Microsoft Suffered Breach of Its Vulnerabilities Database Back in 2013

Five former employees told Reuters that Microsoft quietly dealt with a hack of its vulnerabilities and bug reports database back in 2013 without telling anyone. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-suffered-breach-of-its-vulnerabilities-database-back-in-2013/

North Korean Hackers Used Hermes Ransomware to Hide Recent Bank Heist

Evidence suggests the infamous Lazarus Group, a hacking crew believed to be operating out of North Korea, is behind the recent hack on the Far Eastern International Bank (FEIB) in Taiwan. [...]

https://www.bleepingcomputer.com/news/security/north-korean-hackers-used-hermes-ransomware-to-hide-recent-bank-heist/

Here's a Video of the Latest ATM Malware Sold on the Dark Web

A hacker or hacker group is selling a strain of ATM malware that can make ATMs spit out cash just by connecting to its USB port and running the malware. [...]

https://www.bleepingcomputer.com/news/security/heres-a-video-of-the-latest-atm-malware-sold-on-the-dark-web/

WaterMiner Malware Author Can't Keep His Mouth Shut on Social Media

A Russian-speaking malware author is currently busy spreading a Monero miner hidden inside gaming mods. The crook is using different usernames to spread the malware on forums for Russian-speaking users. [...]

https://www.bleepingcomputer.com/news/security/waterminer-malware-author-cant-keep-his-mouth-shut-on-social-media/

Fall Creators Update Is Here: Learn How to Install It

The Fall Creators Update for Windows 10 has finally arrived, so let's learn how to isntall. Currently, the Fall Creators Update is being rolled out in phases, with some areas having it delivered via Windows Update before others. [...]

https://www.bleepingcomputer.com/news/microsoft/fall-creators-update-is-here-learn-how-to-install-it/

Necurs Malware Will Now Take a Screenshot of Your Screen, Report Runtime Errors

Malware families evolve on a daily basis, but some updates catch your eye more than others. Necurs has just gone through one of these "interesting" updates, according to US security firm Symantec. [...]

https://www.bleepingcomputer.com/news/security/necurs-malware-will-now-take-a-screenshot-of-your-screen-report-runtime-errors/

Google Chrome 62 Released for Linux, Mac, and Windows

Google released earlier today version 62 of its Chrome browser that comes with quite a few new features but also fixes for 35 security issues. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-62-released-for-linux-mac-and-windows/

Malware Resurfaces After a Decade in Chinese Cyberespionage Campaign

A remote access trojan (RAT) known as Hacker's Door has resurfaced in active infections after being seen the last time in 2004-2005. [...]

https://www.bleepingcomputer.com/news/security/malware-resurfaces-after-a-decade-in-chinese-cyberespionage-campaign/

The Internet Is Ripe With In-Browser Miners and It's Getting Worse Each Day

Ever since mid-September, when Coinhive launched and the whole cryptojacking frenzy started, the Internet has gone crazy with in-browser cryptocurrency miners, and new sites that offer similar services are popping up on a weekly basis. [...]

https://www.bleepingcomputer.com/news/security/the-internet-is-ripe-with-in-browser-miners-and-its-getting-worse-each-day/

Browser Makers Agree to Move Web Documentation to Mozilla's Portal

Mozilla, Microsoft, Google, Samsung, and the W3C have agreed today to unify all their documentation sites under one single roof, on Mozilla's MDN portal. [...]

https://www.bleepingcomputer.com/news/technology/browser-makers-agree-to-move-web-documentation-to-mozillas-portal/

Goodbye Cerber? Hello Magniber Ransomware!

Magniber is a new ransomware being distributed by the Magnitude Exploit Kit that appears to be the successor to the Cerber Ransomware. While many aspects of the Magniber Ransomware are different than Cerber, the payment system and the files it encrypts are very similar. [...]

https://www.bleepingcomputer.com/news/security/goodbye-cerber-hello-magniber-ransomware/

Microsoft Takes Jab Back at Google's Security Team

No good deed remains unpunished, they say, and so is the case of the recent spat between Google and Microsoft's security teams. [...]

https://www.bleepingcomputer.com/news/security/microsoft-takes-jab-back-at-googles-security-team/

Sockbot Android Malware Found in Eight Apps on the Google Play Store

Google has removed eight apps from the official Play Store that were infected with the Sockbot Android malware. [...]

https://www.bleepingcomputer.com/news/security/sockbot-android-malware-found-in-eight-apps-on-the-google-play-store/

Attackers Start Scans for SSH Keys After Report on Lack of SSH Security Controls

Crooks are mass-scanning online sites for directories containing SSH private keys so they can break into websites with any accidentally exposed credentials. [...]

https://www.bleepingcomputer.com/news/security/attackers-start-scans-for-ssh-keys-after-report-on-lack-of-ssh-security-controls/

EU: Kids' GPS Watches Have So Many Security Flaws They Should Not Be in Stores

The European Consumer Organisation (BEUC) has issued a public service announcement on the security and privacy concerns surrounding modern children's smartwatches. [...]

https://www.bleepingcomputer.com/news/government/eu-kids-gps-watches-have-so-many-security-flaws-they-should-not-be-in-stores/

Google Chrome May Add a Permission to Stop In-Browser Cryptocurrency Miners

Google Chrome engineers are considering adding a special browser permission that will thwart the rising trend of in-browser cryptocurrency miners. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-may-add-a-permission-to-stop-in-browser-cryptocurrency-miners/

Google Will Pay Researchers $1,000 to Hack Its Most Popular Play Store Apps

Google has launched a bug bounty program for popular apps available on its Play Store. Dubbed the Play Security Reward Program, the bug bounty will be offered through the HackerOne platform and is not aimed at Google's own Android apps. [...]

https://www.bleepingcomputer.com/news/security/google-will-pay-researchers-1-000-to-hack-its-most-popular-play-store-apps/

Russian Cyberspies Are Rushing to Exploit Recent Flash 0-Day Before It Goes Cold

A cyber-espionage group identified in the cyber-security industry as APT28 and believed to be operating under the supervision of the Russian state has recently dispatched several malware distribution campaigns that try to take advantage of a Flash zero-day vulnerability that Adobe patched earlier this week. [...]

https://www.bleepingcomputer.com/news/security/russian-cyberspies-are-rushing-to-exploit-recent-flash-0-day-before-it-goes-cold/

Eltima Website Hacked to Spread Proton RAT With Popular Video Player App

The website of Eltima, a maker of macOS and Windows apps, has been compromised by an unknown actor to spread a trojanized version of Elmedia Player, a multimedia player for macOS. [...]

https://www.bleepingcomputer.com/news/apple/eltima-website-hacked-to-spread-proton-rat-with-popular-video-player-app/

Student Expelled for Using Hardware Keylogger to Hack School, Change Grades

Kansas University (KU) officials have expelled a student for installing a hardware keylogger and using the data acquired from the device to hack into the school's grading system and chang his grades. [...]

https://www.bleepingcomputer.com/news/security/student-expelled-for-using-hardware-keylogger-to-hack-school-change-grades/

A Gigantic IoT Botnet Has Grown in the Shadows in the Past Month

Since mid-September, a new IoT botnet has grown to massive proportions. Codenamed IoT_reaper (Reaper for this article), researchers estimate its current size at nearly two million infected devices. [...]

https://www.bleepingcomputer.com/news/security/a-gigantic-iot-botnet-has-grown-in-the-shadows-in-the-past-month/