Sophos fixes SQL injection vulnerability in their Cyberoam OS

Sophos has deployed a hotfix for their line of Cyberoam firewalls and routers to fix a SQL injection vulnerability. [...]

https://www.bleepingcomputer.com/news/security/sophos-fixes-sql-injection-vulnerability-in-their-cyberoam-os/

Fake data breach alerts used to steal Ledger cryptocurrency wallets

A phishing scam is underway that targets Ledger wallet users with fake data breach notifications used to steal cryptocurrency from recipients. [...]

https://www.bleepingcomputer.com/news/security/fake-data-breach-alerts-used-to-steal-ledger-cryptocurrency-wallets/

U.S. warns of increased cyberattacks against K-12 distance learning

K-12 educational institutions in the U.S. are being targeted by malicious actors for extortion, data theft, and general disruption of normal activity. The trend will continue through the 2020/2021 academic year. [...]

https://www.bleepingcomputer.com/news/security/us-warns-of-increased-cyberattacks-against-k-12-distance-learning/

Microsoft adds 64-bit application support to Windows 10 on ARM

Microsoft has announced the long-awaited ability to run emulated 64-bit applications in Windows on ARM. This new feature will allow applications to use more memory and thus gain better performance than their 32-bit counterparts. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-adds-64-bit-application-support-to-windows-10-on-arm/

Massive Subway UK phishing attack is pushing TrickBot malware

A massive phishing campaign pretending to be a Subway order confirmation is underway distributing the notorious TrickBot malware. [...]

https://www.bleepingcomputer.com/news/security/massive-subway-uk-phishing-attack-is-pushing-trickbot-malware/

Microsoft: New malware can infect over 30K Windows PCs a day

Microsoft has warned of an ongoing campaign pushing a new browser hijacking and credential-stealing malware dubbed Adrozek which, at its peak, was able to take over more than 30,000 devices every day. [...]

https://www.bleepingcomputer.com/news/security/microsoft-new-malware-can-infect-over-30k-windows-pcs-a-day/

Facebook unmasks Vietnam’s APT32 hacking group

The Facebook security team has revealed today the real identity of APT32, a Vietnam-backed hacking group active in cyberespionage campaigns targeting foreign government, multi-national corporations, and journalists since at least 2014. [...]

https://www.bleepingcomputer.com/news/security/facebook-unmasks-vietnam-s-apt32-hacking-group/

Ex-Cisco engineer who nuked 16k WebEx accounts sent to prison

Sudhish Kasaba Ramesh, a former Cisco engineer, was sentenced on Wednesday to two years in prison and ordered to pay a $15,000 fine for shutting down more than 16,000 WebEx Teams accounts and over 450 virtual machines in 2018, [...]

https://www.bleepingcomputer.com/news/security/ex-cisco-engineer-who-nuked-16k-webex-accounts-sent-to-prison/

Microsoft Office security updates fix critical SharePoint RCE bugs

Microsoft has addressed critical remote code execution vulnerabilities in multiple SharePoint versions with this month's Office security updates. [...]

https://www.bleepingcomputer.com/news/security/microsoft-office-security-updates-fix-critical-sharepoint-rce-bugs/

Samsung fixes critical Android bugs in December 2020 updates

This week Samsung has started rolling out Android's December security updates to mobile devices to patch critical security vulnerabilities in the operating system. This comes after Android had published their December 2020 security updates bulletin, which includes patches for critical bugs. [...]

https://www.bleepingcomputer.com/news/security/samsung-fixes-critical-android-bugs-in-december-2020-updates/

MountLocker ransomware gets slimmer, now encrypts fewer files

MountLocker ransomware received an update recently that cut its size by half but preserves a weakness that could potentially allow learning the random key used to encrypt files. [...]

https://www.bleepingcomputer.com/news/security/mountlocker-ransomware-gets-slimmer-now-encrypts-fewer-files/

The Week in Ransomware - December 11th 2020 - Targeting K-12

This week we continued to see ransomware target businesses, education, and healthcare with cyberattacks that disrupt operations and lead to school closings. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-11th-2020-targeting-k-12/

Adobe releases final Flash Player update, warns of 2021 kill switch

After 24 years of fun games and abuse by threat actors, Adobe has released their final Flash Player update and thanked everyone for the fantastic content that they have released over the years. [...]

https://www.bleepingcomputer.com/news/software/adobe-releases-final-flash-player-update-warns-of-2021-kill-switch/

Subway marketing system hacked to send TrickBot malware emails

Subway UK has disclosed that a hacked system used for marketing campaigns is responsible for the malware-laden phishing emails sent to customers yesterday. [...]

https://www.bleepingcomputer.com/news/security/subway-marketing-system-hacked-to-send-trickbot-malware-emails/

Windows 10X is arriving next year: What we know so far

According to reliable sources, Windows 10X is now expected to launch on single-screen devices in the Spring of 2021. Here's everything you need to know. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10x-is-arriving-next-year-what-we-know-so-far/

Hands on with Windows 10's built-in Pktmon network monitor

With the Windows 10 October 2018 update release, Microsoft had quietly added a built-in command-line network packet sniffer called Pktmon to Windows 10. Since then, Microsoft has added a few more features to the tool that make it much easier to use. [...]

https://www.bleepingcomputer.com/news/microsoft/hands-on-with-windows-10s-built-in-pktmon-network-monitor/

Intel's Habana Labs hacked by Pay2Key ransomware, data stolen

​Intel-owned AI processor developer Habana Labs has suffered a cyberattack where data was stolen and leaked by threat actors. [...]

https://www.bleepingcomputer.com/news/security/intels-habana-labs-hacked-by-pay2key-ransomware-data-stolen/

Google Chrome's high-resource ad blocking spotted in the wild

Google Chrome has now actively started targeting ads that drain device resources like network data, processing power or RAM. [...]

https://www.bleepingcomputer.com/news/google/google-chromes-high-resource-ad-blocking-spotted-in-the-wild/

Hacking group’s new malware abuses Google and Facebook services

Molerats cyberespionage group has been using in recent spear-phishing campaigns fresh malware that relies on Dropbox, Google Drive, and Facebook for command and control communication and to store stolen data. [...]

https://www.bleepingcomputer.com/news/security/hacking-group-s-new-malware-abuses-google-and-facebook-services/

Hacking group’s new malware abuses Google and Facebook services

Molerats cyberespionage group has been using in recent spear-phishing campaigns fresh malware that relies on Dropbox, Google Drive, and Facebook for command and control communication and to store stolen data. [...]

https://www.bleepingcomputer.com/news/security/hacking-group-s-new-malware-abuses-google-and-facebook-services/

Google outage affecting YouTube, Gmail and more

Google users are currently experiencing issues around the world, with users unable to access Gmail, YouTube, Google Drive, and possibly other Google services. [...]

https://www.bleepingcomputer.com/news/google/google-outage-affecting-youtube-gmail-and-more/