New GreyNoise free service alerts you when your devices get hacked

Cyber-security firm GreyNoise Intelligence ​​​​​​​today announced the launch of GreyNoise Alerts, a new free service that will automatically notify you via email when any devices on your organization's IP address range get hacked and start exhibiting potentially malicious behavior. [...]

https://www.bleepingcomputer.com/news/security/new-greynoise-free-service-alerts-you-when-your-devices-get-hacked/

SeaChange video platform allegedly hit by Sodinokibi ransomware

A video delivery platform company is the latest victim of the Sodinokibi Ransomware, who has posted images of data they claim to have stolen from the company during a cyberattack. [...]

https://www.bleepingcomputer.com/news/security/seachange-video-platform-allegedly-hit-by-sodinokibi-ransomware/

Windows 10 KB4549951 update fails to install, causes BSODs

The Windows 10 KB4549951 ​​​​​​​cumulative update is reportedly failing to install and is causing blue screens of death (BSOD) after installation reboots, among other issues, according to user reports. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4549951-update-fails-to-install-causes-bsods/

Phishing spoofs US Federal Reserve to steal online bank accounts

Scammers have been sending out emails that impersonate the U.S. Federal reserve and lure recipients with financial relief options through the Payment Protection Program. [...]

https://www.bleepingcomputer.com/news/security/phishing-spoofs-us-federal-reserve-to-steal-online-bank-accounts/

400.000 US, South Korean card records put up for sale online

Details on roughly 400,000 payment cards related to US and South Korean financial organizations and banks are currently up for sale on Joker's Stash, the largest and most popular carding shop on the Internet. [...]

https://www.bleepingcomputer.com/news/security/400000-us-south-korean-card-records-put-up-for-sale-online/

US universities targeted with malware used by state-backed actors

Faculty and students at several U.S. colleges and universities were targeted in phishing attacks with a remote access Trojan (RAT) previously used by Chinese state-sponsored threat actors. [...]

https://www.bleepingcomputer.com/news/security/us-universities-targeted-with-malware-used-by-state-backed-actors/

BazarBackdoor: TrickBot gang’s new stealthy network-hacking malware

A new phishing campaign is delivering a new stealthy backdoor from the developers of TrickBot that is used to compromise and gain full access to corporate networks. [...]

https://www.bleepingcomputer.com/news/security/bazarbackdoor-trickbot-gang-s-new-stealthy-network-hacking-malware/

Researchers: 30,000% increase in pandemic-related threats

An increase of 30,000% in pandemic-related malicious attacks and malware was seen in March by security researchers at cloud security firm Zscaler when compared to the beginning of 2020 when the first threats started using COVID-19-related lures and themes. [...]

https://www.bleepingcomputer.com/news/security/researchers-30-000-percent-increase-in-pandemic-related-threats/

Phishing attacks target US Payroll Protection Program Loans

With hundreds of thousands of small businesses in the USA anxiously awaiting news about their submitted Payroll Protection Program SBA loans, threat actors are sending phishing emails that prey on their anxiety to steal email accounts. [...]

https://www.bleepingcomputer.com/news/security/phishing-attacks-target-us-payroll-protection-program-loans/

Phishing uses lay-off Zoom meeting alerts to steal credentials

Zoom users are targeted by a new phishing campaign that threatens those who work in corporate environments that they're contracts will either be suspended or terminated during a Zoom meeting. [...]

https://www.bleepingcomputer.com/news/security/phishing-uses-lay-off-zoom-meeting-alerts-to-steal-credentials/

The Week in Ransomware - April 24th 2020 - High Profile Attacks

There was not a lot of new variants released this week, but we did have some news such as the ransomware attack on Cognizant, the leaking of data for a California city, and the continued attacks on hospitals. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-24th-2020-high-profile-attacks/

Microsoft Edge: New feature and improvements coming soon

Microsoft's Chromium-based Edge browser was released in January to consumers and enterprises and new features, and Microsoft has been busy adding new features to the browser to make it stand out from Google Chrome. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-new-feature-and-improvements-coming-soon/

Ubuntu 20.04 LTS for Windows 10 Released on Microsoft Store

In their first Windows LTS release in two years, Canonical has released Ubuntu 20.04 for the Windows 10 Subsystem for Linux on the Microsoft Store.  [...]

https://www.bleepingcomputer.com/news/linux/ubuntu-2004-lts-for-windows-10-released-on-microsoft-store/

WSLFetch creates colorful Windows 10 WSL Linux information

If you want to show off what Windows Subsystem for Linux distribution you are using in Windows 10, you can do so in style using the WSLFetch utility. [...]

https://www.bleepingcomputer.com/news/microsoft/wslfetch-creates-colorful-windows-10-wsl-linux-information/

Hackers exploit zero-day in Sophos XG Firewall, fix released

Sophos has fixed a zero-day SQL injection vulnerability in their XG Firewall after receiving reports that hackers actively exploited it in attacks. [...]

https://www.bleepingcomputer.com/news/security/hackers-exploit-zero-day-in-sophos-xg-firewall-fix-released/

How to prevent new Windows 10 updates from ruining your day

Microsoft allows Windows 10 Home, Pro and Enterprise customers to control when and how Windows 10 installs monthly and half-yearly updates. If a driver or update causes problems, you can delay updates, you can uninstall it and block Windows from downloading it again. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-prevent-new-windows-10-updates-from-ruining-your-day/

Microsoft Teams patched against image-based account takeover

After looking at how Microsoft Teams handles image resources, security researchers found a way to take over accounts by sending recipients a regular GIF. [...]

https://www.bleepingcomputer.com/news/security/microsoft-teams-patched-against-image-based-account-takeover/

Asnarök malware exploits firewall zero-day to steal credentials

Some Sophos firewall products were attacked with a new Trojan malware, dubbed Asnarök by researchers cyber-security firm Sophos, to steal usernames and hashed passwords starting with April 22 according to an official timeline. [...]

https://www.bleepingcomputer.com/news/security/asnar-k-malware-exploits-firewall-zero-day-to-steal-credentials/

Shade Ransomware shuts down, releases 750K decryption keys

The operators behind the Shade Ransomware (Troldesh) have shut down their operations, released over 750,000 decryption keys, and apologized for the harm they caused their victims. [...]

https://www.bleepingcomputer.com/news/security/shade-ransomware-shuts-down-releases-750k-decryption-keys/

Microsoft investigating Windows 10 KB4549951 BSOD reports

Microsoft is investigating Bluetooth issues, failures to install, blue screen reports received from users who have installed or attempted to install the KB4549951 cumulative update released during this month's Patch Tuesday. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-investigating-windows-10-kb4549951-bsod-reports/