Twitter warns of legacy site theme shutting down on June 1

Twitter is warning users impersonating unsupported browsers to enable the original site theme that the legacy version will be shut down on June 1st, 2020. [...]

https://www.bleepingcomputer.com/news/technology/twitter-warns-of-legacy-site-theme-shutting-down-on-june-1/

The Week in Ransomware - May 8th 2020 - Attacks Continue

Ransomware operators continue their worldwide attacks against healthcare organizations and businesses, while leaking the data of victims who do not pay a ransom. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-8th-2020-attacks-continue/

Black Hat and Def Con security conferences go virtual due to pandemic

Def Con and Black Hat announced today that their upcoming security conferences in Las Vegas this summer will no longer be in-person and are instead moving to an all-virtual event. [...]

https://www.bleepingcomputer.com/news/security/black-hat-and-def-con-security-conferences-go-virtual-due-to-pandemic/

Surface Laptop 3 screens with spontaneous cracks now fixed for free

Microsoft is now stating that they will fix mysterious and spontaneous cracks in Surface Laptop 3 displays as they may have been caused by a "foreign particle" introduced during manufacturing. [...]

https://www.bleepingcomputer.com/news/security/surface-laptop-3-screens-with-spontaneous-cracks-now-fixed-for-free/

Rail vehicle manufacturer Stadler hit by cyberattack, blackmailed

International rail vehicle construction company, Stadler, disclosed that it was the victim of a cyberattack which might have also allowed the attackers to steal company and employee data. [...]

https://www.bleepingcomputer.com/news/security/rail-vehicle-manufacturer-stadler-hit-by-cyberattack-blackmailed/

Microsoft Edge is getting a new feature to reduce web spam

Microsoft Edge is now giving users the ability to hide those pesky browser notification dialog boxes that are commonly used by web sites to push their content, or even spam, on visitors. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-is-getting-a-new-feature-to-reduce-web-spam/

North Korean hackers infect real 2FA app to compromise Macs

Hackers have hidden malware in a legitimate two-factor authentication (2FA) app for macOS to distribute Dacls, a remote access trojan associated with the North Korean Lazarus group. [...]

https://www.bleepingcomputer.com/news/security/north-korean-hackers-infect-real-2fa-app-to-compromise-macs/

Hacker group floods dark web with data stolen from 11 companies

A hacking group has started to flood a dark web hacking marketplace with databases containing a combined total of 73.2 million user records over 11 different companies. [...]

https://www.bleepingcomputer.com/news/security/hacker-group-floods-dark-web-with-data-stolen-from-11-companies/

Sodinokibi ransomware can now encrypt open and locked files

The Sodinokibi (REvil) ransomware has added a new feature that makes it easier to encrypt all files, even those that are opened and locked by another process. [...]

https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-can-now-encrypt-open-and-locked-files/

ChatBooks discloses data breach after data sold on dark web

ChatBooks photo print service has informed its customers that user information was stolen from their systems following a cyber attack. Data consisting of 15 million user records is now being offered for sale on the dark web [...]

https://www.bleepingcomputer.com/news/security/chatbooks-discloses-data-breach-after-data-sold-on-dark-web/

Windows 10: Limiting the bandwidth used by Windows Update

When installing new updates via Windows Update or the Microsoft Store, Windows 10 can consume all of the available Internet bandwidth. A Windows 10 feature can allow you to specify how much Internet bandwidth these update processes can use so that it does not affect other programs. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-limiting-the-bandwidth-used-by-windows-update/

New Thunderbolt security flaws affect systems shipped before 2019

Attackers that gain physical access to Windows, Linux, or macOS devices can access and steal data from their hard drives by exploiting 7 vulnerabilities found in Intel's Thunderbolt hardware interface. [...]

https://www.bleepingcomputer.com/news/security/new-thunderbolt-security-flaws-affect-systems-shipped-before-2019/

Maze ransomware fails to encrypt Pitney Bowes, steals files

Global business services company Pitney Bowes recently stopped an attack from Maze ransomware operators before the encryption routine could be deployed but the actor still managed to steal some data. [...]

https://www.bleepingcomputer.com/news/security/maze-ransomware-fails-to-encrypt-pitney-bowes-steals-files/

WordPress plugin bugs can let hackers take over almost 1M sites

Two high severity vulnerabilities found in the Page Builder WordPress plugin installed on more than 1,000,000 sites can let hackers create new admin accounts, plant backdoors, and ultimately take over the compromised websites. [...]

https://www.bleepingcomputer.com/news/security/wordpress-plugin-bugs-can-let-hackers-take-over-almost-1m-sites/

Microsoft's Family Safety parental control app opens for testing

With the Microsoft Family Safety app for Android and iOS, you can get information about your family's activity including what your kids are doing online and on their devices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-family-safety-parental-control-app-opens-for-testing/

Texas Courts hit by ransomware, network disabled to limit spread

The Texas court system was hit by ransomware on Friday night, May 8th, which led to the branch network including websites and servers being disabled to block the malware from spreading to other systems. [...]

https://www.bleepingcomputer.com/news/security/texas-courts-hit-by-ransomware-network-disabled-to-limit-spread/

Hackers' private chats leaked in stolen WeLeakData database

Ironically, the database for the defunct hacker forum and data breach marketplace called WeLeakData.com is being sold on the dark web and exposes the private conversations of hackers who used the site. [...]

https://www.bleepingcomputer.com/news/security/hackers-private-chats-leaked-in-stolen-weleakdata-database/

Office 365 to let regular users revoke encrypted messages

Microsoft is working on expanding the capability to revoke encrypted email messages sent using the Office 365 Message Encryption (OME) service to regular users as part of a larger effort to prevent data leaks and enterprise data theft. [...]

https://www.bleepingcomputer.com/news/microsoft/office-365-to-let-regular-users-revoke-encrypted-messages/

Researcher finds 1,236 domains infected with credit card stealers

A security researcher collected in a span of a few weeks over 1,000 domains infected with payment card skimmers, showing that the MageCart continues to be a prevalent threat that preys on insecure web shops. [...]

https://www.bleepingcomputer.com/news/security/researcher-finds-1-236-domains-infected-with-credit-card-stealers/

Adobe fixes critical vulnerabilities in Acrobat, Reader, and DNG SDK

Adobe has released security updates for Adobe Acrobat, Reader, and Adobe DNG Software Development Kit that resolve a combined total of thirty-six security vulnerabilities in the three products. [...]

https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-vulnerabilities-in-acrobat-reader-and-dng-sdk/

US govt exposes new North Korean malware, phishing attacks

The US government today released information on three new malware variants used in malicious cyber activity campaigns by a North Korean government-backed hacker group tracked as HIDDEN COBRA. [...]

https://www.bleepingcomputer.com/news/security/us-govt-exposes-new-north-korean-malware-phishing-attacks/