DDoS Booter Service Suffers Security Breach

A dissatisfied customer has breached the server of TrueStresser, a DDoS-for-hire service, pilfered its database, and leaked some of the content online. [...]

https://www.bleepingcomputer.com/news/security/ddos-booter-service-suffers-security-breach/

The Week in Ransomware - September 1st 2017 - Locky, Exploit Kits, & More

This week has seen a big push by Locky using numerous distribution campaigns to try and claim a spot with the big boys. Other than the normal releases of small ransomware creations, we also saw the RIG exploit kit pushing the Princess Ransomware. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-1st-2017-locky-exploit-kits-and-more/

Radio Hacker Interrupts Police Chase in Australia

A pirate broadcaster posing as a police officer interfered in a police chase this week in Australia, forcing officers to call off the pursuit of two suspected armed robbers. [...]

https://www.bleepingcomputer.com/news/security/radio-hacker-interrupts-police-chase-in-australia/

Man Who Refused to Decrypt Hard Drives Still in Prison After Two Years

Francis Rawls, a former Philadelphia cop, will remain in jail for refusing to decrypt a hard drive federal investigators found in his home two years ago during a child abuse investigation. [...]

https://www.bleepingcomputer.com/news/legal/man-who-refused-to-decrypt-hard-drives-still-in-prison-after-two-years/

Vulnerabilities Discovered in Mobile Bootloaders of Major Vendors

Android bootloader components from five major chipset vendors are affected by vulnerabilities that break the CoT (Chain of Trust) during the boot-up sequence, opening devices to attacks. [...]

https://www.bleepingcomputer.com/news/security/vulnerabilities-discovered-in-mobile-bootloaders-of-major-vendors/

Banking Trojan Now Targets Coinbase Users, Not Just Banking Portals

The TrickBot banking trojan has added support for stealing funds stored in Coinbase.com accounts, according to a recent version spotted in a distribution campaign last week. [...]

https://www.bleepingcomputer.com/news/security/banking-trojan-now-targets-coinbase-users-not-just-banking-portals/

Police Seize Domain of Online Store That Stole User's Card Data

Canadian police have seized the domain of Fazny.ca, an online electronics store that stole users' payment card data and used it to make fraudulent purchases. [...]

https://www.bleepingcomputer.com/news/security/police-seize-domain-of-online-store-that-stole-users-card-data/

Massive Wave of MongoDB Ransom Attacks Makes 26,000 New Victims

Ransom attacks on MongoDB databases rekindled last week and over the weekend with the emergence of three new groups that hijacked over 26,000 servers, with one group hijacking 22,000. [...]

https://www.bleepingcomputer.com/news/security/massive-wave-of-mongodb-ransom-attacks-makes-26-000-new-victims/

Six-Year-Old "Loop Bug" Re-Discovered to Affect Almost All Major PDF Viewers

A bug discovered in an obscure PDF parsing library back in 2011 is also present in most of today's top PDF viewers, according to German software developer Hanno Böck. [...]

https://www.bleepingcomputer.com/news/software/six-year-old-loop-bug-re-discovered-to-affect-almost-all-major-pdf-viewers/

YouTube-MP3.Org Will Shut Down Following RIAA Lawsuit

YouTube-MP3.org — the largest YouTube ripping service on the Internet — has agreed to shut down permanently as part of a settlement it reached with the Recording Industry Association of America (RIAA) in a lawsuit the organization filed last year. [...]

https://www.bleepingcomputer.com/news/technology/youtube-mp3-org-will-shut-down-following-riaa-lawsuit/

Chinese Man Sentenced to Nine Months in Prison for Selling VPN Software

Chinese authorities have sentenced a young man to nine months in prison for setting up a website for selling VPN software to Chinese users. [...]

https://www.bleepingcomputer.com/news/government/chinese-man-sentenced-to-nine-months-in-prison-for-selling-vpn-software/

Opera and Vivaldi Founder Believes Google Should Be Regulated

Jon von Tetzchner, the founder of both Opera and Vivaldi, believes that Google has gotten too big and "is now in a position where regulation is needed." [...]

https://www.bleepingcomputer.com/news/google/opera-and-vivaldi-founder-believes-google-should-be-regulated/

TrustZone Downgrade Attack Opens Android Devices to Old Vulnerabilities

An attacker can downgrade components of the Android TrustZone technology to older versions that feature known vulnerabilities and use older exploits against smartphones running an up-to-date operating system. [...]

https://www.bleepingcomputer.com/news/security/trustzone-downgrade-attack-opens-android-devices-to-old-vulnerabilities/

Companies Must Tell Employees When Monitoring Their PC Activity, EU Court Rules

EU companies must notify employees in advance if they plan to monitor work accounts, the European Court of Human Rights ruled this week. [...]

https://www.bleepingcomputer.com/news/legal/companies-must-tell-employees-when-monitoring-their-pc-activity-eu-court-rules/

SynAck Ransomware Sees Huge Spike in Activity

Over the past two days, there was an increase in activity from a relatively unknown ransomware strain named SynAck, according to submissions to the ID-Ransomware service and users who complained on the Bleeping Computer ransomware support forums. [...]

https://www.bleepingcomputer.com/news/security/synack-ransomware-sees-huge-spike-in-activity/

Google Chrome 61 Released for Linux, Mac, and Windows

Today Google launched version 61 of the Chrome browser for Windows, Mac, and Linux. With this release, we have 21 security updates, numerous improvements and bug fixes, and three APIs that allow developers to further enhance their sites and apps. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-61-released-for-linux-mac-and-windows/

Last Windows Server Insider Build Released Before Ignite Conference

Today Microsoft released Windows Server Insider Preview Build 16278 to Windows Insiders. This build is the last Server build that will be released before the Ignite conference at the end of September, where the official Windows Server Version 1709 will be released. While there are no new features released as part of this build. [...]

https://www.bleepingcomputer.com/news/microsoft/last-windows-server-insider-build-released-before-ignite-conference/

New Apache Struts Vulnerability Puts Many Fortune Companies at Risk

An estimated 65% of Fortune 100 companies could be vulnerable to a security bug discovered in Apache Struts, a popular Java MVC framework used in the development of many top-grade enterprise applications. [...]

https://www.bleepingcomputer.com/news/security/new-apache-struts-vulnerability-puts-many-fortune-companies-at-risk/

Lenovo Gets a Slap on the Wrist for Superfish Adware Scandal

Lenovo has settled charges with the FTC and 32 state attorneys for shipping laptops preinstalled with the Superfish adware back in 2014 and 2015. [...]

https://www.bleepingcomputer.com/news/technology/lenovo-gets-a-slap-on-the-wrist-for-superfish-adware-scandal/

UK's Facial Recognition System Dumber Than a Box of Rocks, Privacy Group Argues

A real-time facial recognition software tested by London Metropolitan Police at this year's Notting Hill Carnival was labeled as a "resounding success" by police officers, but privacy groups members who were invited to view it in action called it "inaccurate and painfully crude." [...]

https://www.bleepingcomputer.com/news/security/uks-facial-recognition-system-dumber-than-a-box-of-rocks-privacy-group-argues/

Sabotage Warning Issued on Hackers Hiding Deep Inside Energy Sector

US cyber-security firm Symantec has issued a warning today against a group of nation-state hackers that have managed to infiltrate several US and European energy firms, and are now in the dangerous position of sabotaging critical infrastructure if they wished to. [...]

https://www.bleepingcomputer.com/news/security/sabotage-warning-issued-on-hackers-hiding-deep-inside-energy-sector/