Congress Votes to Reauthorize NSA's Warrantless Surveillance of US Citizens

The US House of Representatives passed a bill today to renew the National Security Agency's warrantless internet surveillance program under Section 702 of the Foreign Intelligence Surveillance Amendments Act (FISA) of 2008. [...]

https://www.bleepingcomputer.com/news/government/congress-votes-to-reauthorize-nsas-warrantless-surveillance-of-us-citizens/

Windows Insider Build 17074 Brings Credit Card Autofill in Edge & Quiet Hours

Today Microsoft released Windows 10 Insider Preview Build 17074 for PC to insiders in the fast ring. It is important to note that computer's with AMD processors will have this preview build blocked due to the Spectre & Meltdown security update rollout as explained in this support article. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-insider-build-17074-brings-credit-card-autofill-in-edge-and-quiet-hours/

Facebook Will Overhaul News Feed to Show More Posts from Friends and Family

Facebook CEO Mark Zuckerberg announced yesterday that Facebook will revamp its News Feed content ranking algorithm to prioritize updates from friends and family members. [...]

https://www.bleepingcomputer.com/news/technology/facebook-will-overhaul-news-feed-to-show-more-posts-from-friends-and-family/

Intel AMT Security Issue Lets Attackers Bypass BIOS and BitLocker Passwords

An F-Secure security researcher has found a way to use Intel's Active Management Technology (AMT) to bypass BIOS passwords, BitLocker credentials, and TPM pins and gain access to previously-secured corporate computers. [...]

https://www.bleepingcomputer.com/news/security/intel-amt-security-issue-lets-attackers-bypass-bios-and-bitlocker-passwords/

The First Mac Malware of 2018 Is a DNS Hijacker Called MaMi

We are barely two weeks into 2017, and security researchers have already spotted the first new Mac malware strain this year. Called OSX/MaMi, all evidence points that this is still a work in progress, but one that comes with some pretty intrusive features, if ever completed and activated. [...]

https://www.bleepingcomputer.com/news/apple/the-first-mac-malware-of-2018-is-a-dns-hijacker-called-mami/

AMD Will Release CPU Microcode Updates for Spectre Flaw This Week

AMD officially admitted today that its processors are not vulnerable to the Meltdown bug, but are affected by both variants of the Spectre flaw. [...]

https://www.bleepingcomputer.com/news/hardware/amd-will-release-cpu-microcode-updates-for-spectre-flaw-this-week/

Intel Broadwell and Haswell CPUs Experiencing Reboots After Firmware Updates

Intel said today it is investigating an issue with Broadwell and Haswell CPUs after customers reported higher system reboot rates when they installed firmware updates for fixing the Spectre flaw. [...]

https://www.bleepingcomputer.com/news/hardware/intel-broadwell-and-haswell-cpus-experiencing-reboots-after-firmware-updates/

The Week in Ransomware - January 12th 2018 - Ethereum & Small Variants

Another week when only small variants were released. Hopefully this downward trend is a slowdown in ransomware distribution. This biggest news was that the HC7 ransomware accepted Ethereum as a ransom payment. This is the first time this digital currency has been used with ransomware. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-12th-2018-ethereum-and-small-variants/

Lenovo Discovers and Removes Backdoor in Networking Switches

Lenovo engineers have discovered a backdoor in the firmware of RackSwitch and BladeCenter networking switches. The company released firmware updates earlier this week. [...]

https://www.bleepingcomputer.com/news/security/lenovo-discovers-and-removes-backdoor-in-networking-switches/

Fourth Fappening Hacker Caught by the FBI

The US Department of Justice has charged a fourth suspect for hacking Hollywood celebrities and leaking nude photographs and videos in a 2014 incident referred to as The Fappening or Celebgate. [...]

https://www.bleepingcomputer.com/news/security/fourth-fappening-hacker-caught-by-the-fbi/

Mozilla Tests Firefox "Tab Warming"

Mozilla is currently testing a new feature called "Tab Warming" that engineers hope will improve the tab switching process. [...]

https://www.bleepingcomputer.com/news/software/mozilla-tests-firefox-tab-warming/

Hackers Hijack DNS Server of BlackWallet to Steal $400,000

Unknown hackers have hijacked the DNS server for BlackWallet.co, a web-based wallet application for the Stellar Lumen cryptocurrency (XLM), and has stolen over $400,000 from users' accounts. [...]

https://www.bleepingcomputer.com/news/security/hackers-hijack-dns-server-of-blackwallet-to-steal-400-000/

Police Hand out Malware-Infected USBs as Prize in Cyber-Security Quiz

Taiwanese police have handed out malware-infected USB thumb drives to the winners of a cyber-security quiz at a data security expo hosted in December last year by the country's Presidential Office. [...]

https://www.bleepingcomputer.com/news/security/police-hand-out-malware-infected-usbs-as-prize-in-cyber-security-quiz/

Seagate Quietly Patches Dangerous Bug in NAS Devices

Seagate has patched a vulnerability in the firmware of the Seagate Personal Cloud Home Media Storage, a NAS (Network Attached Storage) product. [...]

https://www.bleepingcomputer.com/news/security/seagate-quietly-patches-dangerous-bug-in-nas-devices/

List of Links: BIOS Updates for the Meltdown and Spectre Patches

As Intel, AMD, and other CPU manufacturers have started releasing CPU microcode (firmware) updates for processor models affected by the Meltdown and Spectre patches, those updates are trickling down to OEMs and motherboard vendors, who are now integrating these patches into BIOS/UEFI updates for affected PCs. [...]

https://www.bleepingcomputer.com/news/software/list-of-links-bios-updates-for-the-meltdown-and-spectre-patches/

Linux and Windows Servers Targeted with RubyMiner Malware

Security researchers have spotted a new strain of malware being deployed online. Named RubyMiner, this malware is a cryptocurrency miner spotted going after outdated web servers. [...]

https://www.bleepingcomputer.com/news/security/linux-and-windows-servers-targeted-with-rubyminer-malware/

Canadian Police Charge Man Behind LeakedSource Portal

The Royal Canadian Mounted Police (RCMP) announced today they've charged a 27-year-old man named Jordan Evan Bloom for running LeakedSource.com, a website that compiled public data breaches, including cleartext passwords, and sold access to this information for a few dollars. [...]

https://www.bleepingcomputer.com/news/security/canadian-police-charge-man-behind-leakedsource-portal/

Over 500,000 Users Impacted by Four Malicious Chrome Extensions

Security researchers from US cyber-security firm ICEBRG have spotted four Chrome extensions featuring malicious code that were available through the official Chrome Web Store. [...]

https://www.bleepingcomputer.com/news/security/over-500-000-users-impacted-by-four-malicious-chrome-extensions/

KillDisk Fake Ransomware Hits Financial Firms in Latin America

A new version of the KillDisk disk-wiping malware has hit companies in the financial sector in Latin America, Trend Micro reported yesterday. [...]

https://www.bleepingcomputer.com/news/security/killdisk-fake-ransomware-hits-financial-firms-in-latin-america/

Man Admits to Creating Crypting Service Cryptex and reFUD.me Scanner

A 24-year-old man has pleaded guilty yesterday in a UK court for creating and advertising two malware-related services employed by thousands of criminals. [...]

https://www.bleepingcomputer.com/news/security/man-admits-to-creating-crypting-service-cryptex-and-refud-me-scanner/

Italian IT Company Possibly Behind New Skygofree Android Spyware

Security researchers from Kaspersky Lab have discovered a new and powerful strain of Android spyware that they believe was created by an Italian IT company which they suspect is active in the surveillance software market. [...]

https://www.bleepingcomputer.com/news/security/italian-it-company-possibly-behind-new-skygofree-android-spyware/