Auto-Clicking Android Adware Found in 340 Apps on the Google Play Store

The developer(s) of an Android adware family named GhostClicker has managed to sneak his malware on the official Google Play Store on several occasions, hiding it in as much as 340 mundane Android apps. [...]

https://www.bleepingcomputer.com/news/security/auto-clicking-android-adware-found-in-340-apps-on-the-google-play-store/

Banking Trojans Set Their Sights on Taxi and Ride-Hailing Apps

It was to be expected that Android banking trojan operators would eventually set their sights on ride-hailing applications, considering that these apps work with a user's financial data on a daily basis. [...]

https://www.bleepingcomputer.com/news/security/banking-trojans-set-their-sights-on-taxi-and-ride-hailing-apps/

Ransomware Was the Most Prevalent Malware Payload Delivered via Email in Q2 2017

Malware activity has ramped up in the second quarter of 2017, according to reports from cyber-security firms Cyren, Check Point, Kaspersky Lab, Proofpoint, and Symantec. [...]

https://www.bleepingcomputer.com/news/security/ransomware-was-the-most-prevalent-malware-payload-delivered-via-email-in-q2-2017/

Computers, Smartphones Can Be Used as a Sonar-Like Tracking System

New research published this week by researchers from the University of Washington shows how an attacker could track a user's movements using speakers and microphones that come with computers, laptops, tablets, smartphones, and other devices. [...]

https://www.bleepingcomputer.com/news/security/computers-smartphones-can-be-used-as-a-sonar-like-tracking-system/

Ransomware Hits LG Self-Service Kiosks Across South Korea, Possibly WannaCry

Representatives for LG South Korea said on Wednesday that a mysterious ransomware strain has infected self-servicing kiosks at various service centers across the country. [...]

https://www.bleepingcomputer.com/news/security/ransomware-hits-lg-self-service-kiosks-across-south-korea-possibly-wannacry/

Hacker Releases Decryption Key for Apple's Secure Enclave Firmware

A hacker who goes online only by the pseudonym of Xerub has released the decryption key for Apple's Secure Enclave Processor (SEP) firmware. [...]

https://www.bleepingcomputer.com/news/security/hacker-releases-decryption-key-for-apples-secure-enclave-firmware/

New ERROR CryptoMix Ransomware Variant Released

Today, BleepingComputer discovered a new variant of the CryptoMix ransomware that is appending the .ERROR extension to encrypted file names. This article will provide a brief summary of what has changed in this new variant. [...]

https://www.bleepingcomputer.com/news/security/new-error-cryptomix-ransomware-variant-released/

Tsunami of DDoS-for-Hire Platforms Coming From the East

Over the past six months, a large number of DDoS-for-hire platforms — also known as DDoS booters or DDoS stressors — have appeared in China, all sporting the same interface, and seeming to be based on the same source code. [...]

https://www.bleepingcomputer.com/news/security/tsunami-of-ddos-for-hire-platforms-coming-from-the-east/

The Week in Ransomware - August 18th 2017 - SyncCrypt, GlobeImposter, & Locky

While the week was dominated by small little ransomware creations, we did have some interesting news. First, we have had a resurgence of Locky variants, then a constant stream of GlobeImposter variants variants, and finally the SynCrypt ransomware that utilizes an interesting distribution method. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-august-18th-2017-synccrypt-globeimposter-and-locky/

Secret Chips Can Be Hidden in Replacement Parts to Spy and Take Over Smartphones

At a recently concluded security conference, experts from an Israeli university have presented new research that describes a possible attack scenario which leverages replacement parts to carry out attacks on smartphones and other smart devices. [...]

https://www.bleepingcomputer.com/news/security/secret-chips-can-be-hidden-in-replacement-parts-to-spy-and-take-over-smartphones/

Researchers Win $100,000 for New Spear-Phishing Detection Method

Facebook has awarded this year's Internet Defense Prize worth $100,000 to a team of researchers from the University of California, Berkeley, who came up with a new method of detecting spear-phishing attacks in closely monitored enterprise networks. [...]

https://www.bleepingcomputer.com/news/security/researchers-win-100-000-for-new-spear-phishing-detection-method/

Google Algorithm Removes Watermarks From Stock Photos

Four Google researchers have uncovered a vulnerability in the way stock photography websites apply watermarks on their image portfolios. [...]

https://www.bleepingcomputer.com/news/technology/google-algorithm-removes-watermarks-from-stock-photos/

Couple Accused of Using Lowes Website Flaw to Steal Expensive Goods

A couple from the Brick Township in New Jersey stands accused of using a flaw in the Lowes online portal to receive goods for free at their home. [...]

https://www.bleepingcomputer.com/news/security/couple-accused-of-using-lowes-website-flaw-to-steal-expensive-goods/

Oracle Wants to Give Java EE to the Open-Source Community

Oracle said this week it plans to transfer management of the Java EE project to an open-source foundation, such as Apache or Eclipse. [...]

https://www.bleepingcomputer.com/news/technology/oracle-wants-to-give-java-ee-to-the-open-source-community/

Chrome Adds Warning for When Extensions Take Over Your Internet Connection

Google engineers have added two neat features to the Chrome browser that will alert users of extensions that hijack proxy settings or the new tab page. [...]

https://www.bleepingcomputer.com/news/security/chrome-adds-warning-for-when-extensions-take-over-your-internet-connection/

Plex Updates Privacy Policy So Users Can't Opt out of Data Collection

Plex, a popular supplier of multimedia streaming solutions, has updated its privacy policy and has removed the possibility that users could opt out of the company's data collection practices. [...]

https://www.bleepingcomputer.com/news/software/plex-updates-privacy-policy-so-users-cant-opt-out-of-data-collection/

US Army Will Implement Keystroke-Tracking Biometrics Authentication System

The US Department of Defense (DOD) is slowly adopting a biometrics-based system as a possible replacement for its classic card-based access and authentication solution. [...]

https://www.bleepingcomputer.com/news/government/us-army-will-implement-keystroke-tracking-biometrics-authentication-system/

Hacker Steals $475,000 Worth of Ethereum After Breaching Enigma Project

An unidentified hacker (or hackers) has taken control of the Enigma Project website, Slack channel, and mailing list, and tricked users into sending funds to a wrong Ethereum account. [...]

https://www.bleepingcomputer.com/news/security/hacker-steals-475-000-worth-of-ethereum-after-breaching-enigma-project/

Online Extortion Campaigns Target Users, Companies, Security Researchers

During the past week, there has been a sudden surge in online extortion campaigns, against regular users and security researchers alike. [...]

https://www.bleepingcomputer.com/news/security/online-extortion-campaigns-target-users-companies-security-researchers/

Google Releases Android 8.0 Oreo

Google has started the rollout process for the Android 8.0 mobile operating system, which in classic Google fashion will take the name of a sweet food, and it will be Oreo. [...]

https://www.bleepingcomputer.com/news/mobile/google-releases-android-8-0-oreo/

Ad Trackers on E-Commerce Sites Can Unmask Bitcoin Transactions

Research published last week reveals that cookies and other data collected by ad trackers on e-commerce sites can be used to de-anonymize Bitcoin transactions. [...]

https://www.bleepingcomputer.com/news/technology/ad-trackers-on-e-commerce-sites-can-unmask-bitcoin-transactions/