Google Chrome will soon warn you when using weak passwords

​Your online accounts' security is heavily dependent on how strong your passwords are, and if they are too easy, attackers could hack into your account by brute-forcing your password. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-will-soon-warn-you-when-using-weak-passwords/

K12 online schooling giant pays Ryuk ransomware to stop data leak

Online education giant K12 Inc. has paid a ransom after their systems were hit by Ryuk ransomware in the middle of November. [...]

https://www.bleepingcomputer.com/news/security/k12-online-schooling-giant-pays-ryuk-ransomware-to-stop-data-leak/

HMRC phishing scam abuses mail service to bypass spam filters

Threat actors are exploiting legitimate SendGrid mailing service to send HMRC phishing emails that bypass spam filters. [...]

https://www.bleepingcomputer.com/news/security/hmrc-phishing-scam-abuses-mail-service-to-bypass-spam-filters/

Google is closing 3D model site Poly to focus on AR experiences

Google is shutting down its 3D model sharing site Poly in 2021 to focus their resources on building AR experiences. [...]

https://www.bleepingcomputer.com/news/google/google-is-closing-3d-model-site-poly-to-focus-on-ar-experiences/

Ransomware gang says they stole 2 million credit cards from E-Land

Clop ransomware is claiming to have stolen 2 million credit cards from E-Land Retail over a one-year period ending with last months ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/ransomware-gang-says-they-stole-2-million-credit-cards-from-e-land/

Android apps with 250M downloads still vulnerable to patched bug

Android apps with over 250 million downloads are still susceptible to a severe vulnerability in a Google library that was patched in August 2020. [...]

https://www.bleepingcomputer.com/news/security/android-apps-with-250m-downloads-still-vulnerable-to-patched-bug/

TrickBot's new module aims to infect your UEFI firmware

The developers of TrickBot have created a new module that probes for UEFI vulnerabilities, demonstrating the actor's effort to take attacks at a level that would give them ultimate control over infected machines. [...]

https://www.bleepingcomputer.com/news/security/trickbots-new-module-aims-to-infect-your-uefi-firmware/

Intel driver updates fix Windows 10 BSODs, Bluetooth issues

Intel has released updated Wireless Bluetooth and Wi-Fi drivers for Windows 10 customers to address known issues causing blue screen of death (BSOD) errors and Bluetooth devices to lose connection or stop working. [...]

https://www.bleepingcomputer.com/news/software/intel-driver-updates-fix-windows-10-bsods-bluetooth-issues/

Hackers target EU Commission, COVID-19 cold chain supply orgs

IBM X-Force warned of threat actors actively targeting organizations associated with the COVID-19 vaccine cold chain in a large scale spear-phishing campaign that has started three months ago, in September 2020. [...]

https://www.bleepingcomputer.com/news/security/hackers-target-eu-commission-covid-19-cold-chain-supply-orgs/

Hacker-for-hire group develops new stealthy Windows backdoor

Kaspersky researchers discovered a previously undocumented Windows PowerShell malware dubbed PowerPepper and developed by the hacker-for-hire group DeathStalker. [...]

https://www.bleepingcomputer.com/news/security/hacker-for-hire-group-develops-new-stealthy-windows-backdoor/

Kmart nationwide retailer suffers a ransomware attack

US department store retailer Kmart has suffered a ransomware attack that impacts back-end services at the company, BleepingComputer has learned. [...]

https://www.bleepingcomputer.com/news/security/kmart-nationwide-retailer-suffers-a-ransomware-attack/

Credit card stealing malware hides in social media sharing icons

Newly discovered web skimming malware is capable of hiding in plain sight to inject payment card skimmer scripts into compromised online stores. [...]

https://www.bleepingcomputer.com/news/security/credit-card-stealing-malware-hides-in-social-media-sharing-icons/

Metro Vancouver’s transit system TransLink hit by Egregor ransomware

The Egregor ransomware operation has breached Metro Vancouver's transportation agency TransLink with the cyberattack causing disruptions in services and payment systems. [...]

https://www.bleepingcomputer.com/news/security/metro-vancouver-s-transit-system-translink-hit-by-egregor-ransomware/

BlackShadow hackers extort Israeli insurance company for $1 million

Threat actors are extorting an Israeli insurance company by demanding almost $1 million in bitcoin to stop leaking the company's stolen data. [...]

https://www.bleepingcomputer.com/news/security/blackshadow-hackers-extort-israeli-insurance-company-for-1-million/

VMware fixes zero-day vulnerability reported by the NSA

VMware has released security updates to address a zero-day vulnerability in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. [...]

https://www.bleepingcomputer.com/news/security/vmware-fixes-zero-day-vulnerability-reported-by-the-nsa/

Largest global staffing agency Randstad hit by Egregor ransomware

Staffing agency Randstad NV announced today that their network was breached by the Egregor ransomware, who stole unencrypted files during the attack. [...]

https://www.bleepingcomputer.com/news/security/largest-global-staffing-agency-randstad-hit-by-egregor-ransomware/

US and Australia to develop shared cyberattack training platform

The United States and Australia have signed a first-ever bilateral agreement that allows the U.S. Cyber Command (USCYBERCOM) and the Information Warfare Division (IWD) of the Australian Defense Force to jointly develop and share a virtual cyber training platform. [...]

https://www.bleepingcomputer.com/news/security/us-and-australia-to-develop-shared-cyberattack-training-platform/

Monolith mystery solved: Artist claims he made 'alien' structures

An artist has claimed responsibility for the mysterious monoliths that have been appearing across the world, including Utah, California, and Romania. The pseudonymous artist has these monumental structures for sale on their website for $45,000. [...]

https://www.bleepingcomputer.com/news/technology/monolith-mystery-solved-artist-claims-he-made-alien-structures/

FBI: You may be a money mule and not even know it

The FBI has warned of an increasing number of scammers preying on unemployed Americans by trying to recruit them into their money mule schemes and use them to launder funds obtained via fraud, online scams, and other types of criminal activities. [...]

https://www.bleepingcomputer.com/news/security/fbi-you-may-be-a-money-mule-and-not-even-know-it/

The Week in Ransomware - December 4th 2020 - Education under attack

It has been another rough week for the enterprise and education as ransomware continues to impact business operations and shut down schools. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-4th-2020-education-under-attack/

MetaMask phishing steals cryptocurrency wallets via Google ads

Over the past week, users of the MetaMask cryptocurrency wallet have been losing funds to a phishing scam that lured potential victims through Google search ads. [...]

https://www.bleepingcomputer.com/news/security/metamask-phishing-steals-cryptocurrency-wallets-via-google-ads/