Hackers stole Twitter employee credentials via phone phishing

Twitter today said that the attackers behind this month's hack were able to take control of high-profile accounts after stealing Twitter employees' credentials as part of a phone spear phishing attack on July 15, 2020. 9d677006e13fc8d17c1f59b05bbb9047 [...]

https://www.bleepingcomputer.com/news/security/hackers-stole-twitter-employee-credentials-via-phone-phishing/

Bypassing Windows 10 UAC with mock folders and DLL hijacking

A new technique uses a simplified process of  DLL hijacking and mock directories to bypass Windows 10's UAC security feature and run elevated commands without alerting a user. 9d677006e13fc8d17c1f59b05bbb9047 [...]

https://www.bleepingcomputer.com/news/security/bypassing-windows-10-uac-with-mock-folders-and-dll-hijacking/

QNAP urges users to update Malware Remover after QSnatch alert

QNAP urges its users to update the Malware Remover app and bolster their NAS devices' security following a QSnatch malware joint alert published earlier this week by UK's NCSC and the US CISA government cybersecurity agencies. [...]

https://www.bleepingcomputer.com/news/security/qnap-urges-users-to-update-malware-remover-after-qsnatch-alert/

Windows 10 2004 KB4568831 update released with printing fixes

​Microsoft released the Windows 10 2004 KB4568831 non-security preview cumulative update with fixes for network printing, family safety, and cellular connectivity issues. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-kb4568831-update-released-with-printing-fixes/

Microsoft fixes Windows 10 2004 Bluetooth and Intel GPU issues

Microsoft today addressed two known issues preventing Windows 10 devices with Realtek Bluetooth radios and Intel integrated graphics processing units (iGPUs) from receiving the Windows 10 May 2020 Update. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-2004-bluetooth-and-intel-gpu-issues/

US government sites abused to redirect users to porn sites

In an ongoing blackhat SEO campaign tracked by BleepingComputer, scammers are using open redirects found on government websites to redirect visitors to pornography sites. [...]

https://www.bleepingcomputer.com/news/security/us-government-sites-abused-to-redirect-users-to-porn-sites/

Microsoft PowerToys update fixes launcher, adds color picker

Microsoft today updated the Windows 10 PowerToys toolset with a new Color Picker utility that adds a system-wide tool to help you pick colors from anywhere on your screen and copy them to your clipboard. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-powertoys-update-fixes-launcher-adds-color-picker/

GandCrab ransomware operator arrested in Belarus

An affiliate of the GandCrab ransomware-as-a-business (RaaS) has been arrested, according to some Russian news sources. Authorities in Russia were able to identify the individual in cooperation with law enforcement in Romania and the U.K. [...]

https://www.bleepingcomputer.com/news/security/gandcrab-ransomware-operator-arrested-in-belarus/

Four suspects charged for roles in Twitter hack, Bitcoin scam

Four suspects were charged today for their supposed involvement in this month's Twitter hack according to press releases from the Department of Justice and State Attorney Andrew H. Warren. [...]

https://www.bleepingcomputer.com/news/security/four-suspects-charged-for-roles-in-twitter-hack-bitcoin-scam/

The Week in Ransomware - July 31st 2020 - Cooked Crab

With No More Ransom turning 4, Garmin suddenly recovering from their ransomware attack, and a GandCrab affiliate being arrested in Belarus, it has been quite a week when it comes to ransomware news. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-31st-2020-cooked-crab/

How to use Windows 10 to see what's using the most disk space

Managing the free storage space in Windows 10 is an important task, especially on computers with smaller drives that frequently fill up. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-use-windows-10-to-see-whats-using-the-most-disk-space/

How to fix Windows Update problems in Windows 10

While Windows Update usually works without a hitch, sometimes problems can happen and Windows Update process could get stuck and refuse to install a particular update. In this article, we've highlighted the steps that you can follow to resolve issues with Windows Update on Windows 10. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-fix-windows-update-problems-in-windows-10/

Confirmed: Garmin received decryptor for WastedLocker ransomware

BleepingComputer can confirm that Garmin has received the decryption key to recover their files encrypted in the WastedLocker Ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/confirmed-garmin-received-decryptor-for-wastedlocker-ransomware/

Havenly discloses data breach after 1.3M accounts leaked online

Havenly, a US-based interior design web site, has disclosed a data breach after a hacker posted a database containing 1.3 million user records for free on a hacker forum. [...]

https://www.bleepingcomputer.com/news/security/havenly-discloses-data-breach-after-13m-accounts-leaked-online/

Hackers could have stolen PayPal funds from Meetup users

Researchers analyzing the Meetup platform for organizing free and paid group events discovered high-severity vulnerabilities that allowed attackers to become co-organizers or steal funds. [...]

https://www.bleepingcomputer.com/news/security/hackers-could-have-stolen-paypal-funds-from-meetup-users/

US govt exposes Chinese espionage malware secretly used since 2008

The U.S. government today released information on a malware variant used by Chinese government-sponsored hackers in cyber espionage campaigns targeting governments, corporations, and think tanks. [...]

https://www.bleepingcomputer.com/news/security/us-govt-exposes-chinese-espionage-malware-secretly-used-since-2008/

Netwalker ransomware earned $25 million in just five months

The Netwalker ransomware operation has generated a total of $25 million in ransom payments since March 1st according to a new report by McAfee. [...]

https://www.bleepingcomputer.com/news/security/netwalker-ransomware-earned-25-million-in-just-five-months/

FBI sees surge in online shopping scams, FTC says most reports ever

The U.S. Federal Bureau of Investigation (FBI) today warned of an increased number of reports coming from victims of online shopping scams. [...]

https://www.bleepingcomputer.com/news/security/fbi-sees-surge-in-online-shopping-scams-ftc-says-most-reports-ever/

Zello resets all user passwords after data breach

The push-to-talk app, Zello, has disclosed a data breach that revealed user's email addresses and hashed passwords after discovering unauthorized activity on their systems. [...]

https://www.bleepingcomputer.com/news/security/zello-resets-all-user-passwords-after-data-breach/

Newsletter plugin bugs let hackers inject backdoors on 300K sites

Owners of WordPress sites who use the Newsletter plugin are advised to update their installations to block attacks that could use a fixed vulnerability allowing hackers to inject backdoors, create rogue admins, and potentially take over their websites. [...]

https://www.bleepingcomputer.com/news/security/newsletter-plugin-bugs-let-hackers-inject-backdoors-on-300k-sites/

Windows 10: HOSTS file blocking telemetry is now flagged as a risk

Starting at the end of July, Microsoft has begun detecting HOSTS files that block Windows 10 telemetry servers as a 'Severe' security risk. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-hosts-file-blocking-telemetry-is-now-flagged-as-a-risk/