Microsoft Makes Edge Browser a Permanent Part of Its Bug Bounty Program

Microsoft promoted today the Edge browser to a permanent spot in its bug bounty program, in which, Edge was only part in a limited role. [...]

https://www.bleepingcomputer.com/news/security/microsoft-makes-edge-browser-a-permanent-part-of-its-bug-bounty-program/

WannaCry Ransomware Infects 55 Speed and Red-Light Cameras in Australia

Fifty-five speed and red-light cameras in the Australia's state of Victoria were infected with the WannaCry ransomware. [...]

https://www.bleepingcomputer.com/news/security/wannacry-ransomware-infects-55-speed-and-red-light-cameras-in-australia/

Locky Ransomware Returns, but Targets Only Windows XP & Vista

The Locky ransomware is back, spreading via a massive wave of spam emails distributed by the Necurs botnet, but the campaign appears to be a half-baked effort because the ransomware is not able to encrypt files on modern Windows OS versions, locking files only on older Windows XP & Vista machines. [...]

https://www.bleepingcomputer.com/news/security/locky-ransomware-returns-but-targets-only-windows-xp-and-vista/

Vault 7: CIA Has Malware for Hacking Air-Gapped Networks via USB Thumb Drives

WikiLeaks dumped today the manuals of several hacking utilities part of Brutal Kangaroo, a CIA malware toolkit for hacking into air-gapped (offline) networks using tainted USB thumb drive. [...]

https://www.bleepingcomputer.com/news/security/vault-7-cia-has-malware-for-hacking-air-gapped-networks-via-usb-thumb-drives/

Chrome and Firefox Headless Modes May Spur New Adware & Clickfraud Tactics

During the past month, both Google and Mozilla developers have added support in their respective browsers for "headless mode," a mechanism that allows browsers to run silently in the OS background and with no visible GUI. [...]

https://www.bleepingcomputer.com/news/security/chrome-and-firefox-headless-modes-may-spur-new-adware-and-clickfraud-tactics/

Two Men Arrested for Hacking Microsoft

British police announced today they arrested two suspects part of an international group that hacked into Microsoft's network. [...]

https://www.bleepingcomputer.com/news/security/two-men-arrested-for-hacking-microsoft/

New GhostHook Attack Bypasses Windows PatchGuard Protections

Security experts have discovered a method of bypassing Windows PatchGuard protections and hooking malicious code into the Windows kernel, which allows an attacker to plant rootkits on systems previously thought to be impregnable. [...]

https://www.bleepingcomputer.com/news/security/new-ghosthook-attack-bypasses-windows-patchguard-protections/

RIG Exploit Kit Usage Declines as Browsers Are Getting Harder to Hack

Another major exploit kit (EK) looks like it's heading for the EK graveyard as activity from the RIG EK has fallen to less than 25% of what the exploit kit used to handle three months ago, in March 2017. [...]

https://www.bleepingcomputer.com/news/security/rig-exploit-kit-usage-declines-as-browsers-are-getting-harder-to-hack/

FBI: Victims Aren't Reporting Ransomware Attacks

Despite being an expanding threat, ransomware infections are rarely reported to law enforcement agencies, according to conclusions from the 2016 Internet Crime Report, released yesterday by the FBI's Internet Crime Complaint Center (IC3). [...]

https://www.bleepingcomputer.com/news/security/fbi-victims-arent-reporting-ransomware-attacks/

Former CIA Officer Arrested for Selling Top Secret Files to Chinese Operatives

A former CIA agent was arrested and arraigned in court yesterday on accusations of selling top secret documents to Chinese intelligence officers disguised as members of a Chinese think tank. [...]

https://www.bleepingcomputer.com/news/government/former-cia-officer-arrested-for-selling-top-secret-files-to-chinese-operatives/

The Week in Ransomware - June 23rd 2017 - A Fricken 1 Million Dollar Ransom Payment

What a crazy week. The biggest news is that we had a hosting company who actually paid a 1 million dollar (think Dr. Evil) ransomware payment. We then had the return of Locky, which at one point was the preminent ransomware being distributed. Will have to see if it can become king of the hill again. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-23rd-2017-a-fricken-1-million-dollar-ransom-payment/

Windows 10 Source Code, Internal Builds Allegedly Leak Online

An unknown person has uploaded online over 32TB of Windows 10 internal builds, along with some of the operating system's source code. The data was uploaded on BetaArchive, an Internet forum dedicated to archiving software beta builds so users and developers can track how a project evolved over time. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-source-code-internal-builds-allegedly-leak-online/

Koler Android Ransomware Targets the US with Fake PornHub Apps

During the past week, US users visiting adult-themed sites were targeted by ads for a fake PornHub app that contained a version of the Koler ransomware. [...]

https://www.bleepingcomputer.com/news/security/koler-android-ransomware-targets-the-us-with-fake-pornhub-apps/

Google to Stop Scanning Gmail Inboxes for Advertising Purposes

Google announced yesterday plans to stop scanning users' Gmail inboxes for advertising purposes, a decision that in theory should improve users' privacy, but in reality, it does not. [...]

https://www.bleepingcomputer.com/news/google/google-to-stop-scanning-gmail-inboxes-for-advertising-purposes/

Fired Employee Hacks and Shuts Down Smart Water Readers in Five US Cities

A Pennsylvania judge has sentenced Adam Flanagan, 42, of Bala Cynwyd, PA to one year and one day in prison for hacking and damaging the IT networks of several water utility providers across the US East Coast. The sentence was passed down last week for crimes committed in the spring of 2014. [...]

https://www.bleepingcomputer.com/news/security/fired-employee-hacks-and-shuts-down-smart-water-readers-in-five-us-cities/

PRMitM: Attackers Can Hide Password Resets Inside Account Registrations

A research paper published by four Israeli scientists details a new attack called PRMitM, or the "Password Reset Man-in-the-Middle," in which attackers hide password reset interactions for a user's legitimate profile inside account registration interactions on another site. [...]

https://www.bleepingcomputer.com/news/security/prmitm-attackers-can-hide-password-resets-inside-account-registrations/

UK Govt Wants Encryption Backdoors but Can't Even Protect Its Email Servers From a Brute-Force Attack

A "determined" attacker has breached the email system of the UK Parliament over the weekend, according to a statement put out by the UK government on Sunday afternoon. [...]

https://www.bleepingcomputer.com/news/security/uk-govt-wants-encryption-backdoors-but-cant-even-protect-its-email-servers-from-a-brute-force-attack/

Chrome Beats Edge in Independent Battery Life Test Despite Microsoft's Claims

A YouTuber has taken it into his hands to resolve the silent war over battery life benchmarks currently raging between Microsoft, Google, and Opera. [...]

https://www.bleepingcomputer.com/news/technology/chrome-beats-edge-in-independent-battery-life-test-despite-microsofts-claims/

$1 Million Ransomware Payment Has Spurred New DDoS-for-Bitcoin Attacks

The $1 million ransom payment paid last week by South Korean web hosting company Nayana has sparked new extortion attempts on South Korean companies. [...]

https://www.bleepingcomputer.com/news/security/-1-million-ransomware-payment-has-spurred-new-ddos-for-bitcoin-attacks/

New Shifr RaaS Lets Any Dummy Enter the Ransomware Business

Several security researchers have spotted a new Ransomware-as-a-Service (RaaS) portal over the weekend that lets anyone generate their own ransomware executable just by filling in three form fields and pressing a button. [...]

https://www.bleepingcomputer.com/news/security/new-shifr-raas-lets-any-dummy-enter-the-ransomware-business/

No Windows Fix Just yet for the Intel Bug That Crashes CPUs

Some Intel CPU models are affected by a bug that crashes computers when a certain sequence of operations are being processed. [...]

https://www.bleepingcomputer.com/news/hardware/no-windows-fix-just-yet-for-the-intel-bug-that-crashes-cpus/