Intel Broadwell and Haswell CPUs Experiencing Reboots After Firmware Updates

Intel said today it is investigating an issue with Broadwell and Haswell CPUs after customers reported higher system reboot rates when they installed firmware updates for fixing the Spectre flaw. [...]

https://www.bleepingcomputer.com/news/hardware/intel-broadwell-and-haswell-cpus-experiencing-reboots-after-firmware-updates/

The Week in Ransomware - January 12th 2018 - Ethereum & Small Variants

Another week when only small variants were released. Hopefully this downward trend is a slowdown in ransomware distribution. This biggest news was that the HC7 ransomware accepted Ethereum as a ransom payment. This is the first time this digital currency has been used with ransomware. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-12th-2018-ethereum-and-small-variants/

Lenovo Discovers and Removes Backdoor in Networking Switches

Lenovo engineers have discovered a backdoor in the firmware of RackSwitch and BladeCenter networking switches. The company released firmware updates earlier this week. [...]

https://www.bleepingcomputer.com/news/security/lenovo-discovers-and-removes-backdoor-in-networking-switches/

Fourth Fappening Hacker Caught by the FBI

The US Department of Justice has charged a fourth suspect for hacking Hollywood celebrities and leaking nude photographs and videos in a 2014 incident referred to as The Fappening or Celebgate. [...]

https://www.bleepingcomputer.com/news/security/fourth-fappening-hacker-caught-by-the-fbi/

Mozilla Tests Firefox "Tab Warming"

Mozilla is currently testing a new feature called "Tab Warming" that engineers hope will improve the tab switching process. [...]

https://www.bleepingcomputer.com/news/software/mozilla-tests-firefox-tab-warming/

Hackers Hijack DNS Server of BlackWallet to Steal $400,000

Unknown hackers have hijacked the DNS server for BlackWallet.co, a web-based wallet application for the Stellar Lumen cryptocurrency (XLM), and has stolen over $400,000 from users' accounts. [...]

https://www.bleepingcomputer.com/news/security/hackers-hijack-dns-server-of-blackwallet-to-steal-400-000/

Police Hand out Malware-Infected USBs as Prize in Cyber-Security Quiz

Taiwanese police have handed out malware-infected USB thumb drives to the winners of a cyber-security quiz at a data security expo hosted in December last year by the country's Presidential Office. [...]

https://www.bleepingcomputer.com/news/security/police-hand-out-malware-infected-usbs-as-prize-in-cyber-security-quiz/

Seagate Quietly Patches Dangerous Bug in NAS Devices

Seagate has patched a vulnerability in the firmware of the Seagate Personal Cloud Home Media Storage, a NAS (Network Attached Storage) product. [...]

https://www.bleepingcomputer.com/news/security/seagate-quietly-patches-dangerous-bug-in-nas-devices/

List of Links: BIOS Updates for the Meltdown and Spectre Patches

As Intel, AMD, and other CPU manufacturers have started releasing CPU microcode (firmware) updates for processor models affected by the Meltdown and Spectre patches, those updates are trickling down to OEMs and motherboard vendors, who are now integrating these patches into BIOS/UEFI updates for affected PCs. [...]

https://www.bleepingcomputer.com/news/software/list-of-links-bios-updates-for-the-meltdown-and-spectre-patches/

Linux and Windows Servers Targeted with RubyMiner Malware

Security researchers have spotted a new strain of malware being deployed online. Named RubyMiner, this malware is a cryptocurrency miner spotted going after outdated web servers. [...]

https://www.bleepingcomputer.com/news/security/linux-and-windows-servers-targeted-with-rubyminer-malware/

Canadian Police Charge Man Behind LeakedSource Portal

The Royal Canadian Mounted Police (RCMP) announced today they've charged a 27-year-old man named Jordan Evan Bloom for running LeakedSource.com, a website that compiled public data breaches, including cleartext passwords, and sold access to this information for a few dollars. [...]

https://www.bleepingcomputer.com/news/security/canadian-police-charge-man-behind-leakedsource-portal/

Over 500,000 Users Impacted by Four Malicious Chrome Extensions

Security researchers from US cyber-security firm ICEBRG have spotted four Chrome extensions featuring malicious code that were available through the official Chrome Web Store. [...]

https://www.bleepingcomputer.com/news/security/over-500-000-users-impacted-by-four-malicious-chrome-extensions/

KillDisk Fake Ransomware Hits Financial Firms in Latin America

A new version of the KillDisk disk-wiping malware has hit companies in the financial sector in Latin America, Trend Micro reported yesterday. [...]

https://www.bleepingcomputer.com/news/security/killdisk-fake-ransomware-hits-financial-firms-in-latin-america/

Man Admits to Creating Crypting Service Cryptex and reFUD.me Scanner

A 24-year-old man has pleaded guilty yesterday in a UK court for creating and advertising two malware-related services employed by thousands of criminals. [...]

https://www.bleepingcomputer.com/news/security/man-admits-to-creating-crypting-service-cryptex-and-refud-me-scanner/

Italian IT Company Possibly Behind New Skygofree Android Spyware

Security researchers from Kaspersky Lab have discovered a new and powerful strain of Android spyware that they believe was created by an Italian IT company which they suspect is active in the surveillance software market. [...]

https://www.bleepingcomputer.com/news/security/italian-it-company-possibly-behind-new-skygofree-android-spyware/

Hospital Pays $55K Ransomware Demand Despite Having Backups

An Indiana hospital paid a ransom of $55,000 to get rid of ransomware that had infected its systems and was hindering operations last week. [...]

https://www.bleepingcomputer.com/news/security/hospital-pays-55k-ransomware-demand-despite-having-backups/

Cya Windows. You Can Now Run PowerShell on Linux & macOS

An open-source cross-platform version of PowerShell, called PowerShell Core 6.0, has been released by Microsoft that not only runs on Windows, but runs on macOS and Linux as well. Going forward, this version is going to be the actively developed with the original PowerShell only receiving security updates. [...]

https://www.bleepingcomputer.com/news/microsoft/cya-windows-you-can-now-run-powershell-on-linux-and-macos/

Because Ransomware: OneDrive for Business to Get "Files Restore" Option

Microsoft will add a new feature to OneDrive for Business that will let users create backup points and restore to previous versions of their entire OneDrive account. [...]

https://www.bleepingcomputer.com/news/microsoft/because-ransomware-onedrive-for-business-to-get-files-restore-option/

Mozilla Restricts All New Firefox Features to HTTPS Only

In a groundbreaking statement earlier this week, Mozilla announced that all web-based features that will ship with Firefox in the future must be served on over a secure HTTPS connection (a "secure context"). [...]

https://www.bleepingcomputer.com/news/software/mozilla-restricts-all-new-firefox-features-to-https-only/

Satori Botnet Is Now Attacking Ethereum Mining Rigs

A new variant of the Satori botnet has sprung back to life, and this one is hacking into Claymore mining rigs and replacing the device owner's mining credentials with the attacker's own. [...]

https://www.bleepingcomputer.com/news/security/satori-botnet-is-now-attacking-ethereum-mining-rigs/

Google Launches IT Support Training Program And Offers 10,000 Scholarships

As part of its Grow with Google program, Google has created an IT Support certification program based on the same methods that they use train their own employees. Called the Google IT Support Professional Certificate, this certification aims to prepares people for an entry level job in the information technology support field. [...]

https://www.bleepingcomputer.com/news/security/google-launches-it-support-training-program-and-offers-10-000-scholarships/