NordVPN Plans Security and Privacy Upgrades After Hack

NordVPN has announced that they are instituting new measures to better enhance security and to proactively detect security issues in their infrastructure after one of their server was hacked. [...]

https://www.bleepingcomputer.com/news/security/nordvpn-plans-security-and-privacy-upgrades-after-hack/

Europe's Electronic ID System Fixed Against Impersonation Risk

Researchers analyzing the electronic system for transactions and signatures used by the European Union member states found flaws that allowed impersonating any EU citizen. [...]

https://www.bleepingcomputer.com/news/security/europes-electronic-id-system-fixed-against-impersonation-risk/

xHelper Trojan Variant Reinstalls Itself After Removal, Infects 45K

A new xHelper Trojan dropper variant capable of reinstalling itself after being removed from compromised devices has infected more than 45,000 Android devices over the last six months. [...]

https://www.bleepingcomputer.com/news/security/xhelper-trojan-variant-reinstalls-itself-after-removal-infects-45k/

Microsoft Updates Windows 10 PowerToys with Batch Renamer Tool

Microsoft updated the open-source PowerToys toolset for Windows 10 with a new utility named PowerRename that will allow users to batch rename large file collections. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-updates-windows-10-powertoys-with-batch-renamer-tool/

Maze Ransomware Attacks Italy in New Email Campaign

The Maze Ransomware is conducting a new spam campaign that targets Italian users by pretending to be the country's Tax and Revenue Agency. [...]

https://www.bleepingcomputer.com/news/security/maze-ransomware-attacks-italy-in-new-email-campaign/

Windows 10 Build 19013 Out With New DirectX 12 Features for Insiders

Microsoft has released Windows 10 Insider Preview Build 19013 (20H1) to Insiders in the Fast ring, bringing new DirectX 12 features and a long list of changes, improvements, and fixes. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-build-19013-out-with-new-directx-12-features-for-insiders/

Ransomware Attack Causes 'District-Wide Shutdown'

A ransomware attack hitting Las Cruces Public Schools forced the district to shut down the entire computer system to contain the infection. [...]

https://www.bleepingcomputer.com/news/security/ransomware-attack-causes-district-wide-shutdown/

Chrome 78 Disables Code Integrity Check to Mitigate "Aw Snap!" Crashes

Google decided to temporarily disable the Code Integrity feature activated in Chrome as users report more "Aw Snap!" crashes caused by incompatible software on the system. [...]

https://www.bleepingcomputer.com/news/google/chrome-78-disables-code-integrity-check-to-mitigate-aw-snap-crashes/

World's First Domain Registrar Network Solutions Discloses Breach

World's first domain registrar Network Solutions disclosed a security breach that happened in late August 2019, and allowed a third-party to infiltrate some of the company's computing systems without authorization and potentially access some customers' personally identifiable information (PII). [...]

https://www.bleepingcomputer.com/news/security/worlds-first-domain-registrar-network-solutions-discloses-breach/

21 Million Logins for Top 500 Firms Offered on the Dark Web

A little over 21 million login credentials stolen from Fortune 500 companies have been found in various places on the dark web, many of them already cracked and available in plaintext form. [...]

https://www.bleepingcomputer.com/news/security/21-million-logins-for-top-500-firms-offered-on-the-dark-web/

Microsoft Users Hit with Phishing Kits Hosted on Thousands of Domains

Microsoft's users were the most targeted by phishing campaigns among the top targeted brands with attackers using a thousands of domains specifically registered to be used for harvesting credentials from their targets. [...]

https://www.bleepingcomputer.com/news/security/microsoft-users-hit-with-phishing-kits-hosted-on-thousands-of-domains/

Paradise Ransomware Decryptor Gets Your Files Back for Free

A decryptor for the Paradise Ransomware has been released by Emsisoft that allows victims to decrypt their files for free. [...]

https://www.bleepingcomputer.com/news/security/paradise-ransomware-decryptor-gets-your-files-back-for-free/

Microsoft Issues Workaround for Windows 10 User Creation IME Bug

Microsoft published a workaround to mitigate an issue preventing Windows 10 customers from creating local users when setting up a new Windows device using Input Method Editor (IME). [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-issues-workaround-for-windows-10-user-creation-ime-bug/

Bed Bath & Beyond Discloses Customer Login Credentials Breach

In a report for the Securities and Exchange Commission (SEC) on Tuesday, Bed Bath & Beyond retailer disclosed that an unauthorized party obtained login information for some of its customers. [...]

https://www.bleepingcomputer.com/news/security/bed-bath-and-beyond-discloses-customer-login-credentials-breach/

Fraudster Admits Role In Theft of Millions From Thousands of Army Members

Fredrick Brown, a former U.S. Army civilian medical records administrator, admitted on Tuesday to taking part in a fraud scheme that victimized thousands and allowed the fraudsters to steal millions mostly from elderly and disabled veterans. [...]

https://www.bleepingcomputer.com/news/security/fraudster-admits-role-in-theft-of-millions-from-thousands-of-army-members/

New Office 365 Phishing Scams Using Audio Voicemail Recordings

Ongoing phishing scams have been spotted targeting Microsoft Office 365 with partial audio voicemail messages to convince targets that they need to login to hear the full recording. [...]

https://www.bleepingcomputer.com/news/security/new-office-365-phishing-scams-using-audio-voicemail-recordings/

Phishing Campaign Targets Precision Engineering Company

Attackers have targeted precision companies in Italy with phishing that is difficult to spot. The final payload is a fileless trojan that harvests credentials.  [...]

https://www.bleepingcomputer.com/news/security/phishing-campaign-targets-precision-engineering-company/

New Gafgyt Variant Recruits Routers to DDoS Servers for Valve Games

A new version of Gafgyt botnet malware has been enlisting routers from Zyxel and Huawei, as well as devices with Realtek RTL81xx chipset, using them for denial-of-service (DoS) attacks against servers running the Valve Source engine. [...]

https://www.bleepingcomputer.com/news/security/new-gafgyt-variant-recruits-routers-to-ddos-servers-for-valve-games/

QSnatch Malware Infects Thousands of NAS Devices, Steals Credentials

Thousands of QNAP NAS devices are getting infected with a malware dubbed QSnatch that injects into their firmware and proceeds to steal credentials and load malicious code retrieved from its command and control (C2) servers. [...]

https://www.bleepingcomputer.com/news/security/qsnatch-malware-infects-thousands-of-nas-devices-steals-credentials/

Microsoft Warns of Windows Slow Startup Due to Persistent Memory

Microsoft acknowledged a new known issue impacting several Windows versions and leading to unexpectedly slow startups on computers configured to use persistent memory. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-windows-slow-startup-due-to-persistent-memory/