REvil ransomware scans victim's network for Point of Sale systems

REvil ransomware operators have been observed while scanning one of their victim's network for Point of Sale (PoS) servers by researchers with Symantec's Threat Intelligence team. [...]

https://www.bleepingcomputer.com/news/security/revil-ransomware-scans-victims-network-for-point-of-sale-systems/

Microsoft Defender ATP can now protect Linux, Android devices

Microsoft Defender Advanced Threat Protection (ATP) has expanded to non-Windows platforms and is now generally available for enterprise customers using Linux devices and in public preview for those with Android devices. [...]

https://www.bleepingcomputer.com/news/security/microsoft-defender-atp-can-now-protect-linux-android-devices/

Fxmsp hackers made $1.5M selling access to corporate networks

New details have emerged on the activity of the infamous Fxmsp hacker that last year was advertising access to to networks of three cybersecurity vendors. [...]

https://www.bleepingcomputer.com/news/security/fxmsp-hackers-made-15m-selling-access-to-corporate-networks/

New WastedLocker Ransomware distributed via fake program updates

The Russian cybercrime group known as Evil Corp has added a new ransomware to its arsenal called WastedLocker. This ransomware is used in targeted attacks against the enterprise. [...]

https://www.bleepingcomputer.com/news/security/new-wastedlocker-ransomware-distributed-via-fake-program-updates/

European victims refuse to bow to Thanos ransomware

A Thanos ransomware campaign targeting mid-level employees of multiple organizations from Austria, Switzerland, and Germany was met by the victims' refusal to pay the ransoms demanded to have their data decrypted. [...]

https://www.bleepingcomputer.com/news/security/european-victims-refuse-to-bow-to-thanos-ransomware/

Windows 10 June 2020 updates cause forced reboots, LSASS crashes

Microsoft acknowledged a new known issue leading to Local Security Authority Subsystem Service (LSASS) critical system process crashes and forced reboots on some Windows 10 devices. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-june-2020-updates-cause-forced-reboots-lsass-crashes/

Exposed Frost & Sullivan databases for sale on hacking forum

U.S. business consulting firm Frost & Sullivan was breached after data from an unsecured backup folder exposed on the Internet was sold on a hacker forum. [...]

https://www.bleepingcomputer.com/news/security/exposed-frost-and-sullivan-databases-for-sale-on-hacking-forum/

CryptoCore hackers made over $200M breaching crypto exchanges

A hacking group known as CryptoCore has pulled off cryptocurrency heists worth $70 million, but research indicates that it may be an estimated value of over $200 million since 2018. [...]

https://www.bleepingcomputer.com/news/security/cryptocore-hackers-made-over-200m-breaching-crypto-exchanges/

VMware fixes critical vulnerability in Workstation and Fusion

VMware released security updates to fix multiple vulnerabilities in VMware ESXi, Workstation, and Fusion, with one of them being a critical bug in default configurations of Workstation and Fusion having 3D graphics enabled. [...]

https://www.bleepingcomputer.com/news/security/vmware-fixes-critical-vulnerability-in-workstation-and-fusion/

Microsoft: Attackers increasingly exploit Exchange servers

Microsoft's Defender ATP Research Team today issued guidance on how to defend against attacks targeting Exchange servers by blocking malicious activity identified with the help of behavior-based detection. [...]

https://www.bleepingcomputer.com/news/security/microsoft-attackers-increasingly-exploit-exchange-servers/

AdBlock is causing YouTube video errors in Microsoft Edge

Microsoft has issued a warning about a conflict between Microsoft Edge and the AdBlock Plus browser extension that causes problems when watching YouTube videos. [...]

https://www.bleepingcomputer.com/news/security/adblock-is-causing-youtube-video-errors-in-microsoft-edge/

Sony launches PlayStation bug bounty program with $50K+ rewards

Sony today announced the launch of a public PlayStation bug bounty program to pay security researchers and gamers for security vulnerabilities found in PlayStation 4 devices, the PlayStation Network domains. [...]

https://www.bleepingcomputer.com/news/security/sony-launches-playstation-bug-bounty-program-with-50k-rewards/

Nvidia adds Windows 10 2004 GPU scheduling to GeForce drivers

Nvidia has released the GeForce Game Ready driver version  451.48 and with it comes highly anticipated support for DirectX 12 support, and the Windows 10 2004 GPU Scheduling feature. [...]

https://www.bleepingcomputer.com/news/hardware/nvidia-adds-windows-10-2004-gpu-scheduling-to-geforce-drivers/

NVIDIA patches high severity flaws in Windows, Linux drivers

NVIDIA has released security updates to address security vulnerabilities found in GPU Display and CUDA drivers and Virtual GPU Manager software that could lead to code execution, denial of service, escalation of privileges, and information disclosure on both Windows and Linux machines. [...]

https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-flaws-in-windows-linux-drivers/

LG Electronics allegedly hit by Maze ransomware attack

Maze ransomware operators have claimed on their website that they breached and locked the network of the South Korean multinational LG Electronics. [...]

https://www.bleepingcomputer.com/news/security/lg-electronics-allegedly-hit-by-maze-ransomware-attack/

List of Ripple20 vulnerability advisories, patches, and updates

The dust is far from settled following the disclosure of the 19 vulnerabilities in the TCP/IP stack from Treck, collectively referred to as Ripple20, which could help attackers take full control of vulnerable devices on the network. [...]

https://www.bleepingcomputer.com/news/security/list-of-ripple20-vulnerability-advisories-patches-and-updates/

European bank suffers biggest PPS DDoS attack, new botnet suspected

A bank in Europe was the target of a huge distributed denial-of-service (DDoS) attack that sent to its networking gear a flood of 809 million packets per second (PPS). [...]

https://www.bleepingcomputer.com/news/security/european-bank-suffers-biggest-pps-ddos-attack-new-botnet-suspected/

New Lucifer DDoS malware creates a legion of Windows minions

A new botnet identified in the wild leverages close to a dozen exploits for high and critical-severity vulnerabilities against Windows systems to turn them into cryptomining clients and sources for distributed denial-of-service (DDoS) attacks. [...]

https://www.bleepingcomputer.com/news/security/new-lucifer-ddos-malware-creates-a-legion-of-windows-minions/

Microsoft removed the defer feature update setting in Windows 10

Microsoft has removed the setting allowing users to defer feature updates in Windows 10 2004 but still allows it to be configured via group policies for business versions. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-removed-the-defer-feature-update-setting-in-windows-10/

Hackers hide credit card stealing scripts in favicon EXIF data

Hackers are always evolving their tactics to stay one step ahead of security companies. A perfect example of this is the hiding of malicious credit card stealing scripts in the EXIF data of a favicon image to evade detection. [...]

https://www.bleepingcomputer.com/news/security/hackers-hide-credit-card-stealing-scripts-in-favicon-exif-data/

New Ransom X Ransomware used in Texas TxDOT cyberattack

A new ransomware called Ransom X is being actively used in human-operated and targeted attacks against government agencies and enterprises. [...]

https://www.bleepingcomputer.com/news/security/new-ransom-x-ransomware-used-in-texas-txdot-cyberattack/