Phishing attacks target US Payroll Protection Program Loans
With hundreds of thousands of small businesses in the USA anxiously awaiting news about their submitted Payroll Protection Program SBA loans, threat actors are sending phishing emails that prey on their anxiety to steal email accounts. [...]
https://www.bleepingcomputer.com/news/security/phishing-attacks-target-us-payroll-protection-program-loans/
With hundreds of thousands of small businesses in the USA anxiously awaiting news about their submitted Payroll Protection Program SBA loans, threat actors are sending phishing emails that prey on their anxiety to steal email accounts. [...]
https://www.bleepingcomputer.com/news/security/phishing-attacks-target-us-payroll-protection-program-loans/
BleepingComputer
Phishing attacks target US Payroll Protection Program Loans
With hundreds of thousands of small businesses in the USA anxiously awaiting news about their submitted Payroll Protection Program SBA loans, threat actors are sending phishing emails that prey on their anxiety to steal email accounts.
Phishing uses lay-off Zoom meeting alerts to steal credentials
Zoom users are targeted by a new phishing campaign that threatens those who work in corporate environments that they're contracts will either be suspended or terminated during a Zoom meeting. [...]
https://www.bleepingcomputer.com/news/security/phishing-uses-lay-off-zoom-meeting-alerts-to-steal-credentials/
Zoom users are targeted by a new phishing campaign that threatens those who work in corporate environments that they're contracts will either be suspended or terminated during a Zoom meeting. [...]
https://www.bleepingcomputer.com/news/security/phishing-uses-lay-off-zoom-meeting-alerts-to-steal-credentials/
BleepingComputer
Phishing uses lay-off Zoom meeting alerts to steal credentials
Zoom users are targeted by a new phishing campaign that threatens those who work in corporate environments that they're contracts will either be suspended or terminated during a Zoom meeting.
The Week in Ransomware - April 24th 2020 - High Profile Attacks
There was not a lot of new variants released this week, but we did have some news such as the ransomware attack on Cognizant, the leaking of data for a California city, and the continued attacks on hospitals. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-24th-2020-high-profile-attacks/
There was not a lot of new variants released this week, but we did have some news such as the ransomware attack on Cognizant, the leaking of data for a California city, and the continued attacks on hospitals. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-24th-2020-high-profile-attacks/
BleepingComputer
The Week in Ransomware - April 24th 2020 - High Profile Attacks
There was not a lot of new variants released this week, but we did have some news such as the ransomware attack on Cognizant, the leaking of data for a California city, and the continued attacks on hospitals.
Microsoft Edge: New feature and improvements coming soon
Microsoft's Chromium-based Edge browser was released in January to consumers and enterprises and new features, and Microsoft has been busy adding new features to the browser to make it stand out from Google Chrome. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-new-feature-and-improvements-coming-soon/
Microsoft's Chromium-based Edge browser was released in January to consumers and enterprises and new features, and Microsoft has been busy adding new features to the browser to make it stand out from Google Chrome. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-new-feature-and-improvements-coming-soon/
BleepingComputer
Microsoft Edge: New feature and improvements coming soon
Microsoft's Chromium-based Edge browser was released in January to consumers and enterprises and new features, and Microsoft has been busy adding new features to the browser to make it stand out from Google Chrome.
Ubuntu 20.04 LTS for Windows 10 Released on Microsoft Store
In their first Windows LTS release in two years, Canonical has released Ubuntu 20.04 for the Windows 10 Subsystem for Linux on the Microsoft Store. [...]
https://www.bleepingcomputer.com/news/linux/ubuntu-2004-lts-for-windows-10-released-on-microsoft-store/
In their first Windows LTS release in two years, Canonical has released Ubuntu 20.04 for the Windows 10 Subsystem for Linux on the Microsoft Store. [...]
https://www.bleepingcomputer.com/news/linux/ubuntu-2004-lts-for-windows-10-released-on-microsoft-store/
BleepingComputer
Ubuntu 20.04 LTS for Windows 10 Released on Microsoft Store
In their first Windows LTS release in two years, Canonical has released Ubuntu 20.04 for the Windows 10 Subsystem for Linux on the Microsoft Store.
WSLFetch creates colorful Windows 10 WSL Linux information
If you want to show off what Windows Subsystem for Linux distribution you are using in Windows 10, you can do so in style using the WSLFetch utility. [...]
https://www.bleepingcomputer.com/news/microsoft/wslfetch-creates-colorful-windows-10-wsl-linux-information/
If you want to show off what Windows Subsystem for Linux distribution you are using in Windows 10, you can do so in style using the WSLFetch utility. [...]
https://www.bleepingcomputer.com/news/microsoft/wslfetch-creates-colorful-windows-10-wsl-linux-information/
BleepingComputer
WSLFetch creates colorful Windows 10 WSL Linux information
If you want to show off what Windows Subsystem for Linux distribution you are using in Windows 10, you can do so in style using the WSLFetch utility.
Hackers exploit zero-day in Sophos XG Firewall, fix released
Sophos has fixed a zero-day SQL injection vulnerability in their XG Firewall after receiving reports that hackers actively exploited it in attacks. [...]
https://www.bleepingcomputer.com/news/security/hackers-exploit-zero-day-in-sophos-xg-firewall-fix-released/
Sophos has fixed a zero-day SQL injection vulnerability in their XG Firewall after receiving reports that hackers actively exploited it in attacks. [...]
https://www.bleepingcomputer.com/news/security/hackers-exploit-zero-day-in-sophos-xg-firewall-fix-released/
BleepingComputer
Hackers exploit zero-day in Sophos XG Firewall, fix released
Sophos has fixed a zero-day SQL injection vulnerability in their XG Firewall after receiving reports that hackers actively exploited it in attacks.
How to prevent new Windows 10 updates from ruining your day
Microsoft allows Windows 10 Home, Pro and Enterprise customers to control when and how Windows 10 installs monthly and half-yearly updates. If a driver or update causes problems, you can delay updates, you can uninstall it and block Windows from downloading it again. [...]
https://www.bleepingcomputer.com/news/microsoft/how-to-prevent-new-windows-10-updates-from-ruining-your-day/
Microsoft allows Windows 10 Home, Pro and Enterprise customers to control when and how Windows 10 installs monthly and half-yearly updates. If a driver or update causes problems, you can delay updates, you can uninstall it and block Windows from downloading it again. [...]
https://www.bleepingcomputer.com/news/microsoft/how-to-prevent-new-windows-10-updates-from-ruining-your-day/
BleepingComputer
How to prevent new Windows 10 updates from ruining your day
Microsoft allows Windows 10 Home, Pro and Enterprise customers to control when and how Windows 10 installs monthly and half-yearly updates. If a driver or update causes problems, you can delay updates, you can uninstall it and block Windows from downloadingβ¦
Microsoft Teams patched against image-based account takeover
After looking at how Microsoft Teams handles image resources, security researchers found a way to take over accounts by sending recipients a regular GIF. [...]
https://www.bleepingcomputer.com/news/security/microsoft-teams-patched-against-image-based-account-takeover/
After looking at how Microsoft Teams handles image resources, security researchers found a way to take over accounts by sending recipients a regular GIF. [...]
https://www.bleepingcomputer.com/news/security/microsoft-teams-patched-against-image-based-account-takeover/
BleepingComputer
Microsoft Teams patched against image-based account takeover
After looking at how Microsoft Teams handles image resources, security researchers found a way to take over accounts by sending recipients a regular GIF.
AsnarΓΆk malware exploits firewall zero-day to steal credentials
Some Sophos firewall products were attacked with a new Trojan malware, dubbed AsnarΓΆk by researchers cyber-security firm Sophos, to steal usernames and hashed passwords starting with April 22 according to an official timeline. [...]
https://www.bleepingcomputer.com/news/security/asnar-k-malware-exploits-firewall-zero-day-to-steal-credentials/
Some Sophos firewall products were attacked with a new Trojan malware, dubbed AsnarΓΆk by researchers cyber-security firm Sophos, to steal usernames and hashed passwords starting with April 22 according to an official timeline. [...]
https://www.bleepingcomputer.com/news/security/asnar-k-malware-exploits-firewall-zero-day-to-steal-credentials/
BleepingComputer
AsnarΓΆk malware exploits firewall zero-day to steal credentials
Some Sophos firewall products were attacked with a new Trojan malware, dubbed AsnarΓΆk by researchers cyber-security firm Sophos, to steal usernames and hashed passwords starting with April 22 according to an official timeline.
Shade Ransomware shuts down, releases 750K decryption keys
The operators behind the Shade Ransomware (Troldesh) have shut down their operations, released over 750,000 decryption keys, and apologized for the harm they caused their victims. [...]
https://www.bleepingcomputer.com/news/security/shade-ransomware-shuts-down-releases-750k-decryption-keys/
The operators behind the Shade Ransomware (Troldesh) have shut down their operations, released over 750,000 decryption keys, and apologized for the harm they caused their victims. [...]
https://www.bleepingcomputer.com/news/security/shade-ransomware-shuts-down-releases-750k-decryption-keys/
BleepingComputer
Shade Ransomware shuts down, releases 750K decryption keys
The operators behind the Shade Ransomware (Troldesh) have shut down their operations, released over 750,000 decryption keys, and apologized for the harm they caused their victims.
Microsoft investigating Windows 10 KB4549951 BSOD reports
Microsoft is investigating Bluetooth issues, failures to install, blue screen reports received from users who have installed or attempted to install the KB4549951 cumulative update released during this month's Patch Tuesday. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-investigating-windows-10-kb4549951-bsod-reports/
Microsoft is investigating Bluetooth issues, failures to install, blue screen reports received from users who have installed or attempted to install the KB4549951 cumulative update released during this month's Patch Tuesday. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-investigating-windows-10-kb4549951-bsod-reports/
BleepingComputer
Microsoft investigating Windows 10 KB4549951 BSOD reports
Microsoft is investigating Bluetooth issues, failures to install, blue screen reports received from users who have installed or attempted to install the KB4549951 cumulative update released during this month's Patch Tuesday.
Twitter kills SMS-based tweeting in most countries
Twitter announced today that it has turned off the Twitter via SMS service because of security concerns, a service which allowed the social network's users to tweet using text messages since its early beginnings. [...]
https://www.bleepingcomputer.com/news/security/twitter-kills-sms-based-tweeting-in-most-countries/
Twitter announced today that it has turned off the Twitter via SMS service because of security concerns, a service which allowed the social network's users to tweet using text messages since its early beginnings. [...]
https://www.bleepingcomputer.com/news/security/twitter-kills-sms-based-tweeting-in-most-countries/
BleepingComputer
Twitter kills SMS-based tweeting in most countries
Twitter announced today that it has turned off the Twitter via SMS service because of security concerns, a service which allowed the social network's users to tweet using text messages since its early beginnings.
WordPress plugin bug lets hackers create rogue admin accounts
WordPress owners are advised to secure their websites by updating the Real-Time Find and Replace plugin to prevent attackers from injecting malicious code into their sites by exploiting a Cross-Site Request Forgery flaw. [...]
https://www.bleepingcomputer.com/news/security/wordpress-plugin-bug-lets-hackers-create-rogue-admin-accounts/
WordPress owners are advised to secure their websites by updating the Real-Time Find and Replace plugin to prevent attackers from injecting malicious code into their sites by exploiting a Cross-Site Request Forgery flaw. [...]
https://www.bleepingcomputer.com/news/security/wordpress-plugin-bug-lets-hackers-create-rogue-admin-accounts/
BleepingComputer
WordPress plugin bug lets hackers create rogue admin accounts
WordPress owners are advised to secure their websites by updating the Real-Time Find and Replace plugin to prevent attackers from injecting malicious code into their sites by exploiting a Cross-Site Request Forgery flaw.
Fake Fedex and UPS delivery issues used in COVID-19 phishing
As people socially isolate and work from home, shopping online and home deliveries have increased. Scammers are capitalizing on this by creating new scams using Coronavirus delivery issues as a lure to get people to visit malicious links or open malware. [...]
https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
As people socially isolate and work from home, shopping online and home deliveries have increased. Scammers are capitalizing on this by creating new scams using Coronavirus delivery issues as a lure to get people to visit malicious links or open malware. [...]
https://www.bleepingcomputer.com/news/security/fake-fedex-and-ups-delivery-issues-used-in-covid-19-phishing/
BleepingComputer
Fake Fedex and UPS delivery issues used in COVID-19 phishing
As people socially isolate and work from home, shopping online and home deliveries have increased. Scammers are capitalizing on this by creating new scams using Coronavirus delivery issues as a lure to get people to visit malicious links or open malware.
Lucy malware for Android adds file-encryption for ransomware ops
A threat actor focusing on Android systems has expanded their malware-as-a-service (MaaS) business with file-encrypting capabilities for ransomware operations. [...]
https://www.bleepingcomputer.com/news/security/lucy-malware-for-android-adds-file-encryption-for-ransomware-ops/
A threat actor focusing on Android systems has expanded their malware-as-a-service (MaaS) business with file-encrypting capabilities for ransomware operations. [...]
https://www.bleepingcomputer.com/news/security/lucy-malware-for-android-adds-file-encryption-for-ransomware-ops/
BleepingComputer
Lucy malware for Android adds file-encryption for ransomware ops
A threat actor focusing on Android systems has expanded their malware-as-a-service (MaaS) business with file-encrypting capabilities for ransomware operations.
Hacking group used Google Play Store to push spyware for years
A malicious campaign dubbed PhantomLance has been targeting users of Android devices with spyware payloads embedded in applications delivered via multiple platforms including Google's Play Store and the alternative Android app store APKpure. [...]
https://www.bleepingcomputer.com/news/security/hacking-group-used-google-play-store-to-push-spyware-for-years/
A malicious campaign dubbed PhantomLance has been targeting users of Android devices with spyware payloads embedded in applications delivered via multiple platforms including Google's Play Store and the alternative Android app store APKpure. [...]
https://www.bleepingcomputer.com/news/security/hacking-group-used-google-play-store-to-push-spyware-for-years/
BleepingComputer
Hacking group used Google Play Store to push spyware for years
A malicious campaign dubbed PhantomLance has been targeting users of Android devices with spyware payloads embedded in applications delivered via multiple platforms including Google's Play Store and the alternative Android app store APKpure.
Microsoft releases guidance on blocking ransomware attacks
Microsoft warned today of ongoing human-operated ransomware campaigns targeting healthcare organizations and critical services, and shared tips on how to block new breaches by patching vulnerable internet-facing systems. [...]
https://www.bleepingcomputer.com/news/security/microsoft-releases-guidance-on-blocking-ransomware-attacks/
Microsoft warned today of ongoing human-operated ransomware campaigns targeting healthcare organizations and critical services, and shared tips on how to block new breaches by patching vulnerable internet-facing systems. [...]
https://www.bleepingcomputer.com/news/security/microsoft-releases-guidance-on-blocking-ransomware-attacks/
BleepingComputer
Microsoft releases guidance on blocking ransomware attacks
Microsoft warned today of ongoing human-operated ransomware campaigns targeting healthcare organizations and critical services, and shared tips on how to block new breaches by patching vulnerable internet-facing systems.
Adobe fixes critical vulnerabilities in Magento and Illustrator
Adobe has released security updates for Adobe Illustrator, Bridge, and Magento that fix numerous vulnerabilities, including ones that could allow remote code execution. [...]
https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-vulnerabilities-in-magento-and-illustrator/
Adobe has released security updates for Adobe Illustrator, Bridge, and Magento that fix numerous vulnerabilities, including ones that could allow remote code execution. [...]
https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-vulnerabilities-in-magento-and-illustrator/
BleepingComputer
Adobe fixes critical vulnerabilities in Magento and Illustrator
Adobe has released security updates for Adobe Illustrator, Bridge, and Magento that fix numerous vulnerabilities, including ones that could allow remote code execution.
Rogue affiliates are running fake antivirus expiration scams
Rogue security software affiliates are sending emails that falsely tell recipients that their antivirus software is expiring and then prompt them to renew their license so that the affiliate can earn a commission from the sale. [...]
https://www.bleepingcomputer.com/news/security/rogue-affiliates-are-running-fake-antivirus-expiration-scams/
Rogue security software affiliates are sending emails that falsely tell recipients that their antivirus software is expiring and then prompt them to renew their license so that the affiliate can earn a commission from the sale. [...]
https://www.bleepingcomputer.com/news/security/rogue-affiliates-are-running-fake-antivirus-expiration-scams/
BleepingComputer
Rogue affiliates are running fake antivirus expiration scams
Rogue security software affiliates are sending emails that falsely tell recipients that their antivirus software is expiring and then prompt them to renew their license so that the affiliate can earn a commission from the sale.