Malwarebytes 4.0 Released With New UI and Scanning Engine

Malwarebytes has released version 4.0 of their flagship antivirus product and with it comes a new scanning engine, a new user interface, threat statistics and more. [...]

https://www.bleepingcomputer.com/news/software/malwarebytes-40-released-with-new-ui-and-scanning-engine/

Chrome, Firefox to Hide Those Annoying Site Notification Prompts

Firefox and Chrome plan to hide those annoying browser notification prompts that ask you to subscribe to content when you visit many sites. Instead both browsers will display a small indicator that lets you know that a site offers notifications and you can decide if you wish to subscribe to them. [...]

https://www.bleepingcomputer.com/news/software/chrome-firefox-to-hide-those-annoying-site-notification-prompts/

Using Light Beams to Control Google, Apple, Amazon Assistants

Academic researchers found that certain microphones convert light to sound, allowing voice commands to be sent to voice-controlled (VC) devices like Google Home, Amazon Echo, Facebook Portal, smartphones, or tablets. [...]

https://www.bleepingcomputer.com/news/security/using-light-beams-to-control-google-apple-amazon-assistants/

Brooklyn Hospital Loses Patient Data In Ransomware Attack

A ransomware attack hitting several computer systems at the Brooklyn Hospital Center in New York caused permanent loss of some patient's data. [...]

https://www.bleepingcomputer.com/news/security/brooklyn-hospital-loses-patient-data-in-ransomware-attack/

WordPress Admins Infect Their Sites With WP-VCD via Pirated Plugins

WordPress sites have been the target of a highly active malicious campaign that infects them with a malware dubbed WP-VCD that hides in plain sight and quickly spreads to the entire website. [...]

https://www.bleepingcomputer.com/news/security/wordpress-admins-infect-their-sites-with-wp-vcd-via-pirated-plugins/

Tech Support Scammers Are Abusing a New Firefox Browser Lock Bug

Tech support scammers are actively exploiting a Firefox browser lock bug to persuade potential victims to call their fake Windows support line within 5 minutes to avoid having their systems disabled. [...]

https://www.bleepingcomputer.com/news/security/tech-support-scammers-are-abusing-a-new-firefox-browser-lock-bug/

New Megacortex Ransomware Changes Windows Passwords, Threatens to Publish Data

A new version of the MegaCortex Ransomware has been discovered that not only encrypts your files, but now changes the logged in user's password and threatens to publish the victim's files if they do not pay the ransom. [...]

https://www.bleepingcomputer.com/news/security/new-megacortex-ransomware-changes-windows-passwords-threatens-to-publish-data/

Microsoft Issues November 2019 Office Updates With Memory Leak Fix

Microsoft released the November 2019 non-security Microsoft Office updates that fix issues and add improvements to Windows Installer (MSI) editions of Office 2016. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-issues-november-2019-office-updates-with-memory-leak-fix/

Windows 10 Insider Build 19018 Released With New Quick Web Searches

Microsoft has released Windows 10 Insider Preview Build 19018 (20H1) to Insiders in the Fast ring, bringing new quick web searches to the Windows Search home as well as bug fixes and slight improvements to existing features. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-19018-released-with-new-quick-web-searches/

DarkUniverse APT Stayed Hidden for 8 Years, Updated Regularly

Security researchers today published technical details about malware used by a new threat actor that matches a signature in a scanner likely built by the U.S. National Security Agency and leaked more than two years ago. [...]

https://www.bleepingcomputer.com/news/security/darkuniverse-apt-stayed-hidden-for-8-years-updated-regularly/

Microsoft Defender ATP Gets Advanced Hunting Capabilities, More

Microsoft announced today that several new Threat & Vulnerability Management (TVM) capabilities will go into public preview for Microsoft Defender ATP customers including vulnerability Assessment (VA) support for Windows Servers, advanced hunting with vulnerability data, and automated analysis of remediation on user impact. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-atp-gets-advanced-hunting-capabilities-more/

DarkUniverse APT Stayed Hidden for 8 Years, Updated Regularly

Security researchers today published technical details about malware used by a new threat actor that matches a signature in a scanner likely built by the U.S. National Security Agency and leaked more than two years ago. [...]

https://www.bleepingcomputer.com/news/security/darkuniverse-apt-stayed-hidden-for-8-years-updated-regularly/

TrendMicro Employee Sold Customer Info to Tech Support Scammers

TrendMicro has an announced a security incident where an employee was stealing consumer customer information and selling it to a third-party to use in tech support scams. [...]

https://www.bleepingcomputer.com/news/security/trendmicro-employee-sold-customer-info-to-tech-support-scammers/

Subpoena Phishing Emails Serve Nasty Predator Thief Infection

Phishers have been spotted delivering subpoena-themed emails spoofed to look like they're coming from the UK Ministry of Justice and attempting to infect their targets with Predator the Thief information stealer malware payloads. [...]

https://www.bleepingcomputer.com/news/security/subpoena-phishing-emails-serve-nasty-predator-thief-infection/

Facebook Discloses Privacy Breach Caused by Groups API Bug

Facebook said that private group member information such as names and profile pictures might have been accessed by approximately 100 developers of primarily video streaming and social media management apps. [...]

https://www.bleepingcomputer.com/news/security/facebook-discloses-privacy-breach-caused-by-groups-api-bug/

Google Allies With Security Companies to Boost Play Store Safety

Google announced that it will join efforts with ESET, Lookout, and Zimperium to improve malicious Android app detection on submission before they get published on the Play Store are available for download. [...]

https://www.bleepingcomputer.com/news/security/google-allies-with-security-companies-to-boost-play-store-safety/

NVIDIA Fixes Security Flaws in GPU Driver, GeForce Experience

NVIDIA released security updates to fix 12 high and medium severity vulnerabilities in the Windows GPU display driver and the NVIDIA GeForce Experience (GFE) software. [...]

https://www.bleepingcomputer.com/news/security/nvidia-fixes-security-flaws-in-gpu-driver-geforce-experience/

Specially Crafted ZIP Files Used to Bypass Secure Email Gateways

Attackers are always looking for new tricks to distribute malware without them being detected by antivirus scanners and secure email gateways. This was illustrated in a new phishing campaign that utilized a specially crafted ZIP file that was designed to bypass secure email gateways to distribute the NanoCore RAT. [...]

https://www.bleepingcomputer.com/news/security/specially-crafted-zip-files-used-to-bypass-secure-email-gateways/

Legitimate TDS Platform Abused to Push Malware via Exploit Kits

Threat actors abused the legitimate Keitaro Traffic Direction System (TDS) to drive traffic to malware pushing RIG and Fallout exploit kits as part of both malvertising and malspam campaigns. [...]

https://www.bleepingcomputer.com/news/security/legitimate-tds-platform-abused-to-push-malware-via-exploit-kits/

Microsoft to Remove Downloads Folder from Disk Cleanup

Microsoft has decided to roll back its decision to add the Downloads folder to the Windows 10 Disk Cleanup program after receiving negative feedback from users. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-remove-downloads-folder-from-disk-cleanup/