Russian hackers target COVID-19 vaccine research with custom malware

Hackers likely working for Russian intelligence services have been attacking organizations involved in the research and development of a vaccine against the new coronavirus. [...]

https://www.bleepingcomputer.com/news/security/russian-hackers-target-covid-19-vaccine-research-with-custom-malware/

New Android malware steals your dating and social accounts

A new Android banking trojan dubbed BlackRock steals credentials and credit card information from a list of 337 apps many of them used for many non-financial purposes. [...]

https://www.bleepingcomputer.com/news/security/new-android-malware-steals-your-dating-and-social-accounts/

Orange confirms ransomware attack exposing business customers' data

Orange has confirmed to BleepingComputer that they suffered a ransomware attack exposing the data of twenty of their enterprise customers. [...]

https://www.bleepingcomputer.com/news/security/orange-confirms-ransomware-attack-exposing-business-customers-data/

T-Mobile announces free Scam Shield robocall and scam protection

T-Mobile today announced the launch of the new Scam Shield service on July 24, a service that will provide T-Mobile, Metro, and Sprint customers with free Scam ID, Scam Block, and Caller ID anti-scam protection. [...]

https://www.bleepingcomputer.com/news/security/t-mobile-announces-free-scam-shield-robocall-and-scam-protection/

Federal agencies told to patch wormable Windows DNS bug in 24 hours

The Cybersecurity and Infrastructure Security Agency (CISA) today asked all U.S. federal executive branch departments and agencies to mitigate the critical SIGRed Windows DNS Server wormable remote code execution (RCE) vulnerability within 24 hours. [...]

https://www.bleepingcomputer.com/news/security/federal-agencies-told-to-patch-wormable-windows-dns-bug-in-24-hours/

Microsoft fixes Windows 10 2004 boot fails caused by Disk Cleanup

Microsoft fixed an issue where the Disk Cleanup maintenance utility could cause boot failures when launching automatically after installing Windows 10, version 2004 Build 19041.21. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-2004-boot-fails-caused-by-disk-cleanup/

Twitter starts rolling out new LinkedIn-style DMs interface

Twitter has started to roll out a new interface that lets you quickly access your direct messages (DMs) from any page on the social platform. [...]

https://www.bleepingcomputer.com/news/technology/twitter-starts-rolling-out-new-linkedin-style-dms-interface/

Microsoft releases open-source Linux version of Procmon tool

Microsoft has ported the popular Sysinternals Procmon utility to Linux so that users can monitor running processes' activity. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-open-source-linux-version-of-procmon-tool/

Magento adds 2FA to protect against card skimming attacks

Adobe has added two-factor authentication (2FA) throughout the Magento platform in response to the widespread number of attacks where skimmer scripts are deployed on hacked e-commerce sites to steal customers' credit cards. [...]

https://www.bleepingcomputer.com/news/security/magento-adds-2fa-to-protect-against-card-skimming-attacks/

Emotet spam trojan surges back to life after 5 months of silence

After months of inactivity, the notorious Emotet spamming trojan has come alive again as it spews out a massive campaign of malicious emails targeting users worldwide. [...]

https://www.bleepingcomputer.com/news/security/emotet-spam-trojan-surges-back-to-life-after-5-months-of-silence/

Twitter: Hackers targeted 130 accounts, no passwords accessed

Twitter today revealed that hackers targeted roughly 130 accounts during the massive attack that allowed them to take over dozens of high-profile accounts of tech companies, executives, and celebrities to promote a Bitcoin scam. [...]

https://www.bleepingcomputer.com/news/security/twitter-hackers-targeted-130-accounts-no-passwords-accessed/

Cloudflare outage takes down Discord, BleepingComputer, and other sites

Cloudflare is having an outage that is affecting a lot of sites including Discord, BleepingComputer, and many other sites. It is not known what is causing the outage. [...]

https://www.bleepingcomputer.com/news/technology/cloudflare-outage-takes-down-discord-bleepingcomputer-and-other-sites/

The Week in Ransomware - July 17th 2020 - Freshly squeezed

With Twitter hackers, 10/10 vulnerabilities, and Cloudflare outages this week, thankfully ransomware has been pretty slow this week. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-17th-2020-freshly-squeezed/

New phishing campaign abuses a trio of enterprise cloud services

A new phishing campaign uses a trio of enterprise cloud services, Microsoft Azure, Microsoft Dynamics, and IBM Cloud, as part of an attempt to steal your login credentials. [...]

https://www.bleepingcomputer.com/news/security/new-phishing-campaign-abuses-a-trio-of-enterprise-cloud-services/

Windows 10 2004: List of compatibility issues blocking updates

While the Windows 10 May 2020 Update started gradually rolling out to customers worldwide on May 27, not everyone can update their devices to Windows 10, version 2004. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-list-of-compatibility-issues-blocking-updates/

Microsoft Edge 84 introduces Storage Access API to improve privacy

Microsoft Edge 84 is now available for the desktop users and it comes with support for Storage Access API, PDF reader improvements, and more. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-84-introduces-storage-access-api-to-improve-privacy/

How to use Windows 10 File History to make secure backups

With File History feature on Windows, you can back up copies of files that are in the Documents, Music, Pictures, Videos, and Desktop folders. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-use-windows-10-file-history-to-make-secure-backups/

Critical SIGred Windows DNS bug gets micropatch after PoCs released

The critical remote code execution security vulnerability in Windows DNS known as SIGRed has received a micropatch for servers without an Extended Security Updates (ESU) license. [...]

https://www.bleepingcomputer.com/news/security/critical-sigred-windows-dns-bug-gets-micropatch-after-pocs-released/

Windows 10 Store 'wsreset' tool lets attackers bypass antivirus

A technique that exploits Windows 10 Microsoft Store called 'wsreset.exe' can delete files to bypass antivirus protection on a host without being detected. [...]

https://www.bleepingcomputer.com/news/security/windows-10-store-wsreset-tool-lets-attackers-bypass-antivirus/

Microsoft investigating Windows 10 2004 'No Internet' bug, how to fix

Microsoft is investigating a known issue where Windows 10 2004 customers might see "No Internet access" tray indicators even though their devices are connected to the Internet. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-investigating-windows-10-2004-no-internet-bug-how-to-fix/

Office 365 adds new security configuration analysis feature

Microsoft is working on a new Office 365 Advanced Threat Protection (ATP) feature which will make it easy to determine your security policies settings' effectiveness when compared to recommended settings. [...]

https://www.bleepingcomputer.com/news/security/office-365-adds-new-security-configuration-analysis-feature/