Microsoft OneDrive Has 60% Jump in Hosting of Malicious Files

A retrospective look at the phishing trends from the first quarter of 2019 shows a steep jump in the use of Microsoft's OneDrive file sharing service to host malicious files. [...]

https://www.bleepingcomputer.com/news/security/microsoft-onedrive-has-60-percent-jump-in-hosting-of-malicious-files/

Malspam Campaigns Hide Infostealers in ISO Image Files

Multiple malicious campaigns observed in April concealed LokiBot and Nanocore malware inside ISO image files small enough to fit into an email attachment. [...]

https://www.bleepingcomputer.com/news/security/malspam-campaigns-hide-infostealers-in-iso-image-files/

Windows 10 1903 Insiders Test Fix For Event Viewer Custom Views

Microsoft has released the Windows 10 version 1903 KB4501375 cumulative update to Insiders in the Release ring for testing before it goes live for everyone. For this update there is no support bulletin listing what is fixed, but testing the Event Viewer shows that this update fixes the custom views crash bug. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-1903-insiders-test-fix-for-event-viewer-custom-views/

BlueStacks Flaw Lets Attackers Remotely Control Android Emulator

Vulnerabilities in the BlueStacks Android emulator were fixed at the end of May that allowed attackers to perform remote code execution, information disclosure, and to steal backups of the VM and its data. [...]

https://www.bleepingcomputer.com/news/security/bluestacks-flaw-lets-attackers-remotely-control-android-emulator/

Microsoft OneDrive Gets a New Encrypted 'Personal Vault'

Due to the ever increasing growth of online threats that target your sensitive data, Microsoft has created a new OneDrive feature called 'Personal Vault' that will allow you encrypt and store your files in a secured container. [...]

https://www.bleepingcomputer.com/news/security/microsoft-onedrive-gets-a-new-encrypted-personal-vault/

Tech Support Scammers Target Search Ads on ISP Start Pages

Tech support scammers are targeting users through search ads for recipes on ISP start pages and custom search result pages that redirect users to browser lockers stating that their computers are infected. [...]

https://www.bleepingcomputer.com/news/security/tech-support-scammers-target-search-ads-on-isp-start-pages/

Phishing Scam Says You Won $2.5M For Using Google's Services

Computer security is such a serious business with the risk of financial harm, data loss, and hardware damage that it can be a nice change of pace to run into a scam that brings a chuckle. Such is the case with a phishing scam that pretends to be an email informing you that Google has awarded you $2.5 million. [...]

https://www.bleepingcomputer.com/news/security/phishing-scam-says-you-won-25m-for-using-googles-services/

Riltok Android Banker Takes Over SMS App, Spawns Phishing Screens

A family of banking trojans for Android has spread beyond Russia, a region it normally targeted, and operates in an aggressive way to replace the default SMS app and deploy phishing screens on compromised devices. [...]

https://www.bleepingcomputer.com/news/security/riltok-android-banker-takes-over-sms-app-spawns-phishing-screens/

Dominion National Discovers Breach 9 Years After it Happened

Customers of Dominion National dental and vision insurer and administrator started to receive notifications about a potential intrusion on the company's computer systems that may have exposed personal information to an unauthorized party. [...]

https://www.bleepingcomputer.com/news/security/dominion-national-discovers-breach-9-years-after-it-happened/

EA Fixes Origin Game Platform To Prevent Account Takeovers

Security researchers discovered vulnerabilities in the gaming platform from Electronic Arts (EA) that could have allowed an attacker to take over the accounts of as many as 300 million users. [...]

https://www.bleepingcomputer.com/news/security/ea-fixes-origin-game-platform-to-prevent-account-takeovers/

YouTube Bitcoin Scams Pushing the njRAT Backdoor InfoStealer

YouTube scams are promoting software that pretends to allow users to get free Bitcoins, but instead installs the njRAT remote access Trojan and password stealer. [...]

https://www.bleepingcomputer.com/news/security/youtube-bitcoin-scams-pushing-the-njrat-backdoor-infostealer/

Attackers Earn Over $1 Million in Florida Ransomware Attacks

Hackers launching ransomware attacks against municipalities in Florida locked earnings in excess of $1 million this month as administrators of two cities found no other way to recover files on affected systems. [...]

https://www.bleepingcomputer.com/news/security/attackers-earn-over-1-million-in-florida-ransomware-attacks/

Google Warns of Microsoft SwiftKey Losing Access to Gmail on July 15

Google is sending out warnings to Microsoft SwiftKey users that the keyboard will no longer be able to access the data in Google Accounts, including Gmail content, starting on July 15th. [...]

https://www.bleepingcomputer.com/news/security/google-warns-of-microsoft-swiftkey-losing-access-to-gmail-on-july-15/

Google Chrome OS 75 Released with ZombieLoad MDS Mitigations

Google has released the Chrome OS 75 update that includes new mitigations for the Microarchitectural Data Sampling (MDS) speculative execution vulnerabilities disclosed in May. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-os-75-released-with-zombieload-mds-mitigations/

Instagram Like Counts May Go Private, Already Being Tested

Instagram is experimenting with making the like counts of a post private rather than being publicly available to every one to see. This change has already been seen in experiments by Instagram users. [...]

https://www.bleepingcomputer.com/news/software/instagram-like-counts-may-go-private-already-being-tested/

New Microsoft Edge Dev Update Adds Dark Mode Improvements

Microsoft has released Chromium-based Edge Dev Build 77.0.197.1 for Windows with a number of improvements and fixes. The latest release brings refined dark mode support to settings, history, downloads, favorites, apps, and other pages. [...]

https://www.bleepingcomputer.com/news/microsoft/new-microsoft-edge-dev-update-adds-dark-mode-improvements/

New Silex Malware Trashes IoT Devices Using Default Passwords

A teen coder and his team developed a new malware named Silex that bricked poorly protected IoT devices by the thousands in a short period of time. [...]

https://www.bleepingcomputer.com/news/security/new-silex-malware-trashes-iot-devices-using-default-passwords/

Windows 10 1809 Cumulative Update KB4509479 Released With Fixes

Microsoft has released a new cumulative update for Windows 10 version 1809 that fixes a bug that prevent Windows from connecting to Storage Area Network (SAN) devices. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-1809-cumulative-update-kb4509479-released-with-fixes/

Hacked Ad Server Pushes SEON Ransomware, Trojans Via Malvertising

The ad server for a very popular video converter site was hacked to display malvertising that loads the GreenFlash Sundown exploit kit.  This exploit kit would then drop the SEON Ransomware, Pony information stealing Trojan, and miners on a vulnerable computer. [...]

https://www.bleepingcomputer.com/news/security/hacked-ad-server-pushes-seon-ransomware-trojans-via-malvertising/

Cisco Patches Critical Flaws in Data Center Network Manager

Cisco released today patches for its Data Center Network Manager (DCNM) software fixing critical vulnerabilities that allow a remote attacker to upload files and execute actions with root privileges. [...]

https://www.bleepingcomputer.com/news/security/cisco-patches-critical-flaws-in-data-center-network-manager/