Computers, Smartphones Can Be Used as a Sonar-Like Tracking System

New research published this week by researchers from the University of Washington shows how an attacker could track a user's movements using speakers and microphones that come with computers, laptops, tablets, smartphones, and other devices. [...]

https://www.bleepingcomputer.com/news/security/computers-smartphones-can-be-used-as-a-sonar-like-tracking-system/

Ransomware Hits LG Self-Service Kiosks Across South Korea, Possibly WannaCry

Representatives for LG South Korea said on Wednesday that a mysterious ransomware strain has infected self-servicing kiosks at various service centers across the country. [...]

https://www.bleepingcomputer.com/news/security/ransomware-hits-lg-self-service-kiosks-across-south-korea-possibly-wannacry/

Hacker Releases Decryption Key for Apple's Secure Enclave Firmware

A hacker who goes online only by the pseudonym of Xerub has released the decryption key for Apple's Secure Enclave Processor (SEP) firmware. [...]

https://www.bleepingcomputer.com/news/security/hacker-releases-decryption-key-for-apples-secure-enclave-firmware/

New ERROR CryptoMix Ransomware Variant Released

Today, BleepingComputer discovered a new variant of the CryptoMix ransomware that is appending the .ERROR extension to encrypted file names. This article will provide a brief summary of what has changed in this new variant. [...]

https://www.bleepingcomputer.com/news/security/new-error-cryptomix-ransomware-variant-released/

Tsunami of DDoS-for-Hire Platforms Coming From the East

Over the past six months, a large number of DDoS-for-hire platforms — also known as DDoS booters or DDoS stressors — have appeared in China, all sporting the same interface, and seeming to be based on the same source code. [...]

https://www.bleepingcomputer.com/news/security/tsunami-of-ddos-for-hire-platforms-coming-from-the-east/

The Week in Ransomware - August 18th 2017 - SyncCrypt, GlobeImposter, & Locky

While the week was dominated by small little ransomware creations, we did have some interesting news. First, we have had a resurgence of Locky variants, then a constant stream of GlobeImposter variants variants, and finally the SynCrypt ransomware that utilizes an interesting distribution method. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-august-18th-2017-synccrypt-globeimposter-and-locky/

Secret Chips Can Be Hidden in Replacement Parts to Spy and Take Over Smartphones

At a recently concluded security conference, experts from an Israeli university have presented new research that describes a possible attack scenario which leverages replacement parts to carry out attacks on smartphones and other smart devices. [...]

https://www.bleepingcomputer.com/news/security/secret-chips-can-be-hidden-in-replacement-parts-to-spy-and-take-over-smartphones/

Researchers Win $100,000 for New Spear-Phishing Detection Method

Facebook has awarded this year's Internet Defense Prize worth $100,000 to a team of researchers from the University of California, Berkeley, who came up with a new method of detecting spear-phishing attacks in closely monitored enterprise networks. [...]

https://www.bleepingcomputer.com/news/security/researchers-win-100-000-for-new-spear-phishing-detection-method/

Google Algorithm Removes Watermarks From Stock Photos

Four Google researchers have uncovered a vulnerability in the way stock photography websites apply watermarks on their image portfolios. [...]

https://www.bleepingcomputer.com/news/technology/google-algorithm-removes-watermarks-from-stock-photos/

Couple Accused of Using Lowes Website Flaw to Steal Expensive Goods

A couple from the Brick Township in New Jersey stands accused of using a flaw in the Lowes online portal to receive goods for free at their home. [...]

https://www.bleepingcomputer.com/news/security/couple-accused-of-using-lowes-website-flaw-to-steal-expensive-goods/

Oracle Wants to Give Java EE to the Open-Source Community

Oracle said this week it plans to transfer management of the Java EE project to an open-source foundation, such as Apache or Eclipse. [...]

https://www.bleepingcomputer.com/news/technology/oracle-wants-to-give-java-ee-to-the-open-source-community/

Chrome Adds Warning for When Extensions Take Over Your Internet Connection

Google engineers have added two neat features to the Chrome browser that will alert users of extensions that hijack proxy settings or the new tab page. [...]

https://www.bleepingcomputer.com/news/security/chrome-adds-warning-for-when-extensions-take-over-your-internet-connection/

Plex Updates Privacy Policy So Users Can't Opt out of Data Collection

Plex, a popular supplier of multimedia streaming solutions, has updated its privacy policy and has removed the possibility that users could opt out of the company's data collection practices. [...]

https://www.bleepingcomputer.com/news/software/plex-updates-privacy-policy-so-users-cant-opt-out-of-data-collection/

US Army Will Implement Keystroke-Tracking Biometrics Authentication System

The US Department of Defense (DOD) is slowly adopting a biometrics-based system as a possible replacement for its classic card-based access and authentication solution. [...]

https://www.bleepingcomputer.com/news/government/us-army-will-implement-keystroke-tracking-biometrics-authentication-system/

Hacker Steals $475,000 Worth of Ethereum After Breaching Enigma Project

An unidentified hacker (or hackers) has taken control of the Enigma Project website, Slack channel, and mailing list, and tricked users into sending funds to a wrong Ethereum account. [...]

https://www.bleepingcomputer.com/news/security/hacker-steals-475-000-worth-of-ethereum-after-breaching-enigma-project/

Online Extortion Campaigns Target Users, Companies, Security Researchers

During the past week, there has been a sudden surge in online extortion campaigns, against regular users and security researchers alike. [...]

https://www.bleepingcomputer.com/news/security/online-extortion-campaigns-target-users-companies-security-researchers/

Google Releases Android 8.0 Oreo

Google has started the rollout process for the Android 8.0 mobile operating system, which in classic Google fashion will take the name of a sweet food, and it will be Oreo. [...]

https://www.bleepingcomputer.com/news/mobile/google-releases-android-8-0-oreo/

Ad Trackers on E-Commerce Sites Can Unmask Bitcoin Transactions

Research published last week reveals that cookies and other data collected by ad trackers on e-commerce sites can be used to de-anonymize Bitcoin transactions. [...]

https://www.bleepingcomputer.com/news/technology/ad-trackers-on-e-commerce-sites-can-unmask-bitcoin-transactions/

Cryptocurrency Miner Infects Windows PCs via EternalBlue and WMI

A new malware family detected under the name of CoinMiner is causing users and security firms alike loads of problems, being hard to stop or detect due to the combination of various unique features. [...]

https://www.bleepingcomputer.com/news/security/cryptocurrency-miner-infects-windows-pcs-via-eternalblue-and-wmi/

Chinese Advertising SDK Caught Stealing Data From Android Devices

An advertising software development kit (SDK) embedded in many legitimate apps has been secretly siphoning user data and sending it to the servers of a Chinese company. [...]

https://www.bleepingcomputer.com/news/security/chinese-advertising-sdk-caught-stealing-data-from-android-devices/

Brian Krebs Fan Creates New Cryptocurrency Miner for Linux Devices

A malware author has created a new cryptocurrency miner that infects Linux devices that use open or default Telnet credentials. [...]

https://www.bleepingcomputer.com/news/security/brian-krebs-fan-creates-new-cryptocurrency-miner-for-linux-devices/