TrickBot Bypasses Online Banking 2FA Protection via Mobile App

The TrickBot​​​​​ gang is using a malicious Android application they developed to bypass two-factor authentication (2FA) protection used by various banks after stealing transaction authentication numbers. [...]

https://www.bleepingcomputer.com/news/security/trickbot-bypasses-online-banking-2fa-protection-via-mobile-app/

Microsoft Pauses Optional Windows Cumulative Updates Starting in May

Due to the ongoing Coronavirus pandemic, Microsoft will stop releasing optional Windows cumulative updates starting in May 2020. This includes all supported Windows 10 and Windows Server versions. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-pauses-optional-windows-cumulative-updates-starting-in-may/

TeamViewer Stops Commercial Use Checks in Coronavirus-Affected Regions

TeamViewer has stated that they will stop performing checks for commercial use of their remote control product in regions heavily affected by the Coronavirus. [...]

https://www.bleepingcomputer.com/news/software/teamviewer-stops-commercial-use-checks-in-coronavirus-affected-regions/

Tor Browser 9.0.7 Patches Bug That Could Deanonymize Users

The Tor Project released Tor Browser 9.0.7 today with a permanent fix for a bug that allowed JavaScript code to run on the Safest security level in some situations while using the previous Tor Browser version. [...]

https://www.bleepingcomputer.com/news/security/tor-browser-907-patches-bug-that-could-deanonymize-users/

HPE Warns of New Bug That Kills SSD Drives After 40,000 Hours

Hewlett Packard Enterprise (HPE) is once again warning its customers that certain Serial-Attached SCSI solid-state drives will fail after 40,000 hours of operation, unless a critical patch is applied. [...]

https://www.bleepingcomputer.com/news/security/hpe-warns-of-new-bug-that-kills-ssd-drives-after-40-000-hours/

Three More Ransomware Families Create Sites to Leak Stolen Data

Three more ransomware families have created sites that are being used to leak the stolen data of non-paying victims and further illustrates why all ransomware attacks must be considered data breaches. [...]

https://www.bleepingcomputer.com/news/security/three-more-ransomware-families-create-sites-to-leak-stolen-data/

Mozilla Firefox Gets a HTTPS Only Mode For More Secure Browsing

Mozilla Firefox 76 is getting a new 'HTTPS Only' mode that automatically upgrades all HTTP requests to HTTPS when browsing the web and blocks all connections that can't be upgraded. [...]

https://www.bleepingcomputer.com/news/software/mozilla-firefox-gets-a-https-only-mode-for-more-secure-browsing/

Tupperware Site Hacked With Fake Form to Steal Credit Cards

Hackers have compromised the website of the world-famous Tupperware brand and are stealing customers' payment card details at checkout. The risk existed for a while as researcher's attempts to alert the company remained unanswered. [...]

https://www.bleepingcomputer.com/news/security/tupperware-site-hacked-with-fake-form-to-steal-credit-cards/

Microsoft Fixes Windows Defender Scan Bug With New Update

Microsoft has silently fixed the "items skipped during scan" Windows Defender bug that was causing some items to be excluded from scans if they were stored on a network device. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-defender-scan-bug-with-new-update/

Malware Disguised as Google Updates Pushed via Hacked News Sites

Hacked corporate sites and news blogs running using the WordPress CMS are being used by attackers to deliver backdoor malware that allows them to drop several second-stage payloads such as keyloggers, info stealers, and Trojans. [...]

https://www.bleepingcomputer.com/news/security/malware-disguised-as-google-updates-pushed-via-hacked-news-sites/

Windows 10 Insider Build 19592 Brings New 2-in-1 PC Experience

Microsoft has released Windows 10 Insider Preview Build 19592 to Insiders in the Fast ring, which brings back new tablet experience for 2-in-1 convertible PCs. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-19592-brings-new-2-in-1-pc-experience/

Google Chrome Adding Option to Always Show Full URLs

Google is working on providing Chrome users with an option to set the browser to always show full URLs for all websites they visit. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-adding-option-to-always-show-full-urls/

WordPress Malware Distributed via Pirated Coronavirus Plugins

The threat actors behind the WordPress WP-VCD malware have started to distribute modified versions of Coronavirus plugins that inject a backdoor into a web site. [...]

https://www.bleepingcomputer.com/news/security/wordpress-malware-distributed-via-pirated-coronavirus-plugins/

Chinese Hackers Use Cisco, Citrix, Zoho Exploits In Targeted Attacks

The Chinese state-sponsored group APT41 has been at the helm of a range of attacks that used recent exploits to target security flaws in Citrix, Cisco, and Zoho appliances and devices of entities from a multitude of industry sectors spanning the globe. [...]

https://www.bleepingcomputer.com/news/security/chinese-hackers-use-cisco-citrix-zoho-exploits-in-targeted-attacks/

Google Resumes Chrome Releases on an Adjusted Schedule

Google today announced that Chrome and Chrome OS releases will be resumed on an adjusted schedule after previously pausing them due to employees having to work from home during the novel coronavirus pandemic. [...]

https://www.bleepingcomputer.com/news/google/google-resumes-chrome-releases-on-an-adjusted-schedule/

Chubb Cyber Insurer Allegedly Hit By Maze Ransomware Attack

Cyber insurer giant Chubb is allegedly the latest ransomware victim according to the operators of the Maze Ransomware who claim to have encrypted the company in March 2020. [...]

https://www.bleepingcomputer.com/news/security/chubb-cyber-insurer-allegedly-hit-by-maze-ransomware-attack/

Unpatched iOS Bug Blocks VPNs From Encrypting All Traffic

A currently unpatched security vulnerability affecting iOS 13.3.1 or later prevents virtual private network (VPNs) from encrypting all traffic and can lead to some Internet connections bypassing VPN encryption to expose users' data or leak their IP addresses. [...]

https://www.bleepingcomputer.com/news/security/unpatched-ios-bug-blocks-vpns-from-encrypting-all-traffic/

New Windows 10 Bug Causes Internet Connectivity Issues, Fix in April

All supported Windows 10 and Windows Server versions are affected by a new bug that could cause applications to be unable to connect to the Internet. [...]

https://www.bleepingcomputer.com/news/microsoft/new-windows-10-bug-causes-internet-connectivity-issues-fix-in-april/

Windows 10 Search Getting New Features for Business Customers

Microsoft developers are currently working on adding the Microsoft Search offering to the Windows 10 search boxes of Office 365 enterprise customers. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-search-getting-new-features-for-business-customers/

Ryuk Ransomware Keeps Targeting Hospitals During the Pandemic

The Ryuk Ransomware operators to continue to target hospitals even as these organizations are overwhelmed during the Coronavirus pandemic. [...]

https://www.bleepingcomputer.com/news/security/ryuk-ransomware-keeps-targeting-hospitals-during-the-pandemic/

Google Warned Users of 40,000 State-Sponsored Attacks in 2019

Google says that it delivered almost 40,000 alerts of state-sponsored phishing or malware hacking attempts to its users during 2019, with a 25% drop when compared to the previous year. [...]

https://www.bleepingcomputer.com/news/security/google-warned-users-of-40-000-state-sponsored-attacks-in-2019/