Trump bans China-linked apps for collecting Americans’ data

United States President Donald Trump has signed an executive order banning eight Chinese apps considered to be a threat to US national security, economy, and foreign policy. [...]

https://www.bleepingcomputer.com/news/security/trump-bans-china-linked-apps-for-collecting-americans-data/

WhatsApp: Share your data with Facebook or delete your account

After WhatsApp updated its Privacy Policy and Terms of Service on Monday with additional info on how it handles users' data, the company is now notifying users through the mobile app that, starting February, they will be required to share their data with Facebook. [...]

https://www.bleepingcomputer.com/news/security/whatsapp-share-your-data-with-facebook-or-delete-your-account/

Windows 10 gets Google Discover-like news recommendation feature

Microsoft is rolling out a new Windows 10 feature to Insiders called 'News and Interests' that displays a taskbar flyout with recommended news stories, sports scores, and weather information. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-gets-google-discover-like-news-recommendation-feature/

SolarWinds hackers had access to over 3,000 US DOJ email accounts

The US Department of Justice said that the attackers behind the SolarWinds supply chain attacks have gained access to roughly 3% of the department's Office 365 email inboxes. [...]

https://www.bleepingcomputer.com/news/security/solarwinds-hackers-had-access-to-over-3-000-us-doj-email-accounts/

Microsoft makes the Windows 10 File Recovery tool easier to use

Microsoft released today a new simplified version of the Windows File Recovery tool to test on the latest Windows 10 Insider build. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-makes-the-windows-10-file-recovery-tool-easier-to-use/

Windows 10 WSL now can run Linux commands on startup

Microsoft now allows users of the Windows Subsystem for Linux (WSL) to run commands automatically on WSL distribution startup. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-wsl-now-can-run-linux-commands-on-startup/

Mozilla Firefox disabling backspace key to prevent data loss

Mozilla Firefox is disabling the browser's backspace key to prevent users from accidentally losing data typed into forms. [...]

https://www.bleepingcomputer.com/news/software/mozilla-firefox-disabling-backspace-key-to-prevent-data-loss/

Linux malware authors use Ezuri Golang crypter for zero detection

Multiple malware authors are using the "Ezuri" crypter and memory loader written in Go to evade detection by antivirus products.
Source code for Ezuri is available on GitHub for anyone to use. [...]

https://www.bleepingcomputer.com/news/security/linux-malware-authors-use-ezuri-golang-crypter-for-zero-detection/

JetBrains denies involvement in the SolarWinds supply-chain hack

JetBrains' CEO, Maxim Shafirov, denied reports from multiple news outlets that the company played a role in the SolarWinds supply chain attack. [...]

https://www.bleepingcomputer.com/news/security/jetbrains-denies-involvement-in-the-solarwinds-supply-chain-hack/

FBI warns of Egregor ransomware extorting businesses worldwide

The US Federal Bureau of Investigation (FBI) has sent a security alert warning private sector companies that the Egregor ransomware operation is actively targeting and extorting businesses worldwide. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-egregor-ransomware-extorting-businesses-worldwide/

US Judiciary adds safeguards after potential breach in SolarWinds hack

The Administrative Office of the U.S. Courts is investigating a potential compromise of the federal courts' case management and electronic case files system which stores millions of highly sensitive and confidential judiciary records. [...]

https://www.bleepingcomputer.com/news/security/us-judiciary-adds-safeguards-after-potential-breach-in-solarwinds-hack/

SEO scammer extorts site owners using porn backlinks threat

Website owners are receiving emails threatening to ruin their reputation if they do not post a five-star review for a cryptocurrency exchange. [...]

https://www.bleepingcomputer.com/news/security/seo-scammer-extorts-site-owners-using-porn-backlinks-threat/

Windows PsExec zero-day vulnerability gets a free micropatch

A free micropatch fixing a local privilege escalation (LPE) vulnerability in Microsoft's Windows PsExec management tool is now available through the 0patch platform. [...]

https://www.bleepingcomputer.com/news/security/windows-psexec-zero-day-vulnerability-gets-a-free-micropatch/

Hacker sells Aurora Cannabis files stolen in Christmas cyberattack

​A hacker is selling the data stolen from cannabis giant Aurora Cannabis after breaching their systems on Christmas day. [...]

https://www.bleepingcomputer.com/news/security/hacker-sells-aurora-cannabis-files-stolen-in-christmas-cyberattack/

Ryuk ransomware Bitcoin wallets point to $150 million operation

Security researchers following the money circuit from Ryuk ransomware victims into the threat actor's pockets estimate that the criminal organization made at least $150 million. [...]

https://www.bleepingcomputer.com/news/security/ryuk-ransomware-bitcoin-wallets-point-to-150-million-operation/

Nissan NA source code leaked due to default admin:admin credentials

Multiple code repositories from Nissan North America became public this week after the company left an exposed Git server protected with default access credentials. [...]

https://www.bleepingcomputer.com/news/security/nissan-na-source-code-leaked-due-to-default-admin-admin-credentials/

NVIDIA fixes high severity flaws affecting Windows, Linux devices

NVIDIA has released security updates to address six security vulnerabilities found in Windows and Linux GPU display drivers, as well as ten additional flaws affecting the NVIDIA Virtual GPU (vGPU) management software.  [...]

https://www.bleepingcomputer.com/news/security/nvidia-fixes-high-severity-flaws-affecting-windows-linux-devices/

Microsoft fixes Windows 10 crash issue causing forced reboots

Microsoft has addressed a known issue causing Windows 10 20H2 devices to force restart due to the Local Security Authority Subsystem Service (LSASS) system process crashing. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-crash-issue-causing-forced-reboots/

Signal fixes verification delays caused by WhatsApp mass exodus

Signal's encrypted messaging service has recovered from delays affecting its new user verification process after a mass exodus of WhatsApp users to their platform. [...]

https://www.bleepingcomputer.com/news/software/signal-fixes-verification-delays-caused-by-whatsapp-mass-exodus/

Dassault Falcon Jet reports data breach after ransomware attack

Dassault Falcon Jet has disclosed a data breach that may have led to the exposure of personal information belonging to current and former employees, as well as their spouses and dependents. [...]

https://www.bleepingcomputer.com/news/security/dassault-falcon-jet-reports-data-breach-after-ransomware-attack/

The Week in Ransomware - January 8th 2021 - $150 million

Even though the holidays are over in many countries, it has been a very quiet week for ransomware. Unfortunately, ransomware activity will likely pick up shortly. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-8th-2021-150-million/