Microsoft Edge getting improved security, work at home features

Microsoft is testing a new version of Edge with Insiders and it comes with multiple new features including improved SmartScreen support. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-getting-improved-security-work-at-home-features/

Opening 100 tabs in Google Chrome Mobile gets you a smiley face

Today I learned something new; Google Chrome Mobile has an Easter egg that turns the tab count into a smiley face when you have over 100 tabs. [...]

https://www.bleepingcomputer.com/news/google/opening-100-tabs-in-google-chrome-mobile-gets-you-a-smiley-face/

Sodinokibi, Ryuk ransomware drive up average ransom to $111,000

The first quarter of the year recorded an increase of the average amount ransomware operators demand from their victims. Compared to the previous quarter, a 33% swell was noted, driven by the Sodinokibi and Ryuk ransomware operators. [...]

https://www.bleepingcomputer.com/news/security/sodinokibi-ryuk-ransomware-drive-up-average-ransom-to-111-000/

Xiaomi tracks private browser and phone usage, defends behavior

New research claims that China-based Xiaomi is tracking sensitive information and sending it to their servers if you use the Mi browser, which is bundled with all Redmi and Mi phones. [...]

https://www.bleepingcomputer.com/news/technology/xiaomi-tracks-private-browser-and-phone-usage-defends-behavior/

Debloating Windows 10 and increasing privacy with SharpApp

A new utility called SharpApp has been released that helps you debloat and increase privacy in Windows 10 by uninstalling preinstalled apps and disabling various telemetry settings. [...]

https://www.bleepingcomputer.com/news/microsoft/debloating-windows-10-and-increasing-privacy-with-sharpapp/

Hacker sells 91 million Tokopedia accounts, cracked passwords shared

A hacker is selling a database containing the information of 91 million Tokopedia accounts on a dark web market for as little as $5,000. Other threat actors have already started to crack passwords and share them online. [...]

https://www.bleepingcomputer.com/news/security/hacker-sells-91-million-tokopedia-accounts-cracked-passwords-shared/

LineageOS outage caused by hackers breaching main infrastructure

Administrators of LineageOS‌ Android custom operating system were on high alert on Saturday after hackers breached their main infrastructure, causing a full outage. [...]

https://www.bleepingcomputer.com/news/security/lineageos-outage-caused-by-hackers-breaching-main-infrastructure/

CAM4 adult cam site exposes 11 million emails, private chats

Adult live streaming website CAM4 exposed over 7TB of personally identifiable information (PII) of members and users, stored within more than 10.88 billion database records. [...]

https://www.bleepingcomputer.com/news/security/cam4-adult-cam-site-exposes-11-million-emails-private-chats/

Hackers exploit Salt RCE bugs in widespread attacks, PoCs public

Hackers kept busy this weekend exploiting vulnerable Salt instances used in various infrastructures for server management and automation. [...]

https://www.bleepingcomputer.com/news/security/hackers-exploit-salt-rce-bugs-in-widespread-attacks-pocs-public/

New VCrypt Ransomware locks files in password-protected 7ZIPs

A new ransomware called VCrypt is targeting French victims by utilizing the legitimate 7zip command-line program to create password-protected archives of data folders. [...]

https://www.bleepingcomputer.com/news/security/new-vcrypt-ransomware-locks-files-in-password-protected-7zips/

Office 365 to stop data theft by disabling external forwarding

Microsoft is planning to put a stop to enterprise data theft via email forwarding by disabling Office 365's email forwarding to external recipients by default. [...]

https://www.bleepingcomputer.com/news/security/office-365-to-stop-data-theft-by-disabling-external-forwarding/

LockBit ransomware self-spreads to quickly encrypt 225 systems

A feature of the LockBit ransomware allows threat actors to breach a corporate network and deploy their ransomware to encrypt hundreds of devices in just a few hours. [...]

https://www.bleepingcomputer.com/news/security/lockbit-ransomware-self-spreads-to-quickly-encrypt-225-systems/

GoDaddy notifies users of breached hosting accounts

GoDaddy notified some of its customers that it had to reset their passwords after an unauthorized party used their web hosting account credentials to connect to their hosting account via SSH. [...]

https://www.bleepingcomputer.com/news/security/godaddy-notifies-users-of-breached-hosting-accounts/

GitHub shuts down Popcorn Time repositories due to MPA DMCA notice

GitHub has shut down two repositories belonging to the video streaming BitTorrent client Popcorn Time after receiving a Digital Millennium Copyright Act (DMCA) infringement notice from the Motion Picture Association. [...]

https://www.bleepingcomputer.com/news/software/github-shuts-down-popcorn-time-repositories-due-to-mpa-dmca-notice/

Firefox 76 released with integrated data breach alerts

Mozilla has released Firefox 76 today, May 5th, 2020, to the Stable desktop channel for Windows, macOS, and Linux with bug fixes, new features, and security fixes. [...]

https://www.bleepingcomputer.com/news/software/firefox-76-released-with-integrated-data-breach-alerts/

Nation-state hackers are targeting COVID-19 response orgs

Organizations involved in international COVID-19 responses, healthcare, and essential services are actively targeted by government-backed hacking groups according to a joint advisory issued today by cyber-security agencies from the US and the UK. [...]

https://www.bleepingcomputer.com/news/security/nation-state-hackers-are-targeting-covid-19-response-orgs/

Game patch gives hackers access to development content on Amazon S3

A security flaw in patches from game developer Naughty Dog allowed hackers access to unreleased content from the upcoming The Last of Us Part II that was stored in an Amazon S3 bucket. [...]

https://www.bleepingcomputer.com/news/security/game-patch-gives-hackers-access-to-development-content-on-amazon-s3/

InfinityBlack hacker group dismantled by European authorities

Europol announced today that Polish and Swiss law enforcement authorities dismantled the 'InfinityBlack' hacker group after arresting five of its members in Poland on April 29, 2020. [...]

https://www.bleepingcomputer.com/news/security/infinityblack-hacker-group-dismantled-by-european-authorities/

Microsoft launches IoT-focused bounty program with $100K awards

Microsoft announced today the launch of a new IoT-focused research program with awards of up to $100,000 for vulnerabilities found by security researchers in the Azure Sphere IoT security solution. [...]

https://www.bleepingcomputer.com/news/security/microsoft-launches-iot-focused-bounty-program-with-100k-awards/

Toll Group hit by ransomware a second time, deliveries affected

The Toll Group has suffered its second ransomware cyberattack in three months, with the latest one conducted by the operators of the Nefilim Ransomware. [...]

https://www.bleepingcomputer.com/news/security/toll-group-hit-by-ransomware-a-second-time-deliveries-affected/

Microsoft releases May Office updates with fixes for auth issues

Microsoft released the May 2020 non-security Microsoft Office updates with fixes for several issues and performance improvements to Windows Installer (MSI) editions of Office 2016 and Office 2013. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-may-office-updates-with-fixes-for-auth-issues/