Researchers Create Malware That Steals Data via Power Lines
A team of academics has successfully developed and tested malware that can exfiltrate data from air-gapped computers via power lines. The team —from the Ben-Gurion University of the Negev in Israel— named their data exfiltration technique PowerHammer. [...]
https://www.bleepingcomputer.com/news/security/researchers-create-malware-that-steals-data-via-power-lines/
A team of academics has successfully developed and tested malware that can exfiltrate data from air-gapped computers via power lines. The team —from the Ben-Gurion University of the Negev in Israel— named their data exfiltration technique PowerHammer. [...]
https://www.bleepingcomputer.com/news/security/researchers-create-malware-that-steals-data-via-power-lines/
BleepingComputer
Researchers Create Malware That Steals Data via Power Lines
A team of academics has successfully developed and tested malware that can exfiltrate data from air-gapped computers via power lines. The team —from the Ben-Gurion University of the Negev in Israel— named their data exfiltration technique PowerHammer.
Cyber-Espionage Groups Are Increasingly Leveraging Routers in Their Attacks
Cyber-espionage groups —also referred to as advanced persistent threats (APTs)— are using hacked routers more and more during their attacks, according to researchers at Kaspersky Lab. [...]
https://www.bleepingcomputer.com/news/security/cyber-espionage-groups-are-increasingly-leveraging-routers-in-their-attacks/
Cyber-espionage groups —also referred to as advanced persistent threats (APTs)— are using hacked routers more and more during their attacks, according to researchers at Kaspersky Lab. [...]
https://www.bleepingcomputer.com/news/security/cyber-espionage-groups-are-increasingly-leveraging-routers-in-their-attacks/
BleepingComputer
Cyber-Espionage Groups Are Increasingly Leveraging Routers in Their Attacks
Cyber-espionage groups —also referred to as advanced persistent threats (APTs)— are using hacked routers more and more during their attacks, according to researchers at Kaspersky Lab.
$3.3 Million Stolen From Coinsecure Bitcoin Exchange, Inside Job Suspected
The CEO of Coinsecure, an India-based cryptocurrency exchange, has accused his CSO of stealing 438 Bitcoin —around $3.3 million at today's exchange rate— from the exchange's main wallet. [...]
https://www.bleepingcomputer.com/news/security/33-million-stolen-from-coinsecure-bitcoin-exchange-inside-job-suspected/
The CEO of Coinsecure, an India-based cryptocurrency exchange, has accused his CSO of stealing 438 Bitcoin —around $3.3 million at today's exchange rate— from the exchange's main wallet. [...]
https://www.bleepingcomputer.com/news/security/33-million-stolen-from-coinsecure-bitcoin-exchange-inside-job-suspected/
BleepingComputer
$3.3 Million Stolen From Coinsecure Bitcoin Exchange, Inside Job Suspected
The CEO of Coinsecure, an India-based cryptocurrency exchange, has accused his CSO of stealing 438 Bitcoin —around $3.3 million at today's exchange rate— from the exchange's main wallet.
Mozilla Has Started Gradually Enabling TLS 1.3 in Firefox
Mozilla has begun to roll out a system addon that enables TLS 1.3 in Firefox. Based on bug reports, this addon was launched on April 3rd, 2017 and is being delivered as a silent update to Firefox that will enable TLS 1.3 for 50% of the users who install it. [...]
https://www.bleepingcomputer.com/news/software/mozilla-has-started-gradually-enabling-tls-13-in-firefox/
Mozilla has begun to roll out a system addon that enables TLS 1.3 in Firefox. Based on bug reports, this addon was launched on April 3rd, 2017 and is being delivered as a silent update to Firefox that will enable TLS 1.3 for 50% of the users who install it. [...]
https://www.bleepingcomputer.com/news/software/mozilla-has-started-gradually-enabling-tls-13-in-firefox/
BleepingComputer
Mozilla Has Started Gradually Enabling TLS 1.3 in Firefox
Mozilla has begun to roll out a system addon that enables TLS 1.3 in Firefox. Based on bug reports, this addon was launched on April 3rd, 2017 and is being delivered as a silent update to Firefox that will enable TLS 1.3 for 50% of the users who install it.
Windows Insider RS5 Build 17643 Adds Sets and Office 365 Integration
Yesterday Microsoft released Windows 10 Insider Preview Build 17643 to insiders on the Redstone 5 Skip Ahead ring. In this build Microsoft adds Sets+Office 365 integration and Microsoft Edge, Data Sense, and Magnifier improvements. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-insider-rs5-build-17643-adds-sets-and-office-365-integration/
Yesterday Microsoft released Windows 10 Insider Preview Build 17643 to insiders on the Redstone 5 Skip Ahead ring. In this build Microsoft adds Sets+Office 365 integration and Microsoft Edge, Data Sense, and Magnifier improvements. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-insider-rs5-build-17643-adds-sets-and-office-365-integration/
BleepingComputer
Windows Insider RS5 Build 17643 Adds Sets and Office 365 Integration
Yesterday Microsoft released Windows 10 Insider Preview Build 17643 to insiders on the Redstone 5 Skip Ahead ring. In this build Microsoft adds Sets+Office 365 integration and Microsoft Edge, Data Sense, and Magnifier improvements.
Compile Error Halts Some GandCrab Ransomware Infections
A script compile error has temporarily stopped the infection chain of a malspam campaign trying to infect users with the GandCrab ransomware. [...]
https://www.bleepingcomputer.com/news/security/compile-error-halts-some-gandcrab-ransomware-infections/
A script compile error has temporarily stopped the infection chain of a malspam campaign trying to infect users with the GandCrab ransomware. [...]
https://www.bleepingcomputer.com/news/security/compile-error-halts-some-gandcrab-ransomware-infections/
BleepingComputer
Compile Error Halts Some GandCrab Ransomware Infections
A script compile error has temporarily stopped the infection chain of a malspam campaign trying to infect users with the GandCrab ransomware.
Google Chrome to Boost User Privacy by Improving Cookies Handling Procedure
Google engineers plan to improve user privacy and security by putting a short lifespan on cookies delivered via HTTP connections. Google hopes that the move will force website developers and advertisers to send cookies via HTTPS, which "provides significant confidentiality protections against [pervasive monitoring] attacks." [...]
https://www.bleepingcomputer.com/news/security/google-chrome-to-boost-user-privacy-by-improving-cookies-handling-procedure/
Google engineers plan to improve user privacy and security by putting a short lifespan on cookies delivered via HTTP connections. Google hopes that the move will force website developers and advertisers to send cookies via HTTPS, which "provides significant confidentiality protections against [pervasive monitoring] attacks." [...]
https://www.bleepingcomputer.com/news/security/google-chrome-to-boost-user-privacy-by-improving-cookies-handling-procedure/
BleepingComputer
Google Chrome to Boost User Privacy by Improving Cookies Handling Procedure
Google engineers plan to improve user privacy and security by putting a short lifespan on cookies delivered via HTTP connections. Google hopes that the move will force website developers and advertisers to send cookies via HTTPS, which "provides significant…
Exploitation of Drupalgeddon2 Flaw Starts After Publication of PoC Code
The exploitation of a very dangerous Drupal vulnerability has started after the publication of proof-of-concept (PoC) code. [...]
https://www.bleepingcomputer.com/news/security/exploitation-of-drupalgeddon2-flaw-starts-after-publication-of-poc-code/
The exploitation of a very dangerous Drupal vulnerability has started after the publication of proof-of-concept (PoC) code. [...]
https://www.bleepingcomputer.com/news/security/exploitation-of-drupalgeddon2-flaw-starts-after-publication-of-poc-code/
BleepingComputer
Exploitation of Drupalgeddon2 Flaw Starts After Publication of PoC Code
The exploitation of a very dangerous Drupal vulnerability has started after the publication of proof-of-concept (PoC) code.
Copy & Paste Keyboard Shortcuts Coming to Windows 10 Console Bash Prompt
A highly requested feature is the ability to use copy and paste keyboard shortcuts when in a Windows 10 Bash prompt. As of Windows Insider build 17643, this feature is now available as a setting in the Windows Command Prompt. [...]
https://www.bleepingcomputer.com/news/microsoft/copy-and-paste-keyboard-shortcuts-coming-to-windows-10-console-bash-prompt/
A highly requested feature is the ability to use copy and paste keyboard shortcuts when in a Windows 10 Bash prompt. As of Windows Insider build 17643, this feature is now available as a setting in the Windows Command Prompt. [...]
https://www.bleepingcomputer.com/news/microsoft/copy-and-paste-keyboard-shortcuts-coming-to-windows-10-console-bash-prompt/
BleepingComputer
Copy & Paste Keyboard Shortcuts Coming to Windows 10 Console Bash Prompt
A highly requested feature is the ability to use copy and paste keyboard shortcuts when in a Windows 10 Bash prompt. As of Windows Insider build 17643, this feature is now available as a setting in the Windows Command Prompt.
"Early Bird" Code Injection Technique Helps Malware Stay Undetected
Security researchers have discovered at least three malware strains using a new code injection technique that allowed them to avoid antivirus detection. [...]
https://www.bleepingcomputer.com/news/security/early-bird-code-injection-technique-helps-malware-stay-undetected/
Security researchers have discovered at least three malware strains using a new code injection technique that allowed them to avoid antivirus detection. [...]
https://www.bleepingcomputer.com/news/security/early-bird-code-injection-technique-helps-malware-stay-undetected/
BleepingComputer
"Early Bird" Code Injection Technique Helps Malware Stay Undetected
Security researchers have discovered at least three malware strains using a new code injection technique that allowed them to avoid antivirus detection.
Researchers Catch Android OEMs Lying About Security Patches
A large number of Android manufacturers (OEMs) are skipping security patches but are lying to users about it, according to the team at Security Research Lab (SRL), a Berlin-based cyber-security firm. [...]
https://www.bleepingcomputer.com/news/security/researchers-catch-android-oems-lying-about-security-patches/
A large number of Android manufacturers (OEMs) are skipping security patches but are lying to users about it, according to the team at Security Research Lab (SRL), a Berlin-based cyber-security firm. [...]
https://www.bleepingcomputer.com/news/security/researchers-catch-android-oems-lying-about-security-patches/
BleepingComputer
Researchers Catch Android OEMs Lying About Security Patches
A large number of Android manufacturers (OEMs) are skipping security patches but are lying to users about it, according to the team at Security Research Lab (SRL), a Berlin-based cyber-security firm.
Ransomware Protection Section Included in Windows 10's Spring Creators Update
While ransomware has evolved into targeted attacks rather than mass spam campaigns, it is still a significant threat to businesses and consumers. Microsoft must agree, as in the upcoming Spring Creators Update, Microsoft has added a dedicated Ransomware Protection section in the Windows Defender Security Center settings. [...]
https://www.bleepingcomputer.com/news/microsoft/ransomware-protection-section-included-in-windows-10s-spring-creators-update/
While ransomware has evolved into targeted attacks rather than mass spam campaigns, it is still a significant threat to businesses and consumers. Microsoft must agree, as in the upcoming Spring Creators Update, Microsoft has added a dedicated Ransomware Protection section in the Windows Defender Security Center settings. [...]
https://www.bleepingcomputer.com/news/microsoft/ransomware-protection-section-included-in-windows-10s-spring-creators-update/
BleepingComputer
Ransomware Protection Section Included in Windows 10's Spring Creators Update
While ransomware has evolved into targeted attacks rather than mass spam campaigns, it is still a significant threat to businesses and consumers. Microsoft must agree, as in the upcoming Spring Creators Update, Microsoft has added a dedicated Ransomware Protection…
The Week in Ransomware - April 13th 2018 - PUBG Ransomware, Matrix, and More
Not too much new ransomware released this week, but rather just general ransomware news. One item of interest was the joke ransomware called PUBG Ransomware that made you play Player's Unknown Battleground in order to decrypt your files. Other than that, it was just news about new variants that were released or about variants. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-13th-2018-pubg-ransomware-matrix-and-more/
Not too much new ransomware released this week, but rather just general ransomware news. One item of interest was the joke ransomware called PUBG Ransomware that made you play Player's Unknown Battleground in order to decrypt your files. Other than that, it was just news about new variants that were released or about variants. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-13th-2018-pubg-ransomware-matrix-and-more/
BleepingComputer
The Week in Ransomware - April 13th 2018 - PUBG Ransomware, Matrix, and More
Not too much new ransomware released this week, but rather just general ransomware news. One item of interest was the joke ransomware called PUBG Ransomware that made you play Player's Unknown Battleground in order to decrypt your files. Other than that,…
Researchers Take Down Network of 52,000 Infected Servers Distributing Malware
Security researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the command and control infrastructure behind EITest, a network of hacked servers abused by cyber-criminals to redirect users to malware, exploits kits, and tech support scams. [...]
https://www.bleepingcomputer.com/news/security/researchers-take-down-network-of-52-000-infected-servers-distributing-malware/
Security researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the command and control infrastructure behind EITest, a network of hacked servers abused by cyber-criminals to redirect users to malware, exploits kits, and tech support scams. [...]
https://www.bleepingcomputer.com/news/security/researchers-take-down-network-of-52-000-infected-servers-distributing-malware/
BleepingComputer
Researchers Take Down Network of 52,000 Infected Servers Distributing Malware
Security researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the command and control infrastructure behind EITest, a network of hacked servers abused by cyber-criminals to redirect users to malware, exploits kits, and tech support scams.
Microsoft Engineer Charged in Reveton Ransomware Case
A Microsoft network engineer is facing federal charges in Florida for helping launder money obtained from victims of the Reventon ransomware. [...]
https://www.bleepingcomputer.com/news/security/microsoft-engineer-charged-in-reveton-ransomware-case/
A Microsoft network engineer is facing federal charges in Florida for helping launder money obtained from victims of the Reventon ransomware. [...]
https://www.bleepingcomputer.com/news/security/microsoft-engineer-charged-in-reveton-ransomware-case/
BleepingComputer
Microsoft Engineer Charged in Reveton Ransomware Case
A Microsoft network engineer is facing federal charges in Florida for helping launder money obtained from victims of the Reventon ransomware.
FTC: "Warranty Void If Removed" Stickers Are Illegal
The US Federal Trade Commission (FTC) sent letters this week to six major companies containing warnings that using "warranty void if removed" or similarly worded stickers on their products is illegal. [...]
https://www.bleepingcomputer.com/news/government/ftc-warranty-void-if-removed-stickers-are-illegal/
The US Federal Trade Commission (FTC) sent letters this week to six major companies containing warnings that using "warranty void if removed" or similarly worded stickers on their products is illegal. [...]
https://www.bleepingcomputer.com/news/government/ftc-warranty-void-if-removed-stickers-are-illegal/
BleepingComputer
FTC: "Warranty Void If Removed" Stickers Are Illegal
The US Federal Trade Commission (FTC) sent letters this week to six major companies containing warnings that using "warranty void if removed" or similarly worded stickers on their products is illegal.
Old JavaScript Crypto Flaw Puts Bitcoin Funds at Risk
Security researchers are warning that old Bitcoin addresses generated in the browser or through JavaScript-based wallet apps might be affected by a cryptographic flaw that allows attackers to brute-force private keys, take control of users' wallets, and steal funds. [...]
https://www.bleepingcomputer.com/news/security/old-javascript-crypto-flaw-puts-bitcoin-funds-at-risk/
Security researchers are warning that old Bitcoin addresses generated in the browser or through JavaScript-based wallet apps might be affected by a cryptographic flaw that allows attackers to brute-force private keys, take control of users' wallets, and steal funds. [...]
https://www.bleepingcomputer.com/news/security/old-javascript-crypto-flaw-puts-bitcoin-funds-at-risk/
BleepingComputer
Old JavaScript Crypto Flaw Puts Bitcoin Funds at Risk
Security researchers are warning that old Bitcoin addresses generated in the browser or through JavaScript-based wallet apps might be affected by a cryptographic flaw that allows attackers to brute-force private keys, take control of users' wallets, and steal…
Intel SPI Flash Flaw Lets Attackers Alter or Delete BIOS/UEFI Firmware
Intel has addressed a vulnerability in the configuration of several CPU series that allow an attacker to alter the behavior of the chip's SPI Flash memory —a mandatory component used during the boot-up process [1, 2, 3]. [...]
https://www.bleepingcomputer.com/news/security/intel-spi-flash-flaw-lets-attackers-alter-or-delete-bios-uefi-firmware/
Intel has addressed a vulnerability in the configuration of several CPU series that allow an attacker to alter the behavior of the chip's SPI Flash memory —a mandatory component used during the boot-up process [1, 2, 3]. [...]
https://www.bleepingcomputer.com/news/security/intel-spi-flash-flaw-lets-attackers-alter-or-delete-bios-uefi-firmware/
BleepingComputer
Intel SPI Flash Flaw Lets Attackers Alter or Delete BIOS/UEFI Firmware
Intel has addressed a vulnerability in the configuration of several CPU series that allow an attacker to alter the behavior of the chip's SPI Flash memory —a mandatory component used during the boot-up process [1, 2, 3].
Windows Servers Targeted for Cryptocurrency Mining via IIS Flaw
Hackers are leveraging an IIS 6.0 vulnerability to take over Windows servers and install a malware strain that mines the Electroneum cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/windows-servers-targeted-for-cryptocurrency-mining-via-iis-flaw/
Hackers are leveraging an IIS 6.0 vulnerability to take over Windows servers and install a malware strain that mines the Electroneum cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/windows-servers-targeted-for-cryptocurrency-mining-via-iis-flaw/
BleepingComputer
Windows Servers Targeted for Cryptocurrency Mining via IIS Flaw
Hackers are leveraging an IIS 6.0 vulnerability to take over Windows servers and install a malware strain that mines the Electroneum cryptocurrency.
Retired Airline Manager Who Hacked Former Employer Caught Thanks to VPN Logs
An Alaska judge sentenced a 59-year-old woman, a former director at Peninsula Airlines (PenAir), for hacking her former employer and wreaking havoc for two days inside the company's flight reservations system. [...]
https://www.bleepingcomputer.com/news/security/retired-airline-manager-who-hacked-former-employer-caught-thanks-to-vpn-logs/
An Alaska judge sentenced a 59-year-old woman, a former director at Peninsula Airlines (PenAir), for hacking her former employer and wreaking havoc for two days inside the company's flight reservations system. [...]
https://www.bleepingcomputer.com/news/security/retired-airline-manager-who-hacked-former-employer-caught-thanks-to-vpn-logs/
BleepingComputer
Retired Airline Manager Who Hacked Former Employer Caught Thanks to VPN Logs
An Alaska judge sentenced a 59-year-old woman, a former director at Peninsula Airlines (PenAir), for hacking her former employer and wreaking havoc for two days inside the company's flight reservations system.
What To Expect at the RSA 2018 Conference This Week
The RSA Conference, an annual security conference with over 40,000 attendees expected this year, runs from April 16th through the 20th. Additionally, there will be 500 vendors who will be on site to brandish the latest tech in the field. [...]
https://www.bleepingcomputer.com/news/security/what-to-expect-at-the-rsa-2018-conference-this-week/
The RSA Conference, an annual security conference with over 40,000 attendees expected this year, runs from April 16th through the 20th. Additionally, there will be 500 vendors who will be on site to brandish the latest tech in the field. [...]
https://www.bleepingcomputer.com/news/security/what-to-expect-at-the-rsa-2018-conference-this-week/
BleepingComputer
What To Expect at the RSA 2018 Conference This Week
The RSA Conference, an annual security conference with over 40,000 attendees expected this year, runs from April 16th through the 20th. Additionally, there will be 500 vendors who will be on site to brandish the latest tech in the field.