CBS Last.fm fixes admin password leakage via Symfony profiler

This week, British music streaming service, Last.fm has fixed a credentials leak on their systems. The leak occurred due to a misconfigured Symfony profiler, exposing admin username and password. [...]

https://www.bleepingcomputer.com/news/security/cbs-lastfm-fixes-admin-password-leakage-via-symfony-profiler/

Phishing lures employees with fake 'back to work' internal memos

Scammers are trying to steal email credentials from employees by impersonating their organization's human resources (HR) department in phishing emails camouflaged as internal 'back to work' company memos. [...]

https://www.bleepingcomputer.com/news/security/phishing-lures-employees-with-fake-back-to-work-internal-memos/

MasterChef, Big Brother producer discloses potential data breach

French multinational production and distribution firm Banijay Group SAS has publicly confirmed a cyber incident that led to employee and commercially sensitive data potentially being compromised. [...]

https://www.bleepingcomputer.com/news/security/masterchef-big-brother-producer-discloses-potential-data-breach/

Drupal issues emergency fix for critical bug with known exploits

Drupal has released emergency security updates to address a critical vulnerability with known exploits that could allow for arbitrary PHP code execution on some CMS versions. [...]

https://www.bleepingcomputer.com/news/security/drupal-issues-emergency-fix-for-critical-bug-with-known-exploits/

Office 365 phishing abuses Oracle and Amazon cloud services

A rather complex phishing scheme for stealing Office 365 credentials from small and medium-sized businesses in the U.S. and Australia combines cloud services from Oracle and Amazon into its infrastructure. [...]

https://www.bleepingcomputer.com/news/security/office-365-phishing-abuses-oracle-and-amazon-cloud-services/

The Week in Ransomware - November 27th 2020 - Attacks continue

With the USA holidays, this has been a relatively slow week in new research being released. We did, though, see some organizations get attacked or report historical attacks. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-27th-2020-attacks-continue/

IIoT chip maker Advantech hit by ransomware, $12.5 million ransom

The Conti ransomware gang hit the systems of industrial automation and Industrial IoT (IIoT) chip maker Advantech and is now demanding a $14 million ransom to decrypt affected systems and to stop leaking stolen company data. [...]

https://www.bleepingcomputer.com/news/security/iiot-chip-maker-advantech-hit-by-ransomware-125-million-ransom/

Microsoft is working on an Android subsystem for Windows 10

Microsoft is reportedly creating a subsystem, similar to the Windows Subsystem for Linux, that allows Android applications to run on Windows 10. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-is-working-on-an-android-subsystem-for-windows-10/

Customize your Windows 10 appearance with these tools

With Windows, you've got an almost limitless number of ways to customize the desktop experience. From simply changing the taskbar look using Windows Registry to installing a third-party tool, you've got plenty of ways to customize Windows 10. [...]

https://www.bleepingcomputer.com/news/microsoft/customize-your-windows-10-appearance-with-these-tools/

Improve your Windows 10 PC with these Microsoft Store apps

The Windows Store isn't as populated as Google and Apple's app marketplace, but there are plenty of apps that can improve your Windows 10 experience. [...]

https://www.bleepingcomputer.com/news/microsoft/improve-your-windows-10-pc-with-these-microsoft-store-apps/

Malwarebytes Cyber Monday Deal: Get 50% off Premium, Teams

Malwarebytes's Cyber Monday deal is live with 50% off Malwarebytes Premium and 25% off the Malwarebytes for Teams business product. [...]

https://www.bleepingcomputer.com/news/software/malwarebytes-cyber-monday-deal-get-50-percent-off-premium-teams/

How to extend the time to rollback a buggy Windows 10 feature update

By default, Microsoft allows users ten days to uninstall a new Windows 10 feature update and roll back to a previous version of the operating system. In this article, we will show you how to increase your 'OS uninstall window' to give you more time to test out a new Windows 10 feature update. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-extend-the-time-to-rollback-a-buggy-windows-10-feature-update/

Pennsylvania county pays 500K ransom to DoppelPaymer ransomware

Delaware County, Pennsylvania has paid a $500,000 ransom after their systems were hit by the DoppelPaymer ransomware last weekend. [...]

https://www.bleepingcomputer.com/news/security/pennsylvania-county-pays-500k-ransom-to-doppelpaymer-ransomware/

IoT chip maker Advantech confirms ransomware attack, data theft

Industrial automation and Industrial IoT (IIoT) chip maker Advantech confirmed a ransomware attack that hit its network and led to the theft of confidential, albeit low-value, company documents. [...]

https://www.bleepingcomputer.com/news/security/iot-chip-maker-advantech-confirms-ransomware-attack-data-theft/

Credit card skimmer fills fake PayPal forms with stolen order info

A newly discovered credit card skimmer uses an innovative technique to inject highly convincing PayPal iframes and hijack the checkout process on compromised online stores. [...]

https://www.bleepingcomputer.com/news/security/credit-card-skimmer-fills-fake-paypal-forms-with-stolen-order-info/

Microsoft really wants you to stop using Internet Explorer

Today, Microsoft is taking further steps to kill off Internet Explorer in Windows 10 by removing support for Microsoft Teams.  [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-really-wants-you-to-stop-using-internet-explorer/

Vermont hospitals still recovering from October ransomware attack

The University of Vermont Health Network is still recovering from a Ryuk Ransomware attack in October 2020, with services slowly coming back online. [...]

https://www.bleepingcomputer.com/news/security/vermont-hospitals-still-recovering-from-october-ransomware-attack/

Cyber Monday VPN deal: Get 68% off NordVPN + 3 months FREE

NordVPN's Cyber Monday deal is now live with 68% off a 2-year VPN subscription and an additional three months for free. This offer gives you a total of 27 months of VPN access for a monthly cost of $3.30! [...]

https://www.bleepingcomputer.com/news/software/cyber-monday-vpn-deal-get-68-percent-off-nordvpn-plus-3-months-free/

Baltimore students told to ditch Windows PCs after ransomware attack

Baltimore County Public Schools (BCPS) urged students and staff to stop using their school-issued Windows computers and only use Chromebooks and Google accounts following a ransomware attack that hit the district's network last Wednesday. [...]

https://www.bleepingcomputer.com/news/security/baltimore-students-told-to-ditch-windows-pcs-after-ransomware-attack/

The Best Cyber Monday 2020 Security, IT, VPN, & Antivirus Deals

Cyber Monday is here and great deals are available for computer security, software, online courses, system admin services, antivirus, and VPN software. [...]

https://www.bleepingcomputer.com/news/security/the-best-cyber-monday-2020-security-it-vpn-and-antivirus-deals/

Healthcare provider AspenPointe data breach affects 295K patients

U.S. healthcare provider AspenPointe notified patients of a data breach stemming from a September 2020 cyberattack that enabled attackers to steal protected health information (PHI) and personally identifiable information (PII). [...]

https://www.bleepingcomputer.com/news/security/healthcare-provider-aspenpointe-data-breach-affects-295k-patients/