Scammers Use Download Bombs to Freeze Chrome Browsers on Shady Sites
The operators of some tech support scam websites have found a new trick to block visitors on their shady sites and scare non-technical users into paying for unneeded software or servicing fees. [...]
https://www.bleepingcomputer.com/news/security/scammers-use-download-bombs-to-freeze-chrome-browsers-on-shady-sites/
The operators of some tech support scam websites have found a new trick to block visitors on their shady sites and scare non-technical users into paying for unneeded software or servicing fees. [...]
https://www.bleepingcomputer.com/news/security/scammers-use-download-bombs-to-freeze-chrome-browsers-on-shady-sites/
BleepingComputer
Scammers Use Download Bombs to Freeze Chrome Browsers on Shady Sites
The operators of some tech support scam websites have found a new trick to block visitors on their shady sites and scare non-technical users into paying for unneeded software or servicing fees.
X.509 Certificates Can Be Abused for Data Exfiltration
Researchers say that threat actors looking for a covert channel for stealing data from a firewalled network can abuse X.509 certificates to hide and extract data without being detected. [...]
https://www.bleepingcomputer.com/news/security/x-509-certificates-can-be-abused-for-data-exfiltration/
Researchers say that threat actors looking for a covert channel for stealing data from a firewalled network can abuse X.509 certificates to hide and extract data without being detected. [...]
https://www.bleepingcomputer.com/news/security/x-509-certificates-can-be-abused-for-data-exfiltration/
BleepingComputer
X.509 Certificates Can Be Abused for Data Exfiltration
Researchers say that threat actors looking for a covert channel for stealing data from a firewalled network can abuse X.509 certificates to hide and extract data without being detected.
Litecoin, Not Monero, Is the Second Most Dominant Dark Web Currency
A study of 150 of the most prominent Dark Web message boards, marketplaces, and illicit services reveals that Litecoin is currently the second most widespread cryptocurrency among cyber-criminals, and not Monero or Ethereum, as most users would have guessed. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/litecoin-not-monero-is-the-second-most-dominant-dark-web-currency/
A study of 150 of the most prominent Dark Web message boards, marketplaces, and illicit services reveals that Litecoin is currently the second most widespread cryptocurrency among cyber-criminals, and not Monero or Ethereum, as most users would have guessed. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/litecoin-not-monero-is-the-second-most-dominant-dark-web-currency/
BleepingComputer
Litecoin, Not Monero, Is the Second Most Dominant Dark Web Currency
A study of 150 of the most prominent Dark Web message boards, marketplaces, and illicit services reveals that Litecoin is currently the second most widespread cryptocurrency among cyber-criminals, and not Monero or Ethereum, as most users would have guessed.
Black Ruby Ransomware Skips Victims in Iran and Adds a Miner for Good Measure
A new ransomware was discovered this week by MalwareHunterTeam called Black Ruby. This ransomware will encrypt the files on a computer, scramble the file name, and then append the BlackRuby extension. To make matters worse, Black Ruby will also install a Monero miner on the computer that utilizes as much of the CPU as it scan. [...]
https://www.bleepingcomputer.com/news/security/black-ruby-ransomware-skips-victims-in-iran-and-adds-a-miner-for-good-measure/
A new ransomware was discovered this week by MalwareHunterTeam called Black Ruby. This ransomware will encrypt the files on a computer, scramble the file name, and then append the BlackRuby extension. To make matters worse, Black Ruby will also install a Monero miner on the computer that utilizes as much of the CPU as it scan. [...]
https://www.bleepingcomputer.com/news/security/black-ruby-ransomware-skips-victims-in-iran-and-adds-a-miner-for-good-measure/
BleepingComputer
Black Ruby Ransomware Skips Victims in Iran and Adds a Miner for Good Measure
A new ransomware was discovered this week by MalwareHunterTeam called Black Ruby. This ransomware will encrypt the files on a computer, scramble the file name, and then append the BlackRuby extension. To make matters worse, Black Ruby will also install a…
DexCrypt MBRLocker Demands 30 Yuan To Gain Access to Computer
A new Chinese MBRLocker called DexLocker has been discovered that asks for 30 Yuan to get access to a computer. First discovered by security researcher JAMESWT, this ransomware will modify the master boot record of the victim's computer so that it shows a ransom note before Windows starts. [...]
https://www.bleepingcomputer.com/news/security/dexcrypt-mbrlocker-demands-30-yuan-to-gain-access-to-computer/
A new Chinese MBRLocker called DexLocker has been discovered that asks for 30 Yuan to get access to a computer. First discovered by security researcher JAMESWT, this ransomware will modify the master boot record of the victim's computer so that it shows a ransom note before Windows starts. [...]
https://www.bleepingcomputer.com/news/security/dexcrypt-mbrlocker-demands-30-yuan-to-gain-access-to-computer/
BleepingComputer
DexCrypt MBRLocker Demands 30 Yuan To Gain Access to Computer
A new Chinese MBRLocker called DexLocker has been discovered that asks for 30 Yuan to get access to a computer. First discovered by security researcher JAMESWT, this ransomware will modify the master boot record of the victim's computer so that it shows a…
The Week in Ransomware - February 9th 2018 - Black Ruby, GandCrab, & Decryptors
Lots of small variants released this week, but surprisingly most are actually active and being distributed. The big stories are new distribution methods for GandCrab, decryptors for Cryakl variants and MoneroPay, and a new ransomware called Black Ruby. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-9th-2018-black-ruby-gandcrab-and-decryptors/
Lots of small variants released this week, but surprisingly most are actually active and being distributed. The big stories are new distribution methods for GandCrab, decryptors for Cryakl variants and MoneroPay, and a new ransomware called Black Ruby. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-9th-2018-black-ruby-gandcrab-and-decryptors/
BleepingComputer
The Week in Ransomware - February 9th 2018 - Black Ruby, GandCrab, & Decryptors
Lots of small variants released this week, but surprisingly most are actually active and being distributed. The big stories are new distribution methods for GandCrab, decryptors for Cryakl variants and MoneroPay, and a new ransomware called Black Ruby.
Half of All Cryptojacking Scripts Found on Porn Sites
Almost 50% of all cryptojacking scripts (in-browser miners) are deployed on adult-themed sites, according to new numbers released this week by Qihoo 360's Netlab division. [...]
https://www.bleepingcomputer.com/news/security/half-of-all-cryptojacking-scripts-found-on-porn-sites/
Almost 50% of all cryptojacking scripts (in-browser miners) are deployed on adult-themed sites, according to new numbers released this week by Qihoo 360's Netlab division. [...]
https://www.bleepingcomputer.com/news/security/half-of-all-cryptojacking-scripts-found-on-porn-sites/
BleepingComputer
Half of All Cryptojacking Scripts Found on Porn Sites
Almost 50% of all cryptojacking scripts (in-browser miners) are deployed on adult-themed sites, according to new numbers released this week by Qihoo 360's Netlab division.
BitGrail Cryptocurrency Exchange Becomes Insolvent After Losing $170 Million
Italian cryptocurrency exchange BitGrail announced it lost 17 million Nano cryptocurrency (XRB, formerly known as RaiBlocks), currently worth over $170 million. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/bitgrail-cryptocurrency-exchange-becomes-insolvent-after-losing-170-million/
Italian cryptocurrency exchange BitGrail announced it lost 17 million Nano cryptocurrency (XRB, formerly known as RaiBlocks), currently worth over $170 million. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/bitgrail-cryptocurrency-exchange-becomes-insolvent-after-losing-170-million/
Russian Nuke Scientists, Ukrainian Professor Arrested for Bitcoin Mining
Authorities in Russia and Ukraine have arrested suspects this past week on accusations of using work computers to mine Bitcoin. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/russian-nuke-scientists-ukrainian-professor-arrested-for-bitcoin-mining/
Authorities in Russia and Ukraine have arrested suspects this past week on accusations of using work computers to mine Bitcoin. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/russian-nuke-scientists-ukrainian-professor-arrested-for-bitcoin-mining/
BleepingComputer
Russian Nuke Scientists, Ukrainian Professor Arrested for Bitcoin Mining
Authorities in Russia and Ukraine have arrested suspects this past week on accusations of using work computers to mine Bitcoin.
Researcher Uses macOS App Screenshot Feature to Steal Passwords, Tokens, Keys
Malicious app developers can secretly abuse a macOS API function to take screenshots of the user's screen and then use OCR (Optical Character Recognition) to programmatically read the text found in the image. [...]
https://www.bleepingcomputer.com/news/apple/researcher-uses-macos-app-screenshot-feature-to-steal-passwords-tokens-keys/
Malicious app developers can secretly abuse a macOS API function to take screenshots of the user's screen and then use OCR (Optical Character Recognition) to programmatically read the text found in the image. [...]
https://www.bleepingcomputer.com/news/apple/researcher-uses-macos-app-screenshot-feature-to-steal-passwords-tokens-keys/
BleepingComputer
Researcher Uses macOS App Screenshot Feature to Steal Passwords, Tokens, Keys
Malicious app developers can secretly abuse a macOS API function to take screenshots of the user's screen and then use OCR (Optical Character Recognition) to programmatically read the text found in the image.
U.S. & UK Govt Sites Injected With Miners After Popular Script Was Hacked
Thousands of sites were injected with a in-browser Monero miner today after a popular accessibility script was compromised. With 4, 275 sites affected, this included government websites such as uscourts.gov, ico.org.uk, & manchester.gov.uk. [...]
https://www.bleepingcomputer.com/news/security/u-s-and-uk-govt-sites-injected-with-miners-after-popular-script-was-hacked/
Thousands of sites were injected with a in-browser Monero miner today after a popular accessibility script was compromised. With 4, 275 sites affected, this included government websites such as uscourts.gov, ico.org.uk, & manchester.gov.uk. [...]
https://www.bleepingcomputer.com/news/security/u-s-and-uk-govt-sites-injected-with-miners-after-popular-script-was-hacked/
BleepingComputer
U.S. & UK Govt Sites Injected With Miners After Popular Script Was Hacked
Thousands of sites were injected with a in-browser Monero miner today after a popular accessibility script was compromised. With 4, 275 sites affected, this included government websites such as uscourts.gov, ico.org.uk, & manchester.gov.uk.
Former Employee Arrested for Trying to Sell Company's Database for $4,000
Officers from Ukraine's Cyber Police Department arrested a suspect last week for attempting to sell customer data belonging to his former employer. [...]
https://www.bleepingcomputer.com/news/security/former-employee-arrested-for-trying-to-sell-companys-database-for-4-000/
Officers from Ukraine's Cyber Police Department arrested a suspect last week for attempting to sell customer data belonging to his former employer. [...]
https://www.bleepingcomputer.com/news/security/former-employee-arrested-for-trying-to-sell-companys-database-for-4-000/
BleepingComputer
Former Employee Arrested for Trying to Sell Company's Database for $4,000
Officers from Ukraine's Cyber Police Department arrested a suspect last week for attempting to sell customer data belonging to his former employer.
It's 2018 and You Can Still p0wn Your Linux Box by Plugging in a USB Stick
Linux users running KDE Plasma desktop environments need to apply patches to fix a bug that can lead to malicious code execution every time a user mounts a USB thumb drive on his computer. [...]
https://www.bleepingcomputer.com/news/linux/its-2018-and-you-can-still-p0wn-your-linux-box-by-plugging-in-a-usb-stick/
Linux users running KDE Plasma desktop environments need to apply patches to fix a bug that can lead to malicious code execution every time a user mounts a USB thumb drive on his computer. [...]
https://www.bleepingcomputer.com/news/linux/its-2018-and-you-can-still-p0wn-your-linux-box-by-plugging-in-a-usb-stick/
BleepingComputer
It's 2018 and You Can Still p0wn Your Linux Box by Plugging in a USB Stick
Linux users running KDE Plasma desktop environments need to apply patches to fix a bug that can lead to malicious code execution every time a user mounts a USB thumb drive on his computer.
Security Updates Available for Popular Netgear Routers
Owners of popular Netgear router models should look into installing firmware updates on their devices as Netgear finished deploying patches for a slew of security issues discovered and reported by US cyber-security firm Trustware. [...]
https://www.bleepingcomputer.com/news/security/security-updates-available-for-popular-netgear-routers/
Owners of popular Netgear router models should look into installing firmware updates on their devices as Netgear finished deploying patches for a slew of security issues discovered and reported by US cyber-security firm Trustware. [...]
https://www.bleepingcomputer.com/news/security/security-updates-available-for-popular-netgear-routers/
BleepingComputer
Security Updates Available for Popular Netgear Routers
Owners of popular Netgear router models should look into installing firmware updates on their devices as Netgear finished deploying patches for a slew of security issues discovered and reported by US cyber-security firm Trustware.
Destructive Malware Wreaks Havoc at PyeongChang 2018 Winter Olympics
Data-wiping malware is to blame for the IT problems reported during the PyeongChang 2018 Winter Olympics opening ceremony. [...]
https://www.bleepingcomputer.com/news/security/destructive-malware-wreaks-havoc-at-pyeongchang-2018-winter-olympics/
Data-wiping malware is to blame for the IT problems reported during the PyeongChang 2018 Winter Olympics opening ceremony. [...]
https://www.bleepingcomputer.com/news/security/destructive-malware-wreaks-havoc-at-pyeongchang-2018-winter-olympics/
BleepingComputer
Destructive Malware Wreaks Havoc at PyeongChang 2018 Winter Olympics
Data-wiping malware is to blame for the IT problems reported during the PyeongChang 2018 Winter Olympics opening ceremony.
Android Web Users Victims of Cryptojacking Campaign
Threat actors behind a malvertising campaign are explicitly targeting mobile web users, redirecting Android owners to websites where crooks mine Monero using the Coinhive service while the user is busy solving a CAPTCHA. [...]
https://www.bleepingcomputer.com/news/security/android-web-users-victims-of-cryptojacking-campaign/
Threat actors behind a malvertising campaign are explicitly targeting mobile web users, redirecting Android owners to websites where crooks mine Monero using the Coinhive service while the user is busy solving a CAPTCHA. [...]
https://www.bleepingcomputer.com/news/security/android-web-users-victims-of-cryptojacking-campaign/
BleepingComputer
Android Web Users Victims of Cryptojacking Campaign
Threat actors behind a malvertising campaign are explicitly targeting mobile web users, redirecting Android owners to websites where crooks mine Monero using the Coinhive service while the user is busy solving a CAPTCHA.
Windows Defender ATP Getting Windows 7 SP1 and 8.1 Endpoint Agents This Summer
Microsoft announced today that they will be adding Windows 7 SP1 and Windows 8.1 support to their Windows Defender ATP cloud-based threat intelligence service. These new endpoint agents will be available this summer. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-defender-atp-getting-windows-7-sp1-and-8-1-endpoint-agents-this-summer/
Microsoft announced today that they will be adding Windows 7 SP1 and Windows 8.1 support to their Windows Defender ATP cloud-based threat intelligence service. These new endpoint agents will be available this summer. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-defender-atp-getting-windows-7-sp1-and-8-1-endpoint-agents-this-summer/
BleepingComputer
Windows Defender ATP Getting Windows 7 SP1 and 8.1 Endpoint Agents This Summer
Microsoft announced today that they will be adding Windows 7 SP1 and Windows 8.1 support to their Windows Defender ATP cloud-based threat intelligence service. These new endpoint agents will be available this summer.
Rapid Ransomware Being Spread Using Fake IRS Malspam
A new variant of Rapid Ransomware is currently being distributed using malspam that pretends to be from the Internal Revenue Service. First detected by Derek Knight, this campaign is a mixup of countries with the IRS being a U.S. entity, the send being a UK email address, and the spam attachment being in German. [...]
https://www.bleepingcomputer.com/news/security/rapid-ransomware-being-spread-using-fake-irs-malspam/
A new variant of Rapid Ransomware is currently being distributed using malspam that pretends to be from the Internal Revenue Service. First detected by Derek Knight, this campaign is a mixup of countries with the IRS being a U.S. entity, the send being a UK email address, and the spam attachment being in German. [...]
https://www.bleepingcomputer.com/news/security/rapid-ransomware-being-spread-using-fake-irs-malspam/
BleepingComputer
Rapid Ransomware Being Spread Using Fake IRS Malspam
A new variant of Rapid Ransomware is currently being distributed using malspam that pretends to be from the Internal Revenue Service. First detected by Derek Knight, this campaign is a mixup of countries with the IRS being a U.S. entity, the send being a…
Forget Email. Web Sites Use Notifications to Spam Your Browser Instead
A new method of sending spam has been created that skips your email altogether and sends it directly to your browser. This new method is called web notification spam and I have started to see numerous sites being setup to utilize this new tactic. [...]
https://www.bleepingcomputer.com/news/security/forget-email-web-sites-use-notifications-to-spam-your-browser-instead/
A new method of sending spam has been created that skips your email altogether and sends it directly to your browser. This new method is called web notification spam and I have started to see numerous sites being setup to utilize this new tactic. [...]
https://www.bleepingcomputer.com/news/security/forget-email-web-sites-use-notifications-to-spam-your-browser-instead/
BleepingComputer
Forget Email. Web Sites Use Notifications to Spam Your Browser Instead
A new method of sending spam has been created that skips your email altogether and sends it directly to your browser. This new method is called web notification spam and I have started to see numerous sites being setup to utilize this new tactic.
Chrome's New Ad Blocker Settings [Images]
Starting tomorrow, February 15, Google will begin to block certain types of online ads using a new built-in ad blocking technology it announced last June. [...]
https://www.bleepingcomputer.com/news/google/chromes-new-ad-blocker-settings-images-/
Starting tomorrow, February 15, Google will begin to block certain types of online ads using a new built-in ad blocking technology it announced last June. [...]
https://www.bleepingcomputer.com/news/google/chromes-new-ad-blocker-settings-images-/
BleepingComputer
Chrome's New Ad Blocker Settings [Images]
Starting tomorrow, February 15, Google will begin to block certain types of online ads using a new built-in ad blocking technology it announced last June.
Post-Meltdown Intel Tries to Save Face with $250,000 Bug Bounty Program
Intel has launched a public bug bounty program with individual rewards going as far as $250,000, the company said today in a press release. [...]
https://www.bleepingcomputer.com/news/hardware/post-meltdown-intel-tries-to-save-face-with-250-000-bug-bounty-program/
Intel has launched a public bug bounty program with individual rewards going as far as $250,000, the company said today in a press release. [...]
https://www.bleepingcomputer.com/news/hardware/post-meltdown-intel-tries-to-save-face-with-250-000-bug-bounty-program/
BleepingComputer
Post-Meltdown Intel Tries to Save Face with $250,000 Bug Bounty Program
Intel has launched a public bug bounty program with individual rewards going as far as $250,000, the company said today in a press release.