SynAck Ransomware Uses Process Doppelgänging Technique

A new and improved version of the SynAck ransomware has been spotted online these past days, and security researchers are reporting that the ransomware now uses the Process Doppelgänging technique. [...]

https://www.bleepingcomputer.com/news/security/synack-ransomware-uses-process-doppelg-nging-technique/

Ticketmaster To Use Facial Recognition In Place of Tickets for Venue Entry

Included in the Live Nation's first quarter 2018 financial results released last week, was a small mention that they have partnered with and invested in a facial recognition company called Blink Identity. Live Nation's plan is to use this technology to allow ticket holders to gain access to shows using facial recognition. [...]

https://www.bleepingcomputer.com/news/business/ticketmaster-to-use-facial-recognition-in-place-of-tickets-for-venue-entry/

Hackers Deface Canon Security Cameras in Japan

Hackers have defaced tens of Canon security cameras across Japan, local media reported, printing the phrase "I'm Hacked. bye2" on the video feeds of affected devices. [...]

https://www.bleepingcomputer.com/news/security/hackers-deface-canon-security-cameras-in-japan/

Doc Used to ID Satan Worship May Also Describe Computer & InfoSec Enthusiasts

A document distributed by Police to identify Satanic Worshippers during the "Satanic Panic" of the 1980s has criteria that many teens, computer enthusiasts, and security researchers may identify with. [...]

https://www.bleepingcomputer.com/news/security/doc-used-to-id-satan-worship-may-also-describe-computer-and-infosec-enthusiasts/

ADL Estimates 4.2 Million Anti-Semitic Tweets Were Posted in a One-Year Period

A study released by the The Anti-Defamation League (ADL) during their National Leadership Summit in Washington describes how over a one-year period, over 4 million anti-semitic tweets were shared or reshared over Twitter. These tweets were sent from approximately 3 million Twitter accounts. [...]

https://www.bleepingcomputer.com/news/technology/adl-estimates-42-million-anti-semitic-tweets-were-posted-in-a-one-year-period/

Police Drop Charges Against Canadian Teen Who Downloaded FOIA Documents

Halifax Regional Police announced today they would not be pressing charges against a 19-year-old teenager accused of hacking government systems. [...]

https://www.bleepingcomputer.com/news/security/police-drop-charges-against-canadian-teen-who-downloaded-foia-documents/

FBI: Number of Ransomware Complaints Went Down in 2017

The number of people who reported ransomware infections to US authorities has gone down last year, according to a yearly FBI Internet crime report. [...]

https://www.bleepingcomputer.com/news/security/fbi-number-of-ransomware-complaints-went-down-in-2017/

Microsoft Adds Support for JavaScript Functions in Excel

At the Build 2018 developer conference that's taking place these days in Seattle, USA, Microsoft announced support for custom JavaScript functions in Excel. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-adds-support-for-javascript-functions-in-excel/

High School Can’t Pick Valedictorian Because Hacker Altered Grades for Years

An Alabama high school is in the unpleasant position of not being able to finish end-year school rankings after they've discovered that someone has been hacking into their IT network and changing grades since 2016. [...]

https://www.bleepingcomputer.com/news/security/high-school-can-t-pick-valedictorian-because-hacker-altered-grades-for-years/

Office 365 Zero-Day Used in Real-World Phishing Campaigns

A new email attack known as baseStriker allows miscreants to send malicious emails that bypass security systems on Office 365 accounts. [...]

https://www.bleepingcomputer.com/news/security/office-365-zero-day-used-in-real-world-phishing-campaigns/

Equifax Releases Data Showing the Full Impact of Its 2017 Data Breach

As part of its 8-K filing to the SEC, Equifax has unveiled the full extent of their massive 2017 146 million data breach. With the huge amount of people affected, almost half of all Americans, and the massive media exposure, hopefully most victims have been proactive in monitoring their credit to make sure no funny business is going. [...]

https://www.bleepingcomputer.com/news/security/equifax-releases-data-showing-the-full-impact-of-its-2017-data-breach/

Adobe Patch Tuesday Is Out With Fixes for Flash Player, Creative Cloud, Connect

Adobe published this month's batch of security fixes, part of the company's regular Patch Tuesday outing. For the month of May 2018, Adobe fixed five vulnerabilities — one in Flash Player, three in the Creative Cloud Desktop application, and one in Connect. [...]

https://www.bleepingcomputer.com/news/security/adobe-patch-tuesday-is-out-with-fixes-for-flash-player-creative-cloud-connect/

John Legend and 6 Other Voices Being Added to Google Assistant

During the Google I/O 2018 event, Google CEO Sundar Pichai announced 6 new voices were coming to Google Assistant today. In addition to these voices, Pichai also announced that John Legend has worked with Google to train their machine learning Wavenet algorithm to convert his voice into another Assistant voice coming later this year. [...]

https://www.bleepingcomputer.com/news/google/john-legend-and-6-other-voices-being-added-to-google-assistant/

Microsoft May 2018 Patch Tuesday Fixes 67 Security Issues, Including IE Zero-Day

Microsoft published earlier today the Patch Tuesday security bulletin for May 2018, containing fixes for 67 security issues. This month, Microsoft fixed security flaws in Microsoft Windows, Internet Explorer, Microsoft Edge, ChakraCore, .NET Framework, Microsoft Exchange Server, Windows Host Compute Service Shim, and Office. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-may-2018-patch-tuesday-fixes-67-security-issues-including-ie-zero-day/

Line Feeds for Everyone! Notepad Now Supports Unix & Mac EOL Characters

Microsoft announced today that they are adding support for Unix & macOS End of Line characters to Notepad in the latest Windows 10 Insider build. [...]

https://www.bleepingcomputer.com/news/security/line-feeds-for-everyone-notepad-now-supports-unix-and-mac-eol-characters/

“Hide and Seek” Becomes First IoT Botnet Capable of Surviving Device Reboots

Security researchers have discovered the first IoT botnet malware strain that can survive device reboots and remain on infected devices after the initial compromise. [...]

https://www.bleepingcomputer.com/news/security/-hide-and-seek-becomes-first-iot-botnet-capable-of-surviving-device-reboots/

PoC Developed for CoinHive Mining In Excel Using Custom JavaScript Functions

Within days of Microsoft announcing that they are introducing custom JavaScript equations in Excel, a security researcher has developed a way to use this method to load the CoinHive in-browser JavaScript miner within Excel. [...]

https://www.bleepingcomputer.com/news/security/poc-developed-for-coinhive-mining-in-excel-using-custom-javascript-functions/

Hacker Shuts Down Copenhagen’s Public City Bikes System

An unidentified hacker has breached Bycyklen —Copenhagen's city bikes network— and deleted the organization's entire database, disabling the public's access to bicycles over the weekend. [...]

https://www.bleepingcomputer.com/news/security/hacker-shuts-down-copenhagen-s-public-city-bikes-system/

Backdoored Python Library Caught Stealing SSH Credentials

Barely a week has passed from the last attempt to hide a backdoor in a code library, and we have a new case today. This time around, the backdoor was found in a Python module, and not an npm (JavaScript) package. [...]

https://www.bleepingcomputer.com/news/security/backdoored-python-library-caught-stealing-ssh-credentials/

Multiple OS Vendors Release Security Patches After Misinterpreting Intel Docs

Almost all major OS vendors released security patches yesterday after a researcher discovered that some OS makers have misinterpreted an Intel CPU debug feature and left their systems open to attacks. [...]

https://www.bleepingcomputer.com/news/security/multiple-os-vendors-release-security-patches-after-misinterpreting-intel-docs/

Windows CLI Apps Vulnerable to New Ctrl-Inject Process Injection Attack

Rotem Kerner, a security researcher with enSilo, has discovered a new process injection technique that can be abused by malicious actors to hide malware inside Windows-based CLI applications. [...]

https://www.bleepingcomputer.com/news/security/windows-cli-apps-vulnerable-to-new-ctrl-inject-process-injection-attack/