Category: BleepingComputer

Read the original article: Bypassing Windows 10 UAC with mock folders and DLL hijacking A new technique uses a simplified process of  DLL hijacking and mock directories to bypass Windows 10’s UAC security feature and run elevated commands without alerting…

Read more →

Read the original article: Canadian MSP discloses data breach, failed ransomware attack Managed service provider Pivot Technology Solutions has disclosed that it was the victim of a ransomware attack that resulted with sensitive information being accessed by the hackers. (6f4c434995edef0548165457c4d90ce3)[…]…

Read more →

Read the original article: Hackers stole Twitter employee credentials via phone phishing Twitter today said that the attackers behind this month’s hack were able to take control of high-profile accounts after stealing Twitter employees’ credentials as part of a phone…

Read more →

Read the original article: Linux warning: TrickBot malware is now infecting your systems TrickBot’s Anchor malware platform has been ported to infect Linux devices and compromise further high-impact and high-value targets using covert channels. (47a9275c481dbf25e49cf753f7102ec1)[…]   Advertise on IT Security…

Read more →

Read the original article: KDE archive tool flaw let hackers take over Linux accounts A vulnerability exists in the default KDE extraction utility called ARK that allows attackers to overwrite files or execute code on victim’s computers simply by tricking them into downloading…

Read more →

Read the original article: Office 365 phishing abuses Google Ads to bypass email filters An Office 365 phishing campaign abused Google Ads to bypass secure email gateways (SEGs), redirecting employees of targeted organizations to phishing landing pages and stealing their Microsoft credentials.…

Read more →

Read the original article: EU sanctions Russian espionage unit, Chinese and North Korean firms The Council of the European Union today announced sanctions imposed on a Russian military espionage unit, as well as on front companies for Chinese and North Korean…

Read more →

Read the original article: US defense contractors targeted by North Korean phishing attacks Employees of U.S. defense and aerospace contractors were targeted in a large scale spear-phishing campaign between early April and mid-June 2020 in a series of phishing attacks designed to…

Read more →

Read the original article: Startups disclose data breaches after massive 386M records leak Startups have begun to disclose data breaches after a massive leak of stolen databases was published on a hacker forum this month. (47a9275c481dbf25e49cf753f7102ec1)[…]   Advertise on IT…

Read more →

Read the original article: Firefox 79 released with new Lockwise password export feature Mozilla has released Firefox 79 on July 28th, 2020, to the Stable desktop channel for Windows, macOS, and Linux with minor improvements and bug fixes. This is…

Read more →

Read the original article: TrickBot’s new Linux malware covertly infects Windows devices TrickBot’s Anchor malware platform has been ported to infect Linux devices and compromise further high-impact and high-value targets using covert channels. (47a9275c481dbf25e49cf753f7102ec1)[…]   Advertise on IT Security News.…

Read more →

Read the original article: Vermont Tax Department exposed 3 years worth of tax return info The Vermont Department of Taxes today disclosed that taxpayers’ private information was exposed because of a security issue affecting its online filing site discovered on…

Read more →

Read the original article: Sneaky Doki Linux malware infiltrates Docker cloud instances Attackers are targeting misconfigured cloud-based docker instances running on Linux distributions with an undetectable strand of malware. (6f4c434995edef0548165457c4d90ce3)[…]   Advertise on IT Security News. Read the original article: Sneaky Doki…

Read more →

Read the original article: Zoom bug allowed attackers to crack private meeting passwords A lack of rate limiting in password attempts allowed potential attackers to crack the numeric passcode used to secure Zoom private meetings as discovered by Tom Anthony, VP Product…

Read more →

Read the original article: Microsoft now detects CCleaner as a Potentially Unwanted Application Microsoft is now detecting the popular CCleaner Windows optimization and Registry cleaner program as a potentially unwanted application (PUA) in Microsoft Defender. (47a9275c481dbf25e49cf753f7102ec1)[…]   Advertise on IT Security…

Read more →

Read the original article: Cisco fixes severe flaws in data center management solution Cisco today has released several security updates to address three critical authentication bypass, buffer overflow, and authorization bypass vulnerabilities found to affect Cisco Data Center Network Manager…

Read more →

Read the original article: BootHole GRUB bootloader bug lets hackers hide malware in Linux, Windows A severe vulnerability exists in almost all signed versions of GRUB2 bootloader used by most Linux systems. When properly exploited, it could allow threat actors…

Read more →

Read the original article: FBI warns of Netwalker ransomware targeting US government and orgs The FBI has issued a security alert about Netwalker ransomware operators targeting U.S. and foreign government organizations, advising their victims not to pay the ransom and reporting incidents…

Read more →

Read the original article: Microsoft to remove all Windows downloads signed with SHA-1 Microsoft is removing all Windows downloads from the Microsoft Download Center that are signed using SHA-1 certificates on August 3rd, 2020. […]   Advertise on IT Security News.…

Read more →

Read the original article: The IRS asks tax professionals to enable multi-factor authentication The U.S. Internal Revenue Service is asking tax professionals to enable additional forms of authentication in software that provides the option as an improved defense against hacker…

Read more →

Read the original article: Business giant Dussmann Group’s data leaked after ransomware attack The Nefilim ransomware operation has begun to publish unencrypted files stolen from a Dussmann Group subsidiary during a recent attack. […]   Advertise on IT Security News. Read…

Read more →

Read the original article: Critical WordPress plugin bug lets hackers take over hosting account Hackers can exploit a maximum severity vulnerability in the wpDiscuz plugin installed on over 70,000 WordPress sites to execute code remotely after uploading arbitrary files on servers hosting…

Read more →

Read the original article: Emotet malware now steals your email attachments to attack contacts The Emotet malware botnet is now also using stolen attachments to increase the authenticity of spam emails attempting to infect targets’ systems. […]   Advertise on…

Read more →

Read the original article: Hacker leaks 386 million user records from 18 companies for free A threat actor is flooding a hacker forum with databases exposing expose over 386 million user records that they claim were stolen from eighteen companies…

Read more →

Read the original article: North Korean hackers created VHD ransomware for enterprise attacks North Korean-backed hackers tracked as the Lazarus Group have developed and are actively using VHD ransomware against enterprise targets according to a report published by Kaspersky researchers today.…

Read more →

Read the original article: Magento gets security updates for severe code execution bugs Adobe today released security updates to fix two code execution vulnerabilities affecting Magento Commerce and Magento Open Source, rated as important and critical severity. […]   Advertise on IT Security…

Read more →

Read the original article: Industrial VPN vulnerabilities put critical infrastructure at risk Security researchers analyzing popular remote access solutions used for industrial control systems (ICS) found multiple vulnerabilities that could let unauthenticated attackers execute arbitrary code and breach the environment.…

Read more →

Read the original article: Feature-rich Ensiko malware can encrypt, targets Windows, macOS, Linux Threat researchers have found a new feature-rich malware that can encrypt files on any system running PHP, making it a high risk for Windows, macOS, and Linux…

Read more →

Read the original article: Netflix credential phishing hides behind working CAPTCHA A recent wave of phishing attacks aiming to steal payment card info and credentials for Netflix streaming service starts with redirecting to a functioning CAPTCHA page to bypass email…

Read more →

Read the original article: Promo.com discloses data breach after 22M user records leaked online Promo.com, an Israeli-based marketing video creation site, has disclosed a data breach after a database containing 22 million user records was leaked for free on a hacker forum.…

Read more →

Read the original article: Office 365 adds new features to help identify malicious spam Microsoft is planning to provide more info on spam emails detected as malicious by the Office 365 Advanced Threat Protection (ATP) filtering stack and allow organizations…

Read more →

Read the original article: Office 365 phishing baits employees with fake SharePoint alerts Employees using Microsoft Office 365 are targeted in a phishing campaign that makes use of bait messages camouflaged as automated Sharepoint notifications to steal their accounts. […]  …

Read more →

Read the original article: Windows 10 Desktop Windows Manager crashes due to DirectX bug Microsoft is working on a resolution for a new issue causing the Desktop Windows Manager to crash on laptops if the lid is repeatedly closed and opened. […]…

Read more →

Read the original article: Garmin confirms ransomware attack, services coming back online Garmin has officially confirmed that they were victims of a ransomware attack as they slowly bring their Garmin Connect, Strava, and navigation services back online. […]   Advertise on…

Read more →

Read the original article: UK and US warn QNAP owners to upgrade firmware to block malware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre (NCSC) today issued an alert about the risks of…

Read more →

Read the original article: Cerberus Android malware source code offered for sale for $100,000 The maintainer of Cerberus banking trojan for Android is auctioning the entire project for a price starting at $50,000 or close the deal for double the…

Read more →

Read the original article: Source code from dozens of companies leaked online Source code from exposed repositories of dozens of companies across various fields of activity (tech, finance, retail, food, eCommerce, manufacturing) is publicly available as a result of misconfigurations…

Read more →

Read the original article: No More Ransom turns 4: Saves $632 million in ransomware payments The No More Ransom Project celebrates its fourth anniversary today after helping over 4.2 million visitors recover from a ransomware infection and saving an estimated…

Read more →

Read the original article: Dave data breach affects 7.5 million users, leaked on hacker forum Overdraft protection and cash advance service Dave has suffered a data breach after a database containing 7.5 million user records was sold in an auction and then…

Read more →

Read the original article: Microsoft’s PowerToys 0.20 adds a built-in Windows 10 Color Picker The next version of the Windows 10 PowerToys coming at the end of this month will introduce a new toy called ‘Color Picker Tool’ that lets…

Read more →

Read the original article: Samsung is reportedly building an Exynos CPU for Windows 10 PCs If the latest from the rumor mill turns out to be correct, Samsung could launch a new Exynos processor to power Windows 10 on ARM.…

Read more →

Read the original article: New ‘Meow’ attack has deleted almost 4,000 unsecured databases Dozens of unsecured databases exposed on the public web are the target of an automated ‘meow’ attack that wipes data without any explanation. […]   Advertise on…

Read more →

Read the original article: Linux-based malware analysis toolkit REMnux 7 released A new version of REMnux Linux distro is now available for malware researchers, packed with hundreds of tools to dissect malicious executables, documents, scripts, and ill-intended code. […]  …

Read more →

Read the original article: Microsoft Edge now blocks abusive notifications to reduce web spam Websites increasingly ask to send notifications about their new contents and notifications are also abused for advertisements or web scams. To address this webspam mess, Microsoft Edge…

Read more →

Read the original article: US govt confirms active exploitation of F5 BIG-IP RCE flaw The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today published a warning regarding the active exploitation of the unauthenticated remote code execution (RCE) CVE-2020-5902 vulnerability affecting F5…

Read more →

Read the original article: Microsoft working on a fix for Windows 10 Sandbox failing to open Microsoft is investigating a known issue preventing the Windows Sandbox and Windows Defender Application Guard (WDAG) from opening on devices running Windows 10, version 1903 or later,…

Read more →

Read the original article: The Week in Ransomware – July 24th 2020 – Navigation failure This week has been quite busy with a new enterprise targeting ransomware called Exorcist and attacks against large companies. […]   Advertise on IT Security…

Read more →

Read the original article: Emotet malware operation hacked to show memes to victims Someone is poking fun at Emotet botnet and heavily disrupting its operations at the same time as payloads hosted on some compromised sites have been replaced by…

Read more →

Read the original article: Garmin outage caused by confirmed WastedLocker ransomware attack Wearable device maker Garmin today had to shut down some of its connected services and call centers following what the company calls a worldwide outage. […]   Advertise on…

Read more →

Read the original article: 5 severe D-Link router vulnerabilities disclosed, patch now 5 severe D-Link vulnerabilities have been disclosed that could allow an attacker to take complete control over a router without needing to login. […]   Advertise on IT…

Read more →

Read the original article: Cisco patches actively exploited ASA/FTD firewall vulnerability Cisco fixed a high severity and actively exploited read-only path traversal vulnerability affecting the web services interface of two of its firewall products. […]   Advertise on IT Security…

Read more →

Read the original article: UK govt warns of ransomware, BEC attacks against sports sector The UK National Cyber Security Centre (NCSC) today highlighted the increasing risks posed by ransomware attacks, phishing campaigns, and Business Email Compromise (BEC) fraud schemes targeting sports…

Read more →

Read the original article: Garmin shuts down services after suspected ransomware attack Wearable device maker Garmin today had to shut down some of its connected services and call centers following what the company calls a worldwide outage. […]   Advertise on…

Read more →

Read the original article: Remove unwanted Windows 10 apps with this new open source tool A new standalone utility named Bloatbox has been released that allows Windows 10 users to debloat the operating system by removing unwanted preinstalled apps. […]…

Read more →

Read the original article: How to stop Microsoft Edge launching automatically on login Microsoft shared info on how Edge users can prevent the web browser from launching automatically after they log into their Windows account by tweaking the system’s Sign-in…

Read more →

Read the original article: Twitter hackers read private messages of 36 high-profile accounts Twitter today admitted that the attackers behind last week’s incident read the private messages of 36 out of a total of 130 high-profile accounts targeted in the attack. […]   Advertise…

Read more →

Read the original article: New cryptojacking botnet uses SMB exploit to spread to Windows systems A new cryptojacking botnet is spreading across compromised networks via multiple methods that include the EternalBlue exploit for Windows Server Message Block (SMB) communication protocol.…

Read more →

Read the original article: Twilio exposes SDK, attackers inject it with malvertising code Twilio today disclosed that its TaskRouter JS SDK was compromised by attackers after they gained access to one of its misconfigured Amazon AWS S3 buckets which left the…

Read more →

Read the original article: Lazarus hackers deploy ransomware, steal data using MATA malware A recently discovered malware framework known as MATA and linked to the North Korean-backed hacking group known as Lazarus was used in attacks targeting corporate entities from multiple…

Read more →

Read the original article: D-Link blunder: Firmware encryption key exposed in unencrypted image The router manufacturer leaks encryption keys in some firmware versions letting reverse engineers decrypt the latest firmware images. […]   Advertise on IT Security News. Read the original…

Read more →

Read the original article: Microsoft Outlook crashes, deletes mails for some POP accounts Some Microsoft 365 customers might experience Outlook crashes after updating to Version 2006 Build 13001.20266 and higher according to an Office support document. […]   Advertise on…

Read more →

Read the original article: Critical SharePoint flaw dissected, RCE details now available Details are now available for exploiting a critical security vulnerability that affects Microsoft SharePoint, increasing the risk of attacks on unpatched systems. […]   Advertise on IT Security…

Read more →

Read the original article: New ‘Meow’ attack has wiped dozens of unsecured databases Dozens of unsecured databases exposed on the public web are the target of an automated ‘meow’ attack that wipes data without any explanation. […]   Advertise on…

Read more →

Read the original article: US offers $2 million for info on Ukrainians charged for SEC hack The U.S. Department of State today announced rewards of up to $1 million for information that would lead to the arrest or conviction of Ukrainian…

Read more →

Read the original article: Windows 10 KB4559004 cumulative update fixes File Explorer, LTE issues Microsoft released the KB4559004 non-security preview cumulative update with a fixes for File Explorer and an issue that caused Windows 10 computers with wireless wide area network (WWAN) LTE…

Read more →

Read the original article: Windows 10 KB4559004 released to fix broken wireless LTE connectivity Microsoft released the KB4559004 non-security preview cumulative update with a fix for an issue that caused Windows 10 computers with wireless wide area network (WWAN) LTE modems to lose…

Read more →

Read the original article: Microsoft 365 adds endpoint data leak protection in public preview Microsoft announced today the extension of Data Loss Prevention (Endpoint DLP) to Microsoft 365 customers’ endpoints, making it easier for organizations to prevent data leaks, inappropriate or unintentional data sharing…

Read more →

Read the original article: Emotet botnet is now heavily spreading QakBot malware Researchers tracking Emotet botnet noticed that the malware started to push QakBot banking trojan at an unusually high rate, replacing the longtime TrickBot payload. […]   Advertise on…

Read more →

Read the original article: Microsoft Edge gets new features on desktop and mobile As part of the July update, Microsoft Edge for Windows, macOS, Android and iOS is getting Collections on mobile and slew of other improvements. The new features…

Read more →

Read the original article: US indicts hackers working with China’s Ministry of State Security Two hackers working with China’s Ministry of State Security were charged with hacking into computer systems of government organizations and companies in the United States and around…

Read more →

Read the original article: Malwarebytes fixes bug causing Windows 10 2004 performance issues Malwarebytes has fixed bugs in the latest beta version of their software that were causing performance issues in Windows 10 2004. […]   Advertise on IT Security…

Read more →

Read the original article: Outlook affected by one-minute startup delays on Windows 10 Microsoft says that Outlook might take a minute to start and display the splash screen on devices running Windows 10, version 1809 or later if User Experience Virtualization…

Read more →

Read the original article: Adobe Photoshop gets fixes for critical security vulnerabilities Adobe has released security updates to address twelve critical vulnerabilities in Adobe Photoshop, Adobe Prelude, and Adobe Bridge that could allow attackers to execute arbitrary code on Windows…

Read more →

Read the original article: DeepSource resets logins after employee falls for Sawfish phishing GitHub notified DeepSource earlier this month of detecting malicious activity related to the startup’s GitHub app after one of their employees fell victim to the Sawfish phishing campaign. […]…

Read more →

Read the original article: Phishing campaign uses Google Cloud Services to steal Office 365 logins Fraudsters looking to collect login details are increasingly turning to public cloud services to host lure documents and phishing pages, making it more difficult for…

Read more →

Read the original article: Lorien Health Services discloses ransomware attack affecting nearly 50,000 Lorien Health Services in Maryland announced that it was the victim of a ransomware incident in early June. Data was stolen and then encrypted during the incident.…

Read more →

Read the original article: Microsoft will disable insecure TLS in Office 365 on Oct 15 Microsoft has set the official retirement date for the insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols in Office 365 starting with October 15, 2020, after…

Read more →

Read the original article: Coinbase blocked Twitter hackers from stealing an extra $280K Coinbase says that it was able to block its customers from sending approximately $280,000 to the Twitter hackers who, last week, took over high-profile accounts to push a…

Read more →

Read the original article: Emotet-TrickBot malware duo is back infecting Windows machines After awakening last week and starting to send spam worldwide, Emotet is now once again installing the TrickBot trojan on infected Windows computers. […]   Advertise on IT Security…

Read more →

Read the original article: Microsoft investigating Windows 10 2004 ‘No Internet’ bug, how to fix Microsoft is investigating a known issue where Windows 10 2004 customers might see “No Internet access” tray indicators even though their devices are connected to the…

Read more →

Read the original article: Office 365 adds new security configuration analysis feature Microsoft is working on a new Office 365 Advanced Threat Protection (ATP) feature which will make it easy to determine your security policies settings’ effectiveness when compared to recommended…

Read more →

Read the original article: Windows 10 Store ‘wsreset’ tool lets attackers bypass antivirus A technique that exploits Windows 10 Microsoft Store called ‘wsreset.exe’ can delete files to bypass antivirus protection on a host without being detected. […]   Advertise on IT Security…

Read more →

Read the original article: How to use Windows 10 File History to make secure backups With File History feature on Windows, you can back up copies of files that are in the Documents, Music, Pictures, Videos, and Desktop folders. […]  …

Read more →

Read the original article: Critical SIGred Windows DNS bug gets micropatch after PoCs released The critical remote code execution security vulnerability in Windows DNS known as SIGRed has received a micropatch for servers without an Extended Security Updates (ESU) license.…

Read more →

Read the original article: New phishing campaign abuses a trio of enterprise cloud services A new phishing campaign uses a trio of enterprise cloud services, Microsoft Azure, Microsoft Dynamics, and IBM Cloud, as part of an attempt to steal your login…

Read more →

Read the original article: Windows 10 2004: List of compatibility issues blocking updates While the Windows 10 May 2020 Update started gradually rolling out to customers worldwide on May 27, not everyone can update their devices to Windows 10, version 2004.…

Read more →

Read the original article: Microsoft Edge 84 introduces Storage Access API to improve privacy Microsoft Edge 84 is now available for the desktop users and it comes with support for Storage Access API, PDF reader improvements, and more. […]   Advertise…

Read more →

Read the original article: The Week in Ransomware – July 17th 2020 – Freshly squeezed With Twitter hackers, 10/10 vulnerabilities, and Cloudflare outages this week, thankfully ransomware has been pretty slow this week. […]   Advertise on IT Security News.…

Read more →

Read the original article: Cloudflare outage takes down Discord, BleepingComputer, and other sites Cloudflare is having an outage that is affecting a lot of sites including Discord, BleepingComputer, and many other sites. It is not known what is causing the…

Read more →

Read the original article: Magento adds 2FA to protect against card skimming attacks Adobe has added two-factor authentication (2FA) throughout the Magento platform in response to the widespread number of attacks where skimmer scripts are deployed on hacked e-commerce sites to steal…

Read more →

Read the original article: Emotet spam trojan surges back to life after 5 months of silence After months of inactivity, the notorious Emotet spamming trojan has come alive again as it spews out a massive campaign of malicious emails targeting…

Read more →

Read the original article: Twitter: Hackers targeted 130 accounts, no passwords accessed Twitter today revealed that hackers targeted roughly 130 accounts during the massive attack that allowed them to take over dozens of high-profile accounts of tech companies, executives, and celebrities…

Read more →

Read the original article: Microsoft releases open-source Linux version of Procmon tool Microsoft has ported the popular Sysinternals Procmon utility to Linux so that users can monitor running processes’ activity. […]   Advertise on IT Security News. Read the original…

Read more →

Read the original article: Microsoft fixes Windows 10 2004 boot fails caused by Disk Cleanup Microsoft fixed an issue where the Disk Cleanup maintenance utility could cause boot failures when launching automatically after installing Windows 10, version 2004 Build 19041.21. […]…

Read more →

Read the original article: Twitter starts rolling out new LinkedIn-style DMs interface Twitter has started to roll out a new interface that lets you quickly access your direct messages (DMs) from any page on the social platform. […]   Advertise…

Read more →

Read the original article: Federal agencies told to patch wormable Windows DNS bug in 24 hours The Cybersecurity and Infrastructure Security Agency (CISA) today asked all U.S. federal executive branch departments and agencies to mitigate the critical SIGRed Windows DNS…

Read more →

Read the original article: T-Mobile announces free Scam Shield robocall and scam protection T-Mobile today announced the launch of the new Scam Shield service on July 24, a service that will provide T-Mobile, Metro, and Sprint customers with free Scam ID, Scam…

Read more →

Read the original article: Orange confirms ransomware attack exposing business customers’ data Orange has confirmed to BleepingComputer that they suffered a ransomware attack exposing the data of twenty of their enterprise customers. […]   Advertise on IT Security News. Read…

Read more →

Read the original article: New Android malware steals your dating and social accounts A new Android banking trojan dubbed BlackRock steals credentials and credit card information from a list of 337 apps many of them used for many non-financial purposes. […]   Advertise on IT…

Read more →

Read the original article: Russian hackers target COVID-19 vaccine research with custom malware Hackers likely working for Russian intelligence services have been attacking organizations involved in the research and development of a vaccine against the new coronavirus. […]   Advertise…

Read more →