Japanese Police Arrest Their First-Ever Ransomware Author

Japanese police have arrested a 14-year-old teen on accusations of creating ransomware and uploading the code online. [...]

https://www.bleepingcomputer.com/news/security/japanese-police-arrest-their-first-ever-ransomware-author/

Car Thieves Everywhere Rejoice as Unsecured Database Exposes 10 Million Car VINs

For 137 days now, a yet to be identified company has left a database containing over 10 million Vehicle Identification Numbers (VINs) exposed online with no authentication. [...]

https://www.bleepingcomputer.com/news/security/car-thieves-everywhere-rejoice-as-unsecured-database-exposes-10-million-car-vins/

US Charges NSA Contractor Over Leak of Russia Hacking Report

The US Department of Justice (DOJ) has filed official charges against a 25-year-old woman, Reality Leigh Winner, of Augusta, Georgia, for leaking classified material to the press. [...]

https://www.bleepingcomputer.com/news/government/us-charges-nsa-contractor-over-leak-of-russia-hacking-report/

Malware Uses Router LEDs to Steal Data From Secure Networks

Specially-designed malware installed on a router or a switch can take control over the device's LEDs and use them to transmit data in a binary format to a nearby attacker, who can capture it using simple video recording equipment. [...]

https://www.bleepingcomputer.com/news/security/malware-uses-router-leds-to-steal-data-from-secure-networks/

Russian State Hackers Use Britney Spears Instagram Posts to Control Malware

A cyber-espionage group known as Turla — believed to be the cyber-arm of Russian intelligence — has been playing around with a backdoor trojan disguised as a Firefox extension that uses comments on Britney Spears Instagram photos to store the location of its command and control (C&C) server. [...]

https://www.bleepingcomputer.com/news/security/russian-state-hackers-use-britney-spears-instagram-posts-to-control-malware/

Researchers Port NSA EternalBlue Exploit to Windows 10

Experts at RiskSense have ported the leaked NSA exploit named ETERNALBLUE for the Windows 10 platform. This is the same exploit that was used by the WannaCry ransomware as part of its SMB self-spreading worm in the mid-May WannaCry outbreak that affected over millions of computers across the world. [...]

https://www.bleepingcomputer.com/news/security/researchers-port-nsa-eternalblue-exploit-to-windows-10/

Self-Downloading Android Malware Target Users in the US, UK, and France

A malvertising campaign detected on a popular forum is forcibly downloading an Android app on users' devices, which later installs a second app with more intrusive features and which is almost impossible to remove without flashing the user's phone. [...]

https://www.bleepingcomputer.com/news/security/self-downloading-android-malware-target-users-in-the-us-uk-and-france/

Technical Glitch Triggers Nightmare Scenario for Filipino Bank

Chaos reigned in the Philippines yesterday as one of the country's main banks had to shut down ATM withdrawals and online transactions amid rumors of getting hacked. [...]

https://www.bleepingcomputer.com/news/technology/technical-glitch-triggers-nightmare-scenario-for-filipino-bank/

Some Old WiMAX Routers Contain OEM Backdoors

Some older routers built on the WiMAX technology contain backdoor accounts that appear to have been introduced somewhere along the devices' supply chain. [...]

https://www.bleepingcomputer.com/news/security/some-old-wimax-routers-contain-oem-backdoors/

Linux Malware Mines for Cryptocurrency Using Raspberry Pi Devices

A Linux trojan detected under the generic name of Linux.MulDrop.14 is infecting Raspberry Pi devices with the purpose of mining cryptocurrency. [...]

https://www.bleepingcomputer.com/news/security/linux-malware-mines-for-cryptocurrency-using-raspberry-pi-devices/

Malware Uses Obscure Intel CPU Feature to Steal Data and Avoid Firewalls

Microsoft's security team has come across a malware family that uses Intel's Active Management Technology (AMT) Serial-over-LAN (SOL) interface as a file transfer tool. [...]

https://www.bleepingcomputer.com/news/security/malware-uses-obscure-intel-cpu-feature-to-steal-data-and-avoid-firewalls/

Boatload of Security Flaws Make Fosscam IP Cameras Absolutely Useless

IP cameras manufactured by Chinese vendor Fosscam are riddled with security flaws that allow an attacker to take over the device and penetrate your network. [...]

https://www.bleepingcomputer.com/news/security/boatload-of-security-flaws-make-fosscam-ip-cameras-absolutely-useless/

Chinese Police Arrest 22 Apple Contractors for Selling Customer Data

Chinese authorities announced yesterday they arrested 22 people on accusations of stealing private information on Apple customers and selling the data online. [...]

https://www.bleepingcomputer.com/news/apple/chinese-police-arrest-22-apple-contractors-for-selling-customer-data/

Google Removes App Infested with New and Deadly DVMap Trojan From the Play Store

Google's security team removed an Android app named "colourblock" from the official Play Store after security researchers from Kaspersky Labs discovered a dangerous trojan hidden inside it. [...]

https://www.bleepingcomputer.com/news/security/google-removes-app-infested-with-new-and-deadly-dvmap-trojan-from-the-play-store/

CertLock Trojan Blocks Security Programs by Disallowing Their Certificates

A new Trojan called CertLock blocks Windows security vendor's programs from being installed or running by blocking their certificates in Windows. This is a continuing trend where adware and unwanted program purveyors are installing protection programs to try and block users from cleaning their computers. [...]

https://www.bleepingcomputer.com/news/security/certlock-trojan-blocks-security-programs-by-disallowing-their-certificates/

Android Smartphones Targeted by WannaCry Lookalike

Crooks in China have developed an Android ransomware that uses similar graphics to the WannaCry ransom note in an attempt to scare and trick users into quickly paying the ransom. [...]

https://www.bleepingcomputer.com/news/security/android-smartphones-targeted-by-wannacry-lookalike/

No Known Ransomware Works Against Windows 10 S

No currently known ransomware strain can infect Windows 10 S, said Microsoft today with the release of a new report detailing the next-get ransomware protection features the company introduced with the release of the Windows 10 Creators Update last month. [...]

https://www.bleepingcomputer.com/news/security/no-known-ransomware-works-against-windows-10-s/

Game Studio Behind Witcher 3 Held for Ransom Over Stolen Files

CD Projekt Red, the Polish studio maker behind the insanely popular The Witcher 3 RPG, has suffered a data breach and now the attacker is holding the company for ransom, threatening to release stolen files if the game maker doesn't pay an undisclosed sum of money. [...]

https://www.bleepingcomputer.com/news/security/game-studio-behind-witcher-3-held-for-ransom-over-stolen-files/

Researcher Wants to Protect Whistleblowers Against Hidden Printer Dots

Gabor Szathmari, a security researcher for CryptoAUSTRALIA, is working on a method of improving the security of leaked documents by removing hidden dots left behind by laser printers, which are usually used to watermark documents and track down leakers. [...]

https://www.bleepingcomputer.com/news/security/researcher-wants-to-protect-whistleblowers-against-hidden-printer-dots/

New Deal: 94% off the Full Stack JavaScript Bundle

Today's deal is for a course bundle with over 55 hours of training in how to program in Javascript and get started in MongoDB. This bundle is normally priced at $719, but has been discounted 94% to $38 as part of this deal. Please note that certificates of completion are not included with this deal. [...]

https://www.bleepingcomputer.com/news/security/new-deal-94-percent-off-the-full-stack-javascript-bundle/

Tech Support Scammers Lose Their "Hard Earned" Money in FTC Settlements

The US Federal Trade Commission (FTC) has settled with a collective of tech support scammers, who were forced to forfeit assets valued at nearly $6 million. [...]

https://www.bleepingcomputer.com/news/legal/tech-support-scammers-lose-their-hard-earned-money-in-ftc-settlements/