Firefox 53, Released Today, Drops Support for Windows XP and Vista

Mozilla is expected to officially release Firefox 53 later today, but the Firefox 53 installer is already available on Mozilla's FTP servers, just in case some users can't wait to get their hands on the new release. [...]

https://www.bleepingcomputer.com/news/software/firefox-53-released-today-drops-support-for-windows-xp-and-vista/

Adding Noise to Images Is Enough to Fool Google's Top-Notch Image Recognition AI

A team of computer experts from the Network Security Lab (NSL) at the University of Washington proved this week that a determined adversary could trick Google's Cloud Vision API into misclassifying submitted images. [...]

https://www.bleepingcomputer.com/news/technology/adding-noise-to-images-is-enough-to-fool-googles-top-notch-image-recognition-ai/

Lawsuit Claims Headphones Maker Bose Is Secretly Collecting User Data

A lawsuit filed in Chicago, Illinois alleges that Bose, a US-based maker of high-tech headphones and speakers, has been collecting user data without consent, and sending the information to a third-party data mining company. [...]

https://www.bleepingcomputer.com/news/technology/lawsuit-claims-headphones-maker-bose-is-secretly-collecting-user-data/

Chrome 58 Released for Windows, Mac and Linux

Chrome 58 is being rolled out to Windows, Linux, and Mac users and should be available to everyone over the next few days. Along with 29 security updates, this new version also blocks domains that use Cyrillic letters that resemble Latin letters and adds support for Progressive Web Apps on Android.  [...]

https://www.bleepingcomputer.com/news/google/chrome-58-released-for-windows-mac-and-linux/

Windows 10 Insider Build 16170 For PC Released With Hyper-V Snapshots

Today Microsoft released Insider Preview Build 16179 for PC and Insider Preview Build 15205 for Mobile to insiders on the fast ring, Of particular note is the introduction of Hyper-V snapshots and Power Throttling to Build 16179. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-16170-for-pc-released-with-hyper-v-snapshots/

Ambient Light Sensors Can Be Used to Steal Browser Data

Sensors used to detect the level of ambient light can be used to steal browser data, according to privacy expert Lukasz Olejnik. [...]

https://www.bleepingcomputer.com/news/security/ambient-light-sensors-can-be-used-to-steal-browser-data/

Spyware Disguised as System Update Survived on Play Store for Almost Three Years

An Android app named "System Update" that secretly contained a spyware family named SMSVova, survived on the official Google Play Store for at least three years, since 2014, when it was updated the last time. [...]

https://www.bleepingcomputer.com/news/security/spyware-disguised-as-system-update-survived-on-play-store-for-almost-three-years/

Google Working on an Ad Blocker for Chrome

Inside sources say Google is working on an ad blocker that it plans to ship with Chrome in the upcoming future. [...]

https://www.bleepingcomputer.com/news/google/google-working-on-an-ad-blocker-for-chrome/

SmartService acts like an Adware BodyGuard by Blocking Antivirus Software

A program called SmartService is being distributed with Adware and PUP installations in order to prevent security software from being able to run and remove the installed adware. [...]

https://www.bleepingcomputer.com/news/security/smartservice-acts-like-an-adware-bodyguard-by-blocking-antivirus-software/

Malware Author Uses Tweets to Control His Lame DDoS Botnet

A Russian malware author is using codified tweets to start and stop DDoS attacks against desired targets. The DDoS attacks are launched from the computers of infected users using a peculiar piece of malware, which the attacker is spreading via a booby-trapped file named "driversUpdate.exe." [...]

https://www.bleepingcomputer.com/news/security/malware-author-uses-tweets-to-control-his-lame-ddos-botnet/

Microsoft Sets New Release Schedule for Windows 10 with Two Major Updates per Year

Today, Microsoft pledged itself to a new release schedule for Windows 10, for which the Redmond company promises to release all major features during two update periods, one in March and one in September, each year. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-sets-new-release-schedule-for-windows-10-with-two-major-updates-per-year/

BrickerBot Author Claims He Bricked Two Million Devices

Just like Wifatch and Hajime, the BrickerBot malware is also the work of a vigilante grey-hat, who goes online by the name of Janit0r, a nickname he chose on the Hack Forums discussion boards. [...]

https://www.bleepingcomputer.com/news/security/brickerbot-author-claims-he-bricked-two-million-devices/

AES-NI Ransomware Dev Claims He's Using Shadow Brokers Exploits

The developer of the AES-NI ransomware claims that the recent "success" he's been enjoying is due to the NSA exploits leaked last week by the Shadow Brokers group. [...]

https://www.bleepingcomputer.com/news/security/aes-ni-ransomware-dev-claims-hes-using-shadow-brokers-exploits/

Vulnerability Rendered LastPass Two-Factor Authentication Useless

LastPass has patched a severe vulnerability in their password manager that allowed attackers to bypass the company's two-factor authentication (2FA) system. [...]

https://www.bleepingcomputer.com/news/security/vulnerability-rendered-lastpass-two-factor-authentication-useless/

MilkyDoor Android Malware Uses SSH Tunnels to Access Secure Corporate Networks

A new form of Android malware, named Milkydoor, uses remote port forwarding via Secure Shell (SSH) tunnels to hide malicious traffic and grant attackers access to firewall-protected networks. [...]

https://www.bleepingcomputer.com/news/security/milkydoor-android-malware-uses-ssh-tunnels-to-access-secure-corporate-networks/

Mastercard Introduces Biometrics Card That Uses Fingerprint Scan Instead of PIN

Mastercard is officially the first major card vendor to introduce a biometrics-based payment card after the company announced successful trials of this new technology in South Africa. [...]

https://www.bleepingcomputer.com/news/technology/mastercard-introduces-biometrics-card-that-uses-fingerprint-scan-instead-of-pin/

Over 36,000 Computers Infected with NSA's DoublePulsar Malware

DOUBLEPULSAR, one of the NSA hacking tools leaked last Friday by the Shadow Brokers, has been used in the wild by ordinary hackers, who infected over 36,000 computers across the world. [...]

https://www.bleepingcomputer.com/news/security/over-36-000-computers-infected-with-nsas-doublepulsar-malware/

The Locky Ransomware is Back and Still Adding OSIRIS to Encrypted Files

After almost an almost non-existent presence in 2017 and a few weeks off, Locky is back with a fresh wave of SPAM emails containing malicious docs. While it is not known what caused Locky's hiatus, if they plan on pushing the ransomware like they previously did, then we all need to pay close attention. [...]

https://www.bleepingcomputer.com/news/security/the-locky-ransomware-is-back-and-still-adding-osiris-to-encrypted-files/

Would You Like a Backdoor With That Linksys Router, Sir?

Linksys says that 25 router models are vulnerable to remote hacking and could be taken over by an attacker if users still use their default admin credentials. [...]

https://www.bleepingcomputer.com/news/security/would-you-like-a-backdoor-with-that-linksys-router-sir/

Android O Will Contain Special Feature to Fight Off Ransomware

Google has removed a feature of the Android operating system that has been used in the past in ransomware attacks. [...]

https://www.bleepingcomputer.com/news/security/android-o-will-contain-special-feature-to-fight-off-ransomware/

The Week in Ransomware - April 21st 2017 - Locky Returns

It was quite a slow week in the beginning with most of the news being for the most part about small ransomware variants. It finished with a bang, though, with the reappearance of Locky riding on a strong wave of SPAM emails. As you can imagine, there were quite a few articles about Locky today. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-21st-2017-locky-returns/