Goodbye Cerber? Hello Magniber Ransomware!

Magniber is a new ransomware being distributed by the Magnitude Exploit Kit that appears to be the successor to the Cerber Ransomware. While many aspects of the Magniber Ransomware are different than Cerber, the payment system and the files it encrypts are very similar. [...]

https://www.bleepingcomputer.com/news/security/goodbye-cerber-hello-magniber-ransomware/

Microsoft Takes Jab Back at Google's Security Team

No good deed remains unpunished, they say, and so is the case of the recent spat between Google and Microsoft's security teams. [...]

https://www.bleepingcomputer.com/news/security/microsoft-takes-jab-back-at-googles-security-team/

Sockbot Android Malware Found in Eight Apps on the Google Play Store

Google has removed eight apps from the official Play Store that were infected with the Sockbot Android malware. [...]

https://www.bleepingcomputer.com/news/security/sockbot-android-malware-found-in-eight-apps-on-the-google-play-store/

Attackers Start Scans for SSH Keys After Report on Lack of SSH Security Controls

Crooks are mass-scanning online sites for directories containing SSH private keys so they can break into websites with any accidentally exposed credentials. [...]

https://www.bleepingcomputer.com/news/security/attackers-start-scans-for-ssh-keys-after-report-on-lack-of-ssh-security-controls/

EU: Kids' GPS Watches Have So Many Security Flaws They Should Not Be in Stores

The European Consumer Organisation (BEUC) has issued a public service announcement on the security and privacy concerns surrounding modern children's smartwatches. [...]

https://www.bleepingcomputer.com/news/government/eu-kids-gps-watches-have-so-many-security-flaws-they-should-not-be-in-stores/

Google Chrome May Add a Permission to Stop In-Browser Cryptocurrency Miners

Google Chrome engineers are considering adding a special browser permission that will thwart the rising trend of in-browser cryptocurrency miners. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-may-add-a-permission-to-stop-in-browser-cryptocurrency-miners/

Google Will Pay Researchers $1,000 to Hack Its Most Popular Play Store Apps

Google has launched a bug bounty program for popular apps available on its Play Store. Dubbed the Play Security Reward Program, the bug bounty will be offered through the HackerOne platform and is not aimed at Google's own Android apps. [...]

https://www.bleepingcomputer.com/news/security/google-will-pay-researchers-1-000-to-hack-its-most-popular-play-store-apps/

Russian Cyberspies Are Rushing to Exploit Recent Flash 0-Day Before It Goes Cold

A cyber-espionage group identified in the cyber-security industry as APT28 and believed to be operating under the supervision of the Russian state has recently dispatched several malware distribution campaigns that try to take advantage of a Flash zero-day vulnerability that Adobe patched earlier this week. [...]

https://www.bleepingcomputer.com/news/security/russian-cyberspies-are-rushing-to-exploit-recent-flash-0-day-before-it-goes-cold/

Eltima Website Hacked to Spread Proton RAT With Popular Video Player App

The website of Eltima, a maker of macOS and Windows apps, has been compromised by an unknown actor to spread a trojanized version of Elmedia Player, a multimedia player for macOS. [...]

https://www.bleepingcomputer.com/news/apple/eltima-website-hacked-to-spread-proton-rat-with-popular-video-player-app/

Student Expelled for Using Hardware Keylogger to Hack School, Change Grades

Kansas University (KU) officials have expelled a student for installing a hardware keylogger and using the data acquired from the device to hack into the school's grading system and chang his grades. [...]

https://www.bleepingcomputer.com/news/security/student-expelled-for-using-hardware-keylogger-to-hack-school-change-grades/

A Gigantic IoT Botnet Has Grown in the Shadows in the Past Month

Since mid-September, a new IoT botnet has grown to massive proportions. Codenamed IoT_reaper (Reaper for this article), researchers estimate its current size at nearly two million infected devices. [...]

https://www.bleepingcomputer.com/news/security/a-gigantic-iot-botnet-has-grown-in-the-shadows-in-the-past-month/

The Week in Ransomware - October 20th 2017 - Magniber and the Hermes Bank Heist

This week we had our fair share of smaller variants being distributed or created, but the big news was by far the release of Magniber and the use of the Hermes ransomware as a cover to steal money from a Taiwan bank.  With the release of Magniber we also see the downward spiral of Cerber,. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-20th-2017-magniber-and-the-hermes-bank-heist/

Teen Sentenced for Prank That Almost Brought Down a County's 911 Service

A US judge sentenced a 19-year-old teenager to three years probation for a prank gone wrong that resulted in the accidental DDoS and near crash of the Mariposa County's 911 emergency service. [...]

https://www.bleepingcomputer.com/news/security/teen-sentenced-for-prank-that-almost-brought-down-a-countys-911-service/

Microsoft Adds Game Anti-Cheat Engine to Windows 10

With the release of the Windows 10 Fall Creators Update earlier this week, Microsoft quietly rolled out a gaming anti-cheat engine, similar to Valve's VAC system. [...]

https://www.bleepingcomputer.com/news/gaming/microsoft-adds-game-anti-cheat-engine-to-windows-10/

Hackers Take Over Funeral Home's Email Account and Run Online Scams

Hackers have taken over the email account of a Louisiana funeral home and are sending email scams to the company's customers, asking for money. [...]

https://www.bleepingcomputer.com/news/security/hackers-take-over-funeral-homes-email-account-and-run-online-scams/

Google Testing Android Feature to Hide DNS Requests

Google has added support in Android for an experimental feature that will encrypt DNS requests and prevent network-level attackers from snooping on user traffic. [...]

https://www.bleepingcomputer.com/news/google/google-testing-android-feature-to-hide-dns-requests/

Microsoft's Windows 10 Anti-Ransomware Feature Is Now Live

With the release of Windows 10 Fall Creators Update last week, the "Controlled Folder Access" that Microsoft touted in June is now live for millions of users. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-windows-10-anti-ransomware-feature-is-now-live/

Kaspersky Opens Code to 3rd-Party Review in Effort to Combat Spying Accusations

In an attempt to dispell rumors that its software is being used as a backdoor into users' computers, Kaspersky Labs said today it would subject its security products to an independent third-party source code review. [...]

https://www.bleepingcomputer.com/news/security/kaspersky-opens-code-to-3rd-party-review-in-effort-to-combat-spying-accusations/

Russian Cyberspies Carry Out the Silliest Cyber-Espionage Campaign of the Year

A Russian cyber-espionage group has tried to infect security researchers with malware via a spear-phishing campaign that can easily receive a Pwnie Awards nomination for one of the year's biggest epic fails. [...]

https://www.bleepingcomputer.com/news/security/russian-cyberspies-carry-out-the-silliest-cyber-espionage-campaign-of-the-year/

Google Open-Sources Some of Chrome's Usage Stats

Google open-sourced today some of Chrome's usage metrics in an attempt to help developers create better websites. [...]

https://www.bleepingcomputer.com/news/google/google-open-sources-some-of-chromes-usage-stats/

LokiBot Android Banking Trojan Turns Into Ransomware When You Try to Remove It

Security researchers have spotted a new Android banking trojan named LokiBot that turns into ransomware and locks users' phones when they try to remove its admin privileges. [...]

https://www.bleepingcomputer.com/news/security/lokibot-android-banking-trojan-turns-into-ransomware-when-you-try-to-remove-it/