Mozilla Confirms Web-Based Execution Vector for Meltdown and Spectre Attacks
Mozilla has officially confirmed that the recently disclosed Meltdown and Spectre CPU flaws can be exploited via web content such as JavaScript files in order to extract information from users visiting a web page. [...]
https://www.bleepingcomputer.com/news/security/mozilla-confirms-web-based-execution-vector-for-meltdown-and-spectre-attacks/
Mozilla has officially confirmed that the recently disclosed Meltdown and Spectre CPU flaws can be exploited via web content such as JavaScript files in order to extract information from users visiting a web page. [...]
https://www.bleepingcomputer.com/news/security/mozilla-confirms-web-based-execution-vector-for-meltdown-and-spectre-attacks/
BleepingComputer
Mozilla Confirms Web-Based Execution Vector for Meltdown and Spectre Attacks
Mozilla has officially confirmed that the recently disclosed Meltdown and Spectre CPU flaws can be exploited via web content such as JavaScript files in order to extract information from users visiting a web page.
How to Check and Update Windows Systems for the Meltdown and Spectre CPU Flaws
A simple, dumbed-down, step-by-step article on how to get these updates and navigate Microsoft's overly complicated announcement. [...]
https://www.bleepingcomputer.com/news/microsoft/how-to-check-and-update-windows-systems-for-the-meltdown-and-spectre-cpu-flaws/
A simple, dumbed-down, step-by-step article on how to get these updates and navigate Microsoft's overly complicated announcement. [...]
https://www.bleepingcomputer.com/news/microsoft/how-to-check-and-update-windows-systems-for-the-meltdown-and-spectre-cpu-flaws/
BleepingComputer
How to Check and Update Windows Systems for the Meltdown and Spectre CPU Flaws
A simple, dumbed-down, step-by-step article on how to get these updates and navigate Microsoft's overly complicated announcement.
Server Cryptomix Ransomware Variant Released
The devs behind the Cryptomix ransomware just keep pushing them out. A new Cryptomix variant was released last week that appends the .SERVER extension to encrypted files and changes the contact emails used by the ransomware. [...]
https://www.bleepingcomputer.com/news/security/server-cryptomix-ransomware-variant-released/
The devs behind the Cryptomix ransomware just keep pushing them out. A new Cryptomix variant was released last week that appends the .SERVER extension to encrypted files and changes the contact emails used by the ransomware. [...]
https://www.bleepingcomputer.com/news/security/server-cryptomix-ransomware-variant-released/
BleepingComputer
Server Cryptomix Ransomware Variant Released
The devs behind the Cryptomix ransomware just keep pushing them out. A new Cryptomix variant was released last week that appends the .SERVER extension to encrypted files and changes the contact emails used by the ransomware.
Department of Homeland Security Suffers Data Breach
The US Department of Homeland Security (DHS) announced it suffered a data breach last year, during which data for over 247,000 DHS employees and individuals under DHS investigations was taken from a secure DHS database. [...]
https://www.bleepingcomputer.com/news/security/department-of-homeland-security-suffers-data-breach/
The US Department of Homeland Security (DHS) announced it suffered a data breach last year, during which data for over 247,000 DHS employees and individuals under DHS investigations was taken from a secure DHS database. [...]
https://www.bleepingcomputer.com/news/security/department-of-homeland-security-suffers-data-breach/
BleepingComputer
Department of Homeland Security Suffers Data Breach
The US Department of Homeland Security (DHS) announced it suffered a data breach last year, during which data for over 247,000 DHS employees and individuals under DHS investigations was taken from a secure DHS database.
Intel Promises Firmware Updates for Most Modern CPUs by the End of Next Week
Intel pinky-promised today that it will provide firmware updates by the end of next week for 90% of all CPU models it released in the past five years. [...]
https://www.bleepingcomputer.com/news/hardware/intel-promises-firmware-updates-for-most-modern-cpus-by-the-end-of-next-week/
Intel pinky-promised today that it will provide firmware updates by the end of next week for 90% of all CPU models it released in the past five years. [...]
https://www.bleepingcomputer.com/news/hardware/intel-promises-firmware-updates-for-most-modern-cpus-by-the-end-of-next-week/
BleepingComputer
Intel Promises Firmware Updates for Most Modern CPUs by the End of Next Week
Intel pinky-promised today that it will provide firmware updates by the end of next week for 90% of all CPU models it released in the past five years.
Microsoft Word subDoc Feature Abused to Steal Windows Credentials
The security research team at Rhino Labs, a US-based cyber-security company, has discovered that malicious actors can use a lesser-known Microsoft Word feature called subDoc to trick Windows computers into handing over their NTLM hashes, the standard format in which user account credentials are stored. [...]
https://www.bleepingcomputer.com/news/security/microsoft-word-subdoc-feature-abused-to-steal-windows-credentials/
The security research team at Rhino Labs, a US-based cyber-security company, has discovered that malicious actors can use a lesser-known Microsoft Word feature called subDoc to trick Windows computers into handing over their NTLM hashes, the standard format in which user account credentials are stored. [...]
https://www.bleepingcomputer.com/news/security/microsoft-word-subdoc-feature-abused-to-steal-windows-credentials/
BleepingComputer
Microsoft Word subDoc Feature Abused to Steal Windows Credentials
The security research team at Rhino Labs, a US-based cyber-security company, has discovered that malicious actors can use a lesser-known Microsoft Word feature called subDoc to trick Windows computers into handing over their NTLM hashes, the standard formatβ¦
Google Unveils New Retpoline Coding Technique for Mitigating Spectre Attacks
Google has published details about a new coding technique created by the company's engineers that any developer can deploy and prevent Spectre attacks. [...]
https://www.bleepingcomputer.com/news/google/google-unveils-new-retpoline-coding-technique-for-mitigating-spectre-attacks/
Google has published details about a new coding technique created by the company's engineers that any developer can deploy and prevent Spectre attacks. [...]
https://www.bleepingcomputer.com/news/google/google-unveils-new-retpoline-coding-technique-for-mitigating-spectre-attacks/
BleepingComputer
Google Unveils New Retpoline Coding Technique for Mitigating Spectre Attacks
Google has published details about a new coding technique created by the company's engineers that any developer can deploy and prevent Spectre attacks.
Apple: All Mac Systems and iOS Devices Are Affected by Meltdown & Spectre Flaws
Apple has finally released an official statement on the company's mitigations status regarding the recently disclosed Meltdown and Spectre vulnerabilities. [...]
https://www.bleepingcomputer.com/news/apple/apple-all-mac-systems-and-ios-devices-are-affected-by-meltdown-and-spectre-flaws/
Apple has finally released an official statement on the company's mitigations status regarding the recently disclosed Meltdown and Spectre vulnerabilities. [...]
https://www.bleepingcomputer.com/news/apple/apple-all-mac-systems-and-ios-devices-are-affected-by-meltdown-and-spectre-flaws/
BleepingComputer
Apple: All Mac Systems and iOS Devices Are Affected by Meltdown & Spectre Flaws
Apple has finally released an official statement on the company's mitigations status regarding the recently disclosed Meltdown and Spectre vulnerabilities.
HP Recalls Laptop Batteries Due to Overheating and Fire Hazard
HP announced today "a worldwide voluntary safety recall and replacement program" for laptop batteries it shipped with notebooks or sold as accessories or replacements between December 2015 and December 2017. [...]
https://www.bleepingcomputer.com/news/hardware/hp-recalls-laptop-batteries-due-to-overheating-and-fire-hazard/
HP announced today "a worldwide voluntary safety recall and replacement program" for laptop batteries it shipped with notebooks or sold as accessories or replacements between December 2015 and December 2017. [...]
https://www.bleepingcomputer.com/news/hardware/hp-recalls-laptop-batteries-due-to-overheating-and-fire-hazard/
BleepingComputer
HP Recalls Laptop Batteries Due to Overheating and Fire Hazard
HP announced today "a worldwide voluntary safety recall and replacement program" for laptop batteries it shipped with notebooks or sold as accessories or replacements between December 2015 and December 2017.
Python-Based Botnet Targets Linux Systems with Exposed SSH Ports
Experts believe that an experienced cybercrime group has created a botnet from compromised Linux servers and is using these systems to mine Monero, a digital currency. [...]
https://www.bleepingcomputer.com/news/security/python-based-botnet-targets-linux-systems-with-exposed-ssh-ports/
Experts believe that an experienced cybercrime group has created a botnet from compromised Linux servers and is using these systems to mine Monero, a digital currency. [...]
https://www.bleepingcomputer.com/news/security/python-based-botnet-targets-linux-systems-with-exposed-ssh-ports/
BleepingComputer
Python-Based Botnet Targets Linux Systems with Exposed SSH Ports
Experts believe that an experienced cybercrime group has created a botnet from compromised Linux servers and is using these systems to mine Monero, a digital currency.
The Week in Ransomware - January 5th 2018 - Slow For The Holidays
Looks like even ransomware developers take time off for the holidays as there was not much activity over the past couple of weeks. We have seen mostly new variants being release, with the biggest being CryptoMix. Otherwise, just a few small in development ransomwares being released. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-5th-2018-slow-for-the-holidays/
Looks like even ransomware developers take time off for the holidays as there was not much activity over the past couple of weeks. We have seen mostly new variants being release, with the biggest being CryptoMix. Otherwise, just a few small in development ransomwares being released. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-5th-2018-slow-for-the-holidays/
BleepingComputer
The Week in Ransomware - January 5th 2018 - Slow For The Holidays
Looks like even ransomware developers take time off for the holidays as there was not much activity over the past couple of weeks. We have seen mostly new variants being release, with the biggest being CryptoMix. Otherwise, just a few small in developmentβ¦
Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online
AMD has fixed, but not yet released BIOS/UEFI/firmware updates for the general public for a security flaw affecting the AMD Secure Processor. [...]
https://www.bleepingcomputer.com/news/security/security-flaw-in-amds-secure-chip-on-chip-processor-disclosed-online/
AMD has fixed, but not yet released BIOS/UEFI/firmware updates for the general public for a security flaw affecting the AMD Secure Processor. [...]
https://www.bleepingcomputer.com/news/security/security-flaw-in-amds-secure-chip-on-chip-processor-disclosed-online/
BleepingComputer
Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online
AMD has fixed, but not yet released BIOS/UEFI/firmware updates for the general public for a security flaw affecting the AMD Secure Processor.
Adware Bundle Adds Persistence to Download More Malware at Later Time
For about a week now there have been repeated posts on the BleepingComputer and Malwarebytes forums regarding a BITSADMIN 3.0 command prompt that repeatedly opens on its own and downloads files. What all of these users had in common were numerous adware and unwanted programs installed on the computer. [...]
https://www.bleepingcomputer.com/news/security/adware-bundle-adds-persistence-to-download-more-malware-at-later-time/
For about a week now there have been repeated posts on the BleepingComputer and Malwarebytes forums regarding a BITSADMIN 3.0 command prompt that repeatedly opens on its own and downloads files. What all of these users had in common were numerous adware and unwanted programs installed on the computer. [...]
https://www.bleepingcomputer.com/news/security/adware-bundle-adds-persistence-to-download-more-malware-at-later-time/
BleepingComputer
Adware Bundle Adds Persistence to Download More Malware at Later Time
For about a week now there have been repeated posts on the BleepingComputer and Malwarebytes forums regarding a BITSADMIN 3.0 command prompt that repeatedly opens on its own and downloads files. What all of these users had in common were numerous adwareβ¦
Microsoft Halts Bitcoin Transactions Because It's An "Unstable Currency"
Microsoft has stopped supporting Bitcoin as a payment method for Microsoft products, Bleeping Computer has learned. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/microsoft-halts-bitcoin-transactions-because-its-an-unstable-currency-/
Microsoft has stopped supporting Bitcoin as a payment method for Microsoft products, Bleeping Computer has learned. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/microsoft-halts-bitcoin-transactions-because-its-an-unstable-currency-/
BleepingComputer
Microsoft Halts Bitcoin Transactions Because It's An "Unstable Currency"
Microsoft has stopped supporting Bitcoin as a payment method for Microsoft products, Bleeping Computer has learned.
Backdoor Account Removed from Western Digital NAS Hard Drives
A security researcher is urging owners of Western Digital MyCloud NAS devices to update the firmware of their portable hard-drives to fix a series of important security bugs he reported to the vendor, among which there is an easy exploitable and wormable hardcoded (backdoor) account. [...]
https://www.bleepingcomputer.com/news/security/backdoor-account-removed-from-western-digital-nas-hard-drives/
A security researcher is urging owners of Western Digital MyCloud NAS devices to update the firmware of their portable hard-drives to fix a series of important security bugs he reported to the vendor, among which there is an easy exploitable and wormable hardcoded (backdoor) account. [...]
https://www.bleepingcomputer.com/news/security/backdoor-account-removed-from-western-digital-nas-hard-drives/
BleepingComputer
Backdoor Account Removed from Western Digital NAS Hard Drives
A security researcher is urging owners of Western Digital MyCloud NAS devices to update the firmware of their portable hard-drives to fix a series of important security bugs he reported to the vendor, among which there is an easy exploitable and wormableβ¦
US Customs and Border Protection Publishes New Rules for Searching Electronic Devices
The US Customs and Border Protection (CBP) agency published last week a new guideline containing updated procedures for searching travelers' electronic devices at US borders. [...]
https://www.bleepingcomputer.com/news/government/us-customs-and-border-protection-publishes-new-rules-for-searching-electronic-devices/
The US Customs and Border Protection (CBP) agency published last week a new guideline containing updated procedures for searching travelers' electronic devices at US borders. [...]
https://www.bleepingcomputer.com/news/government/us-customs-and-border-protection-publishes-new-rules-for-searching-electronic-devices/
BleepingComputer
US Customs and Border Protection Publishes New Rules for Searching Electronic Devices
The US Customs and Border Protection (CBP) agency published last week a new guideline containing updated procedures for searching travelers' electronic devices at US borders.
Online Shop Can't Determine Card Breach Severity Due To "Lack of Backups"
In a data breach notification letter submitted to the Office of the Attorney General for the state of California, a makeup product vendor said it could not fully assess the impact of a recent card security breach due to a lack of backups. [...]
https://www.bleepingcomputer.com/news/security/online-shop-cant-determine-card-breach-severity-due-to-lack-of-backups/
In a data breach notification letter submitted to the Office of the Attorney General for the state of California, a makeup product vendor said it could not fully assess the impact of a recent card security breach due to a lack of backups. [...]
https://www.bleepingcomputer.com/news/security/online-shop-cant-determine-card-breach-severity-due-to-lack-of-backups/
BleepingComputer
Online Shop Can't Determine Card Breach Severity Due To "Lack of Backups"
In a data breach notification letter submitted to the Office of the Attorney General for the state of California, a makeup product vendor said it could not fully assess the impact of a recent card security breach due to a lack of backups.
Apple Releases Security Updates for Spectre CPU Flaw
Apple has released today security updates to mitigate the effects of the Spectre vulnerability that affects processors deployed with Apple devices such as smartphones, tablets, and desktop computers. [...]
https://www.bleepingcomputer.com/news/apple/apple-releases-security-updates-for-spectre-cpu-flaw/
Apple has released today security updates to mitigate the effects of the Spectre vulnerability that affects processors deployed with Apple devices such as smartphones, tablets, and desktop computers. [...]
https://www.bleepingcomputer.com/news/apple/apple-releases-security-updates-for-spectre-cpu-flaw/
BleepingComputer
Apple Releases Security Updates for Spectre CPU Flaw
Apple has released today security updates to mitigate the effects of the Spectre vulnerability that affects processors deployed with Apple devices such as smartphones, tablets, and desktop computers.
New VirusTotal Graph Makes It Easy to Visualize Malware
VirusTotal released a new feature today that allows a user to visualize data such as the hosts a file connects to, what files it creates, and more. Even better, this new tool is available to all members and not only to subscribers of VirusTotal's premium Intelligence platform. [...]
https://www.bleepingcomputer.com/news/security/new-virustotal-graph-makes-it-easy-to-visualize-malware/
VirusTotal released a new feature today that allows a user to visualize data such as the hosts a file connects to, what files it creates, and more. Even better, this new tool is available to all members and not only to subscribers of VirusTotal's premium Intelligence platform. [...]
https://www.bleepingcomputer.com/news/security/new-virustotal-graph-makes-it-easy-to-visualize-malware/
BleepingComputer
New VirusTotal Graph Makes It Easy to Visualize Malware
VirusTotal released a new feature today that allows a user to visualize data such as the hosts a file connects to, what files it creates, and more. Even better, this new tool is available to all members and not only to subscribers of VirusTotal's premiumβ¦
WPA3 WiFi Standard Announced After Researchers KRACKed WPA2 Three Months Ago
People say "every kick in the ass is a step forward." Well, Belgian security researcher Mathy Vanhoef gave the WiFi Protected Access (WPA) standard a huge kick in the ass last fall when it disclosed details about KRACK, a vulnerability in the WPA2 WiFi protocol used by billions of devices. [...]
https://www.bleepingcomputer.com/news/hardware/wpa3-wifi-standard-announced-after-researchers-kracked-wpa2-three-months-ago/
People say "every kick in the ass is a step forward." Well, Belgian security researcher Mathy Vanhoef gave the WiFi Protected Access (WPA) standard a huge kick in the ass last fall when it disclosed details about KRACK, a vulnerability in the WPA2 WiFi protocol used by billions of devices. [...]
https://www.bleepingcomputer.com/news/hardware/wpa3-wifi-standard-announced-after-researchers-kracked-wpa2-three-months-ago/
BleepingComputer
WPA3 WiFi Standard Announced After Researchers KRACKed WPA2 Three Months Ago
People say "every kick in the ass is a step forward." Well, Belgian security researcher Mathy Vanhoef gave the WiFi Protected Access (WPA) standard a huge kick in the ass last fall when it disclosed details about KRACK, a vulnerability in the WPA2 WiFi protocolβ¦
Microsoft Says No More Windows Security Updates Unless AVs Set a Registry Key
Microsoft has added a new and very important detail on the help page describing incompatibilities between antivirus (AV) products and the recent Windows Meltdown and Spectre patches. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-says-no-more-windows-security-updates-unless-avs-set-a-registry-key/
Microsoft has added a new and very important detail on the help page describing incompatibilities between antivirus (AV) products and the recent Windows Meltdown and Spectre patches. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-says-no-more-windows-security-updates-unless-avs-set-a-registry-key/
BleepingComputer
Microsoft Says No More Windows Security Updates Unless AVs Set a Registry Key
Microsoft has added a new and very important detail on the help page describing incompatibilities between antivirus (AV) products and the recent Windows Meltdown and Spectre patches.