Systemd Bug Lets Attackers Hack Linux Boxes via Malicious DNS Packets

A bug in systemd — an init system used in many Linux distributions to start and manage processes — allows an attacker to crash or take over machines via malicious DNS packets. [...]

https://www.bleepingcomputer.com/news/security/systemd-bug-lets-attackers-hack-linux-boxes-via-malicious-dns-packets/

Microsoft Announces "Controlled Folder Access" to Fend Off Crypto-Ransomware

This fall, Microsoft plans to release a new Windows Defender feature called Controlled Folder Access, which blocks and blacklists unauthorized apps from making changes to files located inside specially-designated folders. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-controlled-folder-access-to-fend-off-crypto-ransomware/

Cerber Renames Itself as CRBR ENCRYPTOR to Be a PITA

Ransomware developers are really trying to screw with us this week. This is shown with the CERBER Ransomware suddenly deciding to change its name to CRBR Encryptor. It's bad enough what they do with victims, now they just want to be a PITA? [...]

https://www.bleepingcomputer.com/news/security/cerber-renames-itself-as-crbr-encryptor-to-be-a-pita/

Ransomware Attacks Continue in Ukraine with Mysterious WannaCry Clone

A fourth ransomware campaign focused on Ukraine has surfaced today, following some of the patterns seen in past ransomware campaigns that have been aimed at the country, such as XData, PScrypt, and the infamous NotPetya. [...]

https://www.bleepingcomputer.com/news/security/ransomware-attacks-continue-in-ukraine-with-mysterious-wannacry-clone/

More Security Firms Confirm NotPetya Shoddy Code Is Making Recovery Impossible

The bandwagon of cyber-security firms claiming that NotPetya was meant for destructive purposes is getting more crowded by the day, with three new additions from Cisco Talos, F-Secure, and Malwarebytes. [...]

https://www.bleepingcomputer.com/news/security/more-security-firms-confirm-notpetya-shoddy-code-is-making-recovery-impossible/

"Eternal Blues" Tool Tests Computers Against NSA's ETERNALBLUE Exploit

Security researcher Elad Erez has created a tool named Eternal Blues that system administrators can use to test if computers on their network are vulnerable to exploitation via NSA's ETERNALBLUE exploit. [...]

https://www.bleepingcomputer.com/news/software/-eternal-blues-tool-tests-computers-against-nsas-eternalblue-exploit/

OutlawCountry Is CIA's Malware for Hacking Linux Systems

WikiLeaks dumped today a manual describing a new CIA malware strain. Called OutlawCountry, this is malware designed for Linux operating systems. [...]

https://www.bleepingcomputer.com/news/security/outlawcountry-is-cias-malware-for-hacking-linux-systems/

The Week in Ransomware - June 30th 2017 - NotPetya

It has been another crazy week when it comes to ransomware due to the NotPetya outbreak. This ransomware/destructive malware played havok all over the world, but especially the Ukraine, when it was unleashed on Tuesday. Other than that, the rest of the ransomware news was basically small variants being developed or released. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-30th-2017-notpetya/

Hacker "Incursio" Gets Two Years in Prison for Hacking CIA, DHS, DOJ, and FBI

A young man guilty of hacking several three-letter US agencies has been sentenced today to two years in prison, according to a press release from the Department of Justice. [...]

https://www.bleepingcomputer.com/news/security/hacker-incursio-gets-two-years-in-prison-for-hacking-cia-dhs-doj-and-fbi/

Security Firms Find Thin Lines Connecting NotPetya to Ukraine Power Grid Attacks

On Friday, three cyber-security firms have come forward with reports or statements that link the NotPetya ransomware outbreak to a cyber-espionage group known for a large number of past cyber-attacks, such as the one on Ukraine's power grid in December 2015. [...]

https://www.bleepingcomputer.com/news/security/security-firms-find-thin-lines-connecting-notpetya-to-ukraine-power-grid-attacks/

Man Pleads Guilty to Stealing Bitcoin From Other Dark Web Criminals

A Connecticut man pleaded guilty last week to stealing Bitcoin from users of Dark Web marketplaces, said the Department of Justice on Tuesday. [...]

https://www.bleepingcomputer.com/news/security/man-pleads-guilty-to-stealing-bitcoin-from-other-dark-web-criminals/

Classic Ether Wallet Hacked, Users Report Massive Losses

An unknown attacker has gained control over the web domain of Classic Ether Wallet, a client-side wallet system for the Ethereum Classic (ETC) cryptocurrency. [...]

https://www.bleepingcomputer.com/news/security/classic-ether-wallet-hacked-users-report-massive-losses/

There Are Only 25 Devices That Respect Your Privacy

Last week, the Free Software Foundation (FSF) awarded new certifications in the Respects Your Freedom (RYF) program that highlights hardware vendors and devices that respect user privacy and allow the user full control over his device. [...]

https://www.bleepingcomputer.com/news/hardware/there-are-only-25-devices-that-respect-your-privacy/

Data of Google Employees Exposed in Sabre Breach

The personal details of a small number of Google staffers have been exposed, according to a notification letter Google has started sending to affected employees. [...]

https://www.bleepingcomputer.com/news/security/data-of-google-employees-exposed-in-sabre-breach/

UK Teen Charged with Running DDoS Booter Service

UK authorities have charged an eighteen-year-old with running a DDoS booter service that was used to launch DDoS attacks on legitimate businesses across the world. [...]

https://www.bleepingcomputer.com/news/security/uk-teen-charged-with-running-ddos-booter-service/

Microsoft Announces New Wave of Nagging Popups

On Friday, Microsoft announced details about two new types of nagging popups that Windows 10 users are going to be seeing starting this week. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-new-wave-of-nagging-popups/

This Spam Service Will Charge $25 to Stop Spamming You

A Dark Web service specialized in Jabber/XMPP spam is offering spamées the option of stopping all incoming messages for a small fee of 0.01 Bitcoin, which comes down to around $25. [...]

https://www.bleepingcomputer.com/news/security/this-spam-service-will-charge-25-to-stop-spamming-you/

Researchers Extract RSA-1024 Keys from Popular Crypto Library

A team of eight researchers from various universities has found a bug in the Libcrypto library that allows an attacker with local access to extract the RSA-1024 private key that was used to encrypt local data. [...]

https://www.bleepingcomputer.com/news/security/researchers-extract-rsa-1024-keys-from-popular-crypto-library/

Ukrainian Police Seize Servers From Where NotPetya Outbreak First Spread

Ukrainian Police announced today it seized the servers from where the NotPetya ransomware outbreak first started to spread. [...]

https://www.bleepingcomputer.com/news/security/ukrainian-police-seize-servers-from-where-notpetya-outbreak-first-spread/

Horcrux Is a Password Manager Designed for Security and Paranoid Users

Two researchers from the University of Virginia have developed a new password manager prototype that works quite differently from existing password manager clients. [...]

https://www.bleepingcomputer.com/news/security/horcrux-is-a-password-manager-designed-for-security-and-paranoid-users/

Fourth Largest Cryptocurrency Exchange Was Hacked. Users Lose Ethereum & Bitcoin

Bithumb, the world's fourth largest cryptocurrency exchange by volume, confirmed a security incident during which an unknown hacker was able to make off with an yet undetermined amount of funds. [...]

https://www.bleepingcomputer.com/news/security/fourth-largest-cryptocurrency-exchange-was-hacked-users-lose-ethereum-and-bitcoin/