HP Reissuing BIOS Updates After Intel Meltdown and Spectre Updates

HP announced today it was stopping the deployment of BIOS updates containing Meltdown and Spectre patches and reissuing older BIOS versions. [...]

https://www.bleepingcomputer.com/news/hardware/hp-reissuing-bios-updates-after-intel-meltdown-and-spectre-updates/

Rapid Ransomware Continues Encrypting New Files as they Are Created

A new ransomware is being spread called Rapid Ransomware that stays active after initially encrypting a computer and encrypts any new files that are created. While this behavior is not unique to Rapid, it is not a common behavior we see too often. [...]

https://www.bleepingcomputer.com/news/security/rapid-ransomware-continues-encrypting-new-files-as-they-are-created/

Hacker Uses Malware to Steal Gas From Paying Customers

Russian authorities have arrested Denis Zayev in Stavropol, Russia, on accusations of defrauding countless of car owners with malware installed on gas pumps all over southern Russia. [...]

https://www.bleepingcomputer.com/news/security/hacker-uses-malware-to-steal-gas-from-paying-customers/

Apple Backports Meltdown Patch to Older macOS Versions

On January 23, 2018, Apple released a third set of updates for macOS that backported previous Meltdown patches to older versions of the macOS operating system. [...]

https://www.bleepingcomputer.com/news/apple/apple-backports-meltdown-patch-to-older-macos-versions/

Software Framework Flaw Affects Apps From Skype, Signal, Slack, Twitch, Others

A flaw in a very popular software-building framework may affect a large number of popular desktop apps from Microsoft (Skype, Visual Studio Code), Brave (browser), GitHub (Atom Editor), Signal, Slack, Basecamp, WordPress.com, Twitch, Ghost, and others. [...]

https://www.bleepingcomputer.com/news/security/software-framework-flaw-affects-apps-from-skype-signal-slack-twitch-others/

New HNS IoT Botnet Has Already Amassed 14K Bots

A new botnet is growing around the world, feeding off unsecured IoT devices, mainly IP cameras, and getting ready to do some harm. [...]

https://www.bleepingcomputer.com/news/security/new-hns-iot-botnet-has-already-amassed-14k-bots/

Microsoft Will Soon Let Users See What Telemetry Windows 10 Collects

With the next major release of the Windows 10 operating system, scheduled for April-May 2018, Microsoft plans to let users see what telemetry data the company is collecting from each of their devices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-will-soon-let-users-see-what-telemetry-windows-10-collects/

Chrome 64 Released With Stronger Popup Blocker, Spectre Mitigations

Google has released Chrome 64 for Windows, Mac, Linux, and Android, and this new Chrome version brings improvements to the browser's built-in ad blocker, a bunch of developer and web standards-related changes. [...]

https://www.bleepingcomputer.com/news/software/chrome-64-released-with-stronger-popup-blocker-spectre-mitigations/

Facebook Acquires Government ID Authentication Service

Facebook has bought Confirm, a Boston-based government ID verification service, which Facebook will most likely use to confirm the identities of suspicious accounts in its fight against fake accounts used to spread political propaganda. [...]

https://www.bleepingcomputer.com/news/business/facebook-acquires-government-id-authentication-service/

MoneroPay Ransomware Disguised as Wallet for Fake SpriteCoin CryptoCurrency

A ransomware called MoneroPay has been discovered that takes advantage of the cryptocurrency craze by spreading itself as a wallet for a fake coin called SpriteCoin.  While users were installing what they was a new cryptocoin and synching it to the blockchain, secretly behind the scenes MoneroPay was silently encrypting the computer. [...]

https://www.bleepingcomputer.com/news/security/moneropay-ransomware-disguised-as-wallet-for-fake-spritecoin-cryptocurrency/

Infected Android Games Spread Adware to More Than 4.5 Million Users

An Android app component meant to provide inter-user chatting capabilities has been opening websites and clicking on ads in phones' background. [...]

https://www.bleepingcomputer.com/news/security/infected-android-games-spread-adware-to-more-than-4-5-million-users/

Maersk Reinstalled 45,000 PCs and 4,000 Servers to Recover From NotPetya Attack

The world's largest container shipping company —A.P. Møller-Maersk— said it recovered from the NotPetya ransomware incident by reinstalling over 4,000 servers, 45,000 PCs, and 2500 applications over the course of ten days in late June and early July 2017. [...]

https://www.bleepingcomputer.com/news/security/maersk-reinstalled-45-000-pcs-and-4-000-servers-to-recover-from-notpetya-attack/

Reddit Brings Two-factor Authentication To All Users. Here's How to Enable It

As of today, you can now secure your Reddit account using two-factor authentication . This feature was previously in beta, but has now been rolled out to all Reddit users. [...]

https://www.bleepingcomputer.com/news/security/reddit-brings-two-factor-authentication-to-all-users-heres-how-to-enable-it/

Malware Epidemic: Monero Mining Campaigns Are Becoming a Real Problem

Malware that secretly mines Monero is becoming a real problem in the real world, with the number of different incidents growing with each week. For example, only this past week, three new attacks came to light. [...]

https://www.bleepingcomputer.com/news/security/malware-epidemic-monero-mining-campaigns-are-becoming-a-real-problem/

BlackMailware Found On Porn Site Threatens to Report Users are Spreading Child Porn

A new infection is being distributed by porn sites that tries to blackmail a victim into paying a ransom by stating they will tell law enforcement that the victim is spreading child porn. [...]

https://www.bleepingcomputer.com/news/security/blackmailware-found-on-porn-site-threatens-to-report-users-are-spreading-child-porn/

Malwarebytes: Ransomware Was Bigger Than Ever in 2017

An end-of-the-year report from US cyber-security firm Malwarebytes reveals that ransomware, adware, and cryptojacking were extremely popular with cyber-criminals in 2017. [...]

https://www.bleepingcomputer.com/news/security/malwarebytes-ransomware-was-bigger-than-ever-in-2017/

Suspect Arrested in Massive Theft of Dell Computer Components Worth $7 Million

A trio of Secret Service agents, DHS investigators, and West Hartford (Connecticut) police officers have arrested a man who they believe is at the center of a massive fraud operation through which he stole Dell computer parts worth more than $7 million. [...]

https://www.bleepingcomputer.com/news/legal/suspect-arrested-in-massive-theft-of-dell-computer-components-worth-7-million/

Keylogger Campaign Hits Over 2,000 WordPress Sites

Security researchers have discovered over 2,000 WordPress sites —possibly more— infected with a keylogger that's being loaded on the WordPress backend login page and a cryptojacking script (in-browser cryptocurrency miner) on their frontends. [...]

https://www.bleepingcomputer.com/news/security/keylogger-campaign-hits-over-2-000-wordpress-sites/

Crooks Created 28 Fake Ad Agencies to Disguise Massive Malvertising Campaign

A group of cyber-criminals created 28 fake ad agencies and bought over 1 billion ad views in 2017, which they used to deliver malicious ads that redirected unsuspecting users to tech support scams or sneaky pages peddling malware-laden software updates or software installers. [...]

https://www.bleepingcomputer.com/news/security/crooks-created-28-fake-ad-agencies-to-disguise-massive-malvertising-campaign/

The Velso Ransomware Being Manually Installed by Attackers

A new ransomware is actively infecting victims called the Velso Ransomware. This ransomware appends the .velso extension to encrypted files and then drops a ransom note that contains an email address that a victim can use to contact the developer. [...]

https://www.bleepingcomputer.com/news/security/the-velso-ransomware-being-manually-installed-by-attackers/

Dridex Group Created BitPaymer (FriedEx) Ransomware

The authors of the infamous Dridex banking trojan and the Necurs spam botnet appear to have also created the FriedEx ransomware, according to an ESET report released earlier today. [...]

https://www.bleepingcomputer.com/news/security/dridex-group-created-bitpaymer-friedex-ransomware/