Security News > 2020 > October

Windows 10 users face numerous issues installing the latest KB4579311 cumulative update, and for those who can install, they are reporting various bugs, including performance issues. Microsoft released the Windows 10 KB4579311 cumulative update on October 13th, 2020, and since then, users have been reporting problems getting the update to install, crashes, performance issues, and boot problems.

The criminals behind GravityRAT spyware have rolled out new macOS and Android variants for the first time. Kaspersky researchers spotted updated GravityRAT code indicating an overhaul of the the malware.

Here's the latest episode of our weekly Naked Security Live video series. It's usually somewhere between 18:00 and 19:00 UK time, which is early afternoon/late morning on the East/West coast of North America.

Brazilians are being warned of a new overlay malware targeting Windows users in order to siphon victims' financial data and drain their bank accounts. Vizom is similar to other overlay malware strains in that its attack vector is via malspam and phishing campaigns delivered to potential victims' inboxes.

The analysis of the attack revealed that after about four hours and 10 minutes, the Ryuk gang pivoted from the primary domain controller, using RDP to connect to backup servers. For the final phase of the attack, the Ryuk operators first deployed their ransomware executable onto backup servers.

The US Department of Treasury's Financial Crimes Enforcement Network today announced the first-ever penalty against a Helix and Coin Ninja cryptocurrency mixing services. FinCEN assessed a $60 million civil money penalty against Larry Dean Harmon, the founder and operator of the Helix and Coin Ninja cryptocurrency tumblers, for violating the Bank Secrecy Act and its regulations while operating the two services as unregistered money services businesses.

A new phishing campaign uses a Coinbase-themed email to install an Office 365 consent app that gives attackers access to a victim's email. Over the past year, hackers have increasingly used Microsoft Office 365 OAuth apps, otherwise known as consent apps, as part of their attacks.

As if things were not going badly enough for the UK's COVID-19 test-and-trace service, it now seems police will be able to access some test data, prompting fears the disclosure could deter people who should have tests from coming forward. As revealed in the Health Service Journal [paywall], the Department for Health and Social Care and the National Police Chiefs' Council have agreed that officers can access test results to determine whether or not a "Specific individual" has been told to self-isolate.

New, sophisticated adversaries are switching up their tactics in exploiting enterprise-friendly platforms - most notably Microsoft Exchange, Outlook Web Access and Outlook on the Web - in order to steal business credentials and other sensitive data. APTs Flock Exchange, OWA. One advanced persistent threat group that has been targeting Exchange and OWA is what researchers dub "BELUGASTURGEON".

The Federal Bureau of Investigation issued a flash alert to warn of the potential use of spoofed US Census Bureau domains in future malicious campaigns including phishing and credential theft attacks. The US Census Bureau is a federal government statistical agency that collects statistical data on the US economy and population, data used by the federal government to allocate over $675B in federal funds to tribal, local, and state governments each year.