Couple Accused of Using Lowes Website Flaw to Steal Expensive Goods

A couple from the Brick Township in New Jersey stands accused of using a flaw in the Lowes online portal to receive goods for free at their home. [...]

https://www.bleepingcomputer.com/news/security/couple-accused-of-using-lowes-website-flaw-to-steal-expensive-goods/

Oracle Wants to Give Java EE to the Open-Source Community

Oracle said this week it plans to transfer management of the Java EE project to an open-source foundation, such as Apache or Eclipse. [...]

https://www.bleepingcomputer.com/news/technology/oracle-wants-to-give-java-ee-to-the-open-source-community/

Chrome Adds Warning for When Extensions Take Over Your Internet Connection

Google engineers have added two neat features to the Chrome browser that will alert users of extensions that hijack proxy settings or the new tab page. [...]

https://www.bleepingcomputer.com/news/security/chrome-adds-warning-for-when-extensions-take-over-your-internet-connection/

Plex Updates Privacy Policy So Users Can't Opt out of Data Collection

Plex, a popular supplier of multimedia streaming solutions, has updated its privacy policy and has removed the possibility that users could opt out of the company's data collection practices. [...]

https://www.bleepingcomputer.com/news/software/plex-updates-privacy-policy-so-users-cant-opt-out-of-data-collection/

US Army Will Implement Keystroke-Tracking Biometrics Authentication System

The US Department of Defense (DOD) is slowly adopting a biometrics-based system as a possible replacement for its classic card-based access and authentication solution. [...]

https://www.bleepingcomputer.com/news/government/us-army-will-implement-keystroke-tracking-biometrics-authentication-system/

Hacker Steals $475,000 Worth of Ethereum After Breaching Enigma Project

An unidentified hacker (or hackers) has taken control of the Enigma Project website, Slack channel, and mailing list, and tricked users into sending funds to a wrong Ethereum account. [...]

https://www.bleepingcomputer.com/news/security/hacker-steals-475-000-worth-of-ethereum-after-breaching-enigma-project/

Online Extortion Campaigns Target Users, Companies, Security Researchers

During the past week, there has been a sudden surge in online extortion campaigns, against regular users and security researchers alike. [...]

https://www.bleepingcomputer.com/news/security/online-extortion-campaigns-target-users-companies-security-researchers/

Google Releases Android 8.0 Oreo

Google has started the rollout process for the Android 8.0 mobile operating system, which in classic Google fashion will take the name of a sweet food, and it will be Oreo. [...]

https://www.bleepingcomputer.com/news/mobile/google-releases-android-8-0-oreo/

Ad Trackers on E-Commerce Sites Can Unmask Bitcoin Transactions

Research published last week reveals that cookies and other data collected by ad trackers on e-commerce sites can be used to de-anonymize Bitcoin transactions. [...]

https://www.bleepingcomputer.com/news/technology/ad-trackers-on-e-commerce-sites-can-unmask-bitcoin-transactions/

Cryptocurrency Miner Infects Windows PCs via EternalBlue and WMI

A new malware family detected under the name of CoinMiner is causing users and security firms alike loads of problems, being hard to stop or detect due to the combination of various unique features. [...]

https://www.bleepingcomputer.com/news/security/cryptocurrency-miner-infects-windows-pcs-via-eternalblue-and-wmi/

Chinese Advertising SDK Caught Stealing Data From Android Devices

An advertising software development kit (SDK) embedded in many legitimate apps has been secretly siphoning user data and sending it to the servers of a Chinese company. [...]

https://www.bleepingcomputer.com/news/security/chinese-advertising-sdk-caught-stealing-data-from-android-devices/

Brian Krebs Fan Creates New Cryptocurrency Miner for Linux Devices

A malware author has created a new cryptocurrency miner that infects Linux devices that use open or default Telnet credentials. [...]

https://www.bleepingcomputer.com/news/security/brian-krebs-fan-creates-new-cryptocurrency-miner-for-linux-devices/

AccuWeather iOS App Sends Location Data to Advertising Partner

Will Strafach, an independent security researcher, has discovered over the weekend that the AccuWeather iOS app sends location information to a data monetization firm named Reveal Mobile. [...]

https://www.bleepingcomputer.com/news/security/accuweather-ios-app-sends-location-data-to-advertising-partner/

Mozilla Testing New Default Opt-Out Setting for Firefox Telemetry Collection

Mozilla engineers are discussing plans to change the way Firefox collects usage data (telemetry), and the organization is currently preparing to test an opt-out clause an opt-out clause so they could collect more data relevant to the browser's usage. [...]

https://www.bleepingcomputer.com/news/software/mozilla-testing-new-default-opt-out-setting-for-firefox-telemetry-collection/

Google Launches Enterprise Version of Chrome OS

Google launched today an improved version of the Chrome OS specifically built for deployment in large-scale enterprises. [...]

https://www.bleepingcomputer.com/news/google/google-launches-enterprise-version-of-chrome-os/

ROPEMAKER Lets Attackers Change Your Emails After Delivery

A new email attack scenario nicknamed ROPEMAKER allows a threat actor to change the content of emails received by targets via remote CSS files. [...]

https://www.bleepingcomputer.com/news/security/ropemaker-lets-attackers-change-your-emails-after-delivery/

Google Play Store Security Scans Tricked by ...Sigh... In-Dev Malware

Google has yet to remove two apps infected with dangerous malware that are currently still available for download via the official Google Play Store. [...]

https://www.bleepingcomputer.com/news/security/google-play-store-security-scans-tricked-by-sigh-in-dev-malware/

Ukraine Fears Second Ransomware Outbreak as Another Accounting Firm Got Hacked

Ukrainian authorities and businesses are on alert after a local security firm reported that another accounting software maker got hacked and its servers were being used to spread malware. [...]

https://www.bleepingcomputer.com/news/security/ukraine-fears-second-ransomware-outbreak-as-another-accounting-firm-got-hacked/

CS:GO Cheat Delivers Cryptocurrency Miner on MacOS

Counter-Strike: Global Offensive (CS:GO) players looking to get a leg up on the competition by using the vHook cheating app for macOS were also infected with a cryptocurrency miner. [...]

https://www.bleepingcomputer.com/news/security/cs-go-cheat-delivers-cryptocurrency-miner-on-macos/

Germany: Microsoft Agrees to Stop Forcibly Downloading Windows Upgrades

After an 18-month legal battle with Germany's Baden-Würtenberg consumer rights center, Microsoft admitted to wrongdoing when it downloaded over 6GBs of data on user devices during its Windows 10 push in mid and late 2015. [...]

https://www.bleepingcomputer.com/news/microsoft/germany-microsoft-agrees-to-stop-forcibly-downloading-windows-upgrades/

You Can Now Run Different Google Chrome Versions Side-By-Side

Google announced on Monday that Chrome users can now run two different versions of Chrome side-by-side. [...]

https://www.bleepingcomputer.com/news/google/you-can-now-run-different-google-chrome-versions-side-by-side/