Nigerian entrepreneur pleaded guilty to $11M Caterpillar fraud

Nigerian entrepreneur Obinwanne Okeke is facing 20 years in prison after pleading to conspiracy to commit wire fraud that caused US Fortune 100 corporation Caterpillar $11 million in losses as part of a business email compromise (BEC) fraud scheme. [...]

https://www.bleepingcomputer.com/news/security/nigerian-entrepreneur-pleaded-guilty-to-11m-caterpillar-fraud/

Microsoft Defender ATP now detects Windows 10 UEFI malware

Microsoft has announced that the enterprise Microsoft Defender Advanced Threat Protection (ATP) enterprise endpoint security platform is now capable of detecting and protecting customers from Unified Extensible Firmware Interface (UEFI) malware. [...]

https://www.bleepingcomputer.com/news/security/microsoft-defender-atp-now-detects-windows-10-uefi-malware/

Windows 10 Subsystem for Linux gets command line love, GPU support

Windows 10 users running insider builds got some treats from Microsoft this week with GPU support and new command-line options for the Windows Subsystem for Linux. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-subsystem-for-linux-gets-command-line-love-gpu-support/

The Week in Ransomware - June 19th 2020 - a quiet week

For the most part, it has been a quiet week with new variants of existing ransomware families being released. We also did not see too many large victims being disclosed and mostly updates of existing victims. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-19th-2020-a-quiet-week/

Discord modified to steal accounts by new NitroHack malware

New malware is being distributed that pretends to be a hack that gets you the premium Discord Nitro service for free but instead steals user tokens saved in the various browsers, credit card information, and then tries to spread it to others. [...]

https://www.bleepingcomputer.com/news/security/discord-modified-to-steal-accounts-by-new-nitrohack-malware/

New Google Chrome experiment warns of malicious and slow extensions

[...]

https://www.bleepingcomputer.com/news/security/new-google-chrome-experiment-warns-of-malicious-and-slow-extensions/

Hacker arrested for stealing, selling PII of 65K hospital employees

29-year-old Michigan man Justin Sean Johnson was arrested earlier this week for allegedly being behind the 2014 hack of the health care provider and insurer University of Pittsburgh Medical Center (UPMC), stealing the PII and W-2 information of over 65,000 employees, and selling it on the dark web. [...]

https://www.bleepingcomputer.com/news/security/hacker-arrested-for-stealing-selling-pii-of-65k-hospital-employees/

How to use Reset this PC to easily reinstall Windows 10

In this Windows 10 article, we'll guide you through the steps to reset and reinstall Windows 10 using Local Reinstall, Cloud Download, and Fresh Start. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-use-reset-this-pc-to-easily-reinstall-windows-10/

Ransomware operators lurk on your network after their attack

When a company suffers a ransomware attack, many victims feel that the attackers quickly deploy the ransomware and leave so they won't get caught. Unfortunately, the reality is much different as threat actors are not so quick to give up a resource that they worked so hard to control. [...]

https://www.bleepingcomputer.com/news/security/ransomware-operators-lurk-on-your-network-after-their-attack/

Malwarebytes causing performance issues in Windows 10 2004

Since the release of Windows 10 2004, users have been reporting performance issues and crashes when Malwarebytes 4.1 is installed. [...]

https://www.bleepingcomputer.com/news/microsoft/malwarebytes-causing-performance-issues-in-windows-10-2004/

Hackers use Google Analytics to steal credit cards, bypass CSP

Hackers are using Google's servers and the Google Analytics platform to steal credit card information submitted by customers of online stores. [...]

https://www.bleepingcomputer.com/news/security/hackers-use-google-analytics-to-steal-credit-cards-bypass-csp/

US govt to enforce HTTPS on new .gov sites starting September 1

Starting September 1, 2020, new .gov sites will only be accessible via HTTPS as they will automatically be preloaded according to an announcement made by the U.S. Government's DotGov Program today. [...]

https://www.bleepingcomputer.com/news/security/us-govt-to-enforce-https-on-new-gov-sites-starting-september-1/

BlueLeaks data dump exposes over 24 years of police records

In what is being referred to as 'BlueLeaks,' a group called Distributed Denial of Secrets (DDoSecrets) has released a 269 GB data dump containing 24 years worth of records from over 200 police departments. [...]

https://www.bleepingcomputer.com/news/security/blueleaks-data-dump-exposes-over-24-years-of-police-records/

BitDefender fixes bug allowing attackers to run commands remotely

Security solutions are designed to keep an organization safe, but that models crumble when that same software becomes a threat vector for the attackers to exploit. Such is the case with a new Bitdefender remote code execution vulnerability, dubbed CVE-2020-8102, lurking in its Safepay browser component. [...]

https://www.bleepingcomputer.com/news/security/bitdefender-fixes-bug-allowing-attackers-to-run-commands-remotely/

Microsoft says June 2020 updates break Outlook for some users

Microsoft says in a support document recently published that Outlook will fail to start for some users, automatically displaying an error prompting the users to repair some inbox files. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-says-june-2020-updates-break-outlook-for-some-users/

Microsoft rolls out new Edge to Windows 7 via Windows Update

Starting on June 17th, 2020, Microsoft has begun to roll out the KB4567409 update for Windows 7 that installs the new Chromium-based Microsoft Edge browser. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-new-edge-to-windows-7-via-windows-update/

Office 365 now checks docs for known threats before editing

Microsoft today announced the general availability of the Office 365 Safe Documents security feature which expands the protection provided by Protected View by checking untrusted documents for risks and known threats. [...]

https://www.bleepingcomputer.com/news/security/office-365-now-checks-docs-for-known-threats-before-editing/

Indiabulls Group hit by CLOP Ransomware, gets 24h leak deadline

Indian conglomerate Indiabulls Group has allegedly been hit with a cyberattack from the CLOP Ransomware operators who have leaked screenshots of stolen data. [...]

https://www.bleepingcomputer.com/news/security/indiabulls-group-hit-by-clop-ransomware-gets-24h-leak-deadline/

Ryuk ransomware deployed two weeks after Trickbot infection

Activity logs on a server used by the TrickBot trojan in post-compromise stages of an attack show that the actor takes an average of two weeks pivoting to valuable hosts on the network before deploying Ryuk ransomware. [...]

https://www.bleepingcomputer.com/news/security/ryuk-ransomware-deployed-two-weeks-after-trickbot-infection/

Twitter discloses billing info leak after 'data security incident'

Twitter has disclosed a 'Data Security Incident' that caused the billing information for Twitter advertisers to be stored in the browser's cache. This bug would have allowed other users on the computer to see this data. [...]

https://www.bleepingcomputer.com/news/security/twitter-discloses-billing-info-leak-after-data-security-incident/