GoDaddy Has the Best Password Practices, Netflix, Spotify, Uber Have the Worst

The team at Dashlane — a password manager app — has analyzed the password policies of 40 popular online services and has discovered that not all websites are alike when it comes to password security, but some are worse than others. [...]

https://www.bleepingcomputer.com/news/security/godaddy-has-the-best-password-practices-netflix-spotify-uber-have-the-worst/

Hackers Leak More HBO Shows but No Game of Thrones This Week

Earlier today, the hacker group that goes by the pseudonym of Mr. Smith has leaked more data from HBO servers. This time around the hackers leaked a plethora of unaired episodes from ten different HBO shows. [...]

https://www.bleepingcomputer.com/news/security/hackers-leak-more-hbo-shows-but-no-game-of-thrones-this-week/

Leading White Supremacy Site Gets Booted off GoDaddy's Network

GoDaddy has informed The Daily Stormer, the top white supremacy site in the US, to find a new web host following a denigrating post against the woman who died over the weekend in Charlottesville, Virginia. [...]

https://www.bleepingcomputer.com/news/security/leading-white-supremacy-site-gets-booted-off-godaddys-network/

Mozilla Will Kill Legacy Firefox Add-Ons in Exactly Three Months

On November 14 Mozilla will take the biggest gamble in its long history when the organization will ship Firefox 57, the first version of its browser that will stop supporting legacy Firefox add-ons. [...]

https://www.bleepingcomputer.com/news/software/mozilla-will-kill-legacy-firefox-add-ons-in-exactly-three-months/

Four Suspects Arrested in India for Leaking Game of Thrones Episode

Indian authorities have announced they arrested four suspects on suspicion of leaking episode 4 of Game of Thrones season 7, titled "Spoils of War." [...]

https://www.bleepingcomputer.com/news/security/four-suspects-arrested-in-india-for-leaking-game-of-thrones-episode/

New Disdain Exploit Kit Sold on Underground Hacking Forums

A malware developer using the pseudonym of Cehceny is currently advertising a new exploit kit on underground hacking forums. [...]

https://www.bleepingcomputer.com/news/security/new-disdain-exploit-kit-sold-on-underground-hacking-forums/

DOJ Asks DreamHost to Reveal IP Addresses of All Who Visited Anti-Trump Website

DreamHost — a US-based web hosting provider — revealed today that the Department of Justice (DOJ) had issued a search warrant in an attempt to obtain details about one of its customers, and the people who visited its website. [...]

https://www.bleepingcomputer.com/news/government/doj-asks-dreamhost-to-reveal-ip-addresses-of-all-who-visited-anti-trump-website/

Office Exploit Gets New Life With PowerPoint Variation

Over the past few months, an Office vulnerability has become one of the most popular and efficient ways of delivering malware to vulnerable computers. [...]

https://www.bleepingcomputer.com/news/security/office-exploit-gets-new-life-with-powerpoint-variation/

Hacker Helps Family Recover Minivan After Losing One-Of-A-Kind Car Key

After getting locked out of their Toyota Estima minivan for almost two months, a Canadian family has regained access to their car after a hacker agreed to help them. [...]

https://www.bleepingcomputer.com/news/technology/hacker-helps-family-recover-minivan-after-losing-one-of-a-kind-car-key/

Millions of RDP Endpoints Exposed Online and Ready for Bad Things

An Internet-wide scan carried out by security researchers from Rapid7 has discovered over 11 million devices with 3389/TCP ports left open online, of which over 4.1 million are specifically speaking the RDP protocol. [...]

https://www.bleepingcomputer.com/news/security/millions-of-rdp-endpoints-exposed-online-and-ready-for-bad-things/

White Supremacy Site Moves to the Dark Web After Being Spurned by GoDaddy, Google, and Zoho

The Daily Stormer, the most well known of all white supremacy online portals, was forced to move today to the Dark Web after various service providers dropped the site from their infrastructure. [...]

https://www.bleepingcomputer.com/news/technology/white-supremacy-site-moves-to-the-dark-web-after-being-spurned-by-godaddy-google-and-zoho/

2016 Open-Source Repo Continues to Fuel the PHP Server Ransomware Scene

A PHP ransomware project open-sourced on GitHub is still spawning active threats, more than a year after it was released in early 2016. [...]

https://www.bleepingcomputer.com/news/security/2016-open-source-repo-continues-to-fuel-the-php-server-ransomware-scene/

Eight Chrome Extensions Hijacked to Deliver Malicious Code to 4.8 Million Users

Six more developers have had their Chrome extensions hijacked in the past four months, according to new evidence surfaced yesterday by Proofpoint researcher Kafeine. [...]

https://www.bleepingcomputer.com/news/security/eight-chrome-extensions-hijacked-to-deliver-malicious-code-to-4-8-million-users/

Lone Nigerian Hacker Behind Hacks at 4,000 Organizations

One lone hacker operating out of Lagos, Nigeria was able to hack into over 4,000 organizations across the globe using basic techniques and antiquated tools, according to an investigation by researchers at Check Point. [...]

https://www.bleepingcomputer.com/news/security/lone-nigerian-hacker-behind-hacks-at-4-000-organizations/

Backdoor Found in Enterprise Software Used by Banks, Tech, and Energy Companies

A group with possible links to Chinese hackers has managed to break into the servers of NetSarang — a South Korean software maker — and has hidden a backdoor in the company's software packages. [...]

https://www.bleepingcomputer.com/news/security/backdoor-found-in-enterprise-software-used-by-banks-tech-and-energy-companies/

Pulse Wave - New DDoS Assault Pattern Discovered

A new method of carrying out DDoS attacks named Pulse Wave is causing problems to certain DDoS mitigation solutions, allowing attackers to down servers previously thought to be secured. [...]

https://www.bleepingcomputer.com/news/security/pulse-wave-new-ddos-assault-pattern-discovered/

New Episode of Game of Thrones Leaks on Torrent Sites After Colossal HBO Blunder

Episode 6 of Game of Thrones season 7 has leaked online on streaming, torrent, and file-sharing portals after HBO accidentally broadcast the episode via its on-demand streaming platform. [...]

https://www.bleepingcomputer.com/news/technology/new-episode-of-game-of-thrones-leaks-on-torrent-sites-after-colossal-hbo-blunder/

SyncCrypt Ransomware Hides Inside JPG Files, Appends .KK Extension

A new ransomware called SyncCrypt was discovered that is being distributed by spam attachments pretending to be court orders. This ransomware uses a interesting approach of embedding a zip file in a jpg image in order to avoid detection. [...]

https://www.bleepingcomputer.com/news/security/synccrypt-ransomware-hides-inside-jpg-files-appends-kk-extension/

Locky Ransomware switches to the Lukitus extension for Encrypted Files

Today a new Locky Ransomware variant was discovered that switches to the .lukitus extension for encrypted files. It is not currently known how this variant is being distributed, but as the ransomware is being downloaded from a remote site it is most likely malspam. [...]

https://www.bleepingcomputer.com/news/security/locky-ransomware-switches-to-the-lukitus-extension-for-encrypted-files/

North Korean Cyberspies Target US Defense Contractors Following Nuclear Threats

The North Korean cyber-espionage group known as the Lazarus Group has been busy hacking US defense contractors, according to a report published on Monday by security research firm Palo Alto Networks. [...]

https://www.bleepingcomputer.com/news/security/north-korean-cyberspies-target-us-defense-contractors-following-nuclear-threats/

Unpatchable Flaw Affects Most of Today's Modern Cars

A flaw buried deep in the hearts of all modern cars allows an attacker with local or even remote access to a vehicle to shut down various components, including safety systems such as airbags, brakes, parking sensors, and others. [...]

https://www.bleepingcomputer.com/news/security/unpatchable-flaw-affects-most-of-todays-modern-cars/