Cerber Ransomware Can Now Steal Browser Passwords, Bitcoin Wallet Data

The Cerber ransomware has received an update that allows it to collect and steal data from a victim's computer, similar to an infostealer. [...]

https://www.bleepingcomputer.com/news/security/cerber-ransomware-can-now-steal-browser-passwords-bitcoin-wallet-data/

New Google Algorithm Downranks Android Apps That Crash Your Phone

Google announced yesterday a new Play Store search and ranking algorithm that takes into account an Android application's performance metrics. [...]

https://www.bleepingcomputer.com/news/mobile/new-google-algorithm-downranks-android-apps-that-crash-your-phone/

JavaScript Packages Caught Stealing Environment Variables

On August 1, npm Inc. — the company that runs the biggest JavaScript package repository — removed 38 JavaScript npm packages that were caught stealing environment variables from infected projects. [...]

https://www.bleepingcomputer.com/news/security/javascript-packages-caught-stealing-environment-variables/

Microsoft Will Not Patch SMBLoris Vulnerability

Microsoft has declined to patch a vulnerability in the Server Message Block (SMB) file sharing protocol that affects all versions of the Windows operating system released in the past two decades, since Windows 2000. [...]

https://www.bleepingcomputer.com/news/security/microsoft-will-not-patch-smbloris-vulnerability/

Hackers Leak Game of Thrones Season 7 Episode 4 Online

Earlier today, the hackers who announced they breached HBO over the weekend leaked the fourth episode of Game of Thrones season 7 on platforms such as Vidme and Google Drive. [...]

https://www.bleepingcomputer.com/news/security/hackers-leak-game-of-thrones-season-7-episode-4-online/

The Week in Ransomware - August 4th 2017 - GlobeImposter, NotPetya, and More

It has been a week heavily dominated by GlobeImposter variants being released here and there and smaller ransomware variants with little or no distribution. We also saw news about companies still being affected by the NotPetya attack. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-august-4th-2017-globeimposter-notpetya-and-more/

MalwareTech Pleads Not Guilty to Creating Kronos Trojan, To Be Released on Bail

Marcus Hutchins, the security researcher known as MalwareTech, has pleaded not guilty to today in a Las Vegas court to charges of creating and updating the Kronos banking trojan, according to his lawyer Adrian Marie Lobo. [...]

https://www.bleepingcomputer.com/news/security/malwaretech-pleads-not-guilty-to-creating-kronos-trojan-to-be-released-on-bail/

Companies Can't Use Keyloggers to Spy on Employees, Says German Court

The German Federal Labour Court has ruled that companies can't install keyloggers to monitor employees because such an action violates personal privacy rights. [...]

https://www.bleepingcomputer.com/news/security/companies-cant-use-keyloggers-to-spy-on-employees-says-german-court/

Disney Sued for Tracking Children Without Permission via Mobile Games

A disgruntled parent has filed a lawsuit against Disney and three software developers for collecting personal information about her kid via the company's mobile games. [...]

https://www.bleepingcomputer.com/news/legal/disney-sued-for-tracking-children-without-permission-via-mobile-games/

Researchers Put Windows Defender in a Sandbox to Show Microsoft How It's Done

Software experts from Trail of Bits — a well-known security R&D company — have sandboxed Windows Defender, the default antivirus solution that ships with recent Windows editions. [...]

https://www.bleepingcomputer.com/news/security/researchers-put-windows-defender-in-a-sandbox-to-show-microsoft-how-its-done/

New Version of Dangerous Android Malware Sold on Russian Hacking Forum

A new version of the Svpeng Android banking trojan has started making victims during the past month, and at the origin of this sudden surge in activity is a criminal selling a new and improved version of Svpeng on a Russian underground hacking forum. [...]

https://www.bleepingcomputer.com/news/security/new-version-of-dangerous-android-malware-sold-on-russian-hacking-forum/

Cyber-Attack on Solar Panels Could Shut Down Power Grids via Domino Effect

New research released on Friday, August 4, reveals the existence of multiple vulnerabilities in the products of the leading provider of photovoltaic panels, which if exploited in mass by a determined attacker could lead to a shutdown of one or more countries' power grids because of a domino effect. [...]

https://www.bleepingcomputer.com/news/security/cyber-attack-on-solar-panels-could-shut-down-power-grids-via-domino-effect/

You Can Trick Self-Driving Cars by Defacing Street Signs

A team of eight researchers has discovered that by altering street signs, an adversary could confuse self-driving cars and cause their machine-learning systems to misclassify signs and take wrong decisions, potentially putting the lives of passengers in danger. [...]

https://www.bleepingcomputer.com/news/security/you-can-trick-self-driving-cars-by-defacing-street-signs/

Severe Deserialization Issues Also Affect .NET, Not Just Java

The .NET ecosystem is affected by a similar flaw that has wreaked havoc among Java apps and developers in 2016. [...]

https://www.bleepingcomputer.com/news/security/severe-deserialization-issues-also-affect-net-not-just-java/

Chrome Extension Developers Under a Barrage of Phishing Attacks

Google's security team has sent out warnings via email to Chrome extension developers after many of them have been the targets of phishing attacks, some of which have been successful and resulted in crooks taking over extensions. [...]

https://www.bleepingcomputer.com/news/security/chrome-extension-developers-under-a-barrage-of-phishing-attacks/

Cisco Admits to Losing Customer Data in Cloud Service Configuration Snafu

On Friday, last week, Cisco admitted that an engineering gaffe caused the company to lose customer data uploaded before a certain configuration was applied to one of its cloud services. [...]

https://www.bleepingcomputer.com/news/technology/cisco-admits-to-losing-customer-data-in-cloud-service-configuration-snafu/

Firefox 55 Released with Built-In Screenshot Tool, Performance Boosts, and WebVR

Later today, Mozilla is going to officially announce the release of Firefox 55, its browser's latest stable version, one that is packed full of new features and important changes. [...]

https://www.bleepingcomputer.com/news/software/firefox-55-released-with-built-in-screenshot-tool-performance-boosts-and-webvr/

HBO Hackers Dump Script for Game of Thrones Episode 5

The group who announced they hacked HBO last week have leaked new files from the company's servers, via private emails to the press and a website for everyone else. [...]

https://www.bleepingcomputer.com/news/security/hbo-hackers-dump-script-for-game-of-thrones-episode-5/

VPN Provider Accused of Sharing Customer Traffic With Online Advertisers

On Monday, the Center for Democracy & Technology (CDT) — a US-based privacy group — has filed a complaint with the US Federal Trade Commission (FTC) accusing one of today's largest VPN providers of deceptive trade practices. [...]

https://www.bleepingcomputer.com/news/technology/vpn-provider-accused-of-sharing-customer-traffic-with-online-advertisers/

Adobe Patches Security Holes in Flash Player, Acrobat, and Reader

Moments ago, Adobe released its monthly security bulletins and this month the company addressed security flaws in products such as Adobe Flash Player, Adobe Acrobat and Reader, Adobe Experience Manager (enterprise CMS), and Adobe Digital Editions (e-book reader). [...]

https://www.bleepingcomputer.com/news/security/adobe-patches-security-holes-in-flash-player-acrobat-and-reader/

Microsoft's August Patch Tuesday Fixes 48 Security Issues

Microsoft released the August 2017 Patch Tuesday security bulletin, and this month the company fixed 48 security issues in six of its main product categories. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-august-patch-tuesday-fixes-48-security-issues/