6521

High severity BIOS flaws affect numerous Intel processors
https://www.bleepingcomputer.com/news/security/high-severity-bios-flaws-affect-numerous-intel-processors/

6522

Here are the new Emotet spam campaigns hitting mailboxes worldwide
https://www.bleepingcomputer.com/news/security/here-are-the-new-emotet-spam-campaigns-hitting-mailboxes-worldwide/

6523

What is a PUP (Potentially Unwanted Program)
ā€œA PUP is a program that may be unwanted, despite the possibility that users consented to download it.
PUPs include spyware, adware, and dialers, and are often downloaded in conjunction with a program that the user wants.ā€
Microsoft seems to have taken that meaning a bit further.
Itā€™s applying that term to any program that also, by default, installs one or more
other programs not selected by the user. Even if the user is given the opportunity
to bypass the installation of that other(s) possibly unwanted program.
Someone just asked me about something that Microsoft tagged as a ā€œPUA:Win32/PiriformBundlerā€
This is a perfect example Microsoftā€™s new inclusion of programs to be classified as PUPs
Here is how Microsoft describes this version of a PUP:
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=PUA%3AWin32%2FPiriformBundler

6524

US, UK warn of Iranian hackers exploiting Microsoft Exchange, Fortinet
https://www.bleepingcomputer.com/news/security/us-uk-warn-of-iranian-hackers-exploiting-microsoft-exchange-fortinet/
https://us-cert.cisa.gov/ncas/alerts/aa21-321a

6525

Costco Discloses Data Breach After Finding Card Skimmer At One Of Its Stores
https://www.forbes.com/sites/leemathews/2021/11/12/costco-discloses-data-breach-after-finding-card-skimmer-at-one-of-its-stores/?sh=4c70de3b49fc

https://securityaffairs.co/wordpress/124534/data-breach/costco-data-breach.html

6526

Google Chrome 96 breaks Twitter, Discord, video rendering and more
https://www.bleepingcomputer.com/news/google/google-chrome-96-breaks-twitter-discord-video-rendering-and-more/

6527

Weekly Security News Roundup w/e 11/19/2021

https://d1ka0itfguscri.cloudfront.net/Lh/2021/11/19/17/34/crXqb4VIOCA/preview.jpg

[b]https://youtu.be/r8WY8tPtfKY[/b]
Security-related news thanks mostly to Avast Software.
Iā€™m just a messenger. They do most of the challenging work and research.
https://www.avast.com/en-us/index#pc

6528

Six million Sky routers exposed to takeover attacks for 17 months
https://www.bleepingcomputer.com/news/security/six-million-sky-routers-exposed-to-takeover-attacks-for-17-months/
https://www.pentestpartners.com/security-blog/skyfail-6-million-routers-left-exposed/

6529

Even after 7 years Agent Tesla malware still kneecaps Windows security.
Re: https://www.virustotal.com/gui/url/a00a741102b59c2b3a62faeca85c5ee906876711e1af2ac0557d382f3f283d35/detection
and read: https://news.sophos.com/en-us/2021/02/02/agent-tesla-amps-up-information-stealing-attacks/

polonus

6530

11/22/2021 Breaking Security NewsFlash

https://d1ka0itfguscri.cloudfront.net/Lh/2021/11/22/21/20/crX3rYVI4o8/preview.jpg

[b]https://youtu.be/ecknxFAlrqs[/b]
Another security breach. This time itā€™s Go Daddy.
See the full article at How-To Geek
https://www.howtogeek.com/770477/huge-godaddy-data-breach-exposes-over-a-million-accounts/

6531

New Windows zero-day with public exploit lets you become an admin
https://www.bleepingcomputer.com/news/microsoft/new-windows-zero-day-with-public-exploit-lets-you-become-an-admin/

6532

Attackers exploiting zero-day vulnerability in Windows Installer ā€” Hereā€™s what you need to know and Talosā€™ coverage
https://blog.talosintelligence.com/2021/11/attackers-exploiting-zero-day.html

6533

7 Scams Targeting Holiday Shoppers

https://d1ka0itfguscri.cloudfront.net/Lh/2021/11/24/14/57/crXZ2PVIkeh/preview.jpg

[b]https://youtu.be/vroEAk7jCEs[/b]
Steer clear of cyber-trouble this year with these seven scams
to watch out for during the holidays.
Thanks to Grace Macej for her excellent article on this topic.
https://blog.avast.com/author/grace-macej

6534

Weekly Security News Roundup w/e 11-26-2021

https://d1ka0itfguscri.cloudfront.net/Lh/2021/11/26/21/14/crXOr2VImXG/preview.jpg

[b]https://youtu.be/qQ1WL-q_ALs[/b]
Security-related news thanks mostly to Avast Software. Iā€™m just a messenger.
They usually do most of the challenging work and research.
https://www.avast.com/en-us/index#pc

6535

8-year-old HP printer vulnerability affects 150 printer models
https://www.bleepingcomputer.com/news/security/8-year-old-hp-printer-vulnerability-affects-150-printer-models/

6536

Emotet now spreads via fake Adobe Windows App Installer packages
https://www.bleepingcomputer.com/news/security/emotet-now-spreads-via-fake-adobe-windows-app-installer-packages/

6537

6 Tips to Protect Holiday Tech

https://d1ka0itfguscri.cloudfront.net/Lh/2021/12/02/23/48/crln0JV2naN/preview.jpg

[b]https://youtu.be/lQKxVksqQ_4[/b]
Just in time for the holidays. Some security tips for those new toys.
My thanks to Christopher Budd for his excellent article on this topic.
https://blog.avast.com/how-to-protect-a-new-technology-purchase-avast

6538

CoinHelper Danger and Avoidance

https://d1ka0itfguscri.cloudfront.net/Lh/2021/12/02/23/50/crln0KV2nzc/preview.jpg

[b]https://youtu.be/7TP4xYV15xQ[/b]
CoinHelper an unexpected payload with cracked,illegal,unauthorized
and repackaged copies of software.
Thanks to Christopher Budd for his excellent article on this topic.
https://blog.avast.com/author/christopher-budd

6539

Weekly Security News Roundup w/e 12-3-2021

https://d1ka0itfguscri.cloudfront.net/Lh/2021/12/03/17/11/crlebXV2f8I/preview.jpg

[b]https://youtu.be/DBRhsKrxVz8[/b]
Security-related news thanks mostly to Avast Software.
Iā€™m just a messenger. They do most of the challenging work and research.
https://www.avast.com/en-us/index#pc

6540

FBI: Cuba ransomware breached 49 US critical infrastructure orgs
https://www.bleepingcomputer.com/news/security/fbi-cuba-ransomware-breached-49-us-critical-infrastructure-orgs/