Lazarus hackers target cryptocurrency orgs with fake job offers

North Korean hackers tracked as the Lazarus Group have been observed while using LinkedIn lures in an ongoing spear-phishing campaign targeting the cryptocurrency vertical in the United States, the United Kingdom, Germany, Singapore, the Netherlands, Japan, and other countries. [...]

https://www.bleepingcomputer.com/news/security/lazarus-hackers-target-cryptocurrency-orgs-with-fake-job-offers/

Hackers for hire attack architecture firm via 3ds Max exploit

An advanced hackers-for-hire group has compromised computers of an architecture firm involved in luxury real-estate projects worth billions of US dollars. [...]

https://www.bleepingcomputer.com/news/security/hackers-for-hire-attack-architecture-firm-via-3ds-max-exploit/

With Empire gone, patrons eye other illegal darkweb markets

Recently dark web marketplace made an abrupt exit after being subject to a heavy DDoS attack campaign, and extortion attempts. Who's going to take its place next? [...]

https://www.bleepingcomputer.com/news/security/with-empire-gone-patrons-eye-other-illegal-darkweb-markets/

New SunCrypt Ransomware sheds light on Maze's ransomware cartel

A new ransomware named SunCrypt has joined the 'Maze cartel,' and with their membership, we get insight into how these groups are working together. [...]

https://www.bleepingcomputer.com/news/security/new-suncrypt-ransomware-sheds-light-on-mazes-ransomware-cartel/

FBI foiled a Russian's plan to ransom a Nevada company

The FBI thwarted the plans of 27-year-old Russian national Egor Igorevich Kriuchkov to recruit an insider in a Nevada company, use him to plant malware on their network, and then ransom the company under threat that he would leak data stolen from their systems. [...]

https://www.bleepingcomputer.com/news/security/fbi-foiled-a-russians-plan-to-ransom-a-nevada-company/

New Zealand stock exchange halted trading after DDoS attacks

New Zealand's stock exchange (NZX) has been impacted by a distributed denial-of-service (DDoS) attack during the last two days, forcing it to shut down trading until the connectivity issues were resolved. [...]

https://www.bleepingcomputer.com/news/security/new-zealand-stock-exchange-halted-trading-after-ddos-attacks/

From zero to hero: Zero2Automated malware reverse engineering course

Zero2Automated is a new course that provides training in the exciting field of malware anslysis and reverse engineering. Structured around a community, users will be able to interact with thier teachers and peers to get the most out of this experience. [...]

https://www.bleepingcomputer.com/news/security/from-zero-to-hero-zero2automated-malware-reverse-engineering-course/

US govt warns of North Korean hackers targeting banks worldwide

North Korean hackers tracked as BeagleBoyz have been using malicious remote access tools as part of ongoing attacks to steal millions from international banks according to a joint advisory issued today by several U.S. Government agencies. [...]

https://www.bleepingcomputer.com/news/security/us-govt-warns-of-north-korean-hackers-targeting-banks-worldwide/

Microsoft tests fix for bug that defrags SSD drives too often

For the testers in the Beta Channel (Slow Ring) of the Windows Insider Program, Windows 10 Build 19042.287 (20H2) is now available with a long list of bug fixes and improvements. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-tests-fix-for-bug-that-defrags-ssd-drives-too-often/

Microsoft delays Windows 10 1803 end of service due to pandemic

Microsoft today announced that the scheduled end of service date for the Enterprise, Education, and IoT Enterprise editions of Windows 10, version 1803 is being pushed back to May 11, 2021, instead of November 10, 2020, due to the current public health situation. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-delays-windows-10-1803-end-of-service-due-to-pandemic/

Windows Terminal adds advanced tab switcher, command palette

Microsoft released Windows Terminal Preview 1.3 with bug fixes, performance improvements, and long-awaited new features including a new command palette and an advanced tab switcher for navigating multiple tabs easier. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-terminal-adds-advanced-tab-switcher-command-palette/

Lemon_Duck cryptominer malware now targets Linux devices

The Lemon_Duck cryptomining ​​​​​​​malware has been updated to compromise Linux machines via SSH brute force attacks, to exploit SMBGhost-vulnerable Windows systems, and to infect servers running Redis and Hadoop instances. [...]

https://www.bleepingcomputer.com/news/security/lemon-duck-cryptominer-malware-now-targets-linux-devices/

Qbot steals your email threads again to infect other victims

The Qbot trojan is again stealing reply-chain emails that can be used to camouflage malware-riddled emails as parts of previous conversations in future malicious spam campaigns. [...]

https://www.bleepingcomputer.com/news/security/qbot-steals-your-email-threads-again-to-infect-other-victims/

US files lawsuit to seize cryptocurrency stolen by DPRK hackers

The U.S. Justice Department today filed a civil forfeiture complaint aiming to seize control of 280 Bitcoin (BTC) and Ethereum (ETH) accounts containing funds allegedly stolen by North Korean hackers in attacks against two unnamed cryptocurrency exchanges. [...]

https://www.bleepingcomputer.com/news/security/us-files-lawsuit-to-seize-cryptocurrency-stolen-by-dprk-hackers/

Elon Musk confirmed Russian's plans to extort Tesla

The FBI thwarted the plans of 27-year-old Russian national Egor Igorevich Kriuchkov to recruit an insider within Tesla's Sparks, Nevada factory, persuade him to plant malware on the company's network, and then ransom Tesla under threat that he would leak data stolen from their systems. [...]

https://www.bleepingcomputer.com/news/security/elon-musk-confirmed-russians-plans-to-extort-tesla/

Microsoft to remove insecure TLS support on its Linux Software Repository

Microsoft is discontinuing support for the insecure TLS 1.0 and TLS 1.1 protocols on its Linux Software Repository starting with September 24, 2020. [...]

https://www.bleepingcomputer.com/news/security/microsoft-to-remove-insecure-tls-support-on-its-linux-software-repository/

UltraRank hackers steal credit cards from hundreds of stores

A cybercriminal group specialized in infecting online shops to steal payment card data. is responsible for compromising almost 700 websites and more than a dozen third-party service providers. [...]

https://www.bleepingcomputer.com/news/security/ultrarank-hackers-steal-credit-cards-from-hundreds-of-stores/

Cisco engineer resigns then nukes 16k WebEx accounts, 456 VMs

A former Cisco employee pleaded guilty to accessing the company's cloud infrastructure in 2018, five months after resigning, to deploy code that led to the shut down of more than 16,000 WebEx Teams accounts and the deletion of 456 virtual machines. [...]

https://www.bleepingcomputer.com/news/security/cisco-engineer-resigns-then-nukes-16k-webex-accounts-456-vms/

Single & penniless: FBI warns of $475M lost to romance scams

The Federal Bureau of Investigation is warning of online romance scams, an ongoing online fraud trend that can lead to large financial losses, as well as devastating emotional scars. [...]

https://www.bleepingcomputer.com/news/security/single-and-penniless-fbi-warns-of-475m-lost-to-romance-scams/

How to run Linux programs from a Windows 10 command prompt

Using the Windows Subsystem for Linux (WSL), you can launch Linux applications directly in a Windows 10 command prompt or PowerShell prompt. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-run-linux-programs-from-a-windows-10-command-prompt/

Why streaming a video could freeze Microsoft IIS servers

Microsoft August 2020 security patch fixed over 120 flaws. One of these flaws lets anyone freeze IIS servers by streaming videos, and seeking through them fast. [...]

https://www.bleepingcomputer.com/editorial/security/why-streaming-a-video-could-freeze-microsoft-iis-servers/