Windows 10 UAC Bypass Uses "Apps & Features" Utility

Malware authors have a new UAC bypass technique at their disposal that they can use to install malicious apps on devices running Windows 10. [...]

https://www.bleepingcomputer.com/news/security/windows-10-uac-bypass-uses-apps-and-features-utility/

Malicious Movie Subtitles Can Give Hackers Full Control Over Your PC

A vulnerability in how video players load and parse subtitle files allows an attacker to execute code on a target's PC and effectively take over the device. [...]

https://www.bleepingcomputer.com/news/security/malicious-movie-subtitles-can-give-hackers-full-control-over-your-pc/

Samsung Galaxy S8 Iris Scanner Fooled by a Photo

A photo of a person's eye taken at a medium distance is more than enough to trick a Samsung Galaxy S8 smartphone, according to researchers from the Chaos Computer Club (CCC). [...]

https://www.bleepingcomputer.com/news/security/samsung-galaxy-s8-iris-scanner-fooled-by-a-photo/

Jaff Ransomware Switches to the WLP Extension and Gets a New Design

A new variant of the Jaff ransomware was discovered that includes an updated design for the ransom note and the new WLU extension for encrypted files. Like the first variant of Jaff, this new version continues to be distributed through MALSPAM campaigns. [...]

https://www.bleepingcomputer.com/news/security/jaff-ransomware-switches-to-the-wlp-extension-and-gets-a-new-design/

Google Will Track Your Offline Credit Card Payments to Make Advertisers Happy

At the annual Google Marketing Next conference, the Mountain View search and advertising giant announced a new service that will let advertisers track and tie offline credit card payments with ongoing marketing campaigns. [...]

https://www.bleepingcomputer.com/news/google/google-will-track-your-offline-credit-card-payments-to-make-advertisers-happy/

Google Expert Ports Windows Defender to Linux to Showcase New Tool

Tavis Ormandy, the most famous of Google's security experts, has ported Windows Defender DLLs to Linux with the aid of a new tool he released today on GitHub. [...]

https://www.bleepingcomputer.com/news/software/google-expert-ports-windows-defender-to-linux-to-showcase-new-tool/

You Can Bypass Windows AppLocker Protection via Rogue Control Panel Items

An attacker or a rogue employee can create and register custom control panel items and use these files to bypass the Windows AppLocker security feature. [...]

https://www.bleepingcomputer.com/news/security/you-can-bypass-windows-applocker-protection-via-rogue-control-panel-items/

Tech Support Scammers Are Exploiting Mass Hysteria Surrounding WannaCry

As everyone expected, scammers are attempting to cash in on the mass hysteria currently surrounding the WannaCry ransomware outbreak, a mass-infection took place over the weekend of May 12 and 14, and whose effects we still feel today. [...]

https://www.bleepingcomputer.com/news/security/tech-support-scammers-are-exploiting-mass-hysteria-surrounding-wannacry/

Android Users Tricked Into Installing Malware Via "App-For-Money" Scheme

An eight-month-long investigation by Roman Unuchek, a security researcher at Kaspersky Lab, has uncovered one of the most complex malware distribution schemes seen to date on the Android malware scene. [...]

https://www.bleepingcomputer.com/news/security/android-users-tricked-into-installing-malware-via-app-for-money-scheme/

Over 104,000 Samba Installations Vulnerable to Remote Takeover Attacks

According to an advisory released yesterday, Samba software released in the last seven years is vulnerable to a remote code execution vulnerability that allows an attacker to upload and execute code on the user's machine. Depending on the attacker's skill, he can easily take over vulnerable devices. [...]

https://www.bleepingcomputer.com/news/security/over-104-000-samba-installations-vulnerable-to-remote-takeover-attacks/

Author of EternalRocks SMB Worm Calls It Quits After Intense Media Coverage

The developer of the EternalRocks SMB worm appears to have shut down his operation, following the intense media coverage his malware has received in the past seven days. [...]

https://www.bleepingcomputer.com/news/security/author-of-eternalrocks-smb-worm-calls-it-quits-after-intense-media-coverage/

Security Firm Releases Windows XP Patch for NSA Exploit ESTEEMAUDIT

Cyber-security firm enSilo has released a patch for Windows XP and Windows Server 2003 that will protect against attacks via ESTEEMAUDIT, a hacking tool dumped online by the Shadow Brokers last month, and allegedly developed by the NSA. [...]

https://www.bleepingcomputer.com/news/security/security-firm-releases-windows-xp-patch-for-nsa-exploit-esteemaudit/

AES-NI Ransomware Dev Releases Decryption Keys Amid Fears of Being Framed for XData Outbreak

Developer of AES-NI ransomware releases a small number of decryption keys and promises to release more in the future. [...]

https://www.bleepingcomputer.com/news/security/aes-ni-ransomware-dev-releases-decryption-keys-amid-fears-of-being-framed-for-xdata-outbreak/

Malvertising Campaign Finds a Way Around Ad Blockers

Ad blockers, our last hope against the onslaught of malvertising campaigns, appear to have fallen, as today, Malwarebytes published new research detailing a malvertising campaign that successfully bypasses ad blockers to deliver their malicious payload. [...]

https://www.bleepingcomputer.com/news/security/malvertising-campaign-finds-a-way-around-ad-blockers/

Linguistic Analysis Suggests WannaCry Ransomware Is the Work of a Chinese-Speaking Crook

According to a linguistic analysis of the WannaCry ransom notes, the ransomware appears to be the work of a Chinese-speaking author, according to Jon Condra and John Costello, two Flashpoint researchers. [...]

https://www.bleepingcomputer.com/news/security/linguistic-analysis-suggests-wannacry-ransomware-is-the-work-of-a-chinese-speaking-crook/

Proposed US Bill Would Legalize Aggressive "Hack Back" Attacks

A US congressman is currently tinkering away at a proposed bill that will legalize some "hack back" counter-measures that breached companies can take to stop and identify ongoing cyber-attacks, and recover their data. [...]

https://www.bleepingcomputer.com/news/legal/proposed-us-bill-would-legalize-aggressive-hack-back-attacks/

83% of Security Pros Waste Time Fixing Co-Workers Non-Security Problems

Security personnel in many organizations waste time every week helping co-workers with general IT problems, rather than doing their own work, which in the long run, costs companies tens of thousands of dollars per year. [...]

https://www.bleepingcomputer.com/news/technology/83-percent-of-security-pros-waste-time-fixing-co-workers-non-security-problems/

Filesystem Bug Hangs or Crashes Windows 7 and Windows 8.1

A bug in Microsoft's NTFS file system technology allows pranksters to hang or crash computers running Windows Vista, Windows 7, and Windows 8.1 just by tricking the user to access a malformed path for a non-existent file. [...]

https://www.bleepingcomputer.com/news/microsoft/filesystem-bug-hangs-or-crashes-windows-7-and-windows-8-1/

FileZilla FTP Client Adds Support for Master Password That Encrypts Your Logins

Following years of criticism and user requests, the FileZilla FTP client is finally adding support for a master password that will act as a key for storing FTP login credentials in an encrypted format. [...]

https://www.bleepingcomputer.com/news/software/filezilla-ftp-client-adds-support-for-master-password-that-encrypts-your-logins/

Google Boots 41 Apps Infected with "Judy" Malware off the Play Store

Google has removed 41 Android apps from the official Play Store. The apps were infected with a new type of malware named Judy, and experts estimate the malware infected between 8.5 and 36.5 million users. [...]

https://www.bleepingcomputer.com/news/security/google-boots-41-apps-infected-with-judy-malware-off-the-play-store/

The Week in Ransomware - May 26th 2017 - AES-NI, Jaff, & Decryptors

This week was a busy with lots of little variants discussed below and a new version of the Jaff Ransomware circulating via MALSPAM. The big news is that AES-NI decided to close shop and has starting releasing the master decryption keys so people can get their files back for free. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-26th-2017-aes-ni-jaff-and-decryptors/