same Chromium code base, it can also access the Chrome Web Store. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-use-google-chrome-extensions-and-themes-in-microsoft-edge/

New US Bill Aims to Protect Researchers who Disclose Govt Backdoors

New legislation has been introduced that amends the Espionage Act of 1917 to protect journalists, whistleblowers, and security researchers who discover and disclose classified government information. [...]

https://www.bleepingcomputer.com/news/government/new-us-bill-aims-to-protect-researchers-who-disclose-govt-backdoors/

Google Stops Issuing Security Warnings About Microsoft Edge

Google has toned down its rhetoric by no longer displaying a security warning on its extension store to Microsoft Edge users that tells them to switch to Chrome to be more secure. [...]

https://www.bleepingcomputer.com/news/google/google-stops-issuing-security-warnings-about-microsoft-edge/

Ryuk Ransomware Behind Durham, North Carolina Cyberattack

The City of Durham, North Carolina has shut down its network after suffering a cyberattack by the Ryuk Ransomware this weekend. [...]

https://www.bleepingcomputer.com/news/security/ryuk-ransomware-behind-durham-north-carolina-cyberattack/

Twitter First: Trump Video Retweet Tagged as 'Manipulated Media'

For the first time, Twitter has labeled a video as 'Manipulated Media' that attempts to portray Joe Biden as stating that  Donald Trump should be re-elected. [...]

https://www.bleepingcomputer.com/news/security/twitter-first-trump-video-retweet-tagged-as-manipulated-media/

Windows 10 PowerToys Excitement Builds as New Toys Announced

Microsoft confirmed that the company is working on Image Resizer toy. The details are not yet available, but the feature would be similar to the likes of Windows 95's Image Resizer. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-powertoys-excitement-builds-as-new-toys-announced/

Folding@Home Wants Your CPU Cycles for Coronavirus Research

The Folding@home distributed computing project is now utilizing donated CPU cycles to research the Coronavirus (COVID-19) virus. [...]

https://www.bleepingcomputer.com/news/software/folding-home-wants-your-cpu-cycles-for-coronavirus-research/

Malware Spread as Nude Extortion Pics of Friend's Girlfriend

Attackers have recently warped sextortion scams into baits used to infect their targets with Raccoon information stealer malware designed to help steal credentials, credit card information, desktop cryptocurrency wallets, and more.  [...]

https://www.bleepingcomputer.com/news/security/malware-spread-as-nude-extortion-pics-of-friends-girlfriend/

NSA Warns About Microsoft Exchange Flaw as Attacks Start

The U.S. National Security Agency (NSA) warned about a post-auth remote code execution vulnerability in all supported Microsoft Exchange Server servers via a tweet published on the agency's Twitter account. [...]

https://www.bleepingcomputer.com/news/security/nsa-warns-about-microsoft-exchange-flaw-as-attacks-start/

Intricate Phishing Scam Uses Support Chatbot to ‘Assist’ Victims

An intricate phishing scam is utilizing a "customer service" chatbot that walks its victims through filling out the various forms so that the attackers can steal their information, credit card numbers, and bank account information. [...]

https://www.bleepingcomputer.com/news/security/intricate-phishing-scam-uses-support-chatbot-to-assist-victims/

Google Play Protect Miserably Fails Android Protection Tests

Google's Play Protect Android mobile threat protection system failed German antivirus testing lab AV-Test real-world tests, scoring zero out of a maximum of six points after very weak malware detection performance. [...]

https://www.bleepingcomputer.com/news/security/google-play-protect-miserably-fails-android-protection-tests/

Malware Unfazed by Google Chrome's New Password, Cookie Encryption

Google's addition of the AES-256 algorithm to encrypt cookies and passwords in the Chrome browser had a minor impact on infostealers. [...]

https://www.bleepingcomputer.com/news/security/malware-unfazed-by-google-chromes-new-password-cookie-encryption/

New LVI Intel CPU Data Theft Vulnerability Requires Hardware Fix

A novel class of attack techniques against modern Intel processors can allow threat actors to inject malicious data into applications via transient-execution attacks and steal sensitive data according to researchers. [...]

https://www.bleepingcomputer.com/news/security/new-lvi-intel-cpu-data-theft-vulnerability-requires-hardware-fix/

Paradise Ransomware Distributed via Uncommon Spam Attachment

Attackers have started to send Excel Web Query attachments in phishing campaigns to download and install the Paradise Ransomware on unsuspecting victims. [...]

https://www.bleepingcomputer.com/news/security/paradise-ransomware-distributed-via-uncommon-spam-attachment/

Microsoft Takes Control of Necurs U.S.-Based Infrastructure

Microsoft announced today that it took over the U.S.-based infrastructure used by the Necurs spam botnet for distributing malware payloads and infecting millions of computers. [...]

https://www.bleepingcomputer.com/news/security/microsoft-takes-control-of-necurs-us-based-infrastructure/

Windows 10 Cumulative Update KB4540673 & KB4538461 Released

It's March 2020 and today is Patch Tuesday and Microsoft is rolling out a new cumulative update for all supported version of Windows. The cumulative update with security fixes is rolling out to PCs with November 2019 Update, May 2019 Update and October 2018 Update. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-update-kb4540673-and-kb4538461-released/

Firefox 74 Released: Security Fixes, Improvements, and Fixes

Mozilla has released Firefox 74 today, March 10th, 2020, to the Stable desktop channel for Windows, macOS, and Linux with bug fixes, new features, and security fixes. [...]

https://www.bleepingcomputer.com/news/software/firefox-74-released-security-fixes-improvements-and-fixes/

Entercom Radio Giant Says Data Breach Exposed User Credentials

US radio giant Entercom reported a data breach that took place in August 2019 after an unauthorized party was able to access database backup files stored third-party cloud hosting services and containing Radio.com user credentials. [...]

https://www.bleepingcomputer.com/news/security/entercom-radio-giant-says-data-breach-exposed-user-credentials/