Sopra Steria expects €50 million loss after Ryuk ransomware attack

French IT services giant Sopra Steria said today in an official statement that the October Ryuk ransomware attack will lead to a loss of between €40 million and €50 million. [...]

https://www.bleepingcomputer.com/news/security/sopra-steria-expects-50-million-loss-after-ryuk-ransomware-attack/

Sophos alerts customers of info exposure after security breach

British cybersecurity and hardware company Sophos has emailed a small group of customers to alert them that their personal information was exposed following a security breach discovered on Tuesday. [...]

https://www.bleepingcomputer.com/news/security/sophos-alerts-customers-of-info-exposure-after-security-breach/

cPanel 2FA bypassed in minutes via brute-force attacks

A security flaw in the cPanel web hosting control panel allows attackers to circumvent two-factor authentication (2FA) checks via brute-force attacks for domains managed using vulnerable cPanel & WebHost Manager (WHM) versions. [...]

https://www.bleepingcomputer.com/news/security/cpanel-2fa-bypassed-in-minutes-via-brute-force-attacks/

Google Chrome will let you search through your open tabs

Google Chrome will soon let you search through your open web pages to find that missing page lost among a sea of tabs. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-will-let-you-search-through-your-open-tabs/

Ransomware hits largest US fertility network, patient data stolen

US Fertility, the largest network of fertility centers in the U.S., says that some of its systems were encrypted in a ransomware attack that affected the company two months ago, in September 2020. [...]

https://www.bleepingcomputer.com/news/security/ransomware-hits-largest-us-fertility-network-patient-data-stolen/

Warning: Massive Zoom phishing targets Thanksgiving meetings

Everyone should be on the lookout for a massive ongoing phishing attack today, pretending to be an invite for a Zoom meeting. Hosted on numerous landing pages, BleepingComputer has learned that thousands of users' credentials have already been stolen by the attack. [...]

https://www.bleepingcomputer.com/news/security/warning-massive-zoom-phishing-targets-thanksgiving-meetings/

Truck routing provider Rand McNally hit by cyberattack

Chicago-based transportation technology firm Rand McNally is working on restoring network functionality following a cyberattack that hit its systems earlier this week. [...]

https://www.bleepingcomputer.com/news/security/truck-routing-provider-rand-mcnally-hit-by-cyberattack/

Canon publicly confirms August ransomware attack, data theft

Canon has finally confirmed publicly that the cyberattack suffered in early August was caused by ransomware and that the hackers stole data from company servers. [...]

https://www.bleepingcomputer.com/news/security/canon-publicly-confirms-august-ransomware-attack-data-theft/

CBS Last.fm fixes admin password leakage via Symfony profiler

This week, British music streaming service, Last.fm has fixed a credentials leak on their systems. The leak occurred due to a misconfigured Symfony profiler, exposing admin username and password. [...]

https://www.bleepingcomputer.com/news/security/cbs-lastfm-fixes-admin-password-leakage-via-symfony-profiler/

Phishing lures employees with fake 'back to work' internal memos

Scammers are trying to steal email credentials from employees by impersonating their organization's human resources (HR) department in phishing emails camouflaged as internal 'back to work' company memos. [...]

https://www.bleepingcomputer.com/news/security/phishing-lures-employees-with-fake-back-to-work-internal-memos/

MasterChef, Big Brother producer discloses potential data breach

French multinational production and distribution firm Banijay Group SAS has publicly confirmed a cyber incident that led to employee and commercially sensitive data potentially being compromised. [...]

https://www.bleepingcomputer.com/news/security/masterchef-big-brother-producer-discloses-potential-data-breach/

Drupal issues emergency fix for critical bug with known exploits

Drupal has released emergency security updates to address a critical vulnerability with known exploits that could allow for arbitrary PHP code execution on some CMS versions. [...]

https://www.bleepingcomputer.com/news/security/drupal-issues-emergency-fix-for-critical-bug-with-known-exploits/

Office 365 phishing abuses Oracle and Amazon cloud services

A rather complex phishing scheme for stealing Office 365 credentials from small and medium-sized businesses in the U.S. and Australia combines cloud services from Oracle and Amazon into its infrastructure. [...]

https://www.bleepingcomputer.com/news/security/office-365-phishing-abuses-oracle-and-amazon-cloud-services/

The Week in Ransomware - November 27th 2020 - Attacks continue

With the USA holidays, this has been a relatively slow week in new research being released. We did, though, see some organizations get attacked or report historical attacks. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-27th-2020-attacks-continue/

IIoT chip maker Advantech hit by ransomware, $12.5 million ransom

The Conti ransomware gang hit the systems of industrial automation and Industrial IoT (IIoT) chip maker Advantech and is now demanding a $14 million ransom to decrypt affected systems and to stop leaking stolen company data. [...]

https://www.bleepingcomputer.com/news/security/iiot-chip-maker-advantech-hit-by-ransomware-125-million-ransom/

Microsoft is working on an Android subsystem for Windows 10

Microsoft is reportedly creating a subsystem, similar to the Windows Subsystem for Linux, that allows Android applications to run on Windows 10. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-is-working-on-an-android-subsystem-for-windows-10/

Customize your Windows 10 appearance with these tools

With Windows, you've got an almost limitless number of ways to customize the desktop experience. From simply changing the taskbar look using Windows Registry to installing a third-party tool, you've got plenty of ways to customize Windows 10. [...]

https://www.bleepingcomputer.com/news/microsoft/customize-your-windows-10-appearance-with-these-tools/

Improve your Windows 10 PC with these Microsoft Store apps

The Windows Store isn't as populated as Google and Apple's app marketplace, but there are plenty of apps that can improve your Windows 10 experience. [...]

https://www.bleepingcomputer.com/news/microsoft/improve-your-windows-10-pc-with-these-microsoft-store-apps/

Malwarebytes Cyber Monday Deal: Get 50% off Premium, Teams

Malwarebytes's Cyber Monday deal is live with 50% off Malwarebytes Premium and 25% off the Malwarebytes for Teams business product. [...]

https://www.bleepingcomputer.com/news/software/malwarebytes-cyber-monday-deal-get-50-percent-off-premium-teams/

How to extend the time to rollback a buggy Windows 10 feature update

By default, Microsoft allows users ten days to uninstall a new Windows 10 feature update and roll back to a previous version of the operating system. In this article, we will show you how to increase your 'OS uninstall window' to give you more time to test out a new Windows 10 feature update. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-extend-the-time-to-rollback-a-buggy-windows-10-feature-update/

Pennsylvania county pays 500K ransom to DoppelPaymer ransomware

Delaware County, Pennsylvania has paid a $500,000 ransom after their systems were hit by the DoppelPaymer ransomware last weekend. [...]

https://www.bleepingcomputer.com/news/security/pennsylvania-county-pays-500k-ransom-to-doppelpaymer-ransomware/