Magala Trojan Uses Virtual Desktops to Secretly Click on Search Results Ads

A new click-fraud trojan is infecting Windows computers and using virtual desktops to click on ads in search results to earn a profit for its creator(s). [...]

https://www.bleepingcomputer.com/news/security/magala-trojan-uses-virtual-desktops-to-secretly-click-on-search-results-ads/

PSA: Don't Open SPAM Containing Password Protected Word Docs

I wanted to alert everyone of a new malware distributing SPAM that I just received that contains a password protected Word document, which pretends to be about a payment I would be receiving shortly. As I always love free money, I had to take a look and see what I was getting for free.   [...]

https://www.bleepingcomputer.com/news/security/psa-dont-open-spam-containing-password-protected-word-docs/

Data of 14 Million Verizon Customers Exposed in Server Snafu

Sensitive data for around 14 million Verizon customers was exposed online because a third-party contractor forgot to limit external access to an Amazon S3 server. [...]

https://www.bleepingcomputer.com/news/security/data-of-14-million-verizon-customers-exposed-in-server-snafu/

Decrypted: Emsisoft Releases a Decryptor for NemucodAES Ransomware

Fabian Wosar of Emsisoft has been able to crack the decryption used by the NemucodAES ransomware so that victims can get their files back for free. This guide will walk you through using the decryptor and provide a brief explanation on the NemucodAES Ransomware. [...]

https://www.bleepingcomputer.com/news/security/decrypted-emsisoft-releases-a-decryptor-for-nemucodaes-ransomware/

Scammer Uses Fake Tor Browser to Lure Victims to Supposed Dark Web Marketplace

A new malicious app disguised as a modified version of the Tor Browser is targeting users looking to buy illegal products off the Dark Web. [...]

https://www.bleepingcomputer.com/news/security/scammer-uses-fake-tor-browser-to-lure-victims-to-supposed-dark-web-marketplace/

Hackers Are Using Automated Scans to Target Unfinished WordPress Installs

Experts from security firm Wordfence say they have observed a new type of web attack that took aim at unfinished WordPress installations. [...]

https://www.bleepingcomputer.com/news/security/hackers-are-using-automated-scans-to-target-unfinished-wordpress-installs/

Vault 7: CIA Developed Android Malware That Works as an SMS Proxy

WikiLeaks published today the manual of another CIA hacking tool part of the Vault 7 leak series. This tool is referenced internally at the CIA under the name of HighRise and is an Android application for intercepting and redirecting SMS messages to a remote web server. [...]

https://www.bleepingcomputer.com/news/security/vault-7-cia-developed-android-malware-that-works-as-an-sms-proxy/

"Particle" Chrome Extension Sold to New Dev Who Immediately Turns It Into Adware

A company is going around buying abandoned Chrome extensions from their original developers and converting these add-ons into adware. [...]

https://www.bleepingcomputer.com/news/security/-particle-chrome-extension-sold-to-new-dev-who-immediately-turns-it-into-adware/

Microsoft Adds Protection Against Process Hollowing and Atom Bombing

Microsoft has worked on adding security protections against two forms of code injection techniques known as process hollowing and atom bombing. [...]

https://www.bleepingcomputer.com/news/security/microsoft-adds-protection-against-process-hollowing-and-atom-bombing/

App Finds More Than 50,000 Computers Vulnerable to ETERNALBLUE Exploit

The developer of a tool named Eternal Blues that scans for computers vulnerable to the NSA's ETERNALBLUE exploit has published statistics gathered from the app's usage. [...]

https://www.bleepingcomputer.com/news/security/app-finds-more-than-50-000-computers-vulnerable-to-eternalblue-exploit/

Microsoft Adds Password Recovery Option to Windows 10 Lockscreen

Microsoft added a password recovery option to the Windows 10 locksreen for users that use a Microsoft account to log into their computer. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-adds-password-recovery-option-to-windows-10-lockscreen/

AlphaBay Dark Web Market Taken Down After Law Enforcement Raids

AlphaBay, an online marketplace that sold illegal products on the Dark Web, has been taken offline following raids in three countries, according to several reports. [...]

https://www.bleepingcomputer.com/news/security/alphabay-dark-web-market-taken-down-after-law-enforcement-raids/

New Ovidiy Stealer Malware Sold on Russian Site

A Russia-speaking malware developer going by the name of "TheBottle" has started selling a new infostealer with the name of Ovidiy Stealer. [...]

https://www.bleepingcomputer.com/news/security/new-ovidiy-stealer-malware-sold-on-russian-site/

21-Year-Old Bug in Kerberos Protocol Gets Patch in Windows, Linux

Two implementations of the Kerberos authentication protocol received patches this week against a vulnerability that allowed a threat actor to bypass authentication procedures. [...]

https://www.bleepingcomputer.com/news/security/21-year-old-bug-in-kerberos-protocol-gets-patch-in-windows-linux/

Google to Replace SMS Codes With Mobile Prompts in 2-Step-Verification Procedure

Starting next week Google will overhaul its two-step verification (2SV) procedure and replace one-time codes sent via SMS with prompts shown on the user's smartphone. [...]

https://www.bleepingcomputer.com/news/google/google-to-replace-sms-codes-with-mobile-prompts-in-2-step-verification-procedure/

New Exte CryptoMix Ransomware Variant Released

A new variant of the CryptoMix Ransomware was discovered that appends the .EXTE extension to encrypted files. This articles provides a brief overview of what has changed in this new version. [...]

https://www.bleepingcomputer.com/news/security/new-exte-cryptomix-ransomware-variant-released/

The Week in Ransomware - July 14th 2017 - NemucodAES, LeakerLocker, and More

It has been a slow week in terms of new releases, which is always a good thing. Still lots of small crapware being released that will never have much wide distribution. We also have some good news, which is the release of a NemucodAES decryptor by Emsisoft. This allows victims of this ransomware to get their files back for free. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-14th-2017-nemucodaes-leakerlocker-and-more/

DHS Ramps up Program to Scan People's Faces When They Leave the US

Air travelers taking international flights from US airports will soon have to submit to a face scan before boarding their plane. [...]

https://www.bleepingcomputer.com/news/government/dhs-ramps-up-program-to-scan-peoples-faces-when-they-leave-the-us/

Experts Recover AES256 Encryption Key From a PC's Electromagnetic Emissions

A team of researchers from Fox-IT and Riscure has put together a device using off-the-shelve electronic parts that deduces encryption keys using only electromagnetic emissions coming from a nearby computer. [...]

https://www.bleepingcomputer.com/news/security/experts-recover-aes256-encryption-key-from-a-pcs-electromagnetic-emissions/

Damages From a Well Executed Cyber Attack Could Reach $121.4 Billion

Lloyd's of London, one of the world's largest insurers, warns that a well executed cyber attack could cause damages around to world ranging from $53.1 billion to $121.4 billion, according to a report the company released today. [...]

https://www.bleepingcomputer.com/news/business/damages-from-a-well-executed-cyber-attack-could-reach-121-4-billion/

GhostCtrl Is an Android RAT That Also Doubles as Ransomware

A new Android RAT (Remote Access Trojan) detected under the name of GhostCtrl can lock mobile device by resetting their PIN and display a ransom note to infected victims. [...]

https://www.bleepingcomputer.com/news/security/ghostctrl-is-an-android-rat-that-also-doubles-as-ransomware/