Analytics Firm Admits It Collected Password Data by Accident
Mixpanel, a web and mobile analytics provider, has notified customers last week via email that it accidentally collected data entered in password fields due to a bug introduced in its SDK. [...]
https://www.bleepingcomputer.com/news/security/analytics-firm-admits-it-collected-password-data-by-accident/
Mixpanel, a web and mobile analytics provider, has notified customers last week via email that it accidentally collected data entered in password fields due to a bug introduced in its SDK. [...]
https://www.bleepingcomputer.com/news/security/analytics-firm-admits-it-collected-password-data-by-accident/
BleepingComputer
Analytics Firm Admits It Collected Password Data by Accident
Mixpanel, a web and mobile analytics provider, has notified customers last week via email that it accidentally collected data entered in password fields due to a bug introduced in its SDK.
Ransomware Victims Hit on Average by Two Attacks per Year
A study of 2,700 IT professionals across the globe has revealed that 54% of organizations suffered a ransomware attack in the last year, and most organizations were hit more than twice, with the average number of ransomware per attacks being two. [...]
https://www.bleepingcomputer.com/news/security/ransomware-victims-hit-on-average-by-two-attacks-per-year/
A study of 2,700 IT professionals across the globe has revealed that 54% of organizations suffered a ransomware attack in the last year, and most organizations were hit more than twice, with the average number of ransomware per attacks being two. [...]
https://www.bleepingcomputer.com/news/security/ransomware-victims-hit-on-average-by-two-attacks-per-year/
BleepingComputer
Ransomware Victims Hit on Average by Two Attacks per Year
A study of 2,700 IT professionals across the globe has revealed that 54% of organizations suffered a ransomware attack in the last year, and most organizations were hit more than twice, with the average number of ransomware per attacks being two.
CSS Code Can Be Abused to Collect Sensitive User Data
With the recent upgrades to the CSS language, CSS code has become a powerful tool that could be abused to track users on websites, extract and steal data from a web page, collect data entered inside form fields (including passwords), and even deanonymize Dark Web users in some scenarios. [...]
https://www.bleepingcomputer.com/news/security/css-code-can-be-abused-to-collect-sensitive-user-data/
With the recent upgrades to the CSS language, CSS code has become a powerful tool that could be abused to track users on websites, extract and steal data from a web page, collect data entered inside form fields (including passwords), and even deanonymize Dark Web users in some scenarios. [...]
https://www.bleepingcomputer.com/news/security/css-code-can-be-abused-to-collect-sensitive-user-data/
BleepingComputer
CSS Code Can Be Abused to Collect Sensitive User Data
With the recent upgrades to the CSS language, CSS code has become a powerful tool that could be abused to track users on websites, extract and steal data from a web page, collect data entered inside form fields (including passwords), and even deanonymizeβ¦
Bitdefender Ironically Stopped Working on Safer Internet Day
Ironically on what has become known as Safer Internet Day, users of Bitdefender Antivirus are reporting today that the security software has suddenly stopped working. After installing an update, Bitdefender users are seeing errors that state "The Bitdefender Security Service (vsserv.exe) is unavailable". [...]
https://www.bleepingcomputer.com/news/security/bitdefender-ironically-stopped-working-on-safer-internet-day/
Ironically on what has become known as Safer Internet Day, users of Bitdefender Antivirus are reporting today that the security software has suddenly stopped working. After installing an update, Bitdefender users are seeing errors that state "The Bitdefender Security Service (vsserv.exe) is unavailable". [...]
https://www.bleepingcomputer.com/news/security/bitdefender-ironically-stopped-working-on-safer-internet-day/
BleepingComputer
Bitdefender Ironically Stopped Working on Safer Internet Day
Ironically on what has become known as Safer Internet Day, users of Bitdefender Antivirus are reporting today that the security software has suddenly stopped working. After installing an update, Bitdefender users are seeing errors that state "The Bitdefenderβ¦
Researcher Bypasses Windows Controlled Folder Access Anti-Ransomware Protection
A security researcher has found a way to bypass the "Controlled Folder Access" feature added in Windows 10 in October 2017, which Microsoft has touted as a reliable anti-ransomware defensive measure. [...]
https://www.bleepingcomputer.com/news/security/researcher-bypasses-windows-controlled-folder-access-anti-ransomware-protection/
A security researcher has found a way to bypass the "Controlled Folder Access" feature added in Windows 10 in October 2017, which Microsoft has touted as a reliable anti-ransomware defensive measure. [...]
https://www.bleepingcomputer.com/news/security/researcher-bypasses-windows-controlled-folder-access-anti-ransomware-protection/
BleepingComputer
Researcher Bypasses Windows Controlled Folder Access Anti-Ransomware Protection
A security researcher has found a way to bypass the "Controlled Folder Access" feature added in Windows 10 in October 2017, which Microsoft has touted as a reliable anti-ransomware defensive measure.
Scammers Use Download Bombs to Freeze Chrome Browsers on Shady Sites
The operators of some tech support scam websites have found a new trick to block visitors on their shady sites and scare non-technical users into paying for unneeded software or servicing fees. [...]
https://www.bleepingcomputer.com/news/security/scammers-use-download-bombs-to-freeze-chrome-browsers-on-shady-sites/
The operators of some tech support scam websites have found a new trick to block visitors on their shady sites and scare non-technical users into paying for unneeded software or servicing fees. [...]
https://www.bleepingcomputer.com/news/security/scammers-use-download-bombs-to-freeze-chrome-browsers-on-shady-sites/
BleepingComputer
Scammers Use Download Bombs to Freeze Chrome Browsers on Shady Sites
The operators of some tech support scam websites have found a new trick to block visitors on their shady sites and scare non-technical users into paying for unneeded software or servicing fees.
X.509 Certificates Can Be Abused for Data Exfiltration
Researchers say that threat actors looking for a covert channel for stealing data from a firewalled network can abuse X.509 certificates to hide and extract data without being detected. [...]
https://www.bleepingcomputer.com/news/security/x-509-certificates-can-be-abused-for-data-exfiltration/
Researchers say that threat actors looking for a covert channel for stealing data from a firewalled network can abuse X.509 certificates to hide and extract data without being detected. [...]
https://www.bleepingcomputer.com/news/security/x-509-certificates-can-be-abused-for-data-exfiltration/
BleepingComputer
X.509 Certificates Can Be Abused for Data Exfiltration
Researchers say that threat actors looking for a covert channel for stealing data from a firewalled network can abuse X.509 certificates to hide and extract data without being detected.
Litecoin, Not Monero, Is the Second Most Dominant Dark Web Currency
A study of 150 of the most prominent Dark Web message boards, marketplaces, and illicit services reveals that Litecoin is currently the second most widespread cryptocurrency among cyber-criminals, and not Monero or Ethereum, as most users would have guessed. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/litecoin-not-monero-is-the-second-most-dominant-dark-web-currency/
A study of 150 of the most prominent Dark Web message boards, marketplaces, and illicit services reveals that Litecoin is currently the second most widespread cryptocurrency among cyber-criminals, and not Monero or Ethereum, as most users would have guessed. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/litecoin-not-monero-is-the-second-most-dominant-dark-web-currency/
BleepingComputer
Litecoin, Not Monero, Is the Second Most Dominant Dark Web Currency
A study of 150 of the most prominent Dark Web message boards, marketplaces, and illicit services reveals that Litecoin is currently the second most widespread cryptocurrency among cyber-criminals, and not Monero or Ethereum, as most users would have guessed.
Black Ruby Ransomware Skips Victims in Iran and Adds a Miner for Good Measure
A new ransomware was discovered this week by MalwareHunterTeam called Black Ruby. This ransomware will encrypt the files on a computer, scramble the file name, and then append the BlackRuby extension. To make matters worse, Black Ruby will also install a Monero miner on the computer that utilizes as much of the CPU as it scan. [...]
https://www.bleepingcomputer.com/news/security/black-ruby-ransomware-skips-victims-in-iran-and-adds-a-miner-for-good-measure/
A new ransomware was discovered this week by MalwareHunterTeam called Black Ruby. This ransomware will encrypt the files on a computer, scramble the file name, and then append the BlackRuby extension. To make matters worse, Black Ruby will also install a Monero miner on the computer that utilizes as much of the CPU as it scan. [...]
https://www.bleepingcomputer.com/news/security/black-ruby-ransomware-skips-victims-in-iran-and-adds-a-miner-for-good-measure/
BleepingComputer
Black Ruby Ransomware Skips Victims in Iran and Adds a Miner for Good Measure
A new ransomware was discovered this week by MalwareHunterTeam called Black Ruby. This ransomware will encrypt the files on a computer, scramble the file name, and then append the BlackRuby extension. To make matters worse, Black Ruby will also install aβ¦
DexCrypt MBRLocker Demands 30 Yuan To Gain Access to Computer
A new Chinese MBRLocker called DexLocker has been discovered that asks for 30 Yuan to get access to a computer. First discovered by security researcher JAMESWT, this ransomware will modify the master boot record of the victim's computer so that it shows a ransom note before Windows starts. [...]
https://www.bleepingcomputer.com/news/security/dexcrypt-mbrlocker-demands-30-yuan-to-gain-access-to-computer/
A new Chinese MBRLocker called DexLocker has been discovered that asks for 30 Yuan to get access to a computer. First discovered by security researcher JAMESWT, this ransomware will modify the master boot record of the victim's computer so that it shows a ransom note before Windows starts. [...]
https://www.bleepingcomputer.com/news/security/dexcrypt-mbrlocker-demands-30-yuan-to-gain-access-to-computer/
BleepingComputer
DexCrypt MBRLocker Demands 30 Yuan To Gain Access to Computer
A new Chinese MBRLocker called DexLocker has been discovered that asks for 30 Yuan to get access to a computer. First discovered by security researcher JAMESWT, this ransomware will modify the master boot record of the victim's computer so that it shows aβ¦
The Week in Ransomware - February 9th 2018 - Black Ruby, GandCrab, & Decryptors
Lots of small variants released this week, but surprisingly most are actually active and being distributed. The big stories are new distribution methods for GandCrab, decryptors for Cryakl variants and MoneroPay, and a new ransomware called Black Ruby. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-9th-2018-black-ruby-gandcrab-and-decryptors/
Lots of small variants released this week, but surprisingly most are actually active and being distributed. The big stories are new distribution methods for GandCrab, decryptors for Cryakl variants and MoneroPay, and a new ransomware called Black Ruby. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-9th-2018-black-ruby-gandcrab-and-decryptors/
BleepingComputer
The Week in Ransomware - February 9th 2018 - Black Ruby, GandCrab, & Decryptors
Lots of small variants released this week, but surprisingly most are actually active and being distributed. The big stories are new distribution methods for GandCrab, decryptors for Cryakl variants and MoneroPay, and a new ransomware called Black Ruby.
Half of All Cryptojacking Scripts Found on Porn Sites
Almost 50% of all cryptojacking scripts (in-browser miners) are deployed on adult-themed sites, according to new numbers released this week by Qihoo 360's Netlab division. [...]
https://www.bleepingcomputer.com/news/security/half-of-all-cryptojacking-scripts-found-on-porn-sites/
Almost 50% of all cryptojacking scripts (in-browser miners) are deployed on adult-themed sites, according to new numbers released this week by Qihoo 360's Netlab division. [...]
https://www.bleepingcomputer.com/news/security/half-of-all-cryptojacking-scripts-found-on-porn-sites/
BleepingComputer
Half of All Cryptojacking Scripts Found on Porn Sites
Almost 50% of all cryptojacking scripts (in-browser miners) are deployed on adult-themed sites, according to new numbers released this week by Qihoo 360's Netlab division.
BitGrail Cryptocurrency Exchange Becomes Insolvent After Losing $170 Million
Italian cryptocurrency exchange BitGrail announced it lost 17 million Nano cryptocurrency (XRB, formerly known as RaiBlocks), currently worth over $170 million. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/bitgrail-cryptocurrency-exchange-becomes-insolvent-after-losing-170-million/
Italian cryptocurrency exchange BitGrail announced it lost 17 million Nano cryptocurrency (XRB, formerly known as RaiBlocks), currently worth over $170 million. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/bitgrail-cryptocurrency-exchange-becomes-insolvent-after-losing-170-million/
Russian Nuke Scientists, Ukrainian Professor Arrested for Bitcoin Mining
Authorities in Russia and Ukraine have arrested suspects this past week on accusations of using work computers to mine Bitcoin. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/russian-nuke-scientists-ukrainian-professor-arrested-for-bitcoin-mining/
Authorities in Russia and Ukraine have arrested suspects this past week on accusations of using work computers to mine Bitcoin. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/russian-nuke-scientists-ukrainian-professor-arrested-for-bitcoin-mining/
BleepingComputer
Russian Nuke Scientists, Ukrainian Professor Arrested for Bitcoin Mining
Authorities in Russia and Ukraine have arrested suspects this past week on accusations of using work computers to mine Bitcoin.
Researcher Uses macOS App Screenshot Feature to Steal Passwords, Tokens, Keys
Malicious app developers can secretly abuse a macOS API function to take screenshots of the user's screen and then use OCR (Optical Character Recognition) to programmatically read the text found in the image. [...]
https://www.bleepingcomputer.com/news/apple/researcher-uses-macos-app-screenshot-feature-to-steal-passwords-tokens-keys/
Malicious app developers can secretly abuse a macOS API function to take screenshots of the user's screen and then use OCR (Optical Character Recognition) to programmatically read the text found in the image. [...]
https://www.bleepingcomputer.com/news/apple/researcher-uses-macos-app-screenshot-feature-to-steal-passwords-tokens-keys/
BleepingComputer
Researcher Uses macOS App Screenshot Feature to Steal Passwords, Tokens, Keys
Malicious app developers can secretly abuse a macOS API function to take screenshots of the user's screen and then use OCR (Optical Character Recognition) to programmatically read the text found in the image.
U.S. & UK Govt Sites Injected With Miners After Popular Script Was Hacked
Thousands of sites were injected with a in-browser Monero miner today after a popular accessibility script was compromised. With 4, 275 sites affected, this included government websites such as uscourts.gov, ico.org.uk, & manchester.gov.uk. [...]
https://www.bleepingcomputer.com/news/security/u-s-and-uk-govt-sites-injected-with-miners-after-popular-script-was-hacked/
Thousands of sites were injected with a in-browser Monero miner today after a popular accessibility script was compromised. With 4, 275 sites affected, this included government websites such as uscourts.gov, ico.org.uk, & manchester.gov.uk. [...]
https://www.bleepingcomputer.com/news/security/u-s-and-uk-govt-sites-injected-with-miners-after-popular-script-was-hacked/
BleepingComputer
U.S. & UK Govt Sites Injected With Miners After Popular Script Was Hacked
Thousands of sites were injected with a in-browser Monero miner today after a popular accessibility script was compromised. With 4, 275 sites affected, this included government websites such as uscourts.gov, ico.org.uk, & manchester.gov.uk.
Former Employee Arrested for Trying to Sell Company's Database for $4,000
Officers from Ukraine's Cyber Police Department arrested a suspect last week for attempting to sell customer data belonging to his former employer. [...]
https://www.bleepingcomputer.com/news/security/former-employee-arrested-for-trying-to-sell-companys-database-for-4-000/
Officers from Ukraine's Cyber Police Department arrested a suspect last week for attempting to sell customer data belonging to his former employer. [...]
https://www.bleepingcomputer.com/news/security/former-employee-arrested-for-trying-to-sell-companys-database-for-4-000/
BleepingComputer
Former Employee Arrested for Trying to Sell Company's Database for $4,000
Officers from Ukraine's Cyber Police Department arrested a suspect last week for attempting to sell customer data belonging to his former employer.
It's 2018 and You Can Still p0wn Your Linux Box by Plugging in a USB Stick
Linux users running KDE Plasma desktop environments need to apply patches to fix a bug that can lead to malicious code execution every time a user mounts a USB thumb drive on his computer. [...]
https://www.bleepingcomputer.com/news/linux/its-2018-and-you-can-still-p0wn-your-linux-box-by-plugging-in-a-usb-stick/
Linux users running KDE Plasma desktop environments need to apply patches to fix a bug that can lead to malicious code execution every time a user mounts a USB thumb drive on his computer. [...]
https://www.bleepingcomputer.com/news/linux/its-2018-and-you-can-still-p0wn-your-linux-box-by-plugging-in-a-usb-stick/
BleepingComputer
It's 2018 and You Can Still p0wn Your Linux Box by Plugging in a USB Stick
Linux users running KDE Plasma desktop environments need to apply patches to fix a bug that can lead to malicious code execution every time a user mounts a USB thumb drive on his computer.
Security Updates Available for Popular Netgear Routers
Owners of popular Netgear router models should look into installing firmware updates on their devices as Netgear finished deploying patches for a slew of security issues discovered and reported by US cyber-security firm Trustware. [...]
https://www.bleepingcomputer.com/news/security/security-updates-available-for-popular-netgear-routers/
Owners of popular Netgear router models should look into installing firmware updates on their devices as Netgear finished deploying patches for a slew of security issues discovered and reported by US cyber-security firm Trustware. [...]
https://www.bleepingcomputer.com/news/security/security-updates-available-for-popular-netgear-routers/
BleepingComputer
Security Updates Available for Popular Netgear Routers
Owners of popular Netgear router models should look into installing firmware updates on their devices as Netgear finished deploying patches for a slew of security issues discovered and reported by US cyber-security firm Trustware.
Destructive Malware Wreaks Havoc at PyeongChang 2018 Winter Olympics
Data-wiping malware is to blame for the IT problems reported during the PyeongChang 2018 Winter Olympics opening ceremony. [...]
https://www.bleepingcomputer.com/news/security/destructive-malware-wreaks-havoc-at-pyeongchang-2018-winter-olympics/
Data-wiping malware is to blame for the IT problems reported during the PyeongChang 2018 Winter Olympics opening ceremony. [...]
https://www.bleepingcomputer.com/news/security/destructive-malware-wreaks-havoc-at-pyeongchang-2018-winter-olympics/
BleepingComputer
Destructive Malware Wreaks Havoc at PyeongChang 2018 Winter Olympics
Data-wiping malware is to blame for the IT problems reported during the PyeongChang 2018 Winter Olympics opening ceremony.
Android Web Users Victims of Cryptojacking Campaign
Threat actors behind a malvertising campaign are explicitly targeting mobile web users, redirecting Android owners to websites where crooks mine Monero using the Coinhive service while the user is busy solving a CAPTCHA. [...]
https://www.bleepingcomputer.com/news/security/android-web-users-victims-of-cryptojacking-campaign/
Threat actors behind a malvertising campaign are explicitly targeting mobile web users, redirecting Android owners to websites where crooks mine Monero using the Coinhive service while the user is busy solving a CAPTCHA. [...]
https://www.bleepingcomputer.com/news/security/android-web-users-victims-of-cryptojacking-campaign/
BleepingComputer
Android Web Users Victims of Cryptojacking Campaign
Threat actors behind a malvertising campaign are explicitly targeting mobile web users, redirecting Android owners to websites where crooks mine Monero using the Coinhive service while the user is busy solving a CAPTCHA.