Crooks Hijack Router DNS Settings to Redirect Users to Android Malware

Malware authors have hijacked DNS settings on vulnerable routers to redirect users to sites hosting Android malware. [...]

https://www.bleepingcomputer.com/news/security/crooks-hijack-router-dns-settings-to-redirect-users-to-android-malware/

Chinese Mobile Device Maker ZTE Banned From Buying U.S. Goods

The U.S. Department of Commerce's Bureau of Industry and Security (BIS) announced yesterday that Chinese telecommunications company, ZTE, has been banned from purchasing goods from U.S. companies. This order was issued due to a breach of a settlement between ZTE and the US government after ZTE was found violating Iran and North Korea [...]

https://www.bleepingcomputer.com/news/security/chinese-mobile-device-maker-zte-banned-from-buying-us-goods/

US, UK Accuse Russia of Hacking Home Routers and ISPs to Conduct MitM Attacks

A joint alert issued by the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the United Kingdom's National Cyber Security Centre (NCSC) warns that Russian state-sponsored cyber actors are actively targeting home and enterprise routers. [...]

https://www.bleepingcomputer.com/news/government/us-uk-accuse-russia-of-hacking-home-routers-and-isps-to-conduct-mitm-attacks/

More Than Half of Android Apps for Kids Are Violating US Privacy Laws

Privacy experts have analyzed 5,855 child-directed Android apps and have found that more than half —57%— are potentially violating the Children's Online Privacy Protection Act (COPPA), a US law protecting children's private data online. [...]

https://www.bleepingcomputer.com/news/security/more-than-half-of-android-apps-for-kids-are-violating-us-privacy-laws/

Microsoft Releases Windows 10 Insider Build 17134 (RS4) To Include Security Vulnerabilities

Today, Microsoft released Windows 10 Insider Preview Build 17134 (Redstone 4) to insiders on the fast ring. This build does not contain any new features, but rather acts as a new build with security updates included that fix the vulnerabilities from KB4100375. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-insider-build-17134-rs4-to-include-security-vulnerabilities/

TaskRabbit Takes Down App and Website After Getting Hacked

TaskRabbit, a web-based service that connects freelance handymen with clients in various local US markets, has emailed customers admitting it suffered a security breach. [...]

https://www.bleepingcomputer.com/news/security/taskrabbit-takes-down-app-and-website-after-getting-hacked/

Russia Bans 1.8 Million Amazon and Google IPs in Attempt to Block Telegram

Roskomnadzor, Russia's telecommunications watchdog, banned today over 1.8 million IP addresses belonging to Amazon and Google's cloud infrastructure. [...]

https://www.bleepingcomputer.com/news/government/russia-bans-18-million-amazon-and-google-ips-in-attempt-to-block-telegram/

Microsoft Announces Custom Chip and Linux Distro to Secure IoT Devices

Yesterday, at the RSA 2018 security conference, Microsoft announced a new security-focused product named Azure Sphere. According to Microsoft chief financial officer Brad Smith, Microsoft created Azure Sphere for the sole purpose of securing Internet of Things (IoT) devices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-custom-chip-and-linux-distro-to-secure-iot-devices/

Windows 10 Spring Creators Update Delayed Because of Higher Percentage of BSODs

Microsoft admitted yesterday that the reason it did not launch the Spring Creators Update for Windows 10 last week was because of technical issues the company encountered with the supposed final release. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-spring-creators-update-delayed-because-of-higher-percentage-of-bsods/

Federal Agencies Hit With More Data Breaches Than Other Sectors - 330 Million at Risk

According to Thales e-Security's 2018 Data Threat Report—Federal Government Edition, US federal agencies are experiencing more data breaches than other sectors. [...]

https://www.bleepingcomputer.com/news/government/federal-agencies-hit-with-more-data-breaches-than-other-sectors-330-million-at-risk/

Intel to Allow Antivirus Engines to Use Integrated GPUs for Malware Scanning

Intel announced yesterday at the RSA 2018 security conference several new security-focused technologies, among which is a feature that will let security products offload virus scanning operations to integrated graphics processors embedded with some Intel CPUs. [...]

https://www.bleepingcomputer.com/news/security/intel-to-allow-antivirus-engines-to-use-integrated-gpus-for-malware-scanning/

XiaoBa Ransomware Retooled as Coinminer But Manages to Ruin Your Files Anyway

The authors of the XiaoBa ransomware have retooled their malware's code into a cryptocurrency miner (coinminer). Unfortunately, despite not encrypting files anymore, the XiaoBa coinminer still destroys users' data thanks to a series of bugs that primarily corrupt a user's executable files. [...]

https://www.bleepingcomputer.com/news/security/xiaoba-ransomware-retooled-as-coinminer-but-manages-to-ruin-your-files-anyway/

34 Tech Firms Sign Accord Not to Assist Government Hacking Operations

An industry group of 34 high-tech companies led by Microsoft, have signed today a tech accord, agreeing to defend customers at all costs from cybercriminal and nation-state cyber-attacks, but also not to provide any technical aid to governments looking to launch cyber-attacks on other countries, companies, or individual users. [...]

https://www.bleepingcomputer.com/news/government/34-tech-firms-sign-accord-not-to-assist-government-hacking-operations/

Teenager Charged For Nova Scotia Freedom of Information Web Portal Breach

A 19 year old teenager was charged with 'unauthorized use of a computer' after downloading over 7,000 records from the Nova Scotia Freedom-of-Information web portal. The teenager whose name has not been released, has been accused of stealing documents from the portal, with many of them being publicly accessible and redacted.  [...]

https://www.bleepingcomputer.com/news/security/teenager-charged-for-nova-scotia-freedom-of-information-web-portal-breach/

Guild Wars 2 Monitored All Running Process in Order To Ban Users

While nobody likes a cheater in online games, sometimes how a company monitors and bans cheaters can go wrong. Such is the case with a recent ban fest unleashed by ArenaNet for their Guild Wars 2 game, which used a program that monitored all processes running on a computer for blacklisted programs. [...]

https://www.bleepingcomputer.com/news/security/guild-wars-2-monitored-all-running-process-in-order-to-ban-users/

Drupalgeddon 2 Vulnerability Used to Infect Servers With Backdoors & Coinminers

Hackers haven't wasted their time in deciding what to do with the proof-of-concept (PoC) code that was published online last week for a major Drupal security flaw. [...]

https://www.bleepingcomputer.com/news/security/drupalgeddon-2-vulnerability-used-to-infect-servers-with-backdoors-and-coinminers/

Google Chrome 66 Released Today Focuses on Security

Google has moved Chrome 66 to the stable channel and starting earlier today has begun updating users to the browser's new major version — Chrome 66.0.3359.117. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-66-released-today-focuses-on-security/

Stresspaint Malware Steals Facebook Credentials and Session Cookies

Security researchers have spotted a new information stealer that collects Chrome login data from infected victims, along with session cookies, and appears to be looking for Facebook details in particular, according to a Radware threat alert. [...]

https://www.bleepingcomputer.com/news/security/stresspaint-malware-steals-facebook-credentials-and-session-cookies/

Microsoft Ports Anti-Phishing Technology to Google Chrome

Microsoft has released a Chrome extension named "Windows Defender Browser Protection" that ports Windows Defender's —and inherently Edge's— anti-phishing technology to Google Chrome. [...]

https://www.bleepingcomputer.com/news/security/microsoft-ports-anti-phishing-technology-to-google-chrome/

Minecraft & CS:GO Ransomware Strive For Media Attention

When ransomware developers achieve huge media buzz like we saw with the PUBG Ransomware, it is not surprising to see other developers creating copycats. This is the case with two new in-development ransomware programs, if we can even call them that, for both Minecraft and Counter-Strike: Global Offensive (CS: GO). [...]

https://www.bleepingcomputer.com/news/security/minecraft-and-cs-go-ransomware-strive-for-media-attention/

iOS Trustjacking Attack Exposes iPhones to Remote Hacking

Symantec researchers have found a loophole in how iPhone users pair devices with Mac workstations and laptops. They say attackers can exploit this flaw —which they named Trustjacking— to take over devices without the phone owner's knowledge. [...]

https://www.bleepingcomputer.com/news/security/ios-trustjacking-attack-exposes-iphones-to-remote-hacking/