CISA: Emotet increasing attacks on US state, local governments

Emotet attacks have targeted multiple state and local governments in the U.S. as part of potentially targeted campaigns that have been ramping up since August, the Cybersecurity and Infrastructure Security Agency (CISA) said in an alert published today. [...]

https://www.bleepingcomputer.com/news/security/cisa-emotet-increasing-attacks-on-us-state-local-governments/

Mozilla shares fix for Twitter not working on Firefox

Mozilla published a support document with a quick fix for a widely reported known issue causing Twitter not to load on the Firefox web browser. [...]

https://www.bleepingcomputer.com/news/technology/mozilla-shares-fix-for-twitter-not-working-on-firefox/

Cloudflare can now send DDoS alerts for sites are under attack

Cloudflare now allows paid customers to create notifications that warn them when their sites are under a DDoS attack. [...]

https://www.bleepingcomputer.com/news/technology/cloudflare-can-now-send-ddos-alerts-for-sites-are-under-attack/

Microsoft Edge is getting a new 'Web Capture' annotation feature

In Microsoft Edge preview builds, Microsoft has introduced a new tool called "Web Capture" that will allow you to capture screenshots of the webpages and create web notes. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-is-getting-a-new-web-capture-annotation-feature/

Comcast cable remotes hacked to snoop on conversations

Security researchers analyzing Comcast's XR11 Xfinity Voice Remote found a way to turn it into a listening device without needing physical access or user interaction. [...]

https://www.bleepingcomputer.com/news/security/comcast-cable-remotes-hacked-to-snoop-on-conversations/

US brokerage firms warned of widespread survey phishing attacks

The U.S. Financial Industry Regulatory Authority (FINRA) has issued a notice warning member brokerage firms of widespread phishing attacks using surveys to harvest information. [...]

https://www.bleepingcomputer.com/news/security/us-brokerage-firms-warned-of-widespread-survey-phishing-attacks/

QNAP fixes critical flaws that could lead to device takeover

QNAP has addressed two critical security vulnerabilities in the Helpdesk app that could enable potential attackers to take over unpatched QNAP network-attached storage (NAS) devices. [...]

https://www.bleepingcomputer.com/news/security/qnap-fixes-critical-flaws-that-could-lead-to-device-takeover/

Microsoft 365 outage takes down Outlook and Microsoft Teams again

Microsoft 365 is currently experiencing an outage affecting users on both coasts of the United States and preventing them from accessing multiple Office 365 services. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-365-outage-takes-down-outlook-and-microsoft-teams-again/

Phishing emails lure victims with inside info on Trump's health

A phishing campaign pushing a network-compromising backdoor pretends to have the inside scoop on President Trump's health after being infected with COVID-19. [...]

https://www.bleepingcomputer.com/news/security/phishing-emails-lure-victims-with-inside-info-on-trumps-health/

Microsoft adds consent phishing protection to Office 365

Microsoft announced that consent phishing protections including OAuth app publisher verification and app consent policies are now generally available in Office 365. [...]

https://www.bleepingcomputer.com/news/security/microsoft-adds-consent-phishing-protection-to-office-365/

Microsoft to tailor Windows 10 setups based on how you use your PC

Microsoft will soon offer different installation experiences when setting up Windows 10 based on how you plan on using the computer. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-tailor-windows-10-setups-based-on-how-you-use-your-pc/

RainbowMix apps generate $150,000 in daily ad fraud profit

A massive fraudulent advertising business disrupted recently perpetrated through more than 240 apps in Google Play generated profits that could amount to more than $150,000 per day. [...]

https://www.bleepingcomputer.com/news/security/rainbowmix-apps-generate-150-000-in-daily-ad-fraud-profit/

New Windows 10 update forcibly enables HP Battery Health Manager

Microsoft has released an update for all supported versions of Windows 10 that forcefully enable the Battery Health Manager option in the BIOS of supported HP business laptops. [...]

https://www.bleepingcomputer.com/news/microsoft/new-windows-10-update-forcibly-enables-hp-battery-health-manager/

Adobe Creative Cloud down: Users report login, data access issues

Adobe is suffering a 'major' outage that prevents users from logging in to Creative Cloud or accessing their subscribed applications or stored data. [...]

https://www.bleepingcomputer.com/news/technology/adobe-creative-cloud-down-users-report-login-data-access-issues/

Massachusetts school district shut down by ransomware attack

The Springfield Public Schools district in Massachusetts has become the victim of a ransomware attack that has caused the closure of schools while they investigate the cyberattack. [...]

https://www.bleepingcomputer.com/news/security/massachusetts-school-district-shut-down-by-ransomware-attack/

Sam’s Club customer accounts hacked in credential stuffing attacks

Walmart-owned Sam's Club has been emailing customers that may have been victims of credential stuffing and phishing attacks. [...]

https://www.bleepingcomputer.com/news/security/sam-s-club-customer-accounts-hacked-in-credential-stuffing-attacks/

Microsoft Edge's new feature promotes Skype video conferencing

With this new feature, Microsoft aims to help consumers relying on video conferencing to get in touch with coworkers, friends, and relatives without creating a Skype or Microsoft account. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edges-new-feature-promotes-skype-video-conferencing/

Ransomware gang now using critical Windows flaw in attacks

Microsoft is warning that cybercriminals have started to incorporate exploit code for the ZeroLogon vulnerability in their attacks. The alert comes after the company noticed ongoing attacks from cyber-espionage group MuddyWater (SeedWorm) in the second half of September. [...]

https://www.bleepingcomputer.com/news/security/ransomware-gang-now-using-critical-windows-flaw-in-attacks/

Fitbit gallery can be used to distribute malicious apps

A security researcher discovered that malicious apps for FitBit devices can be uploaded to the legitimate FitBit domain and users can install them from private links. [...]

https://www.bleepingcomputer.com/news/security/fitbit-gallery-can-be-used-to-distribute-malicious-apps/

Google boosts malware protection for high-risk accounts

Google has added improved malware protection for all Google Chrome users who are also enrolled in the company's Advanced Protection Program (APP). [...]

https://www.bleepingcomputer.com/news/security/google-boosts-malware-protection-for-high-risk-accounts/

DHS: Unknown hackers targeted the US Census Bureau network

The US Department of Homeland Security said that unknown threat actors have targeted the U.S. Census network during the last year in its first-ever Homeland Threat Assessment (HTA) report released earlier this week. [...]

https://www.bleepingcomputer.com/news/security/dhs-unknown-hackers-targeted-the-us-census-bureau-network/