Tens of Thousands of Defaced MikroTik and Ubiquiti Routers Available Online

Tens of thousands of MikroTik and Ubiquiti routers are currently available online, featuring alarmistic hostnames such as "HACKED FTP server," "HACKED-ROUTER-HELP-SOS-WAS-MFWORM-INFECTED," or "HACKED-ROUTER-HELP-SOS-HAD-DEFAULT-PASSWORD." [...]

https://www.bleepingcomputer.com/news/security/tens-of-thousands-of-defaced-mikrotik-and-ubiquiti-routers-available-online/

DOJ Charges Suspect Behind Fruitfly Mac Malware

Just hours ago, the US Department of Justice (DOJ) has filed official charges against an Ohio man for developing and infecting thousands of Americans with the Fruitfly Mac malware. [...]

https://www.bleepingcomputer.com/news/security/doj-charges-suspect-behind-fruitfly-mac-malware/

macOS Bug Lets Local Admin Unlock App Store System Prefs With Any Password

A bug has been discovered in macOS 10.13.2 that allows you to unlock the App Store system preferences using any username and password as long as you are logged in as a local admin. This means that if your account is an admin and you leave the computer unattended, anyone can change App Store settings on the Mac without your knowledge. [...]

https://www.bleepingcomputer.com/news/apple/macos-bug-lets-local-admin-unlock-app-store-system-prefs-with-any-password/

First Android Malware Developed in Kotlin Programming Language Discovered

A cyber-security firm has discovered what they believe to be the first Android malware family written in the Kotlin programming language. [...]

https://www.bleepingcomputer.com/news/security/first-android-malware-developed-in-kotlin-programming-language-discovered/

Cisco Rolls Out Solution to Detect Malware in Encrypted Traffic

Yesterday, Cisco rolled out Encrypted Traffic Analytics (ETA), a breakthrough technology that identifies malware in encrypted traffic without the need of intercepting and decrypting data streams. [...]

https://www.bleepingcomputer.com/news/security/cisco-rolls-out-solution-to-detect-malware-in-encrypted-traffic/

Hackers Make Whopping $226K Installing Monero Miners on Oracle WebLogic Servers

A group of hackers has made over a quarter-million dollars worth of Monero by breaking into Oracle WebLogic servers and installing a cryptocurrency miner. [...]

https://www.bleepingcomputer.com/news/security/hackers-make-whopping-226k-installing-monero-miners-on-oracle-weblogic-servers/

Intel Releases Linux CPU Microcodes for Processors Going Back Two Decades

On January 8th Intel released new Linux Processor microcode data files that can be used to mitigate the Spectre and and Meltdown vulnerabilities in Intel CPUs. Using microcodes, an operating system can fix known bugs in Intel CPU without having to perform a BIOS update on the computer. [...]

https://www.bleepingcomputer.com/news/security/intel-releases-linux-cpu-microcodes-for-processors-going-back-two-decades/

Microsoft Partners with Signal to Bring End-To-End Encryption to Skype

In a move that surprised many, Microsoft and Open Whisper Systems announced today they are partnering to bring support for end-to-end (E2E) encrypted conversations to Skype. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-partners-with-signal-to-bring-end-to-end-encryption-to-skype/

Windows 10 Fall Creators Update Now Fully Rolled Out Worldwide

According to Microsoft the rollout of Windows 10 Fall Creators Update is now fully available worldwide. Originally released to select group of devices and regions, over time a new feature update is made available to a wider audience.  At this time, Fall Creators Update is now available to all users running Windows 10. [...]

https://www.bleepingcomputer.com/news/security/windows-10-fall-creators-update-now-fully-rolled-out-worldwide/

Apple Will Hand Off Chinese iCloud Operations to State-Owned Local Firm

Apple announced today that it will hand over the operation of iCloud services for Chinese users to a local Chinese company as part of the company's efforts to comply with Chinese law. [...]

https://www.bleepingcomputer.com/news/apple/apple-will-hand-off-chinese-icloud-operations-to-state-owned-local-firm/

Congress Votes to Reauthorize NSA's Warrantless Surveillance of US Citizens

The US House of Representatives passed a bill today to renew the National Security Agency's warrantless internet surveillance program under Section 702 of the Foreign Intelligence Surveillance Amendments Act (FISA) of 2008. [...]

https://www.bleepingcomputer.com/news/government/congress-votes-to-reauthorize-nsas-warrantless-surveillance-of-us-citizens/

Windows Insider Build 17074 Brings Credit Card Autofill in Edge & Quiet Hours

Today Microsoft released Windows 10 Insider Preview Build 17074 for PC to insiders in the fast ring. It is important to note that computer's with AMD processors will have this preview build blocked due to the Spectre & Meltdown security update rollout as explained in this support article. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-insider-build-17074-brings-credit-card-autofill-in-edge-and-quiet-hours/

Facebook Will Overhaul News Feed to Show More Posts from Friends and Family

Facebook CEO Mark Zuckerberg announced yesterday that Facebook will revamp its News Feed content ranking algorithm to prioritize updates from friends and family members. [...]

https://www.bleepingcomputer.com/news/technology/facebook-will-overhaul-news-feed-to-show-more-posts-from-friends-and-family/

Intel AMT Security Issue Lets Attackers Bypass BIOS and BitLocker Passwords

An F-Secure security researcher has found a way to use Intel's Active Management Technology (AMT) to bypass BIOS passwords, BitLocker credentials, and TPM pins and gain access to previously-secured corporate computers. [...]

https://www.bleepingcomputer.com/news/security/intel-amt-security-issue-lets-attackers-bypass-bios-and-bitlocker-passwords/

The First Mac Malware of 2018 Is a DNS Hijacker Called MaMi

We are barely two weeks into 2017, and security researchers have already spotted the first new Mac malware strain this year. Called OSX/MaMi, all evidence points that this is still a work in progress, but one that comes with some pretty intrusive features, if ever completed and activated. [...]

https://www.bleepingcomputer.com/news/apple/the-first-mac-malware-of-2018-is-a-dns-hijacker-called-mami/

AMD Will Release CPU Microcode Updates for Spectre Flaw This Week

AMD officially admitted today that its processors are not vulnerable to the Meltdown bug, but are affected by both variants of the Spectre flaw. [...]

https://www.bleepingcomputer.com/news/hardware/amd-will-release-cpu-microcode-updates-for-spectre-flaw-this-week/

Intel Broadwell and Haswell CPUs Experiencing Reboots After Firmware Updates

Intel said today it is investigating an issue with Broadwell and Haswell CPUs after customers reported higher system reboot rates when they installed firmware updates for fixing the Spectre flaw. [...]

https://www.bleepingcomputer.com/news/hardware/intel-broadwell-and-haswell-cpus-experiencing-reboots-after-firmware-updates/

The Week in Ransomware - January 12th 2018 - Ethereum & Small Variants

Another week when only small variants were released. Hopefully this downward trend is a slowdown in ransomware distribution. This biggest news was that the HC7 ransomware accepted Ethereum as a ransom payment. This is the first time this digital currency has been used with ransomware. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-12th-2018-ethereum-and-small-variants/

Lenovo Discovers and Removes Backdoor in Networking Switches

Lenovo engineers have discovered a backdoor in the firmware of RackSwitch and BladeCenter networking switches. The company released firmware updates earlier this week. [...]

https://www.bleepingcomputer.com/news/security/lenovo-discovers-and-removes-backdoor-in-networking-switches/

Fourth Fappening Hacker Caught by the FBI

The US Department of Justice has charged a fourth suspect for hacking Hollywood celebrities and leaking nude photographs and videos in a 2014 incident referred to as The Fappening or Celebgate. [...]

https://www.bleepingcomputer.com/news/security/fourth-fappening-hacker-caught-by-the-fbi/

Mozilla Tests Firefox "Tab Warming"

Mozilla is currently testing a new feature called "Tab Warming" that engineers hope will improve the tab switching process. [...]

https://www.bleepingcomputer.com/news/software/mozilla-tests-firefox-tab-warming/