Joker Android malware keeps evading Google Play Store defenses

The threat actor behind the Joker Android malware has once again succeeded to successfully slip spyware infected apps onto the Play Store, Google's official Android app store. [...]

https://www.bleepingcomputer.com/news/security/joker-android-malware-keeps-evading-google-play-store-defenses/

Evilnum hackers use the same malware supplier as FIN6, Cobalt

Hackers in the Evilnum group have developed a toolset that combines custom malware, legitimate utilities, and tools bought from a malware-as-a-service (MaaS) provider that caters for big fintech threat actors. [...]

https://www.bleepingcomputer.com/news/security/evilnum-hackers-use-the-same-malware-supplier-as-fin6-cobalt/

Persuasive Office 365 phishing uses fake Zoom suspension alerts

Microsoft Office 365 users are targeted by a new phishing campaign using fake Zoom notifications to warn those who work in corporate environments that their Zoom accounts have been suspended, with the end goal of stealing Office 365 logins. [...]

https://www.bleepingcomputer.com/news/security/persuasive-office-365-phishing-uses-fake-zoom-suspension-alerts/

Microsoft testing new Windows 10 KDP anti-malware protection

Microsoft is testing a new Windows 10 security feature dubbed Kernel Data Protection (KDP) and designed to block malicious actors from altering Windows drivers and systems' protected kernel memory as part of their attacks. [...]

https://www.bleepingcomputer.com/news/security/microsoft-testing-new-windows-10-kdp-anti-malware-protection/

Google will ban ads for stalkerware starting August 11

Google will update its Google Ads Enabling Dishonest Behavior policy to globally ban advertising for spyware and surveillance technology known as stalkerware starting with August 11, 2020. [...]

https://www.bleepingcomputer.com/news/security/google-will-ban-ads-for-stalkerware-starting-august-11/

Conti ransomware shows signs of being a Ryuk successor

The Conti Ransomware is an upcoming threat targeting corporate networks with new features that allow it to perform quicker and more targeted attacks. There are also indications that this ransomware shares the same malware code as Ryuk, who has slowly been fading away, while Conti's distribution is increasing. [...]

https://www.bleepingcomputer.com/news/security/conti-ransomware-shows-signs-of-being-a-ryuk-successor/

How to import and backup saved passwords in Google Chrome

​Google Chrome Password Manager lets you save usernames and passwords and automatically use them to log in to websites you visit. If you ever decide to switch from or to Google Chrome and want to take your saved passwords with you, this guide will help you. [...]

https://www.bleepingcomputer.com/news/google/how-to-import-and-backup-saved-passwords-in-google-chrome/

Over 1,300 phishing kits for sale on hacker forum

A member of a hacker forum is looking to make over $30,000 from selling a huge collection of more than 1,300 phishing kits. [...]

https://www.bleepingcomputer.com/news/security/over-1-300-phishing-kits-for-sale-on-hacker-forum/

Mozilla reduces TLS certificate lifespan to 1 year in September

Mozilla has officially announced that starting September 1st, 2020, they will no longer consider any newly issued certificates with a lifespan greater than 398 days, or a little over one year, as valid. [...]

https://www.bleepingcomputer.com/news/security/mozilla-reduces-tls-certificate-lifespan-to-1-year-in-september/

US Secret Service creates new Cyber Fraud Task Force

The U.S. Secret Service announced the creation of the Cyber Fraud Task Force (CFTF) after the merger of its Financial Crimes Task Forces (FCTFs) and Electronic Crimes Task Forces (ECTFs) into a single unified network. [...]

https://www.bleepingcomputer.com/news/security/us-secret-service-creates-new-cyber-fraud-task-force/

eToro accounts peddled by the thousands on cybercrime forums

A threat actor is peddling 62,000 active eToro accounts on a known cybercrime forum. They are also likely collaborating with REvil ransomware on the corporate intrusion front. [...]

https://www.bleepingcomputer.com/news/security/etoro-accounts-peddled-by-the-thousands-on-cybercrime-forums/

Uber Eats outage in multiple countries, 'Internal Server Error" reports

The Uber Eats food delivery service is having an outage in multiple countries that is preventing orders from being placed in the app. [...]

https://www.bleepingcomputer.com/news/technology/uber-eats-outage-in-multiple-countries-internal-server-error-reports/

How to protect your Verizon number from SIM swapping attacks

Verizon now makes it possible for customers to defend against SIM swapping attacks by enabling the free Number Lock protection feature through the My Verizon app or the My Verizon website. [...]

https://www.bleepingcomputer.com/news/security/how-to-protect-your-verizon-number-from-sim-swapping-attacks/

Microsoft will not support PHP 8.0 for Windows in 'any capacity'

Microsoft has announced that it will not offer support in 'any capacity' for PHP for Windows 8.0 when it is released. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-will-not-support-php-80-for-windows-in-any-capacity/

Apple: Closing MacBooks with camera covers leads to display damage

Apple warns customers to avoid closing their MacBook, MacBook Air, or MacBook Pro devices if they use a camera cover thicker than 0.1mm to avoid display damage. [...]

https://www.bleepingcomputer.com/news/apple/apple-closing-macbooks-with-camera-covers-leads-to-display-damage/

The Week in Ransomware - July 10th 2020 - A quiet week

It has been a pretty quiet week with few alleged attacks against corporate victims and mostly new variants of existing ransomware released. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-10th-2020-a-quiet-week/

How to enable Windows 10's hidden features using Mach2

Windows 10 builds contain many hidden features that are used by Microsoft to debug code or test applications that have not been officially released yet. A new tool has been released that enables you to find and enable these hidden features in Windows 10. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-enable-windows-10s-hidden-features-using-mach2/

TrickBot malware mistakenly warns victims that they are infected

The notorious TrickBot malware mistakenly left a test module that is warning victims that they are infected and should contact their administrator. [...]

https://www.bleepingcomputer.com/news/security/trickbot-malware-mistakenly-warns-victims-that-they-are-infected/

Zoom fixes zero-day RCE bug affecting Windows 7, more updates soon

​The Zoom web conference Client contained a zero-day vulnerability that could have allowed attackers to execute commands on vulnerable systems remotely. [...]

https://www.bleepingcomputer.com/news/security/zoom-fixes-zero-day-rce-bug-affecting-windows-7-more-updates-soon/

How to use Windows 10’s Storage Sense to free up Disk Space

Windows has always allowed users to free up storage space by emptying temporary files, recycling bin, and the downloads folder's contents. With Windows 10, Microsoft has made things a little bit easier with a new automated feature called 'Storage Sense.' [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-use-windows-10-s-storage-sense-to-free-up-disk-space/

Malware adds Any.Run sandbox detection to evade analysis

Malware developers are now checking if their malware is running in the Any.Run malware analysis service to prevent their malware from being easily analyzed by researchers. [...]

https://www.bleepingcomputer.com/news/security/malware-adds-anyrun-sandbox-detection-to-evade-analysis/