Russian Nuke Scientists, Ukrainian Professor Arrested for Bitcoin Mining

Authorities in Russia and Ukraine have arrested suspects this past week on accusations of using work computers to mine Bitcoin. [...]

https://www.bleepingcomputer.com/news/cryptocurrency/russian-nuke-scientists-ukrainian-professor-arrested-for-bitcoin-mining/

Researcher Uses macOS App Screenshot Feature to Steal Passwords, Tokens, Keys

Malicious app developers can secretly abuse a macOS API function to take screenshots of the user's screen and then use OCR (Optical Character Recognition) to programmatically read the text found in the image. [...]

https://www.bleepingcomputer.com/news/apple/researcher-uses-macos-app-screenshot-feature-to-steal-passwords-tokens-keys/

U.S. & UK Govt Sites Injected With Miners After Popular Script Was Hacked

Thousands of sites were injected with a in-browser Monero miner today after a popular accessibility script was compromised. With 4, 275 sites affected, this included government websites such as uscourts.gov, ico.org.uk, & manchester.gov.uk. [...]

https://www.bleepingcomputer.com/news/security/u-s-and-uk-govt-sites-injected-with-miners-after-popular-script-was-hacked/

Former Employee Arrested for Trying to Sell Company's Database for $4,000

Officers from Ukraine's Cyber Police Department arrested a suspect last week for attempting to sell customer data belonging to his former employer. [...]

https://www.bleepingcomputer.com/news/security/former-employee-arrested-for-trying-to-sell-companys-database-for-4-000/

It's 2018 and You Can Still p0wn Your Linux Box by Plugging in a USB Stick

Linux users running KDE Plasma desktop environments need to apply patches to fix a bug that can lead to malicious code execution every time a user mounts a USB thumb drive on his computer. [...]

https://www.bleepingcomputer.com/news/linux/its-2018-and-you-can-still-p0wn-your-linux-box-by-plugging-in-a-usb-stick/

Security Updates Available for Popular Netgear Routers

Owners of popular Netgear router models should look into installing firmware updates on their devices as Netgear finished deploying patches for a slew of security issues discovered and reported by US cyber-security firm Trustware. [...]

https://www.bleepingcomputer.com/news/security/security-updates-available-for-popular-netgear-routers/

Destructive Malware Wreaks Havoc at PyeongChang 2018 Winter Olympics

Data-wiping malware is to blame for the IT problems reported during the PyeongChang 2018 Winter Olympics opening ceremony. [...]

https://www.bleepingcomputer.com/news/security/destructive-malware-wreaks-havoc-at-pyeongchang-2018-winter-olympics/

Android Web Users Victims of Cryptojacking Campaign

Threat actors behind a malvertising campaign are explicitly targeting mobile web users, redirecting Android owners to websites where crooks mine Monero using the Coinhive service while the user is busy solving a CAPTCHA. [...]

https://www.bleepingcomputer.com/news/security/android-web-users-victims-of-cryptojacking-campaign/

Windows Defender ATP Getting Windows 7 SP1 and 8.1 Endpoint Agents This Summer

Microsoft announced today that they will be adding Windows 7 SP1 and Windows 8.1 support to their Windows Defender ATP cloud-based threat intelligence service. These new endpoint agents will be available this summer. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-defender-atp-getting-windows-7-sp1-and-8-1-endpoint-agents-this-summer/

Rapid Ransomware Being Spread Using Fake IRS Malspam

A new variant of Rapid Ransomware is currently being distributed using malspam that pretends to be from the Internal Revenue Service. First detected by Derek Knight, this campaign is a mixup of countries with the IRS being a U.S. entity, the send being a UK email address, and the spam attachment being in German. [...]

https://www.bleepingcomputer.com/news/security/rapid-ransomware-being-spread-using-fake-irs-malspam/

Forget Email. Web Sites Use Notifications to Spam Your Browser Instead

A new method of sending spam has been created that skips your email altogether and sends it directly to your browser. This new method is called web notification spam and I have started to see numerous sites being setup to utilize this new tactic. [...]

https://www.bleepingcomputer.com/news/security/forget-email-web-sites-use-notifications-to-spam-your-browser-instead/

Chrome's New Ad Blocker Settings [Images]

Starting tomorrow, February 15, Google will begin to block certain types of online ads using a new built-in ad blocking technology it announced last June. [...]

https://www.bleepingcomputer.com/news/google/chromes-new-ad-blocker-settings-images-/

Post-Meltdown Intel Tries to Save Face with $250,000 Bug Bounty Program

Intel has launched a public bug bounty program with individual rewards going as far as $250,000, the company said today in a press release. [...]

https://www.bleepingcomputer.com/news/hardware/post-meltdown-intel-tries-to-save-face-with-250-000-bug-bounty-program/

UK Formally Accuses Russian Military of NotPetya Ransomware Outbreak

The UK has become the first major Western country to formally accuse the Russian military of orchestrating and launching the NotPetya ransomware outbreak. [...]

https://www.bleepingcomputer.com/news/security/uk-formally-accuses-russian-military-of-notpetya-ransomware-outbreak/

Group Makes $50 Million by Phishing Bitcoin Users Using Google AdWords

A Ukrainian cybercrime operation has made an estimated $50 million by using Google AdWords to lure users on Bitcoin phishing sites. [...]

https://www.bleepingcomputer.com/news/security/group-makes-50-million-by-phishing-bitcoin-users-using-google-adwords/

Multi-Stage Word Attack Infects Users Without Using Macros

Spam distributors are using a new technique to infect users with malware, and while this attack relies on having users open Word documents, it does not involve users having to allow the execution of macro scripts. [...]

https://www.bleepingcomputer.com/news/security/multi-stage-word-attack-infects-users-without-using-macros/

ATM Skimmer Kingpin Escapes UK Police

In what many consider to be a monumental failure on the part of UK police, the ringleader of a notorious ATM skimming gang has escaped prosecutors and is believed to be hiding abroad, after being let out on bail. [...]

https://www.bleepingcomputer.com/news/security/atm-skimmer-kingpin-escapes-uk-police/

Windows Insider Build 17101 Brings Emoji Changes and Windows App Preview

Microsoft has released Windows Insider build 17101 to insiders to continue testing RS4 as it nears release. For insiders who opted to skip ahead, Microsoft has also started push out RS5 build 17604 for testing. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-insider-build-17101-brings-emoji-changes-and-windows-app-preview/

Ubuntu Gets in the User Data Collection Business

Canonical announced plans to roll out a user data and diagnostics collection system with Ubuntu 18.04 LTS (Bionic Beaver). This new system will collect data on the user's OS details, hardware setup, apps and OS settings. [...]

https://www.bleepingcomputer.com/news/linux/ubuntu-gets-in-the-user-data-collection-business/

Indian Text Character Crashes Many iOS and macOS Apps

A character from the Indian Telugu language will crash multiple applications on iOS and macOS, an Italian blogger has discovered. [...]

https://www.bleepingcomputer.com/news/apple/indian-text-character-crashes-many-ios-and-macos-apps/

Using the Chrome Task Manager to Find In-Browser Miners

The use of browsers to mine for digital currency is becoming a major problem. With more and more sites incorporating in-browser mining scripts such as CoinHive and web extensions injecting them into web pages,  people will continue to be affected by this attack. Thankfully, we can easily detect miners using the Chrome Task Manager. [...]

https://www.bleepingcomputer.com/news/security/using-the-chrome-task-manager-to-find-in-browser-miners/