Amazon Follows Google in Banning "Domain Fronting"
Two of today's biggest cloud service providers are now blocking a technique called "domain fronting" that has been used by websites and applications to avoid government-based censorship, but also by malware to secretly siphon stolen data to covert servers. [...]
https://www.bleepingcomputer.com/news/cloud/amazon-follows-google-in-banning-domain-fronting/
Two of today's biggest cloud service providers are now blocking a technique called "domain fronting" that has been used by websites and applications to avoid government-based censorship, but also by malware to secretly siphon stolen data to covert servers. [...]
https://www.bleepingcomputer.com/news/cloud/amazon-follows-google-in-banning-domain-fronting/
BleepingComputer
Amazon Follows Google in Banning "Domain Fronting"
Two of today's biggest cloud service providers are now blocking a technique called "domain fronting" that has been used by websites and applications to avoid government-based censorship, but also by malware to secretly siphon stolen data to covert servers.
Unicef's TheHopepage May Be the First Good Use of In-Browser Mining
With the launch of Unicef AU's TheHopepage.org, we may have seen the first good use for CoinHive's in-browser mining. Using an opt-in CoinHive in-browser mining page, Unicef is hoping that users will sacrifice some of their CPU for charities and it looks like it is paying off. [...]
https://www.bleepingcomputer.com/news/business/unicefs-thehopepage-may-be-the-first-good-use-of-in-browser-mining/
With the launch of Unicef AU's TheHopepage.org, we may have seen the first good use for CoinHive's in-browser mining. Using an opt-in CoinHive in-browser mining page, Unicef is hoping that users will sacrifice some of their CPU for charities and it looks like it is paying off. [...]
https://www.bleepingcomputer.com/news/business/unicefs-thehopepage-may-be-the-first-good-use-of-in-browser-mining/
BleepingComputer
Unicef's TheHopepage May Be the First Good Use of In-Browser Mining
With the launch of Unicef AU's TheHopepage.org, we may have seen the first good use for CoinHive's in-browser mining. Using an opt-in CoinHive in-browser mining page, Unicef is hoping that users will sacrifice some of their CPU for charities and it looksβ¦
4 ‘Smart’ Apps That Could Be Smarter (And 4 to Use Instead)
The developers of apps built with artificial intelligence (AI) often promise that they'll make life easier and help us in ways we hadn't thought possible, all thanks to their impressive knowledge. However, sometimes they fall short of the mark. [...]
https://www.bleepingcomputer.com/tips/software/4-smart-apps-that-could-be-smarter-and-4-to-use-instead/
The developers of apps built with artificial intelligence (AI) often promise that they'll make life easier and help us in ways we hadn't thought possible, all thanks to their impressive knowledge. However, sometimes they fall short of the mark. [...]
https://www.bleepingcomputer.com/tips/software/4-smart-apps-that-could-be-smarter-and-4-to-use-instead/
BleepingComputer
4 βSmartβ Apps That Could Be Smarter (And 4 to Use Instead)
The developers of apps built with artificial intelligence (AI) often promise that they'll make life easier and help us in ways we hadn't thought possible, all thanks to their impressive knowledge. However, sometimes they fall short of the mark.
Facebook Announces Dating Feature
At the F8 Developer Conference that's taking place these days in San Jose, California, Facebook CEO Mark Zuckerberg announced a new product called Facebook Dating. [...]
https://www.bleepingcomputer.com/news/technology/facebook-announces-dating-feature/
At the F8 Developer Conference that's taking place these days in San Jose, California, Facebook CEO Mark Zuckerberg announced a new product called Facebook Dating. [...]
https://www.bleepingcomputer.com/news/technology/facebook-announces-dating-feature/
BleepingComputer
Facebook Announces Dating Feature
At the F8 Developer Conference that's taking place these days in San Jose, California, Facebook CEO Mark Zuckerberg announced a new product called Facebook Dating.
GitHub Accidentally Recorded Some Plaintext Passwords in Its Internal Logs
In an email sent out today, GitHub has warned a select number of users that a bug in its password reset functionality has recorded users' passwords in plaintext format inside the company's internal logs. [...]
https://www.bleepingcomputer.com/news/security/github-accidentally-recorded-some-plaintext-passwords-in-its-internal-logs/
In an email sent out today, GitHub has warned a select number of users that a bug in its password reset functionality has recorded users' passwords in plaintext format inside the company's internal logs. [...]
https://www.bleepingcomputer.com/news/security/github-accidentally-recorded-some-plaintext-passwords-in-its-internal-logs/
BleepingComputer
GitHub Accidentally Recorded Some Plaintext Passwords in Its Internal Logs
In an email sent out today, GitHub has warned a select number of users that a bug in its password reset functionality has recorded users' passwords in plaintext format inside the company's internal logs.
Facebook Announces "Clear History" Tool
At the F8 Developer Conference today, Facebook CEO Mark Zuckerberg announced an upcoming platform feature entitled "Clear History." [...]
https://www.bleepingcomputer.com/news/technology/facebook-announces-clear-history-tool/
At the F8 Developer Conference today, Facebook CEO Mark Zuckerberg announced an upcoming platform feature entitled "Clear History." [...]
https://www.bleepingcomputer.com/news/technology/facebook-announces-clear-history-tool/
BleepingComputer
Facebook Announces "Clear History" Tool
At the F8 Developer Conference today, Facebook CEO Mark Zuckerberg announced an upcoming platform feature entitled "Clear History."
New Hacking Tool Lets Users Access a Bunch of DVRs and Their Video Feeds
An Argentinian security researcher named Ezequiel Fernandez has published a powerful new tool yesterday that can easily extract plaintext credentials for various DVR brands and grant attackers access to those systems, and inherently the video feeds they're supposed to record. [...]
https://www.bleepingcomputer.com/news/security/new-hacking-tool-lets-users-access-a-bunch-of-dvrs-and-their-video-feeds/
An Argentinian security researcher named Ezequiel Fernandez has published a powerful new tool yesterday that can easily extract plaintext credentials for various DVR brands and grant attackers access to those systems, and inherently the video feeds they're supposed to record. [...]
https://www.bleepingcomputer.com/news/security/new-hacking-tool-lets-users-access-a-bunch-of-dvrs-and-their-video-feeds/
BleepingComputer
New Hacking Tool Lets Users Access a Bunch of DVRs and Their Video Feeds
An Argentinian security researcher named Ezequiel Fernandez has published a powerful new tool yesterday that can easily extract plaintext credentials for various DVR brands and grant attackers access to those systems, and inherently the video feeds they'reβ¦
APT28 Hackers Caught Hijacking Legitimate LoJack Software
Security researchers have found tainted versions of the legitimate LoJack software that appeared to have been sneakily modified to allow hackers inside companies that use it. [...]
https://www.bleepingcomputer.com/news/security/apt28-hackers-caught-hijacking-legitimate-lojack-software/
Security researchers have found tainted versions of the legitimate LoJack software that appeared to have been sneakily modified to allow hackers inside companies that use it. [...]
https://www.bleepingcomputer.com/news/security/apt28-hackers-caught-hijacking-legitimate-lojack-software/
BleepingComputer
APT28 Hackers Caught Hijacking Legitimate LoJack Software
Security researchers have found tainted versions of the legitimate LoJack software that appeared to have been sneakily modified to allow hackers inside companies that use it.
Microsoft Releases a "Windows Command Reference" For Over 250 Console Commands
Microsoft released a 948 page PDF titled the "Windows Command Reference" that contains documentation on over 250 Windows console commands. For each command, Microsoft has included a detailed description of the command, their command line arguments,.and for some commands, what operating system the documentation applies. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-a-windows-command-reference-for-over-250-console-commands/
Microsoft released a 948 page PDF titled the "Windows Command Reference" that contains documentation on over 250 Windows console commands. For each command, Microsoft has included a detailed description of the command, their command line arguments,.and for some commands, what operating system the documentation applies. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-a-windows-command-reference-for-over-250-console-commands/
BleepingComputer
Microsoft Releases a "Windows Command Reference" For Over 250 Console Commands
Microsoft released a 948 page PDF titled the "Windows Command Reference" that contains documentation on over 250 Windows console commands. For each command, Microsoft has included a detailed description of the command, their command line arguments,.and forβ¦
DDoS Attacks Go Down 60% Across Europe Following WebStresser's Takedown
Link11, a DDoS mitigation firm, says that DDoS attacks fell 60% across Europe following the takedown of WebStresser, the largest DDoS-for-hire portal on the market. [...]
https://www.bleepingcomputer.com/news/security/ddos-attacks-go-down-60-percent-across-europe-following-webstressers-takedown/
Link11, a DDoS mitigation firm, says that DDoS attacks fell 60% across Europe following the takedown of WebStresser, the largest DDoS-for-hire portal on the market. [...]
https://www.bleepingcomputer.com/news/security/ddos-attacks-go-down-60-percent-across-europe-following-webstressers-takedown/
BleepingComputer
DDoS Attacks Go Down 60% Across Europe Following WebStresser's Takedown
Link11, a DDoS mitigation firm, says that DDoS attacks fell 60% across Europe following the takedown of WebStresser, the largest DDoS-for-hire portal on the market.
New MassMiner Malware Targets Web Servers With an Assortment of Exploits
Security researchers have detected a new wave of cryptocurrency-mining malware infecting servers across the web, and this one is using multiple exploits to gain access to vulnerable and unpatched systems to install a Monero miner. [...]
https://www.bleepingcomputer.com/news/security/new-massminer-malware-targets-web-servers-with-an-assortment-of-exploits/
Security researchers have detected a new wave of cryptocurrency-mining malware infecting servers across the web, and this one is using multiple exploits to gain access to vulnerable and unpatched systems to install a Monero miner. [...]
https://www.bleepingcomputer.com/news/security/new-massminer-malware-targets-web-servers-with-an-assortment-of-exploits/
BleepingComputer
New MassMiner Malware Targets Web Servers With an Assortment of Exploits
Security researchers have detected a new wave of cryptocurrency-mining malware infecting servers across the web, and this one is using multiple exploits to gain access to vulnerable and unpatched systems to install a Monero miner.
VirusTotal Releases VTZilla 2.0 Extension For Firefox Quantum
VirusTotal has released version 2.0 of their VTZilla Firefox extension so that it now supports Mozilla Quantum and includes additional features. With this release, VirusTotal added new features such as the ability to scan downloaded files automatically, scan links or pages, or enter a hash to pull up an existing report. [...]
https://www.bleepingcomputer.com/news/security/virustotal-releases-vtzilla-20-extension-for-firefox-quantum/
VirusTotal has released version 2.0 of their VTZilla Firefox extension so that it now supports Mozilla Quantum and includes additional features. With this release, VirusTotal added new features such as the ability to scan downloaded files automatically, scan links or pages, or enter a hash to pull up an existing report. [...]
https://www.bleepingcomputer.com/news/security/virustotal-releases-vtzilla-20-extension-for-firefox-quantum/
BleepingComputer
VirusTotal Releases VTZilla 2.0 Extension For Firefox Quantum
VirusTotal has released version 2.0 of their VTZilla Firefox extension so that it now supports Mozilla Quantum and includes additional features. With this release, VirusTotal added new features such as the ability to scan downloaded files automatically, scanβ¦
Researcher Finds a Way to Bypass Meltdown Patches on Windows 10
Microsoft's patches for the Meltdown vulnerability have had a fatal flaw all these past months, according to Alex Ionescu, a security researcher with cyber-security firm Crowdstrike. [...]
https://www.bleepingcomputer.com/news/security/researcher-finds-a-way-to-bypass-meltdown-patches-on-windows-10/
Microsoft's patches for the Meltdown vulnerability have had a fatal flaw all these past months, according to Alex Ionescu, a security researcher with cyber-security firm Crowdstrike. [...]
https://www.bleepingcomputer.com/news/security/researcher-finds-a-way-to-bypass-meltdown-patches-on-windows-10/
BleepingComputer
Microsoft Working on a Fix for Windows 10 Meltdown Patch Bypass
Microsoft's patches for the Meltdown vulnerability have had a fatal flaw all these past months, according to Alex Ionescu, a security researcher with cyber-security firm Crowdstrike.
Newark's New Mass Surveillance Program Criticized by Civil Liberties Org
A network of surveillance cameras in various locations throughout Newark, NJ will enable people to monitor these locations for criminal activity. The program, the Citizen Virtual Patrol, has been described by local leaders as "a block watch on steroids". [...]
https://www.bleepingcomputer.com/news/legal/newarks-new-mass-surveillance-program-criticized-by-civil-liberties-org/
A network of surveillance cameras in various locations throughout Newark, NJ will enable people to monitor these locations for criminal activity. The program, the Citizen Virtual Patrol, has been described by local leaders as "a block watch on steroids". [...]
https://www.bleepingcomputer.com/news/legal/newarks-new-mass-surveillance-program-criticized-by-civil-liberties-org/
BleepingComputer
Newark's New Mass Surveillance Program Criticized by Civil Liberties Org
A network of surveillance cameras in various locations throughout Newark, NJ will enable people to monitor these locations for criminal activity. The program, the Citizen Virtual Patrol, has been described by local leaders as "a block watch on steroids".
Microsoft Is No Longer Providing Offline MSI Symbol Packages
Microsoft has stated that they are no longer offering offline symbol packages as a downloadable MSI. For those who need to download symbols to debug their applications or Windows, you will now need to connect directly to their symbol server or use the symchk utility to download them. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-is-no-longer-providing-offline-msi-symbol-packages/
Microsoft has stated that they are no longer offering offline symbol packages as a downloadable MSI. For those who need to download symbols to debug their applications or Windows, you will now need to connect directly to their symbol server or use the symchk utility to download them. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-is-no-longer-providing-offline-msi-symbol-packages/
BleepingComputer
Microsoft Is No Longer Providing Offline MSI Symbol Packages
Microsoft has stated that they are no longer offering offline symbol packages as a downloadable MSI. For those who need to download symbols to debug their applications or Windows, you will now need to connect directly to their symbol server or use the symchkβ¦
Pretty Serious Security Flaw Fixed in Popular ICS Software
Schneider Electric, one of the largest makers of hardware and software products used across critical industry verticals has patched a vulnerability in two software products βInduSoft Web Studio and InTouch Machine Edition. [...]
https://www.bleepingcomputer.com/news/security/pretty-serious-security-flaw-fixed-in-popular-ics-software/
Schneider Electric, one of the largest makers of hardware and software products used across critical industry verticals has patched a vulnerability in two software products βInduSoft Web Studio and InTouch Machine Edition. [...]
https://www.bleepingcomputer.com/news/security/pretty-serious-security-flaw-fixed-in-popular-ics-software/
BleepingComputer
Pretty Serious Security Flaw Fixed in Popular ICS Software
Schneider Electric, one of the largest makers of hardware and software products used across critical industry verticals has patched a vulnerability in two software products βInduSoft Web Studio and InTouch Machine Edition.
Somebody Tried to Hide a Backdoor in a Popular JavaScript npm Package
The Node Package Manager (npm) team avoided a disaster today when it discovered and blocked the distribution of a cleverly hidden backdoor mechanism inside a popular βalbeit deprecatedβ JavaScript package. [...]
https://www.bleepingcomputer.com/news/security/somebody-tried-to-hide-a-backdoor-in-a-popular-javascript-npm-package/
The Node Package Manager (npm) team avoided a disaster today when it discovered and blocked the distribution of a cleverly hidden backdoor mechanism inside a popular βalbeit deprecatedβ JavaScript package. [...]
https://www.bleepingcomputer.com/news/security/somebody-tried-to-hide-a-backdoor-in-a-popular-javascript-npm-package/
BleepingComputer
Somebody Tried to Hide a Backdoor in a Popular JavaScript npm Package
The Node Package Manager (npm) team avoided a disaster today when it discovered and blocked the distribution of a cleverly hidden backdoor mechanism inside a popular βalbeit deprecatedβ JavaScript package.
GLitch Technique Enrolls Graphics Cards in Rowhammer Attacks on Android Phones
A team of academics from the Vrije University in Amsterdam has developed a new hacking technique that uses embedded graphics processing units (GPUs) and support for WebGL to carry out a Rowhammer attack. [...]
https://www.bleepingcomputer.com/news/security/glitch-technique-enrolls-graphics-cards-in-rowhammer-attacks-on-android-phones/
A team of academics from the Vrije University in Amsterdam has developed a new hacking technique that uses embedded graphics processing units (GPUs) and support for WebGL to carry out a Rowhammer attack. [...]
https://www.bleepingcomputer.com/news/security/glitch-technique-enrolls-graphics-cards-in-rowhammer-attacks-on-android-phones/
BleepingComputer
GLitch Technique Enrolls Graphics Cards in Rowhammer Attacks on Android Phones
A team of academics from the Vrije University in Amsterdam has developed a new hacking technique that uses embedded graphics processing units (GPUs) and support for WebGL to carry out a Rowhammer attack.
Facebook's Phishing Detection Tool Now Recognizes Homograph Attacks
Facebook has updated a phishing detection toolkit it developed two years ago. The update now allows webmasters who sign up for the tool to detect homograph (Unicode-based lookalike) domains created for their websites. [...]
https://www.bleepingcomputer.com/news/security/facebooks-phishing-detection-tool-now-recognizes-homograph-attacks/
Facebook has updated a phishing detection toolkit it developed two years ago. The update now allows webmasters who sign up for the tool to detect homograph (Unicode-based lookalike) domains created for their websites. [...]
https://www.bleepingcomputer.com/news/security/facebooks-phishing-detection-tool-now-recognizes-homograph-attacks/
BleepingComputer
Facebook's Phishing Detection Tool Now Recognizes Homograph Attacks
Facebook has updated a phishing detection toolkit it developed two years ago. The update now allows webmasters who sign up for the tool to detect homograph (Unicode-based lookalike) domains created for their websites.
Twitter Admits Recording Plaintext Passwords in Internal Logs, Just Like GitHub
Following an internal audit, Twitter admitted today that due to a bug in its password storage mechanism it accidentally logged some users' passwords in internal logs. [...]
https://www.bleepingcomputer.com/news/security/twitter-admits-recording-plaintext-passwords-in-internal-logs-just-like-github/
Following an internal audit, Twitter admitted today that due to a bug in its password storage mechanism it accidentally logged some users' passwords in internal logs. [...]
https://www.bleepingcomputer.com/news/security/twitter-admits-recording-plaintext-passwords-in-internal-logs-just-like-github/
BleepingComputer
Twitter Admits Recording Plaintext Passwords in Internal Logs, Just Like GitHub
Following an internal audit, Twitter admitted today that due to a bug in its password storage mechanism it accidentally logged some users' passwords in internal logs.
Microsoft Released Hyper-V Debug Symbols for the Hyper-V Bug Bounty Program
Microsoft has released debugging symbols for many of the core components of Hyper-V. Using these debugging symbols, security researchers can analyze them for vulnerabilities in order to submit them to the Hyper-V bug bounty program. [...]
https://www.bleepingcomputer.com/news/security/microsoft-released-hyper-v-debug-symbols-for-the-hyper-v-bug-bounty-program/
Microsoft has released debugging symbols for many of the core components of Hyper-V. Using these debugging symbols, security researchers can analyze them for vulnerabilities in order to submit them to the Hyper-V bug bounty program. [...]
https://www.bleepingcomputer.com/news/security/microsoft-released-hyper-v-debug-symbols-for-the-hyper-v-bug-bounty-program/
BleepingComputer
Microsoft Released Hyper-V Debug Symbols for the Hyper-V Bug Bounty Program
Microsoft has released debugging symbols for many of the core components of Hyper-V. Using these debugging symbols, security researchers can analyze them for vulnerabilities in order to submit them to the Hyper-V bug bounty program.