Android Web Users Victims of Cryptojacking Campaign

Threat actors behind a malvertising campaign are explicitly targeting mobile web users, redirecting Android owners to websites where crooks mine Monero using the Coinhive service while the user is busy solving a CAPTCHA. [...]

https://www.bleepingcomputer.com/news/security/android-web-users-victims-of-cryptojacking-campaign/

Windows Defender ATP Getting Windows 7 SP1 and 8.1 Endpoint Agents This Summer

Microsoft announced today that they will be adding Windows 7 SP1 and Windows 8.1 support to their Windows Defender ATP cloud-based threat intelligence service. These new endpoint agents will be available this summer. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-defender-atp-getting-windows-7-sp1-and-8-1-endpoint-agents-this-summer/

Rapid Ransomware Being Spread Using Fake IRS Malspam

A new variant of Rapid Ransomware is currently being distributed using malspam that pretends to be from the Internal Revenue Service. First detected by Derek Knight, this campaign is a mixup of countries with the IRS being a U.S. entity, the send being a UK email address, and the spam attachment being in German. [...]

https://www.bleepingcomputer.com/news/security/rapid-ransomware-being-spread-using-fake-irs-malspam/

Forget Email. Web Sites Use Notifications to Spam Your Browser Instead

A new method of sending spam has been created that skips your email altogether and sends it directly to your browser. This new method is called web notification spam and I have started to see numerous sites being setup to utilize this new tactic. [...]

https://www.bleepingcomputer.com/news/security/forget-email-web-sites-use-notifications-to-spam-your-browser-instead/

Chrome's New Ad Blocker Settings [Images]

Starting tomorrow, February 15, Google will begin to block certain types of online ads using a new built-in ad blocking technology it announced last June. [...]

https://www.bleepingcomputer.com/news/google/chromes-new-ad-blocker-settings-images-/

Post-Meltdown Intel Tries to Save Face with $250,000 Bug Bounty Program

Intel has launched a public bug bounty program with individual rewards going as far as $250,000, the company said today in a press release. [...]

https://www.bleepingcomputer.com/news/hardware/post-meltdown-intel-tries-to-save-face-with-250-000-bug-bounty-program/

UK Formally Accuses Russian Military of NotPetya Ransomware Outbreak

The UK has become the first major Western country to formally accuse the Russian military of orchestrating and launching the NotPetya ransomware outbreak. [...]

https://www.bleepingcomputer.com/news/security/uk-formally-accuses-russian-military-of-notpetya-ransomware-outbreak/

Group Makes $50 Million by Phishing Bitcoin Users Using Google AdWords

A Ukrainian cybercrime operation has made an estimated $50 million by using Google AdWords to lure users on Bitcoin phishing sites. [...]

https://www.bleepingcomputer.com/news/security/group-makes-50-million-by-phishing-bitcoin-users-using-google-adwords/

Multi-Stage Word Attack Infects Users Without Using Macros

Spam distributors are using a new technique to infect users with malware, and while this attack relies on having users open Word documents, it does not involve users having to allow the execution of macro scripts. [...]

https://www.bleepingcomputer.com/news/security/multi-stage-word-attack-infects-users-without-using-macros/

ATM Skimmer Kingpin Escapes UK Police

In what many consider to be a monumental failure on the part of UK police, the ringleader of a notorious ATM skimming gang has escaped prosecutors and is believed to be hiding abroad, after being let out on bail. [...]

https://www.bleepingcomputer.com/news/security/atm-skimmer-kingpin-escapes-uk-police/

Windows Insider Build 17101 Brings Emoji Changes and Windows App Preview

Microsoft has released Windows Insider build 17101 to insiders to continue testing RS4 as it nears release. For insiders who opted to skip ahead, Microsoft has also started push out RS5 build 17604 for testing. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-insider-build-17101-brings-emoji-changes-and-windows-app-preview/

Ubuntu Gets in the User Data Collection Business

Canonical announced plans to roll out a user data and diagnostics collection system with Ubuntu 18.04 LTS (Bionic Beaver). This new system will collect data on the user's OS details, hardware setup, apps and OS settings. [...]

https://www.bleepingcomputer.com/news/linux/ubuntu-gets-in-the-user-data-collection-business/

Indian Text Character Crashes Many iOS and macOS Apps

A character from the Indian Telugu language will crash multiple applications on iOS and macOS, an Italian blogger has discovered. [...]

https://www.bleepingcomputer.com/news/apple/indian-text-character-crashes-many-ios-and-macos-apps/

Using the Chrome Task Manager to Find In-Browser Miners

The use of browsers to mine for digital currency is becoming a major problem. With more and more sites incorporating in-browser mining scripts such as CoinHive and web extensions injecting them into web pages,  people will continue to be affected by this attack. Thankfully, we can easily detect miners using the Chrome Task Manager. [...]

https://www.bleepingcomputer.com/news/security/using-the-chrome-task-manager-to-find-in-browser-miners/

New Saturn Ransomware Actively Infecting Victims

A new ransomware was discovered this week by MalwareHunterTeam called Saturn. This ransomware will encrypt the files on a computer and then append the .saturn extension to the file's name. At this time it is not known how Saturn Ransomware is being distributed.  [...]

https://www.bleepingcomputer.com/news/security/new-saturn-ransomware-actively-infecting-victims/

The Week in Ransomware - February 16th 2018 - NotPetya & Saturn

The biggest news this week is the UK formally attributing NotPetya to Russian attackers. Also if interest this week is the release of the Saturn Ransomware, which has a more organized feel compared to other ransomware distributions currently being distributed [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-16th-2018-notpetya-and-saturn/

Google Discloses Microsoft Edge Security Feature Bypass

Google has gone public with details about a Microsoft Edge vulnerability that attackers could abuse and bypass one of the browser's security features —Arbitrary Code Guard (ACG). [...]

https://www.bleepingcomputer.com/news/security/google-discloses-microsoft-edge-security-feature-bypass/

Hacker Group Makes $3 Million by Installing Monero Miners on Jenkins Servers

A hacker group has made over $3 million by breaking into Jenkins servers and installing malware that mines the Monero cryptocurrency. [...]

https://www.bleepingcomputer.com/news/security/hacker-group-makes-3-million-by-installing-monero-miners-on-jenkins-servers/

All Five Eyes Countries Formally Accuse Russia of Orchestrating NotPetya Attack

All the countries part of the Five Eyes intelligence-sharing alliance — the US, the UK, Canada, Australia, and New Zealand— have made formal statements accusing the Russian Federation of orchestrating the NotPetya ransomware outbreak. [...]

https://www.bleepingcomputer.com/news/security/all-five-eyes-countries-formally-accuse-russia-of-orchestrating-notpetya-attack/

macOS May Lose Data Due to APFS Filesystem Bug

Under certain circumstances, macOS may copy data into the void, leading to data loss of important files, all due to a bug in how the operating system handles APFS sparse disk images. [...]

https://www.bleepingcomputer.com/news/apple/macos-may-lose-data-due-to-apfs-filesystem-bug/

New Saturn RaaS Lets Everyone Become a Ransomware Distributor for Free

The authors of the newly-discovered Saturn ransomware are allowing anyone to become a ransomware distributor for free via a newly launched Ransomware-as-a-Service (RaaS) affiliate program. [...]

https://www.bleepingcomputer.com/news/security/new-saturn-raas-lets-everyone-become-a-ransomware-distributor-for-free/