Admin of carding portal behind $568M in losses pleads guilty

Russian national Sergey Medvedev, one of the co-founders of Internet-based cybercriminal enterprise Infraud Organization and an admin on the organization's carding forum, today pleaded guilty to RICO conspiracy. [...]

https://www.bleepingcomputer.com/news/security/admin-of-carding-portal-behind-568m-in-losses-pleads-guilty/

Nearly 300 Windows 10 executables vulnerable to DLL hijacking

A simple VBScript may be enough to allow users to gain administrative privileges and bypass UAC entirely on Windows 10. [...]

https://www.bleepingcomputer.com/news/security/nearly-300-windows-10-executables-vulnerable-to-dll-hijacking/

GeoVision access control devices let hackers steal fingerprints

GeoVision, a Taiwanese fingerprint scanner, access control, and surveillance tech manufacturer, fixed critical vulnerabilities in their devices that could be abused by hackers and nation-state threat actors. [...]

https://www.bleepingcomputer.com/news/security/geovision-access-control-devices-let-hackers-steal-fingerprints/

This Registry trick lets you block major Windows 10 updates

New Microsoft documentation has revealed a Group policy and Registry tweak that allows you to specify the specific Windows version you wish to stay on and prevent new feature updates from being installed. [...]

https://www.bleepingcomputer.com/news/microsoft/this-registry-trick-lets-you-block-major-windows-10-updates/

Microsoft quietly created a Windows 10 File Recovery tool, how to use

Microsoft has created a Windows 10 File Recovery Tool that recovers deleted files and forgot to tell anyone. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-quietly-created-a-windows-10-file-recovery-tool-how-to-use/

Chinese malware used in attacks against Australian orgs

The Australian government released an advisory late last week about increased cyber activity from a state actor against networks belonging to its agencies and companies in the country. [...]

https://www.bleepingcomputer.com/news/security/chinese-malware-used-in-attacks-against-australian-orgs/

Why certain characters "glitch" Gmail, YouTube, and Twitter

Have you ever used Twitter, Gmail, or YouTube and noticed odd characters being displayed vertically overlay other text on the page or break out UI boundaries? If so and have wondered how this is happening, we dive into the wonderful world of Unicode that causes this behavior. [...]

https://www.bleepingcomputer.com/news/technology/why-certain-characters-glitch-gmail-youtube-and-twitter/

Samsung is reportedly working on a more affordable Galaxy Fold

Samsung is reportedly working on Galaxy Fold Lite for as cheap as $900. The Galaxy Fold Lite will reportedly launch in 2021, but remember that this is just a rumor out of South Korea and it has to be taken with a grain of salt. [...]

https://www.bleepingcomputer.com/news/hardware/samsung-is-reportedly-working-on-a-more-affordable-galaxy-fold/

AMD adds beta support for Windows 10 GPU Scheduling feature

AMD recently released 20.5.1 Adrenalin 2020 Edition suite of drivers to beta testers and this update is solely focused on providing proper support for the Windows 10 May 2020 Update, also known as version 2004 and 19041. [...]

https://www.bleepingcomputer.com/news/hardware/amd-adds-beta-support-for-windows-10-gpu-scheduling-feature/

Over 100k daily brute-force attacks on RDP in pandemic lockdown

The number of daily brute-force attacks against Windows remote desktop service has almost doubled during the pandemic lockdown, telemetry data shows. [...]

https://www.bleepingcomputer.com/news/security/over-100k-daily-brute-force-attacks-on-rdp-in-pandemic-lockdown/

Microsoft Word to get Bing-powered plagiarism checker

Microsoft announced that the similarity checker tool bundled with the AI-powered Microsoft Editor writing virtual assistant will also be available within Microsoft Word, the company's word processor. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-word-to-get-bing-powered-plagiarism-checker/

Palo Alto Networks patches critical vulnerability in firewall OS

Palo Alto Networks disclosed a critical vulnerability found in the operating system (PAN-OS) of all its next-generation firewalls that could allow unauthenticated network-based attackers to bypass authentication. [...]

https://www.bleepingcomputer.com/news/security/palo-alto-networks-patches-critical-vulnerability-in-firewall-os/

Roblox accounts being hacked in support of Trump reelection

A hacking campaign is targeting Roblox accounts to support President Trump in the upcoming U.S. Presidential elections in November. [...]

https://www.bleepingcomputer.com/news/security/roblox-accounts-being-hacked-in-support-of-trump-reelection/

UC San Francisco pays $1.14 million for ransomware decryptor

The University of California San Francisco (UCSF) says that it paid $1.14 million to the Netwalker ransomware operators who successfully breached the UCSF School of Medicine's IT network, stealing data and encrypting systems. [...]

https://www.bleepingcomputer.com/news/security/uc-san-francisco-pays-114-million-for-ransomware-decryptor/

Microsoft officially launches Windows 10 Insider channels

Microsoft today announced that the new Windows Insider Channels are rolling out to Windows 10 customers enrolled in the program as initially announced earlier this month, on June 15. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-officially-launches-windows-10-insider-channels/

Seller floods hacker forum with data stolen from 14 companies

A data breach broker is selling databases containing user records for 14 different companies he claimed were breached by hackers in 2020. [...]

https://www.bleepingcomputer.com/news/security/seller-floods-hacker-forum-with-data-stolen-from-14-companies/

How public safety systems can be abused by nation state actors

Open systems, open data, and open-source software provide a means to promote greater transparency, public trust, and user participation. But what happens when adversaries can abuse the same systems? [...]

https://www.bleepingcomputer.com/news/security/how-public-safety-systems-can-be-abused-by-nation-state-actors/

Devious Bitcoin scam uses targeted texts and celeb endorsements

A multi-stage bitcoin fraud exposed and leveraged personally identifiable information to trick users into enlisting to a dubious investment site. Researchers found close to 250,000 unique records. [...]

https://www.bleepingcomputer.com/news/security/devious-bitcoin-scam-uses-targeted-texts-and-celeb-endorsements/

Firefox 78 adds WebRender support to Windows PCs with Intel GPU

Mozilla has released Firefox 78 today, June 30th, 2020, to the Stable desktop channel for Windows, macOS, and Linux with new features, bug fixes, changes, enterprise improvements, and security fixes. [...]

https://www.bleepingcomputer.com/news/software/firefox-78-adds-webrender-support-to-windows-pcs-with-intel-gpu/

Business giant Xerox allegedly suffers Maze Ransomware attack

Maze ransomware operators have updated their list of victims adding Xerox Corporation to the roster. It appears that the encryption routine had completed on June 25. [...]

https://www.bleepingcomputer.com/news/security/business-giant-xerox-allegedly-suffers-maze-ransomware-attack/

Clever Phishing scam targets websites with free DNSSEC offer

A very clever phishing campaign targets bloggers and website owners with emails pretending to be from their hosting provider who wants to upgrade their domain to use secure DNS (DNSSEC). [...]

https://www.bleepingcomputer.com/news/security/clever-phishing-scam-targets-websites-with-free-dnssec-offer/