Introduce Kids to Cybersecurity With This Free Activity Book

Security company Balbix has released a 12-page printable activity book for children that introduces them to cybersecurity in a fun way. [...]

https://www.bleepingcomputer.com/news/security/introduce-kids-to-cybersecurity-with-this-free-activity-book/

How to Mitigate the Windows Font Parsing Zero-Day Bug via GPO

Active Directory (AD) admins can mitigate the recently disclosed and actively exploited remote code execution (RCE) zero-day found in the Windows Adobe Type Manager Library in large AD environments using group policies. [...]

https://www.bleepingcomputer.com/news/security/how-to-mitigate-the-windows-font-parsing-zero-day-bug-via-gpo/

Office 365 Phishing Uses CSS Tricks to Bypass Email Gateways

A phishing campaign using Office 365 voicemail lures to trick them into visiting landing pages designed to steal their personal information or infect their computers with malware. [...]

https://www.bleepingcomputer.com/news/security/office-365-phishing-uses-css-tricks-to-bypass-email-gateways/

FBI Warns of Attacks on Remote Work, Distance Learning Platforms

FBI's Internet Crime Complaint Center (IC3) issued a public service announcement today about the risk of attacks exploiting the increased usage of online communication platforms for remote working and distance learning. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-attacks-on-remote-work-distance-learning-platforms/

IRS Warns of Surge in Economic Stimulus Payment Scams

The Internal Revenue Service (IRS) today issued a warning to alert about a surge in coronavirus-related scams over email, phone calls, or social media requesting personal information while using economic impact payments as a lure. [...]

https://www.bleepingcomputer.com/news/security/irs-warns-of-surge-in-economic-stimulus-payment-scams/

WordPress Plugin Bug Can Be Exploited to Create Rogue Admins

Owners of WordPress sites who use the Contact Form 7 Datepicker plugin are urged to remove or deactivate it to prevent attackers from creating rogue admins or taking over admin sessions after exploiting an authenticated stored cross-site scripting (XSS) vulnerability. [...]

https://www.bleepingcomputer.com/news/security/wordpress-plugin-bug-can-be-exploited-to-create-rogue-admins/

Twitter Reveals That Firefox Cached Private Data For Up to 7 Days

Twitter disclosed an issue in the way the Mozilla Firefox web browser cached data that may have lead to private media shared in DMs and data downloads being inadvertently stored in the browser's cache. [...]

https://www.bleepingcomputer.com/news/security/twitter-reveals-that-firefox-cached-private-data-for-up-to-7-days/

New Coronavirus-Themed Malware Locks You Out of Windows

With school closed due to the Coronavirus pandemic, some kids are creating malware to keep themselves occupied. Such is the case with a variety of new MBRLocker variants being released, including one with a Coronavirus theme. [...]

https://www.bleepingcomputer.com/news/security/new-coronavirus-themed-malware-locks-you-out-of-windows/

Zoom's Web Client is Down, Users Report 403 Forbidden Errors

Zoom users are currently reporting that they are unable to use the Zoom web client or start and attend webinars, with reports saying that the web client is throwing '403 Forbidden' errors. [...]

https://www.bleepingcomputer.com/news/technology/zooms-web-client-is-down-users-report-403-forbidden-errors/

Apple Paid $75K For Bugs Letting Sites Hijack iPhone Cameras

Apple has paid a $75,000 bug bounty to a security researcher who chained together three different exploits that could have allowed malicious web sites to use your iPhone camera and microphone without permission. [...]

https://www.bleepingcomputer.com/news/security/apple-paid-75k-for-bugs-letting-sites-hijack-iphone-cameras/

Microsoft: Emotet Took Down a Network by Overheating All Computers

Microsoft says that an Emotet infection was able to take down an organization's entire network by maxing out CPUs on Windows devices and bringing its Internet connection down to a crawl after one employee was tricked to open a phishing email attachment. [...]

https://www.bleepingcomputer.com/news/security/microsoft-emotet-took-down-a-network-by-overheating-all-computers/

Mozilla Patches Two Actively Exploited Firefox Zero-Days

Mozilla released Firefox 74.0.1 and Firefox ESR 68.6.1 earlier to address two critical vulnerabilities actively abused in the wild that could lead to remote code execution on vulnerable machines. [...]

https://www.bleepingcomputer.com/news/security/mozilla-patches-two-actively-exploited-firefox-zero-days/

Discord Turned Into an Account Stealer by Updated Malware

A new version of the popular AnarchyGrabber Discord malware has been released that modifies the Discord client files so that it can evade detection and steal user accounts every time someone logs into the chat service. [...]

https://www.bleepingcomputer.com/news/security/discord-turned-into-an-account-stealer-by-updated-malware/

Windows PCs Exposed to Attacks by Critical HP Support Assistant Bugs

Several critical HP Support Assistant vulnerabilities expose Windows computers to remote code execution attacks and could allow attackers to elevate their privileges or to delete arbitrary files following successful exploitation. [...]

https://www.bleepingcomputer.com/news/security/windows-pcs-exposed-to-attacks-by-critical-hp-support-assistant-bugs/

How to Use Windows 10 to Stay Focused While Working From Home

Your Windows 10 device boasts a feature that can help you concentrate on work, rather than being distracted by random WhatsApp forwards, messages, notifications, and promotional alerts. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-use-windows-10-to-stay-focused-while-working-from-home/

DOJ Says Zoom-Bombing is Illegal, Could Lead to Jail Time

The Department of Justice and Offices of the United States Attorneys are warning that 'Zoom-bombing' is illegal and those who are involved can be charged with federal and state crimes. [...]

https://www.bleepingcomputer.com/news/software/doj-says-zoom-bombing-is-illegal-could-lead-to-jail-time/

Microsoft Edge is now 2nd most popular desktop browser, beats Firefox

The Microsoft Edge browser is now being used by more people than Mozilla Firefox making it the 2nd most popular desktop browser. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-is-now-2nd-most-popular-desktop-browser-beats-firefox/

New Microsoft Edge features will make you more productive

Microsoft recently confirmed that it's working on Vertical tabs and Smart copy features for its new browser. With these features, Microsoft aims to improve your productivity. In this article, we'll take a closer look at each of them. [...]

https://www.bleepingcomputer.com/news/microsoft/new-microsoft-edge-features-will-make-you-more-productive/

Interpol: Ransomware attacks on hospitals are increasing

The INTERPOL (short for International Criminal Police Organisation) warns that cybercriminals are increasingly attempting to lockout hospitals out of critical systems by attempting to deploy ransomware on their networks despite the currently ongoing COVID-19 pandemic. [...]

https://www.bleepingcomputer.com/news/security/interpol-ransomware-attacks-on-hospitals-are-increasing/

PSA: Fake Zoom installers being used to distribute malware

Attackers are taking advantage of the increased popularity of the Zoom video conferencing service to distribute installers that are bundled with malware and adware applications. [...]

https://www.bleepingcomputer.com/news/security/psa-fake-zoom-installers-being-used-to-distribute-malware/

FBI warns again of BEC scammers exploiting cloud email services

FBI's Internet Crime Complaint Center (IC3) has issued today a public service announcement warning of cybercriminals abusing popular cloud-based email services as part of Business Email Compromise (BEC) attacks. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-again-of-bec-scammers-exploiting-cloud-email-services/