Matrix Ransomware Being Distributed by the RIG Exploit Kit

The Matrix Ransomware has started to be distributed through the RIG exploit kit. This article will provide information on what vulnerabilities are being targeted and how to protect yourself. [...]

https://www.bleepingcomputer.com/news/security/matrix-ransomware-being-distributed-by-the-rig-exploit-kit/

Some Bad Rabbit Victims Can Recover Files Without Paying Ransom

Some extremely lucky users will be able to recover files locked by the Bad Rabbit ransomware because of small operational mistakes on the part of the malware's authors. [...]

https://www.bleepingcomputer.com/news/security/some-bad-rabbit-victims-can-recover-files-without-paying-ransom/

The Week in Ransomware - October 27th 2017 - Bad Rabbit & Tyrant

Lots of ransomware in the news this week. Of course the biggest story was the Bad Rabbit outbreak that targeted numerous countries, but mostly Russia and the Ukraine. We also had the Tyrant Ransomware, which was targeting Iranian companies. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-27th-2017-bad-rabbit-and-tyrant/

Google to Remove Public Key Pinning (PKP) Support in Chrome

Late yesterday afternoon, Google announced plans to deprecate and eventually remove PKP support from the Chromium open-source browser, which indirectly means from Chrome. [...]

https://www.bleepingcomputer.com/news/security/google-to-remove-public-key-pinning-pkp-support-in-chrome/

Researchers Devise 2FA System That Relies on Taking Photos of Ordinary Objects

Scientists from Florida International University and Bloomberg have created a custom two-factor authentication (2FA) system that relies on users taking a photo of a personal object. [...]

https://www.bleepingcomputer.com/news/security/researchers-devise-2fa-system-that-relies-on-taking-photos-of-ordinary-objects/

unCAPTCHA Breaks 450 ReCAPTCHAs in Under 6 Seconds

unCAPTCHA is the name of a new automated system designed by a team of four computer science experts from the University of Maryland (UM) that can break Google's reCAPTCHA challenges with an accuracy of 85%. [...]

https://www.bleepingcomputer.com/news/technology/uncaptcha-breaks-450-recaptchas-in-under-6-seconds/

Firefox to Get a Better Password Manager

Mozilla engineers have started work on a project named Lockbox that they describe as "a work-in-progress extension [...] to improve upon Firefox's built-in password management." [...]

https://www.bleepingcomputer.com/news/software/firefox-to-get-a-better-password-manager/

Firefox Implements Another Privacy-Preserving Feature Taken From the Tor Browser

Mozilla engineers have borrowed yet another feature from the Tor Browser and starting with version 58 Firefox will block attempts to fingerprint users using the HTML5 canvas element. [...]

https://www.bleepingcomputer.com/news/software/firefox-implements-another-privacy-preserving-feature-taken-from-the-tor-browser/

Coinhive Miners Found in Android Apps, WordPress Sites

The malicious deployment of in-browser JavaScript-based cryptocurrency mining scripts has continued the past week, and we've seen them reach Android applications on the official Google Play Store, but we've also seen the first mass-deployment as part of a botnet of hacked WordPress sites. [...]

https://www.bleepingcomputer.com/news/security/coinhive-miners-found-in-android-apps-wordpress-sites/

Mozilla Wants to Distrust Dutch HTTPS Provider Because of Local Dystopian Law

Mozilla engineers are discussing plans to remove support for a state-operated Dutch TLS/HTTPS provider after the Dutch government has voted a new law that grants local authorities the power to intercept Internet communications using "false keys." [...]

https://www.bleepingcomputer.com/news/security/mozilla-wants-to-distrust-dutch-https-provider-because-of-local-dystopian-law/

Flaws in Google's Bug Tracker Exposed Company's Vulnerability Database

A Romanian bug hunter has found three flaws in Google's official bug tracker, one of which could have been used to exposed sensitive vulnerabilities to unauthorized intruders. [...]

https://www.bleepingcomputer.com/news/security/flaws-in-googles-bug-tracker-exposed-companys-vulnerability-database/

Oracle Fixes "Default Account" Issue Rated 10 Out of 10 on Severity Scale

Oracle has released patches for a security issue affecting the Oracle Identity Manager that has received a rare 10 out of 10 score on the CVSSv3 bug severity scale. [...]

https://www.bleepingcomputer.com/news/security/oracle-fixes-default-account-issue-rated-10-out-of-10-on-severity-scale/

Facebook Phishing Campaign Targets Android and iOS Users

A Facebook spam campaign is luring users to phishing pages that try to trick targets into handing over Facebook or YouTube credentials. [...]

https://www.bleepingcomputer.com/news/security/facebook-phishing-campaign-targets-android-and-ios-users/

ONI Ransomware Used in Month-Long Attacks Against Japanese Companies

As more and more ransomware outbreaks are discovered, the line has become blurred in whether they are being utilized as a wiper or an actual ransomware. Such is the case with a new ransomware attack called ONI that has been used in targeted month long attacks against Japanese companies. [...]

https://www.bleepingcomputer.com/news/security/oni-ransomware-used-in-month-long-attacks-against-japanese-companies/

New VibWrite System Uses Finger Vibrations to Authenticate Users

Rutgers engineers have created a new type of user authentication system that relies on transmitting vibrations through a surface and having the user touch the surface to generate a unique signature. This signature is then used to approve or deny a user access to an app, room, or building. [...]

https://www.bleepingcomputer.com/news/technology/new-vibwrite-system-uses-finger-vibrations-to-authenticate-users/

Comodo Sells SSL Business to Silicon Valley VC Firm for Undisclosed Amount

Comodo, the Internets' leading Certificate Authority (CA), has sold a majority stake in its SSL issuance business for an undisclosed amount to Francisco Partners, a San Francisco-based venture capital firm. [...]

https://www.bleepingcomputer.com/news/business/comodo-sells-ssl-business-to-silicon-valley-vc-firm-for-undisclosed-amount/

UK Man Arrested for Selling Malware, DDoS Attacks on Google & Skype Servers

UK authorities have arrested a 21-year-old man for launching DDoS attacks on online services like Google, Skype, and Pokemon, but also for selling malware online. [...]

https://www.bleepingcomputer.com/news/security/uk-man-arrested-for-selling-malware-ddos-attacks-on-google-and-skype-servers/

Signal Launches Standalone Desktop Application for Windows, Mac, Linux

Open Whisper Systems, the company behind the Signal IM service, has finally launched standalone desktop applications for Windows, macOS, and Linux. [...]

https://www.bleepingcomputer.com/news/software/signal-launches-standalone-desktop-application-for-windows-mac-linux/

iOS 11.1 Released with New Emojis and Fixes for the KRACK Vulnerabilities

Apple just released iOS 11.1 & macOS High Sierra 10.13.1, which includes a variety of fixes, over 70 new emojis, and numerous security updates. Also released today are new updates for tvOS, watchOS, Safari, iTunes, and iCloud.  [...]

https://www.bleepingcomputer.com/news/security/ios-11-1-released-with-new-emojis-and-fixes-for-the-krack-vulnerabilities/

Nvidia AI Bot Creates Random Lifelike Human Faces

Advances in artificial intelligence are coming fast and furious these days, and one of the most impressive is an AI bot created by Nvidia researchers that can generate images of random and extremely realistic human faces. [...]

https://www.bleepingcomputer.com/news/technology/nvidia-ai-bot-creates-random-lifelike-human-faces/

CryptoShuffler Stole $150,000 by Replacing Bitcoin Wallet IDs in PC Clipboards

The operators of a malware strain identified as CryptoShuffler have made at least $150,000 worth of Bitcoin by using an extremely simple scheme. [...]

https://www.bleepingcomputer.com/news/security/cryptoshuffler-stole-150-000-by-replacing-bitcoin-wallet-ids-in-pc-clipboards/