Emotet malware operation hacked to show memes to victims

Someone is poking fun at Emotet botnet and heavily disrupting its operations at the same time as payloads hosted on some compromised sites have been replaced by memes and GIFs. [...]

https://www.bleepingcomputer.com/news/security/emotet-malware-operation-hacked-to-show-memes-to-victims/

Garmin outage caused by confirmed WastedLocker ransomware attack

Wearable device maker Garmin today had to shut down some of its connected services and call centers following what the company calls a worldwide outage. [...]

https://www.bleepingcomputer.com/news/security/garmin-outage-caused-by-confirmed-wastedlocker-ransomware-attack/

The Week in Ransomware - July 24th 2020 - Navigation failure

This week has been quite busy with a new enterprise targeting ransomware called Exorcist and attacks against large companies. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-24th-2020-navigation-failure/

Microsoft working on a fix for Windows 10 Sandbox failing to open

Microsoft is investigating a known issue preventing the Windows Sandbox and Windows Defender Application Guard (WDAG) from opening on devices running Windows 10, version 1903 or later, Pro and Enterprise editions. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-working-on-a-fix-for-windows-10-sandbox-failing-to-open/

US govt confirms active exploitation of F5 BIG-IP RCE flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today published a warning regarding the active exploitation of the unauthenticated remote code execution (RCE) CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices. [...]

https://www.bleepingcomputer.com/news/security/us-govt-confirms-active-exploitation-of-f5-big-ip-rce-flaw/

Microsoft Edge now blocks abusive notifications to reduce web spam

Websites increasingly ask to send notifications about their new contents and notifications are also abused for advertisements or web scams. To address this webspam mess, Microsoft Edge 84 introduces a new notification request experience called quiet notification requests. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-now-blocks-abusive-notifications-to-reduce-web-spam/

Linux-based malware analysis toolkit REMnux 7 released

A new version of REMnux Linux distro is now available for malware researchers, packed with hundreds of tools to dissect malicious executables, documents, scripts, and ill-intended code. [...]

https://www.bleepingcomputer.com/news/security/linux-based-malware-analysis-toolkit-remnux-7-released/

New ‘Meow’ attack has deleted almost 4,000 unsecured databases

Dozens of unsecured databases exposed on the public web are the target of an automated 'meow' attack that wipes data without any explanation. [...]

https://www.bleepingcomputer.com/news/security/new-meow-attack-has-deleted-almost-4-000-unsecured-databases/

Samsung is reportedly building an Exynos CPU for Windows 10 PCs

If the latest from the rumor mill turns out to be correct, Samsung could launch a new Exynos processor to power Windows 10 on ARM. [...]

https://www.bleepingcomputer.com/news/technology/samsung-is-reportedly-building-an-exynos-cpu-for-windows-10-pcs/

Microsoft's PowerToys 0.20 adds a built-in Windows 10 Color Picker

The next version of the Windows 10 PowerToys coming at the end of this month will introduce a new toy called 'Color Picker Tool' that lets you click on any portion of the screen and retrieve the location's hexadecimal or RGB color code. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-powertoys-020-adds-a-built-in-windows-10-color-picker/

Dave data breach affects 7.5 million users, leaked on hacker forum

Overdraft protection and cash advance service Dave has suffered a data breach after a database containing 7.5 million user records was sold in an auction and then released later for free on hacker forums. [...]

https://www.bleepingcomputer.com/news/security/dave-data-breach-affects-75-million-users-leaked-on-hacker-forum/

No More Ransom turns 4: Saves $632 million in ransomware payments

The No More Ransom Project celebrates its fourth anniversary today after helping over 4.2 million visitors recover from a ransomware infection and saving an estimated $632 million in ransom payments. [...]

https://www.bleepingcomputer.com/news/security/no-more-ransom-turns-4-saves-632-million-in-ransomware-payments/

Source code from dozens of companies leaked online

Source code from exposed repositories of dozens of companies across various fields of activity (tech, finance, retail, food, eCommerce, manufacturing) is publicly available as a result of misconfigurations in their infrastructure. [...]

https://www.bleepingcomputer.com/news/security/source-code-from-dozens-of-companies-leaked-online/

Cerberus Android malware source code offered for sale for $100,000

The maintainer of Cerberus banking trojan for Android is auctioning the entire project for a price starting at $50,000 or close the deal for double the money. [...]

https://www.bleepingcomputer.com/news/security/cerberus-android-malware-source-code-offered-for-sale-for-100-000/

UK and US warn QNAP owners to upgrade firmware to block malware

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK's National Cyber Security Centre (NCSC) today issued an alert about the risks of infection faced by QNAP NAS devices if QSnatch malware attacks restart. [...]

https://www.bleepingcomputer.com/news/security/uk-and-us-warn-qnap-owners-to-upgrade-firmware-to-block-malware/

Garmin confirms ransomware attack, services coming back online

In a statement, Garmin has finally confirmed that they were the victim of a ransomware attack as they slowly bring their Garmin Connect, Strava, and navigation services back online. [...]

https://www.bleepingcomputer.com/news/security/garmin-confirms-ransomware-attack-services-coming-back-online/

Windows 10 Desktop Windows Manager crashes due to DirectX bug

Microsoft is working on a resolution for a new issue causing the Desktop Windows Manager to crash on laptops if the lid is repeatedly closed and opened. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-desktop-windows-manager-crashes-due-to-directx-bug/

Office 365 phishing baits employees with fake SharePoint alerts

Employees using Microsoft Office 365 are targeted in a phishing campaign that makes use of bait messages camouflaged as automated Sharepoint notifications to steal their accounts. [...]

https://www.bleepingcomputer.com/news/security/office-365-phishing-baits-employees-with-fake-sharepoint-alerts/

Office 365 adds new features to help identify malicious spam

Microsoft is planning to provide more info on spam emails detected as malicious by the Office 365 Advanced Threat Protection (ATP) filtering stack and allow organizations to export their list of the top targeted users by phishing attacks. [...]

https://www.bleepingcomputer.com/news/security/office-365-adds-new-features-to-help-identify-malicious-spam/

Promo.com discloses data breach after 22M user records leaked online

Promo.com, an Israeli-based marketing video creation site, has disclosed a data breach after a database containing 22 million user records was leaked for free on a hacker forum. [...]

https://www.bleepingcomputer.com/news/security/promocom-discloses-data-breach-after-22m-user-records-leaked-online/

Feature-rich Ensiko malware can encrypt, targets Windows, macOS, Linux

Threat researchers have found a new feature-rich malware that can encrypt files on any system running PHP, making it a high risk for Windows, macOS, and Linux web servers. [...]

https://www.bleepingcomputer.com/news/security/feature-rich-ensiko-malware-can-encrypt-targets-windows-macos-linux/