Russia Wants to Launch Backup DNS System by August 1, 2018

The Russian government is currently discussing plans to build its own "independent internet infrastructure" that will be used by BRICS member states — Brazil, Russia, India, China, and South Africa. [...]

https://www.bleepingcomputer.com/news/government/russia-wants-to-launch-backup-dns-system-by-august-1-2018/

The EU Will Foot the Bill for VLC Player's Public Bug Bounty Program

The European Union has announced this week that it will foot the bill for a bug bounty program that will run for the benefit of VLC Media Player, an open source cross-platform multimedia player. [...]

https://www.bleepingcomputer.com/news/security/the-eu-will-foot-the-bill-for-vlc-players-public-bug-bounty-program/

Google Bans Android Apps That Show Lockscreen Ads

Via an update to the Google Play Developer Policy Center, Google has banned apps from the Play Store that show ads on the lockscreen. [...]

https://www.bleepingcomputer.com/news/mobile/google-bans-android-apps-that-show-lockscreen-ads/

Microsoft Edge Browser Exits Preview and Now Available for iOS and Android

In early October, Microsoft began offering Edge to iOS and Android users as part of early preview. Today, Microsoft has officially released Edge and is now available to all iOS and Android users through the App Store and Google Play. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-browser-exits-preview-and-now-available-for-ios-and-android/

Google Will Block Third-Party Software From Injecting Code Into Chrome

Google has laid out a plan for blocking third-party applications from injecting code into the Chrome browser. [...]

https://www.bleepingcomputer.com/news/google/google-will-block-third-party-software-from-injecting-code-into-chrome/

New-But-Old US Bill Introduces Prison Time for Execs Who Conceal Data Breaches

Three US senators have introduced a bill on Thursday that will make it mandatory for companies to report breaches to customers within 30 days, but also carries fines and possible prison time for execs who conceal breaches from users and authorities. [...]

https://www.bleepingcomputer.com/news/security/new-but-old-us-bill-introduces-prison-time-for-execs-who-conceal-data-breaches/

Thousands of Serial-To-Ethernet Devices Leak Telnet Passwords

A security researcher has identified thousands of Serial-to-Ethernet devices connected online that leak Telnet passwords that could be used to attack the equipment that is placed behind them. [...]

https://www.bleepingcomputer.com/news/security/thousands-of-serial-to-ethernet-devices-leak-telnet-passwords/

Test Cryptomix Ransomware Variant Released

A new variant of the CryptoMix ransomware was discovered today that appends the .TEST extension to encrypted files and changes the contact emails used by the ransomware.  This article will provide information what changes were made in this new version. [...]

https://www.bleepingcomputer.com/news/security/test-cryptomix-ransomware-variant-released/

Facebook Tests New CAPTCHA Tool That Asks Users to Upload a Photo of Their Face

Facebook is running tests of a new CAPTCHA system that requires users to upload a clear photo of their face to prove the account is not fake and belongs to a new person. [...]

https://www.bleepingcomputer.com/news/technology/facebook-tests-new-captcha-tool-that-asks-users-to-upload-a-photo-of-their-face/

New Shadow BTCware Ransomware Variant Released

A new variant of the BTCWare ransomware was discovered by Michael Gillespie, that appends the .[email]-id-id.shadow extension to encrypted files. The BTCWare family of ransomware infections targets its victims by hacking into poorly protected remote desktop services and manually installing the ransomware. [...]

https://www.bleepingcomputer.com/news/security/new-shadow-btcware-ransomware-variant-released/

PHP Adds Support for Next-Gen Password Hashing Algorithm Argon2

PHP got a whole lot more secure this week with the release of the 7.2 branch, a version that improves and modernizes the programming language's support for cryptography and password hashing algorithms. [...]

https://www.bleepingcomputer.com/news/security/php-adds-support-for-next-gen-password-hashing-algorithm-argon2/

Halloware Ransomware on Sale on the Dark Web for Only $40

A malware author by the name of Luc1F3R is peddling a new ransomware strain called Halloware for the lowly price of $40. [...]

https://www.bleepingcomputer.com/news/security/halloware-ransomware-on-sale-on-the-dark-web-for-only-40/

The Week in Ransomware - December 1st 2017 - Decryptors, BTCWare, and More

[...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-1st-2017-decryptors-btcware-and-more/

NSA Employee at the Middle of the Kaspersky Saga Admits Taking Files Home

The US Department of Justice (DOJ) has formally charged a former NSA employee for taking classified documents home. The man, Nghia Hoang Pho, 67, of Ellicott City, Maryland, pleaded guilty today, according to court documents released by the DOJ. [...]

https://www.bleepingcomputer.com/news/security/nsa-employee-at-the-middle-of-the-kaspersky-saga-admits-taking-files-home/

UK's NCSC Warns Government Agencies About Russian Antivirus Products

A branch of the UK intelligence forces has sent out a letter to UK government departments and agencies about the use of Russian antivirus software to protect computers that store classified information. [...]

https://www.bleepingcomputer.com/news/government/uks-ncsc-warns-government-agencies-about-russian-antivirus-products/

PayPal Says 1.6 Million Customer Details Stolen in Breach at Canadian Subsidiary

PayPal says that one of the companies it recently acquired suffered a security incident during which an attacker appears to have accessed servers that stored information for 1.6 million customers. [...]

https://www.bleepingcomputer.com/news/security/paypal-says-1-6-million-customer-details-stolen-in-breach-at-canadian-subsidiary/

Former Sysadmin Caught Hacking His Ex-Employer by His Replacement

On Wednesday, November 29, a Kansas City court sentenced a Missouri man to six years in federal prison without parole for hacking his former employer, stealing trade secrets, and for accessing child pornography. [...]

https://www.bleepingcomputer.com/news/security/former-sysadmin-caught-hacking-his-ex-employer-by-his-replacement/

Student Hacks High School, Changes Grades, and Sends College Applications

Tenafly High School has informed parents earlier this month that a student has gained access to its internal IT systems, changed grades to improve his GPA, and sent out college applications immediately after. [...]

https://www.bleepingcomputer.com/news/security/student-hacks-high-school-changes-grades-and-sends-college-applications/

Dell, Other Vendors Start Shipping Laptops With Intel ME Firmware Disabled

Some hardware vendors are reacting to the recent revelation that some of Intel's core CPU technology is riddled with security holes. [...]

https://www.bleepingcomputer.com/news/hardware/dell-other-vendors-start-shipping-laptops-with-intel-me-firmware-disabled/

Leakbase.pw Hacked Password Service Goes Dark

Over the weekend, Leakbase.pw, a web site that sold subscriptions to usernames and passwords leaked in data breaches at other companies, suddenly discontinued their service. [...]

https://www.bleepingcomputer.com/news/security/leakbase-pw-hacked-password-service-goes-dark/

Man Hacks Jail Computer Network to Get Friend Released Early

A Michigan man pleaded guilty last week to hacking the computer network of the Washtenaw County Jail, where he modified inmate records in an attempt to have an inmate released early. [...]

https://www.bleepingcomputer.com/news/security/man-hacks-jail-computer-network-to-get-friend-released-early/