Vermont hospitals still recovering from October ransomware attack

The University of Vermont Health Network is still recovering from a Ryuk Ransomware attack in October 2020, with services slowly coming back online. [...]

https://www.bleepingcomputer.com/news/security/vermont-hospitals-still-recovering-from-october-ransomware-attack/

Cyber Monday VPN deal: Get 68% off NordVPN + 3 months FREE

NordVPN's Cyber Monday deal is now live with 68% off a 2-year VPN subscription and an additional three months for free. This offer gives you a total of 27 months of VPN access for a monthly cost of $3.30! [...]

https://www.bleepingcomputer.com/news/software/cyber-monday-vpn-deal-get-68-percent-off-nordvpn-plus-3-months-free/

Baltimore students told to ditch Windows PCs after ransomware attack

Baltimore County Public Schools (BCPS) urged students and staff to stop using their school-issued Windows computers and only use Chromebooks and Google accounts following a ransomware attack that hit the district's network last Wednesday. [...]

https://www.bleepingcomputer.com/news/security/baltimore-students-told-to-ditch-windows-pcs-after-ransomware-attack/

The Best Cyber Monday 2020 Security, IT, VPN, & Antivirus Deals

Cyber Monday is here and great deals are available for computer security, software, online courses, system admin services, antivirus, and VPN software. [...]

https://www.bleepingcomputer.com/news/security/the-best-cyber-monday-2020-security-it-vpn-and-antivirus-deals/

Healthcare provider AspenPointe data breach affects 295K patients

U.S. healthcare provider AspenPointe notified patients of a data breach stemming from a September 2020 cyberattack that enabled attackers to steal protected health information (PHI) and personally identifiable information (PII). [...]

https://www.bleepingcomputer.com/news/security/healthcare-provider-aspenpointe-data-breach-affects-295k-patients/

Gootkit malware returns to life alongside REvil ransomware

After a year-long vacation, the Gootkit information-stealing Trojan has returned to life alongside REvil Ransomware in a new campaign targeting Germany. [...]

https://www.bleepingcomputer.com/news/security/gootkit-malware-returns-to-life-alongside-revil-ransomware/

Microsoft Defender for Identity now detects Zerologon attacks

Microsoft has added support for Zerologon exploitation detection to Microsoft Defender for Identity to allow Security Operations teams to detect on-premises attacks attempting to abuse this critical vulnerability. [...]

https://www.bleepingcomputer.com/news/security/microsoft-defender-for-identity-now-detects-zerologon-attacks/

Windows 10 ARM runs faster on M1 Macs than on a Surface Pro X

Since Apple unveiled its M1 chip, users have been in awe of its performance power efficiency. It turns out that the M1 chip not only performs fantastic for macOS BigSur but it may also be a better choice for Windows 10 than Microsoft's own devices. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-arm-runs-faster-on-m1-macs-than-on-a-surface-pro-x/

Windows 10 Cumulative Update Preview KB4586853 Released

​Microsoft has released the optional KB4586853 non-security cumulative update preview for Windows 10 versions 2004 and 20H2, with USB 3.0 and gaming fixes. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-update-preview-kb4586853-released/

Windows 10 20H2 update fixes broken in-place upgrade feature

Microsoft has released a new cumulative update for Windows 10 20H2 that fixes a bug preventing users from performing in-place upgrades with the Microsoft Media Creation Tool (MCT). [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-20h2-update-fixes-broken-in-place-upgrade-feature/

Android app still exposing messages of 100M users despite bug fix

GO SMS Pro, an Android instant messaging app with more than 100 million installs, is still exposing the privately shared messages of millions of users even though the developer has been working on a fix for the flaw behind the data leak for almost two weeks. [...]

https://www.bleepingcomputer.com/news/security/android-app-still-exposing-messages-of-100m-users-despite-bug-fix/

FBI warns of BEC scammers using email auto-forwarding in attacks

The FBI is warning U.S. companies about scammers actively abusing auto-forwarding rules on web-based email clients to increase the likelihood of successful Business Email Compromise (BEC) attacks. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-bec-scammers-using-email-auto-forwarding-in-attacks/

Microsoft fixes Windows 10 BSOD crashes caused by NVMe SSDs

Microsoft has fixed a known issue causing Windows 10 blue screens of death (BSOD) crashes when users plugged in a Thunderbolt NVMe (Non-Volatile Memory Express) Solid State Drive (SSD). [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-bsod-crashes-caused-by-nvme-ssds/

Critical Oracle WebLogic flaw actively exploited by DarkIRC malware

A botnet known as DarkIRC is actively targeting thousands of exposed Oracle WebLogic servers in attacks designed to exploit the CVE-2020-14882 remote code execution (RCE) vulnerability fixed by Oracle two months ago. [...]

https://www.bleepingcomputer.com/news/security/critical-oracle-weblogic-flaw-actively-exploited-by-darkirc-malware/

Microsoft Teams Calling gets CarPlay support, SPAM id service, more

The new Microsoft Teams additions include call transfer, spam reduction, CarPlay support, streamlined calling experience, and more. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-teams-calling-gets-carplay-support-spam-id-service-more/

Malicious NPM packages used to install njRAT remote access trojan

New malicious NPM packages have been discovered that install the njRAT remote access trojan that allows hackers to gain control over a computer. [...]

https://www.bleepingcomputer.com/news/microsoft/malicious-npm-packages-used-to-install-njrat-remote-access-trojan/

Alabama school district shut down by ransomware attack

Ransomware operators have attacked the Huntsville City Schools district in Alabama, forcing them to shut down schools for the rest of the week and possibly next week. [...]

https://www.bleepingcomputer.com/news/security/alabama-school-district-shut-down-by-ransomware-attack/

Cyberespionage APT group hides behind cryptomining campaigns

An advanced threat group called Bismuth recently used cryptocurrency mining as a way to hide the purpose of their activity and to avoid triggering high-priority alerts. [...]

https://www.bleepingcomputer.com/news/security/cyberespionage-apt-group-hides-behind-cryptomining-campaigns/

Russian hacking group uses Dropbox to store malware-stolen data

Russian-backed hacking group Turla has used a previously undocumented malware toolset to deploy backdoors and steal sensitive documents in targeted cyber-espionage campaigns directed at high-profile targets such as the Ministry of Foreign Affairs of European Union countries. [...]

https://www.bleepingcomputer.com/news/security/russian-hacking-group-uses-dropbox-to-store-malware-stolen-data/

FBI and Homeland Security warn of APT attacks on US think tanks

The FBI and DHS-CISA warned of state-sponsored hacking groups targeting U.S. think tank organizations in a joint alert published on Tuesday evening. [...]

https://www.bleepingcomputer.com/news/security/fbi-and-homeland-security-warn-of-apt-attacks-on-us-think-tanks/

Microsoft Office November 2020 updates fix Outlook, Skype issues

Microsoft has released the November 2020 non-security Microsoft Office updates with performance enhancements and fixes for known issues impacting Windows Installer (MSI) editions of Office 2016 products. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-office-november-2020-updates-fix-outlook-skype-issues/