Nemty Ransomware Actively Distributed via 'Love Letter' Spam

Security researchers have spotted an ongoing malspam campaign using emails disguised as messages from secret lovers to deliver Nemty Ransomware payloads on the computers of potential victims. [...]

https://www.bleepingcomputer.com/news/security/nemty-ransomware-actively-distributed-via-love-letter-spam/

As Coronavirus Spreads, So Does Covid-19 Themed Malware

Threat actors are still taking advantage of the ongoing COVID-19 global outbreak by attempting to drop Remcos RAT and malware payloads on their targets' computers via malicious files that promise to provide Coronavirus safety measures. [...]

https://www.bleepingcomputer.com/news/security/as-coronavirus-spreads-so-does-covid-19-themed-malware/

Windows 10 2004 Is Coming, Released to Enterprise for Testing

The Windows 10 2004 feature update is coming soon with Microsoft releasing the latest version to the enterprise for testing via the Windows Server Update Service (WSUS). [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-2004-is-coming-released-to-enterprise-for-testing/

Microsoft Edge Now Lets You Block Potentially Unwanted Programs

Microsoft announced today that starting with Microsoft Edge 80.0.338.0 users will be able to have potentially unwanted applications (PUAs) automatically blocked from downloading. [...]

https://www.bleepingcomputer.com/news/security/microsoft-edge-now-lets-you-block-potentially-unwanted-programs/

Windows 10 KB4535996 Update Fixes Search, Printing Issues

Microsoft has released the KB4535996 cumulative update for Windows 10 1903 and Windows 10 1909 that introduces a variety of quality improvements and bug fixes. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4535996-update-fixes-search-printing-issues/

49 Million Unique Emails Exposed Due to Mishandled Credentials

An Israeli marketing firm exposed 49 million unique email addresses after mishandling authentication credentials for an Elasticsearch database, that were sitting in plain text on an unprotected web server. [...]

https://www.bleepingcomputer.com/news/security/49-million-unique-emails-exposed-due-to-mishandled-credentials/

Sodinokibi Ransomware Posts Alleged Data of Kenneth Cole Fashion Giant

The operators behind Sodinokibi Ransomware published download links to files containing what they claim is financial and work documents, as well as customers' personal data stolen from giant U.S. fashion house Kenneth Cole Productions. [...]

https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-posts-alleged-data-of-kenneth-cole-fashion-giant/

Critical Bugs in WordPress Plugins Let Hackers Take Over Sites

Hackers are attempting to take over tens of thousands of sites by exploiting critical WordPress plugin vulnerabilities that allow them to create rogue administrator​​​ accounts and to plant backdoors. [...]

https://www.bleepingcomputer.com/news/security/critical-bugs-in-wordpress-plugins-let-hackers-take-over-sites/

Hackers Use Windows 10 RDP ActiveX Control to Run Griffon Backdoor

The FIN7 group of financially-motivated hackers is using the remote desktop ActiveX control in Word documents to automatically execute the Griffon backdoor on Windows 10. [...]

https://www.bleepingcomputer.com/news/security/hackers-use-windows-10-rdp-activex-control-to-run-griffon-backdoor/

NVIDIA Fixes High Severity Flaw in Windows GPU Display Driver

NVIDIA has released a GPU display driver security update today, February 28, 2020, that fixes high and medium severity vulnerabilities that might lead to code execution, local escalation of privileges, information disclosure, and denial of service on unpatched Windows computers. [...]

https://www.bleepingcomputer.com/news/security/nvidia-fixes-high-severity-flaw-in-windows-gpu-display-driver/

How to Clean Install Windows 10 2004 Before Official Release

Windows users can now perform a clean install of the upcoming Windows 10 2004 feature update before its officially released by using ISO disk images that can be downloaded from the Windows 10 Insider site. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-clean-install-windows-10-2004-before-official-release/

US Railroad Contractor Reports Data Breach After Ransomware Attack

RailWorks Corporation, one of North America's leading railroad track and transit system providers, disclosed a ransomware attack that led to the exposure of personally identifiable information of current and former employees, their beneficiaries and dependents, as well as that of independent contractors. [...]

https://www.bleepingcomputer.com/news/security/us-railroad-contractor-reports-data-breach-after-ransomware-attack/

The Week in Ransomware - February 28th 2020 - Data Leaks Everywhere

Over the past two weeks, we continue to see small towns, fire departments, hospitals, and companies being attacked by ransomware. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-28th-2020-data-leaks-everywhere/

Hiding Windows File Extensions is a Security Risk, Enable Now

Microsoft hides file extensions in Windows by default even though it's a security risk that is commonly abused by phishing emails and malware distributors to trick people into opening malicious files. [...]

https://www.bleepingcomputer.com/news/microsoft/hiding-windows-file-extensions-is-a-security-risk-enable-now/

Chrome and Firefox Extension Lets You View Deleted Web Pages

If you ever browsed the web and were disappointed when a page you were looking for no longer existed, you can use a Google Chrome and Mozilla Firefox browser extension to automatically retrieve the deleted pages from Archive.org. [...]

https://www.bleepingcomputer.com/news/software/chrome-and-firefox-extension-lets-you-view-deleted-web-pages/

How to Pause Windows 10 Automatic Updates To Avoid Critical Bugs

Windows 10 Home, Pro and Enterprise allow users to pause updates via the Settings, Group Policy and Registry to avoid reported critical bugs or compatibility issues in new updates. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-pause-windows-10-automatic-updates-to-avoid-critical-bugs/

New Evasion Encyclopedia Shows How Malware Detects Virtual Machines

A new Malware Evasion Encyclopedia has been launched that offers insight into the various methods malware uses to detect if it is running under a virtual environment. [...]

https://www.bleepingcomputer.com/news/security/new-evasion-encyclopedia-shows-how-malware-detects-virtual-machines/

Windows 10 1909 Starts Getting Microsoft's New Fluent Icons

Ahead of schedule, Microsoft has started rolling out some of the new Fluent system icons to users running Windows 10 1909. [...]

https://www.bleepingcomputer.com/news/security/windows-10-1909-starts-getting-microsofts-new-fluent-icons/

US Drugstore Giant Walgreens Leaked Users' Sensitive Info

US drugstore chain giant Walgreens disclosed over the weekend that some of its mobile apps' users have been able to inadvertently access other users' sensitive information because of a bug.  [...]

https://www.bleepingcomputer.com/news/security/us-drugstore-giant-walgreens-leaked-users-sensitive-info/

Active Scans for Apache Tomcat Ghostcat Vulnerability Detected, Patch Now

Ongoing scans for Apache Tomcat servers unpatched against the Ghostcat vulnerability that allows potential attackers to take over servers have been detected over the weekend. [...]

https://www.bleepingcomputer.com/news/security/active-scans-for-apache-tomcat-ghostcat-vulnerability-detected-patch-now/