Numerous sites leak user emails to advertising, analytics services
Multiple online services and products are leaking email data belonging to their users to third-party advertising and analytics companies, shows a recent research published today. [...]
https://www.bleepingcomputer.com/news/security/numerous-sites-leak-user-emails-to-advertising-analytics-services/
Multiple online services and products are leaking email data belonging to their users to third-party advertising and analytics companies, shows a recent research published today. [...]
https://www.bleepingcomputer.com/news/security/numerous-sites-leak-user-emails-to-advertising-analytics-services/
BleepingComputer
Numerous sites leak user emails to advertising, analytics services
Multiple online services and products are leaking email data belonging to their users to third-party advertising and analytics companies, shows a recent research published today.
Microsoft releases Windows 10 Build 19619 with freeze fixes
Microsoft has released Windows 10 Insider Preview Build 19619 to Insiders in the Fast ring with fixes for frequent freezes on some systems, music controls to the Your Phone app, and quick access to COVID-19 info from search. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-build-19619-with-freeze-fixes/
Microsoft has released Windows 10 Insider Preview Build 19619 to Insiders in the Fast ring with fixes for frequent freezes on some systems, music controls to the Your Phone app, and quick access to COVID-19 info from search. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-build-19619-with-freeze-fixes/
BleepingComputer
Microsoft releases Windows 10 Build 19619 with freeze fixes
Microsoft has released Windows 10 Insider Preview Build 19619 to Insiders in the Fast ring with fixes for frequent freezes on some systems, music controls to the Your Phone app, and quick access to COVID-19 info from search.
Windows 10 Search now gives easy access to COVID-19 info
Windows 10 is now making it easier to access the latest Coronavirus information via new buttons show in Windows Search. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-search-now-gives-easy-access-to-covid-19-info/
Windows 10 is now making it easier to access the latest Coronavirus information via new buttons show in Windows Search. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-search-now-gives-easy-access-to-covid-19-info/
BleepingComputer
Windows 10 Search now gives easy access to COVID-19 info
Windows 10 is now making it easier to access the latest Coronavirus information via new buttons show in Windows Search.
Google updates Chrome Web Store policy to block extension spam
Google today updated the Chrome Web Store's spam policy to block extension spam so that users can have a real chance to avoid potentially malicious extensions while sifting through 200,000 add-ons available in the store. [...]
https://www.bleepingcomputer.com/news/security/google-updates-chrome-web-store-policy-to-block-extension-spam/
Google today updated the Chrome Web Store's spam policy to block extension spam so that users can have a real chance to avoid potentially malicious extensions while sifting through 200,000 add-ons available in the store. [...]
https://www.bleepingcomputer.com/news/security/google-updates-chrome-web-store-policy-to-block-extension-spam/
BleepingComputer
Google updates Chrome Web Store policy to block extension spam
Google today updated the Chrome Web Store's spam policy to block extension spam so that users can have a real chance to avoid potentially malicious extensions while sifting through 200,000 add-ons available in the store.
US govt updates Microsoft Office 365 security best practices
The Cybersecurity and Infrastructure Security Agency (CISA) today issued an update to its Microsoft Office 365 security best practices as part of an alert distributed via the US National Cyber Awareness System. [...]
https://www.bleepingcomputer.com/news/security/us-govt-updates-microsoft-office-365-security-best-practices/
The Cybersecurity and Infrastructure Security Agency (CISA) today issued an update to its Microsoft Office 365 security best practices as part of an alert distributed via the US National Cyber Awareness System. [...]
https://www.bleepingcomputer.com/news/security/us-govt-updates-microsoft-office-365-security-best-practices/
BleepingComputer
US govt updates Microsoft Office 365 security best practices
The Cybersecurity and Infrastructure Security Agency (CISA) today issued an update to its Microsoft Office 365 security best practices as part of an alert distributed via the US National Cyber Awareness System.
Bugs in WordPress plugins for online courses let students cheat
Popular WordPress plugins for creating learning management systems (LMS) are rife with vulnerabilities that can be exploited to take control of the platform, get test answers, and modify grades. [...]
https://www.bleepingcomputer.com/news/security/bugs-in-wordpress-plugins-for-online-courses-let-students-cheat/
Popular WordPress plugins for creating learning management systems (LMS) are rife with vulnerabilities that can be exploited to take control of the platform, get test answers, and modify grades. [...]
https://www.bleepingcomputer.com/news/security/bugs-in-wordpress-plugins-for-online-courses-let-students-cheat/
BleepingComputer
Bugs in WordPress plugins for online courses let students cheat
Popular WordPress plugins for creating learning management systems (LMS) are rife with vulnerabilities that can be exploited to take control of the platform, get test answers, and modify grades.
Clop ransomware leaks ExecuPharm's files after failed ransom
Clop ransomware leaked files stolen from U.S pharmaceutical company ExecuPharm after ransom negotiations allegedly failed. [...]
https://www.bleepingcomputer.com/news/security/clop-ransomware-leaks-execupharms-files-after-failed-ransom/
Clop ransomware leaked files stolen from U.S pharmaceutical company ExecuPharm after ransom negotiations allegedly failed. [...]
https://www.bleepingcomputer.com/news/security/clop-ransomware-leaks-execupharms-files-after-failed-ransom/
BleepingComputer
Clop ransomware leaks ExecuPharm's files after failed ransom
Clop ransomware leaked files stolen from U.S pharmaceutical company ExecuPharm after ransom negotiations allegedly failed.
Microsoft Sway abused in PerSwaysion spear-phishing operation
Multiple threat actors running phishing attacks on corporate targets have been counting on Microsoft Sway service to trick victims into giving their Office 365 login credentials. [...]
https://www.bleepingcomputer.com/news/security/microsoft-sway-abused-in-perswaysion-spear-phishing-operation/
Multiple threat actors running phishing attacks on corporate targets have been counting on Microsoft Sway service to trick victims into giving their Office 365 login credentials. [...]
https://www.bleepingcomputer.com/news/security/microsoft-sway-abused-in-perswaysion-spear-phishing-operation/
BleepingComputer
Microsoft Sway abused in PerSwaysion spear-phishing operation
Multiple threat actors running phishing attacks on corporate targets have been counting on Microsoft Sway service to trick victims into giving their Office 365 login credentials.
New Android malware steals financial information, bypasses 2FA
A new banking Trojan can steal financial information from Android users across the United States and several European countries, including the UK, Germany, Italy, Spain, Switzerland, and France. [...]
https://www.bleepingcomputer.com/news/security/new-android-malware-steals-financial-information-bypasses-2fa/
A new banking Trojan can steal financial information from Android users across the United States and several European countries, including the UK, Germany, Italy, Spain, Switzerland, and France. [...]
https://www.bleepingcomputer.com/news/security/new-android-malware-steals-financial-information-bypasses-2fa/
BleepingComputer
New Android malware steals financial information, bypasses 2FA
A new banking Trojan can steal financial information from Android users across the United States and several European countries, including the UK, Germany, Italy, Spain, Switzerland, and France.
Shade Ransomware Decryptor can now decrypt over 750K victims
Kaspersky has released an updated decryptor for the Shade Ransomware (Troldesh) that allows all victims who have their files encrypted to recover them for free. [...]
https://www.bleepingcomputer.com/news/security/shade-ransomware-decryptor-can-now-decrypt-over-750k-victims/
Kaspersky has released an updated decryptor for the Shade Ransomware (Troldesh) that allows all victims who have their files encrypted to recover them for free. [...]
https://www.bleepingcomputer.com/news/security/shade-ransomware-decryptor-can-now-decrypt-over-750k-victims/
BleepingComputer
Shade Ransomware Decryptor can now decrypt over 750K victims
Kaspersky has released an updated decryptor for the Shade Ransomware (Troldesh) that allows all victims who have their files encrypted to recover them for free.
Ninja Forms WordPress plugin patch prevents takeover of 1M sites
The developers of Ninja Forms, a WordPress plugin with more than 1 million installations, have fixed a high severity security vulnerability that can let attackers inject malicious code and take over websites using an unpatched version of the plugin. [...]
https://www.bleepingcomputer.com/news/security/ninja-forms-wordpress-plugin-patch-prevents-takeover-of-1m-sites/
The developers of Ninja Forms, a WordPress plugin with more than 1 million installations, have fixed a high severity security vulnerability that can let attackers inject malicious code and take over websites using an unpatched version of the plugin. [...]
https://www.bleepingcomputer.com/news/security/ninja-forms-wordpress-plugin-patch-prevents-takeover-of-1m-sites/
BleepingComputer
Ninja Forms WordPress plugin patch prevents takeover of 1M sites
The developers of Ninja Forms, a WordPress plugin with more than 1 million installations, have fixed a high severity security vulnerability that can let attackers inject malicious code and take over websites using an unpatched version of the plugin.
US govt agencies to disable DoH until federal service is ready
US government agencies' chief information officers were recommended to disable third-party encrypted DNS services until an official DNS resolution service with DNS over HTTPS (DoH) and DNS over TLS (DoT) support is ready. [...]
https://www.bleepingcomputer.com/news/security/us-govt-agencies-to-disable-doh-until-federal-service-is-ready/
US government agencies' chief information officers were recommended to disable third-party encrypted DNS services until an official DNS resolution service with DNS over HTTPS (DoH) and DNS over TLS (DoT) support is ready. [...]
https://www.bleepingcomputer.com/news/security/us-govt-agencies-to-disable-doh-until-federal-service-is-ready/
BleepingComputer
US govt agencies to disable DoH until federal service is ready
US government agencies' chief information officers were recommended to disable third-party encrypted DNS services until an official DNS resolution service with DNS over HTTPS (DoH) and DNS over TLS (DoT) support is ready.
Hackers say they stole millions of credit cards from Banco BCR
Hackers claim to have gained access to the network of Banco BCR, the state-owned Bank of Costa Rica, and stolen 11 million credit card credentials along with other data. [...]
https://www.bleepingcomputer.com/news/security/hackers-say-they-stole-millions-of-credit-cards-from-banco-bcr/
Hackers claim to have gained access to the network of Banco BCR, the state-owned Bank of Costa Rica, and stolen 11 million credit card credentials along with other data. [...]
https://www.bleepingcomputer.com/news/security/hackers-say-they-stole-millions-of-credit-cards-from-banco-bcr/
BleepingComputer
Hackers say they stole millions of credit cards from Banco BCR
Hackers claim to have gained access to the network of Banco BCR, the state-owned Bank of Costa Rica, and stolen 11 million credit card credentials along with other data.
French daily Le Figaro database exposes usersβ personal info
French daily newspaper Le Figaro exposed roughly 7.4 billion records containing personally identifiable information (PII) of reporters and employees, as well as of at least 42,000 users. [...]
https://www.bleepingcomputer.com/news/security/french-daily-le-figaro-database-exposes-users-personal-info/
French daily newspaper Le Figaro exposed roughly 7.4 billion records containing personally identifiable information (PII) of reporters and employees, as well as of at least 42,000 users. [...]
https://www.bleepingcomputer.com/news/security/french-daily-le-figaro-database-exposes-users-personal-info/
BleepingComputer
French daily Le Figaro database exposes usersβ personal info
French daily newspaper Le Figaro exposed roughly 7.4 billion records containing personally identifiable information (PII) of reporters and employees, as well as of at least 42,000 users.
Convincing Office 365 phishing uses fake Microsoft Teams alerts
A highly convincing phishing campaign is using cloned imagery from automated Microsoft Teams notifications in attacks that attempt to harvest Office 365 credentials. [...]
https://www.bleepingcomputer.com/news/security/convincing-office-365-phishing-uses-fake-microsoft-teams-alerts/
A highly convincing phishing campaign is using cloned imagery from automated Microsoft Teams notifications in attacks that attempt to harvest Office 365 credentials. [...]
https://www.bleepingcomputer.com/news/security/convincing-office-365-phishing-uses-fake-microsoft-teams-alerts/
BleepingComputer
Convincing Office 365 phishing uses fake Microsoft Teams alerts
A highly convincing phishing campaign is using cloned imagery from automated Microsoft Teams notifications in attacks that attempt to harvest Office 365 credentials.
New phishing campaign packs an info-stealer, ransomware punch
A new phishing campaign is distributing a double-punch of a LokiBot information-stealing malware along with a second payload in the form of the Jigsaw Ransomware. [...]
https://www.bleepingcomputer.com/news/security/new-phishing-campaign-packs-an-info-stealer-ransomware-punch/
A new phishing campaign is distributing a double-punch of a LokiBot information-stealing malware along with a second payload in the form of the Jigsaw Ransomware. [...]
https://www.bleepingcomputer.com/news/security/new-phishing-campaign-packs-an-info-stealer-ransomware-punch/
BleepingComputer
New phishing campaign packs an info-stealer, ransomware punch
A new phishing campaign is distributing a double-punch of a LokiBot information-stealing malware along with a second payload in the form of the Jigsaw Ransomware.
Hackers breach companyβs MDM server to spread Android malware
Attackers infected more than 75% of a multinational conglomerate's managed Android devices with the Cerberus banking trojan using the company's compromised Mobile Device Manager (MDM) server. [...]
https://www.bleepingcomputer.com/news/security/hackers-breach-company-s-mdm-server-to-spread-android-malware/
Attackers infected more than 75% of a multinational conglomerate's managed Android devices with the Cerberus banking trojan using the company's compromised Mobile Device Manager (MDM) server. [...]
https://www.bleepingcomputer.com/news/security/hackers-breach-company-s-mdm-server-to-spread-android-malware/
BleepingComputer
Hackers breach companyβs MDM server to spread Android malware
Attackers infected more than 75% of a multinational conglomerate's managed Android devices with the Cerberus banking trojan using the company's compromised Mobile Device Manager (MDM) server.
FCC: No more warnings for robocallers before fines
The US Federal Communications Commission (FCC) today issued an order saying that it will no longer warn robocallers before fining them for harassing consumers and violating the law. [...]
https://www.bleepingcomputer.com/news/security/fcc-no-more-warnings-for-robocallers-before-fines/
The US Federal Communications Commission (FCC) today issued an order saying that it will no longer warn robocallers before fining them for harassing consumers and violating the law. [...]
https://www.bleepingcomputer.com/news/security/fcc-no-more-warnings-for-robocallers-before-fines/
BleepingComputer
FCC: No more warnings for robocallers before fines
The US Federal Communications Commission (FCC) today issued an order saying that it will no longer warn robocallers before fining them for harassing consumers and violating the law.
The Week in Ransomware - May 1st 2020 - Banishing the Shade
For the victims of the Shade Ransomware, otherwise known as Troldesh, this was an excellent week as the threat actors released over 750,000 decryption keys for their victims. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-1st-2020-banishing-the-shade/
For the victims of the Shade Ransomware, otherwise known as Troldesh, this was an excellent week as the threat actors released over 750,000 decryption keys for their victims. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-1st-2020-banishing-the-shade/
BleepingComputer
The Week in Ransomware - May 1st 2020 - Banishing the Shade
For the victims of the Shade Ransomware, otherwise known as Troldesh, this was an excellent week as the threat actors released over 750,000 decryption keys for their victims.
Microsoft Edge getting improved security, work at home features
Microsoft is testing a new version of Edge with Insiders and it comes with multiple new features including improved SmartScreen support. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-getting-improved-security-work-at-home-features/
Microsoft is testing a new version of Edge with Insiders and it comes with multiple new features including improved SmartScreen support. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-getting-improved-security-work-at-home-features/
BleepingComputer
Microsoft Edge getting improved security, work at home features
Microsoft is testing a new version of Edge with Insiders and it comes with multiple new features including improved SmartScreen support.