The Week in Ransomware - December 22nd 2017 - WannaCry, Arrests, & More
The holidays are upon us and that means even ransomware developers are taking some time off. This showed this week with very few ransomware infections being released and for the most part we have only seen new variants of existing infections. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-22nd-2017-wannacry-arrests-and-more/
The holidays are upon us and that means even ransomware developers are taking some time off. This showed this week with very few ransomware infections being released and for the most part we have only seen new variants of existing infections. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-22nd-2017-wannacry-arrests-and-more/
BleepingComputer
The Week in Ransomware - December 22nd 2017 - WannaCry, Arrests, & More
The holidays are upon us and that means even ransomware developers are taking some time off. This showed this week with very few ransomware infections being released and for the most part we have only seen new variants of existing infections.
Windows Build 17063 Change Log Updated for Audio, Activation, and OOBE Problems
Yesterday Microsoft updated the release notes for Windows 10 Insider build 17063 to add to the list of known bugs related to this version. It so happens that one of these bugs is one that I am having after upgrading to this build. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-build-17063-change-log-updated-for-audio-activation-and-oobe-problems/
Yesterday Microsoft updated the release notes for Windows 10 Insider build 17063 to add to the list of known bugs related to this version. It so happens that one of these bugs is one that I am having after upgrading to this build. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-build-17063-change-log-updated-for-audio-activation-and-oobe-problems/
BleepingComputer
Windows Build 17063 Change Log Updated for Audio, Activation, and OOBE Problems
Yesterday Microsoft updated the release notes for Windows 10 Insider build 17063 to add to the list of known bugs related to this version. It so happens that one of these bugs is one that I am having after upgrading to this build.
Chinese Man Sentenced to Five Years in Prison for Running VPN Service
Chinese authorities have sentenced a local man named Wu Xiangyang to five years and six months in prison for running an unsanctioned VPN service. [...]
https://www.bleepingcomputer.com/news/government/chinese-man-sentenced-to-five-years-in-prison-for-running-vpn-service/
Chinese authorities have sentenced a local man named Wu Xiangyang to five years and six months in prison for running an unsanctioned VPN service. [...]
https://www.bleepingcomputer.com/news/government/chinese-man-sentenced-to-five-years-in-prison-for-running-vpn-service/
BleepingComputer
Chinese Man Sentenced to Five Years in Prison for Running VPN Service
Chinese authorities have sentenced a local man named Wu Xiangyang to five years and six months in prison for running an unsanctioned VPN service.
Facebook Will Alert You When Someone Else Uploads a Photo of You
Facebook has started rolling out an update to its photo tagging system that will now scan newly uploaded photos and alert all the users it recognizes in that image by default. [...]
https://www.bleepingcomputer.com/news/technology/facebook-will-alert-you-when-someone-else-uploads-a-photo-of-you/
Facebook has started rolling out an update to its photo tagging system that will now scan newly uploaded photos and alert all the users it recognizes in that image by default. [...]
https://www.bleepingcomputer.com/news/technology/facebook-will-alert-you-when-someone-else-uploads-a-photo-of-you/
BleepingComputer
Facebook Will Alert You When Someone Else Uploads a Photo of You
Facebook has started rolling out an update to its photo tagging system that will now scan newly uploaded photos and alert all the users it recognizes in that image by default.
Man Threatened Company with Cyber Attack to Fire Employee and Hire Him Instead
A North Carolina judge sentenced a Washington man this week to 37 months in prison for threatening a company with attacks unless they fire one of their employees and hire him instead. [...]
https://www.bleepingcomputer.com/news/security/man-threatened-company-with-cyber-attack-to-fire-employee-and-hire-him-instead/
A North Carolina judge sentenced a Washington man this week to 37 months in prison for threatening a company with attacks unless they fire one of their employees and hire him instead. [...]
https://www.bleepingcomputer.com/news/security/man-threatened-company-with-cyber-attack-to-fire-employee-and-hire-him-instead/
BleepingComputer
Man Threatened Company with Cyber Attack to Fire Employee and Hire Him Instead
A North Carolina judge sentenced a Washington man this week to 37 months in prison for threatening a company with attacks unless they fire one of their employees and hire him instead.
Vulnerability Affects Hundreds of Thousands of IoT Devices
Here's something to be cheery on Christmas Day βa vulnerability affecting a web server that's been embedded in hundreds of thousands of IoT devices. [...]
https://www.bleepingcomputer.com/news/security/vulnerability-affects-hundreds-of-thousands-of-iot-devices/
Here's something to be cheery on Christmas Day βa vulnerability affecting a web server that's been embedded in hundreds of thousands of IoT devices. [...]
https://www.bleepingcomputer.com/news/security/vulnerability-affects-hundreds-of-thousands-of-iot-devices/
BleepingComputer
Vulnerability Affects Hundreds of Thousands of IoT Devices
Here's something to be cheery on Christmas Day βa vulnerability affecting a web server that's been embedded in hundreds of thousands of IoT devices.
Thunderbird Will Phase out Legacy Add-Ons, Will Support WebExtensions
Mozilla announced last week plans to modernize Thunderbird's codebase, plans that include fixing some "technical debt" by incorporating the recent changes in the Mozilla engine into Thunderbird, adding a new user interface (UI), and phasing out old legacy add-ons that are built on the XUL and XPCOM APIs. [...]
https://www.bleepingcomputer.com/news/software/thunderbird-will-phase-out-legacy-add-ons-will-support-webextensions/
Mozilla announced last week plans to modernize Thunderbird's codebase, plans that include fixing some "technical debt" by incorporating the recent changes in the Mozilla engine into Thunderbird, adding a new user interface (UI), and phasing out old legacy add-ons that are built on the XUL and XPCOM APIs. [...]
https://www.bleepingcomputer.com/news/software/thunderbird-will-phase-out-legacy-add-ons-will-support-webextensions/
BleepingComputer
Thunderbird Will Phase out Legacy Add-Ons, Will Support WebExtensions
Mozilla announced last week plans to modernize Thunderbird's codebase, plans that include fixing some "technical debt" by incorporating the recent changes in the Mozilla engine into Thunderbird, adding a new user interface (UI), and phasing out old legacyβ¦
Three Years Later, Hundreds of Sites Still Use Backdoored WordPress Plugins
More than a year after revealing the presence of intentionally malicious code inside the source code of 14 WordPress plugins, experts warn that hundreds of sites are still using the boobytrapped components. [...]
https://www.bleepingcomputer.com/news/security/three-years-later-hundreds-of-sites-still-use-backdoored-wordpress-plugins/
More than a year after revealing the presence of intentionally malicious code inside the source code of 14 WordPress plugins, experts warn that hundreds of sites are still using the boobytrapped components. [...]
https://www.bleepingcomputer.com/news/security/three-years-later-hundreds-of-sites-still-use-backdoored-wordpress-plugins/
BleepingComputer
Three Years Later, Hundreds of Sites Still Use Backdoored WordPress Plugins
More than a year after revealing the presence of intentionally malicious code inside the source code of 14 WordPress plugins, experts warn that hundreds of sites are still using the boobytrapped components.
"123456" Remains Most Common Password Found in Data Dumps in 2017
For the second year in a row, "123456" remained the top password among the millions of cleartext passwords exposed online thanks to data breach incidents at various providers. [...]
https://www.bleepingcomputer.com/news/security/-123456-remains-most-common-password-found-in-data-dumps-in-2017/
For the second year in a row, "123456" remained the top password among the millions of cleartext passwords exposed online thanks to data breach incidents at various providers. [...]
https://www.bleepingcomputer.com/news/security/-123456-remains-most-common-password-found-in-data-dumps-in-2017/
BleepingComputer
"123456" Remains Most Common Password Found in Data Dumps in 2017
For the second year in a row, "123456" remained the top password among the millions of cleartext passwords exposed online thanks to data breach incidents at various providers.
China Tests Using WeChat Social Network Account as Official Electronic ID
Chinese authorities are running a limited test that will allow Chinese citizens to use their WeChat social network account as a state-sanctioned electronic ID. [...]
https://www.bleepingcomputer.com/news/government/china-tests-using-wechat-social-network-account-as-official-electronic-id/
Chinese authorities are running a limited test that will allow Chinese citizens to use their WeChat social network account as a state-sanctioned electronic ID. [...]
https://www.bleepingcomputer.com/news/government/china-tests-using-wechat-social-network-account-as-official-electronic-id/
BleepingComputer
China Tests Using WeChat Social Network Account as Official Electronic ID
Chinese authorities are running a limited test that will allow Chinese citizens to use their WeChat social network account as a state-sanctioned electronic ID.
Acoustic Attacks on HDDs Can Sabotage PCs, CCTV Systems, ATMs, More
Attackers can use sound waves to interfere with a hard drive's normal mode of operation, creating a temporary or permanent denial of state (DoS) that could be used to prevent CCTV systems from recording video footage or freeze computers dealing with critical operations. [...]
https://www.bleepingcomputer.com/news/security/acoustic-attacks-on-hdds-can-sabotage-pcs-cctv-systems-atms-more/
Attackers can use sound waves to interfere with a hard drive's normal mode of operation, creating a temporary or permanent denial of state (DoS) that could be used to prevent CCTV systems from recording video footage or freeze computers dealing with critical operations. [...]
https://www.bleepingcomputer.com/news/security/acoustic-attacks-on-hdds-can-sabotage-pcs-cctv-systems-atms-more/
BleepingComputer
Acoustic Attacks on HDDs Can Sabotage PCs, CCTV Systems, ATMs, More
Attackers can use sound waves to interfere with a hard drive's normal mode of operation, creating a temporary or permanent denial of state (DoS) that could be used to prevent CCTV systems from recording video footage or freeze computers dealing with criticalβ¦
Malicious Apps Could Guess Your Phone's PIN Using Sensors Data
Malicious applications can freely access sensor data on modern smartphones and use this highly sensitive data stream to collect vasts amounts of intel on the phone's owner, information that they can later use to guess the user's phone PIN. [...]
https://www.bleepingcomputer.com/news/security/malicious-apps-could-guess-your-phones-pin-using-sensors-data/
Malicious applications can freely access sensor data on modern smartphones and use this highly sensitive data stream to collect vasts amounts of intel on the phone's owner, information that they can later use to guess the user's phone PIN. [...]
https://www.bleepingcomputer.com/news/security/malicious-apps-could-guess-your-phones-pin-using-sensors-data/
BleepingComputer
Malicious Apps Could Guess Your Phone's PIN Using Sensors Data
Malicious applications can freely access sensor data on modern smartphones and use this highly sensitive data stream to collect vasts amounts of intel on the phone's owner, information that they can later use to guess the user's phone PIN.
Flaws in Sonos and Bose Smart Speakers Let Hackers Play Pranks on Users
Similar vulnerabilities affect some Sonos and Bose smart speakers that allow hackers to take over devices, collect data on users, and even make devices to play desired audio tracks. [...]
https://www.bleepingcomputer.com/news/security/flaws-in-sonos-and-bose-smart-speakers-let-hackers-play-pranks-on-users/
Similar vulnerabilities affect some Sonos and Bose smart speakers that allow hackers to take over devices, collect data on users, and even make devices to play desired audio tracks. [...]
https://www.bleepingcomputer.com/news/security/flaws-in-sonos-and-bose-smart-speakers-let-hackers-play-pranks-on-users/
BleepingComputer
Flaws in Sonos and Bose Smart Speakers Let Hackers Play Pranks on Users
Similar vulnerabilities affect some Sonos and Bose smart speakers that allow hackers to take over devices, collect data on users, and even make devices to play desired audio tracks.
Web Trackers Exploit Flaw in Browser Login Managers to Steal Usernames
Princeton privacy experts are warning that advertising and analytics firms can secretly extract site usernames from browsers using hidden login fields and tie non-authenticated users visiting a site with their profiles or emails on that domain. [...]
https://www.bleepingcomputer.com/news/security/web-trackers-exploit-flaw-in-browser-login-managers-to-steal-usernames/
Princeton privacy experts are warning that advertising and analytics firms can secretly extract site usernames from browsers using hidden login fields and tie non-authenticated users visiting a site with their profiles or emails on that domain. [...]
https://www.bleepingcomputer.com/news/security/web-trackers-exploit-flaw-in-browser-login-managers-to-steal-usernames/
BleepingComputer
Web Trackers Exploit Flaw in Browser Login Managers to Steal Usernames
Princeton privacy experts are warning that advertising and analytics firms can secretly extract site usernames from browsers using hidden login fields and tie non-authenticated users visiting a site with their profiles or emails on that domain.
Three More WordPress Plugins Found Hiding a Backdoor
The massive size of the WordPress plugins ecosystem is starting to show signs of rot, as yet another incident has been reported involving the sale of old abandoned plugins to new authors who immediately proceed to add a backdoor to the original code. [...]
https://www.bleepingcomputer.com/news/security/three-more-wordpress-plugins-found-hiding-a-backdoor/
The massive size of the WordPress plugins ecosystem is starting to show signs of rot, as yet another incident has been reported involving the sale of old abandoned plugins to new authors who immediately proceed to add a backdoor to the original code. [...]
https://www.bleepingcomputer.com/news/security/three-more-wordpress-plugins-found-hiding-a-backdoor/
BleepingComputer
Three More WordPress Plugins Found Hiding a Backdoor
The massive size of the WordPress plugins ecosystem is starting to show signs of rot, as yet another incident has been reported involving the sale of old abandoned plugins to new authors who immediately proceed to add a backdoor to the original code.
US ISP Tells Users That Repeat Piracy Notices May Lead To "Thermostat Issues"
A letter sent out by a US ISP warns customers that by engaging in persistent online piracy they will force the company to downgrade their access plan to the minimum, and customers may have problems with controlling thermostats in the dead of winter. [...]
https://www.bleepingcomputer.com/news/technology/us-isp-tells-users-that-repeat-piracy-notices-may-lead-to-thermostat-issues-/
A letter sent out by a US ISP warns customers that by engaging in persistent online piracy they will force the company to downgrade their access plan to the minimum, and customers may have problems with controlling thermostats in the dead of winter. [...]
https://www.bleepingcomputer.com/news/technology/us-isp-tells-users-that-repeat-piracy-notices-may-lead-to-thermostat-issues-/
BleepingComputer
US ISP Tells Users That Repeat Piracy Notices May Lead To "Thermostat Issues"
A letter sent out by a US ISP warns customers that by engaging in persistent online piracy they will force the company to downgrade their access plan to the minimum, and customers may have problems with controlling various devices, including smart thermostatsβ¦
Tastylock Cryptomix Ransomware Variant Released
Michael Gillespie discovered a new variant of the CryptoMix ransomware that appends the .tastylock extension to encrypted files and changes the contact emails used by the ransomware. [...]
https://www.bleepingcomputer.com/news/security/tastylock-cryptomix-ransomware-variant-released/
Michael Gillespie discovered a new variant of the CryptoMix ransomware that appends the .tastylock extension to encrypted files and changes the contact emails used by the ransomware. [...]
https://www.bleepingcomputer.com/news/security/tastylock-cryptomix-ransomware-variant-released/
BleepingComputer
Tastylock Cryptomix Ransomware Variant Released
Michael Gillespie discovered a new variant of the CryptoMix ransomware that appends the .tastylock extension to encrypted files and changes the contact emails used by the ransomware.
Chinese Hackers Target Think Tanks to Steal Military Strategic Info
Towards the end of 2017, Chinese cyber-spies have engaged in a hacking spree that targeted at least four US think tanks and an additional two non-governmental organizations (NGOs), researchers from US firm Crowdstrike revealed in a report published last week. [...]
https://www.bleepingcomputer.com/news/security/chinese-hackers-target-think-tanks-to-steal-military-strategic-info/
Towards the end of 2017, Chinese cyber-spies have engaged in a hacking spree that targeted at least four US think tanks and an additional two non-governmental organizations (NGOs), researchers from US firm Crowdstrike revealed in a report published last week. [...]
https://www.bleepingcomputer.com/news/security/chinese-hackers-target-think-tanks-to-steal-military-strategic-info/
BleepingComputer
Chinese Hackers Target Think Tanks to Steal Military Strategic Info
Towards the end of 2017, Chinese cyber-spies have engaged in a hacking spree that targeted at least four US think tanks and an additional two non-governmental organizations (NGOs), researchers from US firm Crowdstrike revealed in a report published last week.
Magento Sites Hacked via Helpdesk Widget
Hackers are actively targeting Magento sites running a popular helpdesk extension, Dutch security researcher Willem de Groot has discovered. [...]
https://www.bleepingcomputer.com/news/security/magento-sites-hacked-via-helpdesk-widget/
Hackers are actively targeting Magento sites running a popular helpdesk extension, Dutch security researcher Willem de Groot has discovered. [...]
https://www.bleepingcomputer.com/news/security/magento-sites-hacked-via-helpdesk-widget/
BleepingComputer
Magento Sites Hacked via Helpdesk Widget
Hackers are actively targeting Magento sites running a popular helpdesk extension, Dutch security researcher Willem de Groot has discovered.
DHS: 18 of 33 First Responder Apps Affected by Security Flaws
A Department of Homeland Security (DHS) pilot program uncovered several privacy and security-related issues in Android and iOS applications used by first responders on the scene of natural disasters and other emergency situations. [...]
https://www.bleepingcomputer.com/news/security/dhs-18-of-33-first-responder-apps-affected-by-security-flaws/
A Department of Homeland Security (DHS) pilot program uncovered several privacy and security-related issues in Android and iOS applications used by first responders on the scene of natural disasters and other emergency situations. [...]
https://www.bleepingcomputer.com/news/security/dhs-18-of-33-first-responder-apps-affected-by-security-flaws/
BleepingComputer
DHS: 18 of 33 First Responder Apps Affected by Security Flaws
A Department of Homeland Security (DHS) pilot program uncovered several privacy and security-related issues in Android and iOS applications used by first responders on the scene of natural disasters and other emergency situations.
Users Have Reported the Same Chrome Bug 43 Times. Actually Not a Bug.
In the last five years, users have reported the same bug to the Chrome team for 43 times. In reality, the issue users found is not a bug at all. [...]
https://www.bleepingcomputer.com/news/google/users-have-reported-the-same-chrome-bug-43-times-actually-not-a-bug-/
In the last five years, users have reported the same bug to the Chrome team for 43 times. In reality, the issue users found is not a bug at all. [...]
https://www.bleepingcomputer.com/news/google/users-have-reported-the-same-chrome-bug-43-times-actually-not-a-bug-/
BleepingComputer
Users Have Reported the Same Chrome Bug 43 Times. Actually Not a Bug.
In the last five years, users have reported the same bug to the Chrome team for 43 times. In reality, the issue users found is not a bug at all.