PROPagate Code Injection Technique Detected in the Wild for the First Time

Security firm FireEye has detected that malware authors have deployed the PROPagate code injection technique for the first time inside a live malware distribution campaign. [...]

https://www.bleepingcomputer.com/news/security/propagate-code-injection-technique-detected-in-the-wild-for-the-first-time/

File-Wiping Malware Placed Inside Gentoo Linux Code After GitHub Account Hack

An unknown hacker has temporarily taken control over the GitHub account of the Gentoo Linux organization and embedded malicious code inside the operating system's distributions that would delete user files. [...]

https://www.bleepingcomputer.com/news/linux/file-wiping-malware-placed-inside-gentoo-linux-code-after-github-account-hack/

Adidas Announces Data Breach

Sportswear maker Adidas announced a data breach yesterday evening, which the company says it impacted shoppers who used its US website. [...]

https://www.bleepingcomputer.com/news/security/adidas-announces-data-breach/

Rewards of Up to $500,000 Offered for FreeBSD, OpenBSD, NetBSD, Linux Zero-Days

Exploit broker Zerodium is offering rewards of up to $500,000 for zero-days in UNIX-based operating systems like OpenBSD, FreeBSD, NetBSD, but also for Linux distros such as Ubuntu, CentOS, Debian, and Tails. [...]

https://www.bleepingcomputer.com/news/security/rewards-of-up-to-500-000-offered-for-freebsd-openbsd-netbsd-linux-zero-days/

Security Flaws Disclosed in LTE (4G) Mobile Telephony Standard

A team of academics has published research yesterday that describes three attacks against the mobile communication standard LTE (Long-Term Evolution), also known as 4G. [...]

https://www.bleepingcomputer.com/news/security/security-flaws-disclosed-in-lte-4g-mobile-telephony-standard/

Typeform Announces Breach After Hacker Grabs Backup File

Barcelona-based online survey and form building service Typeform announced a data breach today after an unknown attacker downloaded a backup file containing sensitive customer information. [...]

https://www.bleepingcomputer.com/news/security/typeform-announces-breach-after-hacker-grabs-backup-file/

The Week in Ransomware - June 29th 2018 - Slow week!

It has been a very slow week for ransomware, which we are always happy about. While ransomware will never go away completely, as time goes on, more people become educated, and better backup strategies are created, we continue to see ransomware slowly diminishing. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-29th-2018-slow-week/

Clipboard Hijacker Malware Monitors 2.3 Million Bitcoin Addresses

While we have covered cryptocurrency clipboard hijackers in the past, most of the previous samples monitored for 400-600 thousand cryptocurrency addresses. This week BleepingComputer noticed a sample of this type of malware that monitors for a over 2.3 million cryptocurrency addresses! [...]

https://www.bleepingcomputer.com/news/security/clipboard-hijacker-malware-monitors-23-million-bitcoin-addresses/

Microsoft Won’t Kill the Classic Snipping Tool on Windows 10 With Next Update

Microsoft is looking for feedback from Insiders about Screen Sketch app before removing the old Snipping Tool. In the release notes, Microsoft's Dona Sarkar says the removal is not timed for Redstone 5 and the classic Snipping Tool is here to stay, at least for now. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-won-t-kill-the-classic-snipping-tool-on-windows-10-with-next-update/

DNS Poisoning or BGP Hijacking Suspected Behind Trezor Wallet Phishing Incident

The team behind the Trezor multi-cryptocurrency wallet service has discovered a phishing attack against some of its users that took place over the weekend. [...]

https://www.bleepingcomputer.com/news/security/dns-poisoning-or-bgp-hijacking-suspected-behind-trezor-wallet-phishing-incident/

App Masks Hidden Printer Tracking Dots to Keep Whistleblowers Safe

Four academics from the Technical University in Dresden, Germany (TU Dresden) have created an app that detects and masks the hidden dot patterns that laser color printers secretly hide on all printed documents. [...]

https://www.bleepingcomputer.com/news/security/app-masks-hidden-printer-tracking-dots-to-keep-whistleblowers-safe/

NSA Deletes Hundreds of Millions of Call Records Over "Technical Irregularities"

The US National Security Agency (NSA) announced last week it was mass-deleting hundreds of millions of records of phone calls and text messages dating back to 2015. [...]

https://www.bleepingcomputer.com/news/government/nsa-deletes-hundreds-of-millions-of-call-records-over-technical-irregularities/

Newer Diameter Telephony Protocol Just As Vulnerable As SS7

Security researchers say the Diameter protocol used with today's 4G (LTE) telephony and data transfer standard is vulnerable to the same types of vulnerabilities as the older SS7 standard used with older telephony standards such as 3G, 2G, and earlier. [...]

https://www.bleepingcomputer.com/news/security/newer-diameter-telephony-protocol-just-as-vulnerable-as-ss7/

Nozelesn Ransomware Reportedly Using Spam to Target Poland

A distribution campaign for a new ransomware called Nozelesn is currently underway that is targeting Poland. This campaign started July 2nd and we already have reports from victims in our forums and numerous cases have been spotted on ID Ransomware. [...]

https://www.bleepingcomputer.com/news/security/nozelesn-ransomware-reportedly-using-spam-to-target-poland/

Microsoft Added a Dark Theme in New Windows 10 To-Do Update

Microsoft has lately been making strides in getting a Dark Theme added to their popular apps and into Windows components that do not have one yet, such as File Explorer. Today, Microsoft officially released a new Dark Theme for their popular To-Do app for Windows 10 in the Microsoft Store. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-added-a-dark-theme-in-new-windows-10-to-do-update/

Facebook Acknowledges It Shared User Data With 61 Companies

In a 747-page document provided to the US House of Representatives' Energy and Commerce Committee on Friday, Facebook admitted that it granted special access to users' data to 61 tech companies. [...]

https://www.bleepingcomputer.com/news/technology/facebook-acknowledges-it-shared-user-data-with-61-companies/

Glitch in Samsung Messages App Sends Photos to Random Contacts

A glitch in the latest version of the Samsung Messages texting app that comes pre-installed on all Samsung phones is sending random pictures to users' contacts. [...]

https://www.bleepingcomputer.com/news/mobile/glitch-in-samsung-messages-app-sends-photos-to-random-contacts/

Iranian APT Poses As Israeli Cyber-Security Firm That Exposed Its Operations

An Iranian cyber-espionage group attempted to pose as one of the cyber-security firms that exposed its previous hacking campaigns in an effort to spear-phish people interested in reading reports about it. [...]

https://www.bleepingcomputer.com/news/security/iranian-apt-poses-as-israeli-cyber-security-firm-that-exposed-its-operations/

OSX.Dummy Mac Malware Targets Cryptocurrency Users on Slack and Discord Channels

Security researchers have spotted a new Mac malware family that's currently being advertised on cryptocurrency-focused Slack and Discord channels. [...]

https://www.bleepingcomputer.com/news/security/osxdummy-mac-malware-targets-cryptocurrency-users-on-slack-and-discord-channels/

Download Bomb Trick Returns in Chrome —Also Affects Firefox, Opera, Vivaldi and Brave

The release of Google Chrome 67 has reopened a "download bomb" bug that was exploited by tech support scammers last winter, and which had been fixed with the release of Chrome 65 in March 2018. [...]

https://www.bleepingcomputer.com/news/security/download-bomb-trick-returns-in-chrome-also-affects-firefox-opera-vivaldi-and-brave/

Uber Releases a New Windows 10 App in the Microsoft Store

As of today, Uber is now back in the Microsoft Store as a PWA. The ridesharing firm today replaced the old app with a newer Progressive Web App (PWA). What's more important to note is that Uber PWA is still a UWP app and it's functional on Windows 10 PCs, Phones and even HoloLens headsets. [...]

https://www.bleepingcomputer.com/news/microsoft/uber-releases-a-new-windows-10-app-in-the-microsoft-store/