Hacker Steals $1.35 Million From Cryptocurrency Trading App Taylor

The creators of the Taylor cryptocurrency trading app claim that an unidentified hacker has stolen around $1.35 million worth of Ether from the company's wallets. [...]

https://www.bleepingcomputer.com/news/security/hacker-steals-135-million-from-cryptocurrency-trading-app-taylor/

Two Canadian Banks Announce Hacks Over the Weekend

Two Canadian banks put out statements on Monday announcing separate cyber-incidents affecting their customers. The two are Simplii Financial, a subsidiary of CIBC, and the Bank of Montreal —two of Canada's biggest banks. [...]

https://www.bleepingcomputer.com/news/security/two-canadian-banks-announce-hacks-over-the-weekend/

NPM Fails Worldwide With "ERR! 418 I'm a Teapot" Error

Users of the NPMJavaScript package manager were greeted by a weird error yesterday evening, as their consoles and applications spewed a message of "ERR! 418 I'm a teapot" whenever they tried to update or install a new JavaScript/Node.js package. [...]

https://www.bleepingcomputer.com/news/technology/npm-fails-worldwide-with-err-418-im-a-teapot-error/

MnuBot Banking Trojan Tries to Hide Behind Seemingly Innocent MSSQL Traffic

Security researchers have spotted a new banking trojan named MnuBot that uses some atypical tricks to avoid easy detection on compromised hosts. [...]

https://www.bleepingcomputer.com/news/security/mnubot-banking-trojan-tries-to-hide-behind-seemingly-innocent-mssql-traffic/

Microsoft Added An Address Bar to Registry Editor in the April 2018 Update

With the release of the April 2018 Update, this has all changed as Microsoft finally introduced an address bar to the Registry Editor that you can paste a Registry key into and automatically open it. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-added-an-address-bar-to-registry-editor-in-the-april-2018-update/

Reboot Your Router to remove VPNFilter? Why It's Not Enough

With the recent report about the VPNFilter router infection, the FBI has advised everyone to reboot their router. This article explains why this is not enough and that more steps are needed to fully remove the infection and protect your device. [...]

https://www.bleepingcomputer.com/news/security/reboot-your-router-to-remove-vpnfilter-why-its-not-enough/

Misconfigured EOS Blockchain Nodes Under Attack

A mysterious attacker is scanning the Internet for EOS blockchain nodes that are accidentally exposing private keys through an API misconfiguration. [...]

https://www.bleepingcomputer.com/news/security/misconfigured-eos-blockchain-nodes-under-attack/

Google Chrome 67 Released for Windows, Mac, and Linux

Google released earlier today Chrome 67, the latest stable release of its web browser. According to changelogs released with Chrome 67, this version adds support for a Generic Sensors API, improves AR and VR experiences, and deprecates the HTTP-Based Public Key Pinning (HPKP) security feature. [...]

https://www.bleepingcomputer.com/news/software/google-chrome-67-released-for-windows-mac-and-linux/

Hacker Who Worked With FSB Agents in Email Hacks Gets 5 Years in Prison

A 23-year-old Canadian man who hacked into Yahoo and Gmail accounts on behalf of Russian Secret Service (FSB) agents was sentenced to five years in prison and a fine of $250,000. [...]

https://www.bleepingcomputer.com/news/security/hacker-who-worked-with-fsb-agents-in-email-hacks-gets-5-years-in-prison/

Malicious Git Repository Can Lead to Code Execution on Remote Systems

The developers behind Git and various companies providing Git repository hosting services have pushed out a fix to patch a dangerous vulnerability in the Git source code versioning software. [...]

https://www.bleepingcomputer.com/news/security/malicious-git-repository-can-lead-to-code-execution-on-remote-systems/

Honda India Left Details of 50,000 Customers Exposed on an AWS S3 Server

Honda Car India has left the personal details of over 50,000 users exposed on two public Amazon S3 buckets, according to a report published today Kromtech Security. [...]

https://www.bleepingcomputer.com/news/security/honda-india-left-details-of-50-000-customers-exposed-on-an-aws-s3-server/

New Backup Cryptomix Ransomware Variant Actively Infecting Users

A new variant of the Cryptomix Ransomware has been discovered that appends the .BACKUP extension to encrypted files, changes the contact email, and provides a different ransom note message. [...]

https://www.bleepingcomputer.com/news/security/new-backup-cryptomix-ransomware-variant-actively-infecting-users/

Contractor Exposes Credentials for Universal Music Group's IT Infrastructure

Keys to the Universal Music Group's IT kingdom were made available online this month due to a forgetful IT contractor, Bleeping Computer has learned. [...]

https://www.bleepingcomputer.com/news/security/contractor-exposes-credentials-for-universal-music-groups-it-infrastructure/

Bethesda Announces Fallout 76 With a Trailer Full of Clues

After almost a day long tease showing a humourous Twitch stream of a Vault Boy bobble head and various developer cameos, Bethesda has finally revealed the next Fallout game called "Fallout 76". What little we know about the game is based on the Fallout 76 trailer. [...]

https://www.bleepingcomputer.com/news/gaming/bethesda-announces-fallout-76-with-a-trailer-full-of-clues/

Hackers Increasingly Targeting Gas Stations & Credit Cards at the Pump

Three years ago it was revealed that Automatic tank gauges at approximately 5,000 US gas stations were exposed on the Internet, without password protection.  Currently, according to a recent scan, 5,635 gas stations with the same vulnerability have been found. [...]

https://www.bleepingcomputer.com/news/security/hackers-increasingly-targeting-gas-stations-and-credit-cards-at-the-pump/

Remote Code Execution Vulnerability Disclosed in Windows JScript Component

A vulnerability exists in the Windows operating system's JScript component that can allow an attacker to execute malicious code on a user's computer. [...]

https://www.bleepingcomputer.com/news/security/remote-code-execution-vulnerability-disclosed-in-windows-jscript-component/

ProtonMail Launches Free ProtonVPN VPN Service For Macs

The creators of the encrypted email service, ProtonMail, have released a free version of their ProtonVPN VPN software for macOS. Even though the free version does not contain the full features that you would come to expect from a paid VPN service it is more than capable of obfuscating IP addresses and your location. [...]

https://www.bleepingcomputer.com/news/security/protonmail-launches-free-protonvpn-vpn-service-for-macs/

ActiveX Zero-Day Discovered in Recent North Korean Hacks

A North Korean cyber-espionage group has exploited an ActiveX zero-day to infect South Korean targets with malware or steal data from compromised systems, local media and security researchers have reported. [...]

https://www.bleepingcomputer.com/news/security/activex-zero-day-discovered-in-recent-north-korean-hacks/

Valve Patches Security Bug That Existed in Steam Client for the Past Ten Years

Valve developers have recently patched a severe security flaw that affected all versions of the Steam gaming client released in the past ten years.The vulnerability would have allowed an attacker to execute malicious code on any of Steam's 15 million gaming clients. [...]

https://www.bleepingcomputer.com/news/security/valve-patches-security-bug-that-existed-in-steam-client-for-the-past-ten-years/

CSS Is So Overpowered It Can Deanonymize Facebook Users

Some of the recent additions to the Cascading Style Sheets (CSS) web standard are so powerful that a security researcher has abused them to deanonymize visitors to a demo site and reveal their Facebook usernames, avatars, and if they liked a particular web page of Facebook. [...]

https://www.bleepingcomputer.com/news/security/css-is-so-overpowered-it-can-deanonymize-facebook-users/

Intel Core i7-8086K 5Ghz Anniversary Edition CPUs Leaked Online

For the past few months there have been rumors that Intel would be releasing a special edition Core i7-8086K processor to celebrate the 40th anniversary of the 8086 processor. Yesterday, retailers were found online that were advertising the special processor with a speeds of 4Ghz and 5Ghz. [...]

https://www.bleepingcomputer.com/news/hardware/intel-core-i7-8086k-5ghz-anniversary-edition-cpus-leaked-online/