DanaBot Banking Trojan Gets into Spam Business

Authors of the DanaBot banking trojans updated the malware with new features that enabled it to harvest email addresses and send out spam straight from the victim's mailbox. [...]

https://www.bleepingcomputer.com/news/security/danabot-banking-trojan-gets-into-spam-business/

Windows 10 Testing New Conversational Date Format in File Explorer

Microsoft is testing a new feature in the Windows 10 19H1 Insider builds (Build 1903) that changes how dates are displayed in File Explorer to a more "conversational format" such as "minutes ago", "yesterday", "hours ago", etc. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-testing-new-conversational-date-format-in-file-explorer/

The Week in Ransomware - December 7th 2018 - WeChat Ransomware, Scammers, & More

This was a pretty interesting week in ransomware. First we had a Chinese ransomware that infected 100,000 victims and then we had research showing how a ransomware decryption service was just paying the ransom and tacking on a large fee. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-7th-2018-wechat-ransomware-scammers-and-more/

WebKit Vulnerability Affects Latest Versions of Apple Safari

A researcher published exploit code for a vulnerability in WebKit, the web browser engine that powers Apple's Safari, along with other apps on macOS, iOS, and Linux. [...]

https://www.bleepingcomputer.com/news/security/webkit-vulnerability-affects-latest-versions-of-apple-safari/

Sextortion Emails now Leading to Ransomware and Info-Stealing Trojans

Sextortion email scams have been a very successful way of generating money for criminals. A new Sextortion campaign is now taking it to the next level by tricking recipients into installing the Azorult information-stealing Trojan, which then downloads and installs the GandCrab ransomware. [...]

https://www.bleepingcomputer.com/news/security/sextortion-emails-now-leading-to-ransomware-and-info-stealing-trojans/

Pressing F7 in the Command Prompt Lists Previously Entered Commands

Did you know that pressing the F7 key while using the Windows command prompt will display a box containing a list of previously typed commands? If not, then these tips may help you use the Command Prompt more efficiently. [...]

https://www.bleepingcomputer.com/news/microsoft/pressing-f7-in-the-command-prompt-lists-previously-entered-commands/

Exploit Code for the Kubernetes Flaw Is Now Available

The recently disclosed critical-impact bug in Kubernetes created strong ripples in the security world of the container-orchestration system. Now, multiple demo exploits exist and come with easy-to-understand explanations. [...]

https://www.bleepingcomputer.com/news/security/exploit-code-for-the-kubernetes-flaw-is-now-available/

Microsoft's New Edge Browser to Support Chrome Extensions - Even Malicious Ones

Microsoft has confirmed that the upcoming Chromium-based Edge browser will also be able to run Chrome extensions. While this will greatly expand the functionality of the browser, it will also open it up to the increasing amount of malicious Chrome extensions that are seen on a daily basis. [...]

https://www.bleepingcomputer.com/news/security/microsofts-new-edge-browser-to-support-chrome-extensions-even-malicious-ones/

Android Clickfraud Op Impersonates iPhones to Bump Ad Premiums

A mobile clickfraud campaign used 22 Android apps to trick online advertisers into paying the higher price for advertising on iPhone 5 to 8 Plus devices. [...]

https://www.bleepingcomputer.com/news/security/android-clickfraud-op-impersonates-iphones-to-bump-ad-premiums/

Bug in Google+ API Puts at Risk Privacy of over 52 Million Users

Non-public details on about 52.5 million Google+ profiles were accessible to developers of apps requesting permission to view data the user had configured to remain private. [...]

https://www.bleepingcomputer.com/news/security/bug-in-google-api-puts-at-risk-privacy-of-over-52-million-users/

Windows 10 Insider Build 18298 Brings New Features and Improvements

Microsoft has released Windows 10 Insider Preview Build 18298 (19H1) to insiders in the Fast ring. This build contains numerous new features and improvements including the ability to setup a security key directly from the Sign-in options screen, a new file explorer icon, Start Menu changes, mouse cursor options, and more.  [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18298-brings-new-features-and-improvements/

Seedworm Spy Gang Stores Malware on GitHub, Keeps Up with Infosec Advances

The relatively new espionage group Speedworm proves to be highly adaptive by using GitHub to keep their malware and by carefully observing the developments on the infosec scene via social networking services. [...]

https://www.bleepingcomputer.com/news/security/seedworm-spy-gang-stores-malware-on-github-keeps-up-with-infosec-advances/

Hackers Steal Over 40k Logins for Gov Services in 30 Countries

More than 40,000 users victims of phishing attacks had their credentials for unlocking online accounts for government services stolen. The information might have already been sold on underground hacker forums [...]

https://www.bleepingcomputer.com/news/security/hackers-steal-over-40k-logins-for-gov-services-in-30-countries/

Cobalt Bank Robbers Use New ThreadKit Malicious Doc Builder

The Cobalt hacking group specialized in breaching the networks financial institutions and banks is now using a new variant of the ThreadKit exploit builder kit for Microsoft Office documents. [...]

https://www.bleepingcomputer.com/news/security/cobalt-bank-robbers-use-new-threadkit-malicious-doc-builder/

Mozilla Firefox 64.0 Released - Here's What's New

Mozilla has released Firefox 64 and it comes with new features such as the Contextual Feature Recommender, multi-tab selections, an improved Task Manager, and native Windows 10 sharing support. [...]

https://www.bleepingcomputer.com/news/software/mozilla-firefox-640-released-heres-whats-new/

Windows 10 Cumulative Updates Released With Fix for Windows Media Player

The December 2018 cumulative updates are now available for supported versions of Windows 10. Today's update for Windows 10 has addressed the security and non-security issues. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-released-with-fix-for-windows-media-player/

Microsoft December 2018 Patch Tuesday Fixes Actively Used Zero-Day Vulnerability

Today is Microsoft's December 2018 Patch Tuesday, which means it is time to update your computer so that you are protected from the latest threats to Windows and Microsoft products. Two of the patched critical vulnerabilities are known to have been used in the wild, so it is important that these updates are installed immediately. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-december-2018-patch-tuesday-fixes-actively-used-zero-day-vulnerability/

Updates Released For Critical Vulnerabilities in Adobe Acrobat and Reader

Today, Adobe released security updates that fix numerous critical vulnerabilities in Adobe Acrobat and Reader. This was a massive update, with over 87 vulnerabilities being patched by Adobe. [...]

https://www.bleepingcomputer.com/news/security/updates-released-for-critical-vulnerabilities-in-adobe-acrobat-and-reader/

Android Malware Tricks User to Log into PayPal to Steal Funds

An Android malware posing as a battery optimization app social engineers its way into stealing funds from PayPal users, despite two-factor authentication protection, by simply prompting them to log into the app. [...]

https://www.bleepingcomputer.com/news/security/android-malware-tricks-user-to-log-into-paypal-to-steal-funds/

Windows 10 Notepad is Getting Better UTF-8 Encoding Support

In the latest Windows 10 Insider build, Microsoft has released a new version of Notepad that includes changes that bring it closer to what we have come to expect from modern text file editors. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-notepad-is-getting-better-utf-8-encoding-support/