Adobe Fixes 45 Critical Vulnerabilities in Acrobat and Reader

Adobe has released security updates to resolve vulnerabilities that could allow attackers to gain unauthorized access, execute commands on vulnerable computers, or elevate their privileges. [...]

https://www.bleepingcomputer.com/news/security/adobe-fixes-45-critical-vulnerabilities-in-acrobat-and-reader/

Scammers Use Fake Checkra1n iOS Jailbreak in Click Fraud Campaign

Scammers have already been spotted baiting Apple users using a recently developed iOS jailbreak dubbed checkra1n as the lure in a campaign designed to help the crooks earn money via click-fraud and boost App Store rankings for several apps. [...]

https://www.bleepingcomputer.com/news/security/scammers-use-fake-checkra1n-ios-jailbreak-in-click-fraud-campaign/

Windows 10 1809 Update KB4520062 Fixes a Startup Black Screen Issue

Microsoft released this month's optional Windows 10 cumulative updates with KB4520062 being the most noteworthy as it fixes an issue leading to a black screen being displayed at startup during the first sign in after installing an update.  [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-1809-update-kb4520062-fixes-a-startup-black-screen-issue/

Symantec Fixes Bad IPS Definitions That Cause a Windows BSOD

Symantec fixed an issue causing Blue Screens Of Death (BSOD) for customers running the company's Endpoint Protection Client software on Windows versions ranging from Windows 7 to Windows 10 per reports. [...]

https://www.bleepingcomputer.com/news/security/symantec-fixes-bad-ips-definitions-that-cause-a-windows-bsod/

OnionShare Lets Anyone Host Anonymous Sites on the Dark Web

A new version of the OnionShare program now allows you to easily create basic anonymous dark web sites on Tor so that they cannot be censored. This is particularly useful for those who wish to publish information anonymously, but do not want to deal with the mechanics of setting up their own dark web server. [...]

https://www.bleepingcomputer.com/news/software/onionshare-lets-anyone-host-anonymous-sites-on-the-dark-web/

Facebook Encourages Bug Hunting in Third-Party Services

Facebook updated the terms of its bug bounty program for third-party services integrating with the platform to increase the rewards received by researchers. [...]

https://www.bleepingcomputer.com/news/security/facebook-encourages-bug-hunting-in-third-party-services/

Domain Typosquatters Target the 2020 Presidential Election

With a large playing field of candidates for the upcoming 2020 United States presidential election, political campaigns and scammers are capitalizing on searchers mistypeing a candidate's name in order to bring them to sites they weren't expecting. [...]

https://www.bleepingcomputer.com/news/security/domain-typosquatters-target-the-2020-presidential-election/

New SDBot Remote Access Trojan Used in TA505 Malspam Campaigns

Researchers discovered two new malware strains distributed via phishing campaigns carried out by the TA505 hacking group during the last two months, a new downloader dubbed Get2 and an undocumented remote access Trojan (RAT) named SDBbot. [...]

https://www.bleepingcomputer.com/news/security/new-sdbot-remote-access-trojan-used-in-ta505-malspam-campaigns/

Malware Uses Your PC to Send 30K Sextortion Emails Per Hour

Sextortion emails stating that your computer was hacked and video was created of you on porn sites have become so common that they are treated simply as another spam. That does not mean, though, that they are not profitable as a new report shows attackers are generating revenue by utilizing infected PCs to do their dirty work. [...]

https://www.bleepingcomputer.com/news/security/malware-uses-your-pc-to-send-30k-sextortion-emails-per-hour/

Unsecured Docker Hosts Attacked by New Graboid Cryptojacking Worm

A new cryptojacking campaign was discovered using Docker images to deliver a worm that follows a seemingly erratic plan where the miner is active for about four minutes at a time on an infected host. [...]

https://www.bleepingcomputer.com/news/security/unsecured-docker-hosts-attacked-by-new-graboid-cryptojacking-worm/

Security Health Analytics Helps Secure Google Cloud, Hits Beta

Google announced today the beta release of Security Health Analytics, a product designed to help Google Cloud Platform (GCP) admins take action after identifying security misconfigurations or compliance violations. [...]

https://www.bleepingcomputer.com/news/google/security-health-analytics-helps-secure-google-cloud-hits-beta/

Attackers Hide Backdoors and Cryptominers in WAV Audio Files

Attackers behind a new malicious campaign are using WAV audio files to hide and drop backdoors and Monero cryptominers on their targets' systems as BlackBerry Cylance threat researchers discovered. [...]

https://www.bleepingcomputer.com/news/security/attackers-hide-backdoors-and-cryptominers-in-wav-audio-files/

Google News Is Experiencing Indexing Issues With New Content

Google News is broken for users as several websites including BleepingComputer, CNN and others are not showing up in Google News search results with date filters. [...]

https://www.bleepingcomputer.com/news/google/google-news-is-experiencing-indexing-issues-with-new-content/

Windows 10 1909 Is Almost Ready, What Developers Need to Know

The Windows Developer Team detailed in a blog post published today the new additions developers should be aware of with the imminent release of Windows 10, version 1909 (19H2), now known as November 2019 Update. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-1909-is-almost-ready-what-developers-need-to-know/

Firefox 70 Address Bar Gets New Security Indicators, Shames Insecure Sites

The next Firefox major release will update the security indicators in the address bar and add a privacy icon to signal privacy threats on loaded pages. [...]

https://www.bleepingcomputer.com/news/security/firefox-70-address-bar-gets-new-security-indicators-shames-insecure-sites/

Millions of Amazon Echo and Kindle Devices Affected by WiFi Bug

Millions of Amazon Echo 1st generation and Amazon Kindle 8th generation are susceptible to an old WiFi vulnerability called KRACK that allows an attacker to perform a man in the middle attack against a WPA2 protected network. [...]

https://www.bleepingcomputer.com/news/security/millions-of-amazon-echo-and-kindle-devices-affected-by-wifi-bug/

Stripe Users Targeted in Phishing Attack That Steals Banking Info

A phishing campaign using fake invalid account Stripe support alerts as lures has been spotted while attempting to harvest customers' bank account info and user credentials using booby-trapped Stripe customer login pages. [...]

https://www.bleepingcomputer.com/news/security/stripe-users-targeted-in-phishing-attack-that-steals-banking-info/

Cozy Bear Russian Hackers Spotted After Staying Undetected for Years

Cyber-espionage operations from Cozy Bear, a threat actor believed to work for the Russian government, continued undetected for the past years by using malware families previously unknown to security researchers. [...]

https://www.bleepingcomputer.com/news/security/cozy-bear-russian-hackers-spotted-after-staying-undetected-for-years/

European Airport Systems Infected With Monero-Mining Malware

More than 50% of all computing systems at a European international airport were recently found to be infected with a Monero cryptominer linked to the Anti-CoinMiner campaign spotted during August 2018 by Zscaler. [...]

https://www.bleepingcomputer.com/news/security/european-airport-systems-infected-with-monero-mining-malware/

Google Chrome 77 Added New Site Isolation Security Features

Google has announced that with the release of Google Chrome 77, Site Isolation has been brought to Android and desktop users received additional protections when this feature is enabled. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-77-added-new-site-isolation-security-features/