Windows 10 background image tool can be abused to download malware

A binary in Windows 10 responsible for setting an image for the desktop and lock screen can help attackers download malware on a compromised system without raising the alarm. [...]

https://www.bleepingcomputer.com/news/security/windows-10-background-image-tool-can-be-abused-to-download-malware/

Surge of MongoDB ransom attacks use GDPR as extortion leverage

A flood of attacks is targeting unsecured MongoDB servers and wiping their databases. Left behind are notes demanding a ransom payment, or the data will be leaked, and the owners reported for GDPR violations. [...]

https://www.bleepingcomputer.com/news/security/surge-of-mongodb-ransom-attacks-use-gdpr-as-extortion-leverage/

Malwarebytes AdwCleaner now removes malware from the command line

The popular AdwCleaner tool from Malwarebytes is about to get even more popular as it now can be used entirely from the command line. [...]

https://www.bleepingcomputer.com/news/security/malwarebytes-adwcleaner-now-removes-malware-from-the-command-line/

Microsoft Defender ATP now helps secure network devices

Microsoft Defender Advanced Threat Protection (ATP) can now assess the collective security configuration state of devices on an enterprise network with the help of a new feature dubbed Microsoft Secure Score for Devices. [...]

https://www.bleepingcomputer.com/news/security/microsoft-defender-atp-now-helps-secure-network-devices/

Windows 10 2004 breaks OneDrive connectivity for some users

Microsoft says that some users might experience OneDrive connectivity issues after updating their devices to Windows 10, version 2004 or enabling Files on Demand in OneDrive. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-breaks-onedrive-connectivity-for-some-users/

Avaddon ransomware shows that Excel 4.0 macros are still effective

Avaddon ransomware has been spreading this week via an old technique that's making a comeback, Microsoft cautions on Thursday. [...]

https://www.bleepingcomputer.com/news/security/avaddon-ransomware-shows-that-excel-40-macros-are-still-effective/

F5 patches critical BIG-IP ADC remote code execution vulnerability

F5 Networks (F5) patched a critical remote code execution (RCE) vulnerability found in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP application delivery controller (ADC). [...]

https://www.bleepingcomputer.com/news/security/f5-patches-critical-big-ip-adc-remote-code-execution-vulnerability/

The Week in Ransomware - July 3rd 2020 - Yes, Macs need antivirus

Many macOS users, including my family and friends, have been under the impression that Macs are not affected by malware and thus do not need security software. After this week, I hope the point is clear; that assumption is wrong, and Macs need antivirus software. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-3rd-2020-yes-macs-need-antivirus/

Try2Cry ransomware tries to worm its way to other Windows systems

A new ransomware known as Try2Cry is trying to worm its way onto other Windows computers by infecting USB flash drives and using Windows shortcuts (LNK files) posing as the targets' files to lure them into infecting themselves. [...]

https://www.bleepingcomputer.com/news/security/try2cry-ransomware-tries-to-worm-its-way-to-other-windows-systems/

Companies start reporting ransomware attacks as data breaches

Corporate victims are finally starting to realize that ransomware attacks are data breaches and have begun to notify employees and clients about data stolen data. [...]

https://www.bleepingcomputer.com/news/security/companies-start-reporting-ransomware-attacks-as-data-breaches/

New Behave! extension warns of website port scans, local attacks

A new browser extension called Behave! will warn you if a web site is using scripts to perform scans or attacks on local and private IP addresses on your network. [...]

https://www.bleepingcomputer.com/news/security/new-behave-extension-warns-of-website-port-scans-local-attacks/

.NET Core vulnerability lets attackers evade malware detection

A vulnerability in the .NET Core library allows malicious programs to be launched while evading detection by security software. [...]

https://www.bleepingcomputer.com/news/security/net-core-vulnerability-lets-attackers-evade-malware-detection/

Windows 10's Microsoft Store Codecs patches are confusing users

Microsoft released security updates via the Microsoft Store last week, and it's confusing many users who want to make sure their devices are protected. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10s-microsoft-store-codecs-patches-are-confusing-users/

PoC exploits released for F5 BIG-IP vulnerabilities, patch now!

Two days after patches for critical F5 BIG-IP vulnerability were released, security researchers have started publicly posting proof-of-concept (PoC) exploits show how easy it is to exploit these devices. [...]

https://www.bleepingcomputer.com/news/security/poc-exploits-released-for-f5-big-ip-vulnerabilities-patch-now/

North Korean hackers linked to credit card stealing attacks on US stores

Hackers from North Korea have been stealing payment card information from customers of large retailers in the U.S. and Europe for at least a year, reveals new research released today. [...]

https://www.bleepingcomputer.com/news/security/north-korean-hackers-linked-to-credit-card-stealing-attacks-on-us-stores/

Windows 10 2004 upgrade gets blocked due to unsupported settings

Some Windows 10 users are being blocked from applying the May 2020 Update when manually seeking to upgrade through Windows Update due to unsupported settings on Windows 10 2004. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-upgrade-gets-blocked-due-to-unsupported-settings/

Microsoft's new Windows 10 Alt+Tab plan looks like a mess

In what is being called a productivity enhancement, Microsoft is testing a change to the Windows 10 Alt+Tab feature so that it also shows open Microsoft Edge browser tabs. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-new-windows-10-alt-tab-plan-looks-like-a-mess/

New Google Chrome feature to drastically reduce battery usage

Google is planning to add a new Chrome feature that could lead to drops of almost 30% in battery usage by throttling JavaScript timers in background tabs. [...]

https://www.bleepingcomputer.com/news/google/new-google-chrome-feature-to-drastically-reduce-battery-usage/

Ransomware attack on insurance MSP Xchanging affects clients

Global IT services and solutions provider DXC Technology announced over the weekend a ransomware attack on systems from its Xchanging subsidiary. [...]

https://www.bleepingcomputer.com/news/security/ransomware-attack-on-insurance-msp-xchanging-affects-clients/

EDP energy giant confirms Ragnar Locker ransomware attack

EDP Renewables North America (EDPR NA) confirmed a Ragnar Locker ransomware attack that affected its parent corporation's systems, the Portuguese multinational energy giant Energias de Portugal (EDP). [...]

https://www.bleepingcomputer.com/news/security/edp-energy-giant-confirms-ragnar-locker-ransomware-attack/

Microsoft Defender ATP web content filtering is now free

The new Microsoft Defender Advanced Threat Protection (ATP) Web Content Filtering feature will be provided for free to all enterprise customers without the need for an additional partner license. [...]

https://www.bleepingcomputer.com/news/security/microsoft-defender-atp-web-content-filtering-is-now-free/