The Week in Ransomware - May 19th 2017 - Uiwix, WannaCry Imitators, and Wallet Decrypted
From new ransomware and WannaCry imitations to decryption keys being released, ransomware developers continue to keep us busy.. This article will keep you up-to-date on the latest news and developments in ransomware. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-19th-2017-uiwix-wannacry-imitators-and-wallet-decrypted/
From new ransomware and WannaCry imitations to decryption keys being released, ransomware developers continue to keep us busy.. This article will keep you up-to-date on the latest news and developments in ransomware. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-19th-2017-uiwix-wannacry-imitators-and-wallet-decrypted/
BleepingComputer
The Week in Ransomware - May 19th 2017 - Uiwix, WannaCry Imitators, and Wallet Decrypted
From new ransomware and WannaCry imitations to decryption keys being released, ransomware developers continue to keep us busy.. This article will keep you up-to-date on the latest news and developments in ransomware.
Dark Web Market Shuts Down Claiming Hack, but Users Fear an Exit Scam
Outlaw was a veteran of the Dark Web marketplaces, founded way back in 2013. The site was never the most popular destination for online criminals but had a steady following. [...]
https://www.bleepingcomputer.com/news/security/dark-web-market-shuts-down-claiming-hack-but-users-fear-an-exit-scam/
Outlaw was a veteran of the Dark Web marketplaces, founded way back in 2013. The site was never the most popular destination for online criminals but had a steady following. [...]
https://www.bleepingcomputer.com/news/security/dark-web-market-shuts-down-claiming-hack-but-users-fear-an-exit-scam/
BleepingComputer
Dark Web Market Shuts Down Claiming Hack, but Users Fear an Exit Scam
Outlaw was a veteran of the Dark Web marketplaces, founded way back in 2013. The site was never the most popular destination for online criminals but had a steady following.
SSD Drives Vulnerable to Attacks That Corrupt User Data
NAND flash memory chips, the building blocks of solid-state drives (SSDs), feature what could be called "programming vulnerabilities" that can be exploited to alter data stored on these devices. [...]
https://www.bleepingcomputer.com/news/hardware/ssd-drives-vulnerable-to-attacks-that-corrupt-user-data/
NAND flash memory chips, the building blocks of solid-state drives (SSDs), feature what could be called "programming vulnerabilities" that can be exploited to alter data stored on these devices. [...]
https://www.bleepingcomputer.com/news/hardware/ssd-drives-vulnerable-to-attacks-that-corrupt-user-data/
BleepingComputer
SSD Drives Vulnerable to Attacks That Corrupt User Data
NAND flash memory chips, the building blocks of solid-state drives (SSDs), include what could be called "programming vulnerabilities" that can be exploited to alter stored data or shorten the SSD's lifespan.
Netgear Enables User Data Collection Feature on Popular Router Model
The latest firmware update for Netgear NightHawk R700 routers adds support and enables an "analytics system" that collects user data and sends it to the company's servers. [...]
https://www.bleepingcomputer.com/news/hardware/netgear-enables-user-data-collection-feature-on-popular-router-model/
The latest firmware update for Netgear NightHawk R700 routers adds support and enables an "analytics system" that collects user data and sends it to the company's servers. [...]
https://www.bleepingcomputer.com/news/hardware/netgear-enables-user-data-collection-feature-on-popular-router-model/
BleepingComputer
Netgear Enables User Data Collection Feature on Popular Router Model
The latest firmware update for Netgear NightHawk R7000 routers adds support and enables an "analytics system" that collects user data and sends it to the company's servers.
Former IBM Engineer Admits He Stole Source Code for China
Xu Jiaqiang, 30, a former software engineer for IBM, pleaded guilty on Friday to charges of economic espionage after the FBI had caught him attempting to sell IBM's source code, and later discovered he sold it to parties in China. [...]
https://www.bleepingcomputer.com/news/government/former-ibm-engineer-admits-he-stole-source-code-for-china/
Xu Jiaqiang, 30, a former software engineer for IBM, pleaded guilty on Friday to charges of economic espionage after the FBI had caught him attempting to sell IBM's source code, and later discovered he sold it to parties in China. [...]
https://www.bleepingcomputer.com/news/government/former-ibm-engineer-admits-he-stole-source-code-for-china/
BleepingComputer
Former IBM Engineer Admits He Stole Source Code for China
Xu Jiaqiang, 30, a former software engineer for IBM, pleaded guilty on Friday to charges of economic espionage after the FBI had caught him attempting to sell IBM's source code, and later discovered he sold it to parties in China.
Yahoo Retires Problematic Library After Bug Exposes User Email Content
Yahoo's engineering staff have retired the ImageMagick library from active duty after a security researcher found a bug that would have allowed an attacker to expose server memory, which, due to the library's nature, leaked image data from users' inboxes. [...]
https://www.bleepingcomputer.com/news/security/yahoo-retires-problematic-library-after-bug-exposes-user-email-content/
Yahoo's engineering staff have retired the ImageMagick library from active duty after a security researcher found a bug that would have allowed an attacker to expose server memory, which, due to the library's nature, leaked image data from users' inboxes. [...]
https://www.bleepingcomputer.com/news/security/yahoo-retires-problematic-library-after-bug-exposes-user-email-content/
BleepingComputer
Yahoo Retires Problematic Library After Bug Exposes User Email Content
Yahoo's engineering staff have retired the ImageMagick library from active duty after a security researcher found a bug that would have allowed an attacker to expose server memory, which, due to the library's nature, leaked image data from users' inboxes.
North Korea Denies Involvement in WannaCry Ransomware Outbreak
On Friday, North Korea denied allegations that it was somehow responsible for the WannaCry ransomware outbreak that affected over 240,000 computers in nearly 200 countries across the globe. [...]
https://www.bleepingcomputer.com/news/security/north-korea-denies-involvement-in-wannacry-ransomware-outbreak/
On Friday, North Korea denied allegations that it was somehow responsible for the WannaCry ransomware outbreak that affected over 240,000 computers in nearly 200 countries across the globe. [...]
https://www.bleepingcomputer.com/news/security/north-korea-denies-involvement-in-wannacry-ransomware-outbreak/
BleepingComputer
North Korea Denies Involvement in WannaCry Ransomware Outbreak
On Friday, North Korea denied allegations that it was somehow responsible for the WannaCry ransomware outbreak that affected over 240,000 computers in nearly 200 countries across the globe.
Judge: It's OK If Best Buy's Geek Squad Nerds Search Your PC for Illegal Content
A judge presiding over a child pornography case that was set in motion in 2012 has ruled that users have no legal expectation of privacy when they hand over their computers to Best Buy's Geek Squad IT technicians. [...]
https://www.bleepingcomputer.com/news/legal/judge-its-ok-if-best-buys-geek-squad-nerds-search-your-pc-for-illegal-content/
A judge presiding over a child pornography case that was set in motion in 2012 has ruled that users have no legal expectation of privacy when they hand over their computers to Best Buy's Geek Squad IT technicians. [...]
https://www.bleepingcomputer.com/news/legal/judge-its-ok-if-best-buys-geek-squad-nerds-search-your-pc-for-illegal-content/
BleepingComputer
Judge: It's OK If Best Buy's Geek Squad Nerds Search Your PC for Illegal Content
A judge presiding over a child pornography case that was set in motion in 2012 has ruled that users have no legal expectation of privacy when they hand over their computers to Best Buy's Geek Squad IT technicians.
After Seven Years, Microsoft Is Finally Fixing the "J" Email Bug
Microsoft said last week it's fixing the infamous J bug that affected the company's Outlook service for the past seven years, according to a report from last week. [...]
https://www.bleepingcomputer.com/news/microsoft/after-seven-years-microsoft-is-finally-fixing-the-j-email-bug/
Microsoft said last week it's fixing the infamous J bug that affected the company's Outlook service for the past seven years, according to a report from last week. [...]
https://www.bleepingcomputer.com/news/microsoft/after-seven-years-microsoft-is-finally-fixing-the-j-email-bug/
BleepingComputer
After Seven Years, Microsoft Is Finally Fixing the "J" Email Bug
Microsoft said last week it's fixing the infamous J bug that affected the company's Outlook service for the past seven years, according to a report from last week.
Russian Police Apprehend "Cron" Gang Behind Tiny.z and PonyForx Malware
Russian authorities have arrested the Cron malware gang, responsible for selling the Tiny.z Android banking trojan and the PonyForx Windows infostealer. [...]
https://www.bleepingcomputer.com/news/security/russian-police-apprehend-cron-gang-behind-tiny-z-and-ponyforx-malware/
Russian authorities have arrested the Cron malware gang, responsible for selling the Tiny.z Android banking trojan and the PonyForx Windows infostealer. [...]
https://www.bleepingcomputer.com/news/security/russian-police-apprehend-cron-gang-behind-tiny-z-and-ponyforx-malware/
BleepingComputer
Russian Police Apprehend "Cron" Gang Behind Tiny.z and PonyForx Malware
Russian authorities have arrested the Cron malware gang, responsible for selling the Tiny.z Android banking trojan and the PonyForx Windows infostealer.
Windows 10 UAC Bypass Uses "Apps & Features" Utility
Malware authors have a new UAC bypass technique at their disposal that they can use to install malicious apps on devices running Windows 10. [...]
https://www.bleepingcomputer.com/news/security/windows-10-uac-bypass-uses-apps-and-features-utility/
Malware authors have a new UAC bypass technique at their disposal that they can use to install malicious apps on devices running Windows 10. [...]
https://www.bleepingcomputer.com/news/security/windows-10-uac-bypass-uses-apps-and-features-utility/
BleepingComputer
Windows 10 UAC Bypass Uses "Apps & Features" Utility
Malware authors have a new UAC bypass technique at their disposal that they can use to install malicious apps on devices running Windows 10.
Malicious Movie Subtitles Can Give Hackers Full Control Over Your PC
A vulnerability in how video players load and parse subtitle files allows an attacker to execute code on a target's PC and effectively take over the device. [...]
https://www.bleepingcomputer.com/news/security/malicious-movie-subtitles-can-give-hackers-full-control-over-your-pc/
A vulnerability in how video players load and parse subtitle files allows an attacker to execute code on a target's PC and effectively take over the device. [...]
https://www.bleepingcomputer.com/news/security/malicious-movie-subtitles-can-give-hackers-full-control-over-your-pc/
BleepingComputer
Malicious Movie Subtitles Can Give Hackers Full Control Over Your PC
A vulnerability in how video players load and parse subtitle files allows an attacker to execute code on a target's PC and effectively take over the device.
Samsung Galaxy S8 Iris Scanner Fooled by a Photo
A photo of a person's eye taken at a medium distance is more than enough to trick a Samsung Galaxy S8 smartphone, according to researchers from the Chaos Computer Club (CCC). [...]
https://www.bleepingcomputer.com/news/security/samsung-galaxy-s8-iris-scanner-fooled-by-a-photo/
A photo of a person's eye taken at a medium distance is more than enough to trick a Samsung Galaxy S8 smartphone, according to researchers from the Chaos Computer Club (CCC). [...]
https://www.bleepingcomputer.com/news/security/samsung-galaxy-s8-iris-scanner-fooled-by-a-photo/
BleepingComputer
Samsung Galaxy S8 Iris Scanner Fooled by a Photo
A photo of a person's eye taken at a medium distance is more than enough to trick a Samsung Galaxy S8 smartphone, according to researchers from the Chaos Computer Club (CCC).
Jaff Ransomware Switches to the WLP Extension and Gets a New Design
A new variant of the Jaff ransomware was discovered that includes an updated design for the ransom note and the new WLU extension for encrypted files. Like the first variant of Jaff, this new version continues to be distributed through MALSPAM campaigns. [...]
https://www.bleepingcomputer.com/news/security/jaff-ransomware-switches-to-the-wlp-extension-and-gets-a-new-design/
A new variant of the Jaff ransomware was discovered that includes an updated design for the ransom note and the new WLU extension for encrypted files. Like the first variant of Jaff, this new version continues to be distributed through MALSPAM campaigns. [...]
https://www.bleepingcomputer.com/news/security/jaff-ransomware-switches-to-the-wlp-extension-and-gets-a-new-design/
BleepingComputer
Jaff Ransomware Switches to the WLP Extension and Gets a New Design
A new variant of the Jaff ransomware was discovered that includes an updated design for the ransom note and the new WLU extension for encrypted files. Like the first variant of Jaff, this new version continues to be distributed through MALSPAM campaigns.
Google Will Track Your Offline Credit Card Payments to Make Advertisers Happy
At the annual Google Marketing Next conference, the Mountain View search and advertising giant announced a new service that will let advertisers track and tie offline credit card payments with ongoing marketing campaigns. [...]
https://www.bleepingcomputer.com/news/google/google-will-track-your-offline-credit-card-payments-to-make-advertisers-happy/
At the annual Google Marketing Next conference, the Mountain View search and advertising giant announced a new service that will let advertisers track and tie offline credit card payments with ongoing marketing campaigns. [...]
https://www.bleepingcomputer.com/news/google/google-will-track-your-offline-credit-card-payments-to-make-advertisers-happy/
BleepingComputer
Google Will Track Your Offline Credit Card Payments to Make Advertisers Happy
At the annual Google Marketing Next conference, the Mountain View search and advertising giant announced a new service that will let advertisers track and tie offline credit card payments with ongoing marketing campaigns.
Google Expert Ports Windows Defender to Linux to Showcase New Tool
Tavis Ormandy, the most famous of Google's security experts, has ported Windows Defender DLLs to Linux with the aid of a new tool he released today on GitHub. [...]
https://www.bleepingcomputer.com/news/software/google-expert-ports-windows-defender-to-linux-to-showcase-new-tool/
Tavis Ormandy, the most famous of Google's security experts, has ported Windows Defender DLLs to Linux with the aid of a new tool he released today on GitHub. [...]
https://www.bleepingcomputer.com/news/software/google-expert-ports-windows-defender-to-linux-to-showcase-new-tool/
BleepingComputer
Google Expert Ports Windows Defender to Linux to Showcase New Tool
Tavis Ormandy, the most famous of Google's security experts, has ported Windows Defender DLLs to Linux with the aid of a new tool he released today on GitHub.
You Can Bypass Windows AppLocker Protection via Rogue Control Panel Items
An attacker or a rogue employee can create and register custom control panel items and use these files to bypass the Windows AppLocker security feature. [...]
https://www.bleepingcomputer.com/news/security/you-can-bypass-windows-applocker-protection-via-rogue-control-panel-items/
An attacker or a rogue employee can create and register custom control panel items and use these files to bypass the Windows AppLocker security feature. [...]
https://www.bleepingcomputer.com/news/security/you-can-bypass-windows-applocker-protection-via-rogue-control-panel-items/
BleepingComputer
You Can Bypass Windows AppLocker Protection via Rogue Control Panel Items
An attacker or a rogue employee can create and register custom control panel items and use these files to bypass the Windows AppLocker security feature.
Tech Support Scammers Are Exploiting Mass Hysteria Surrounding WannaCry
As everyone expected, scammers are attempting to cash in on the mass hysteria currently surrounding the WannaCry ransomware outbreak, a mass-infection took place over the weekend of May 12 and 14, and whose effects we still feel today. [...]
https://www.bleepingcomputer.com/news/security/tech-support-scammers-are-exploiting-mass-hysteria-surrounding-wannacry/
As everyone expected, scammers are attempting to cash in on the mass hysteria currently surrounding the WannaCry ransomware outbreak, a mass-infection took place over the weekend of May 12 and 14, and whose effects we still feel today. [...]
https://www.bleepingcomputer.com/news/security/tech-support-scammers-are-exploiting-mass-hysteria-surrounding-wannacry/
BleepingComputer
Tech Support Scammers Are Exploiting Mass Hysteria Surrounding WannaCry
As everyone expected, scammers are attempting to cash in on the mass hysteria currently surrounding the WannaCry ransomware outbreak, a mass-infection took place over the weekend of May 12 and 14, and whose effects we still feel today.
Android Users Tricked Into Installing Malware Via "App-For-Money" Scheme
An eight-month-long investigation by Roman Unuchek, a security researcher at Kaspersky Lab, has uncovered one of the most complex malware distribution schemes seen to date on the Android malware scene. [...]
https://www.bleepingcomputer.com/news/security/android-users-tricked-into-installing-malware-via-app-for-money-scheme/
An eight-month-long investigation by Roman Unuchek, a security researcher at Kaspersky Lab, has uncovered one of the most complex malware distribution schemes seen to date on the Android malware scene. [...]
https://www.bleepingcomputer.com/news/security/android-users-tricked-into-installing-malware-via-app-for-money-scheme/
BleepingComputer
Android Users Tricked Into Installing Malware Via "App-For-Money" Scheme
An eight-month-long investigation by Roman Unuchek, a security researcher at Kaspersky Lab, has uncovered one of the most complex malware distribution schemes seen to date on the Android malware scene.
Over 104,000 Samba Installations Vulnerable to Remote Takeover Attacks
According to an advisory released yesterday, Samba software released in the last seven years is vulnerable to a remote code execution vulnerability that allows an attacker to upload and execute code on the user's machine. Depending on the attacker's skill, he can easily take over vulnerable devices. [...]
https://www.bleepingcomputer.com/news/security/over-104-000-samba-installations-vulnerable-to-remote-takeover-attacks/
According to an advisory released yesterday, Samba software released in the last seven years is vulnerable to a remote code execution vulnerability that allows an attacker to upload and execute code on the user's machine. Depending on the attacker's skill, he can easily take over vulnerable devices. [...]
https://www.bleepingcomputer.com/news/security/over-104-000-samba-installations-vulnerable-to-remote-takeover-attacks/
BleepingComputer
Over 104,000 Samba Installations Vulnerable to Remote Takeover Attacks
According to an advisory released yesterday, Samba software released in the last seven years is vulnerable to a remote code execution vulnerability that allows an attacker to upload and execute code on the user's machine. Depending on the attacker's skill…
Author of EternalRocks SMB Worm Calls It Quits After Intense Media Coverage
The developer of the EternalRocks SMB worm appears to have shut down his operation, following the intense media coverage his malware has received in the past seven days. [...]
https://www.bleepingcomputer.com/news/security/author-of-eternalrocks-smb-worm-calls-it-quits-after-intense-media-coverage/
The developer of the EternalRocks SMB worm appears to have shut down his operation, following the intense media coverage his malware has received in the past seven days. [...]
https://www.bleepingcomputer.com/news/security/author-of-eternalrocks-smb-worm-calls-it-quits-after-intense-media-coverage/
BleepingComputer
Author of EternalRocks SMB Worm Calls It Quits After Intense Media Coverage
The developer of the EternalRocks SMB worm appears to have shut down his operation, following the intense media coverage his malware has received in the past seven days.