Google Chrome to Gradually Start Blocking Mixed Content by Default

Google announced that the Chrome web browser will gradually start blocking HTTPS pages from loading insecure resources to improve the users' privacy and security while browsing the web. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-to-gradually-start-blocking-mixed-content-by-default/

'Lost Files' Data Wiper Poses as a Windows Security Scanner

A Windows Security Scanner that states it encrypted your files is being distributed by spam, but whether by bug or design, it instead corrupts binary data in a victim's files.  [...]

https://www.bleepingcomputer.com/news/security/lost-files-data-wiper-poses-as-a-windows-security-scanner/

Four U.S. Food Chains Disclose Payment Card Theft via PoS Malware

Hackers caused havoc at four restaurant chains in the U.S. over the summer after compromising their payment systems with malware that stole customers' payment card information. [...]

https://www.bleepingcomputer.com/news/security/four-us-food-chains-disclose-payment-card-theft-via-pos-malware/

Australian Govt Issues Android and iOS Security Hardening Guides

The Australian Signals Directorate (ASD)'s Australian Cyber Security Centre (ACSC) has published a set of two guides designed to help Australian government, commercial organizations, and enterprises harden the security of iOS and Android devices in their fleets. [...]

https://www.bleepingcomputer.com/news/security/australian-govt-issues-android-and-ios-security-hardening-guides/

Details of 92 Million Brazilians Auctioned on Underground Forums

Someone is offering to auction on underground forums a database containing personal information of 92 million Brazilian citizens. They claim that every record is real and unique. [...]

https://www.bleepingcomputer.com/news/security/details-of-92-million-brazilians-auctioned-on-underground-forums/

Novter Trojan Sets its Sights on Microsoft Windows Defender

The Novter Trojan, also known as Nodersok or Divergent, is the latest Trojan to actively target Microsoft's Windows Defender by attempting to disable it. [...]

https://www.bleepingcomputer.com/news/security/novter-trojan-sets-its-sights-on-microsoft-windows-defender/

Magecart Impacts Hundreds of Thousands of Websites, Still Growing

With over two million detections to date, compromising shopping sites' resources to steal customer payment card info is a global phenomenon unlikely to end soon. [...]

https://www.bleepingcomputer.com/news/security/magecart-impacts-hundreds-of-thousands-of-websites-still-growing/

Actively Exploited Android Zero-Day Impacts Google, Samsung Devices

Google's Threat Analysis Group (TAG) says that a new Android zero-day is actively being exploited in the wild in attacks targeting vulnerable Google Pixel, Huawei, Xiaomi, Samsung, Oppo, and Moto devices. [...]

https://www.bleepingcomputer.com/news/security/actively-exploited-android-zero-day-impacts-google-samsung-devices/

Windows 10 KB4524147 Cumulative Update Breaks the Start Menu

The KB4524147 Cumulative Update for Windows 10, version 1903 is causing the Windows start menu to crash with a critical error according to numerous user reports. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4524147-cumulative-update-breaks-the-start-menu/

Microsoft Discovers Iranian Hacking Campaign Targeting U.S. Politics

Microsoft says that a state-sponsored Iranian cyber-espionage group tracked as Phosphorus by the Microsoft Threat Intelligence Center (MSTIC) attempted to get account info on over 2,700 of its customers, attack 241 of them, and compromised four accounts between August and September. [...]

https://www.bleepingcomputer.com/news/security/microsoft-discovers-iranian-hacking-campaign-targeting-us-politics/

UAB Medicine Data Breach Exposes Patient Info in Phishing Attack

UAB Medical is the victim of a phishing attack that targeted the medical center's payroll department. This allowed the attackers to gain access to numerous employee emails that contained the health information for 19,557 patients. [...]

https://www.bleepingcomputer.com/news/security/uab-medicine-data-breach-exposes-patient-info-in-phishing-attack/

The Week in Ransomware - October 4th 2019 - That's all Folks

This has been quite a busy week with lots of new variants, new ransomware attacks, including those targeting hospitals, and new information coming out about the REvil/Sodinokibi Ransomware. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-4th-2019-thats-all-folks/

Dutch Govt Explains the Risks Behind DNS-Over-HTTPS Move

The Dutch National Cyber Security Centre (NCSC) explains how DNS-monitoring will get more difficult as modern encrypted DNS transport protocols are getting more popular in a fact sheet published this week. [...]

https://www.bleepingcomputer.com/news/security/dutch-govt-explains-the-risks-behind-dns-over-https-move/

Windows 10 KB4524147 Update May Cause Boot and Printing Issues

Windows 10 1903 users have started reporting boot, printing, and Start Menu issues after installing the KB4524147 cumulative update that go away once the update is uninstalled. Microsoft has not acknowledged any of these issues as of yet, but the amount of reports indicate that there is something going on with this update. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4524147-update-may-cause-boot-and-printing-issues/

HildaCrypt Ransomware Developer Releases Decryption Keys

The developer behind the HildaCrypt Ransomware has decided to release the ransomware's private decryption keys. With these keys a decryptor can be made that would allow any potential victims to recover their files for free. [...]

https://www.bleepingcomputer.com/news/security/hildacrypt-ransomware-developer-releases-decryption-keys/

Check If You Are in the Sephora and StreetEasy Data Breaches

Data breach lookup site Have I Been Pwned has added the stolen data from the StreetEasy and Sephora data breaches to their engine so that users can check if their information was exposed. [...]

https://www.bleepingcomputer.com/news/security/check-if-you-are-in-the-sephora-and-streeteasy-data-breaches/

DCH Hospital Pays Ryuk Ransomware for Decryption Key

DCH hospitals in Alabama have decided to the pay ransom for the Ryuk Ransomware in order to receive a decryptor and get their computer systems back up and running. [...]

https://www.bleepingcomputer.com/news/security/dch-hospital-pays-ryuk-ransomware-for-decryption-key/

Some Windows 10 Users Can't Use Firefox for Downloads

Mozilla says in an update to the Firefox 69.0.2 changelog that downloading files from the Internet may not work for Windows 10 users who have the Parental Controls feature toggled on and are part of a family group. [...]

https://www.bleepingcomputer.com/news/microsoft/some-windows-10-users-cant-use-firefox-for-downloads/

Muhstik Ransomware Victim Hacks Back, Releases Decryption Keys

A victim of the Muhstik Ransomware has hacked back against his attackers and released close to 3,000 decryption keys for victims along with a free decryptor to get their files back. [...]

https://www.bleepingcomputer.com/news/security/muhstik-ransomware-victim-hacks-back-releases-decryption-keys/

RobbinHood Ransomware Using Street Cred to Make Victims Pay

The operators behind the RobbinHood ransomware have changed their language in the ransom note in an effort to take from victims all hope of decrypting the files for free and to make them pay for the recovery. [...]

https://www.bleepingcomputer.com/news/security/robbinhood-ransomware-using-street-cred-to-make-victims-pay/