Starting at the end of July, Microsoft has begun detecting HOSTS files that block Windows 10 telemetry servers as a ‘Severe’ security risk.

The HOSTS file is a text file located at C:Windowssystem32driveretcHOSTS and can only be edited by a program with Administrator privileges.

This file is used to resolve hostnames to IP addresses without using the Domain Name System (DNS).

This file is commonly used to block a computer from accessing a remote site by assigning host to the or IP address.

For example, if you add the following line to the Windows HOSTS file, it will

Havenly, a US-based interior design web site, has disclosed a data breach after a hacker posted a database containing 1.3 million user records for free on a hacker forum.

Havenly is an online interior design and home decoration site where users can get help designing a room in their house from certified designers.

Last week, BleepingComputer reported that the ShinyHunters hacking group had leaked the databases for 18 companies on a hacker forum for free. These databases contained a combined total of 386 million user records.

One of the leaked databases contained 1.3 million user records for 

Havenly database leaked on a hacker forum
Havenly database

BleepingComputer can confirm that Garmin has received the decryption key to recover their files encrypted in the WastedLocker Ransomware attack.

On July 23rd, 2020, Garmin suffered a worldwide outage where customers could not access their connected services, including the Garmin Connect, flyGarmin, Strava, inReach solutions.

BleepingComputer was the first to confirm that they suffered a cyberattack by the WastedLocker Ransomware operators after employees shared photos of encrypted workstations, and we found a sample of the ransomware utilized in the attack.

Photo of encrypted Garmin workstation
Photo of encrypted Garmin workstation

Employees later shared with BleepingComputer that the ransom demand was $10 million.

After a four

With No More Ransom turning 4, Garmin suddenly recovering from their ransomware attack, and a GandCrab affiliate being arrested in Belarus, it has been quite a week when it comes to ransomware news.

The biggest story of the week is Garmin enabling services again and the rumors that it paid a $5 million ransom for the decryptor. Fast forward to the end of the week, and the next big news is the arrest of a GandCrab ransomware affilaite in Belarus.

We also had No More Ransom turning 4, an interesting report from Kaspersky tying the Lazarus hacking group to

7/31/20: Update added below with information from Intezer Labs and a link to the malware sample. This article was originally published on July 30th, 2020.

TrickBot’s Anchor malware platform has been ported to infect Linux devices and compromise further high-impact and high-value targets using covert channels.

TrickBot is a multi-purpose Windows malware platform that uses different modules to perform various malicious activities, including information stealing, password stealing, Windows domain infiltration, and malware delivery.

TrickBot is rented by threat actors who use it to infiltrate a network and harvest anything of value. It is then used to deploy ransomware such as

The Vermont Department of Taxes today disclosed that taxpayers’ private information was exposed because of a security issue affecting its online filing site discovered on July 2, 2020.

The data breach affected all Vermonters who electronically filed Property Transfer Tax returns using the tax department’s site between February 2017 and July 2020.

“Verification credentials for electronically filed property transfer tax returns available in public municipal records could be used to access previously submitted tax return information,” the breach notification says.

“The credentials could have been used to access private information including the social security number of the buyer of