Skype's End-to-End Encryption Goes Live

Support for end-to-end encrypted chats has landed in the stable versions of Skype for Windows, macOS, Linux, Android, and iOS. [...]

https://www.bleepingcomputer.com/news/microsoft/skypes-end-to-end-encryption-goes-live/

USBHarpoon Is a BadUSB Attack with A Twist

Several security experts have built a malicious version of a USB charging cable, one that can compromise a computer in just a few seconds. Once plugged in, it turns into a peripheral device capable of typing and launching commands. [...]

https://www.bleepingcomputer.com/news/security/usbharpoon-is-a-badusb-attack-with-a-twist/

Gmail's Confidential Mode Let's You Send Self-Destructing Emails

Gmail has released a new feature called Confidential Mode that allows you to send self-destructing emails to recipients that can't be forwarded to other users or printed. When using this mode, senders can configure an email to delete itself after a certain amount of time or even restrict access to an email after it was sent. [...]

https://www.bleepingcomputer.com/news/google/gmails-confidential-mode-lets-you-send-self-destructing-emails/

Google Sued Over Misleading Location Tracking Setting

A San Diego man filed a lawsuit against Google last week, on Friday, accusing the Mountain View company of violating his privacy by secretly tracking his phone's location despite his an account setting through which he explicitly forbade the company to do so. [...]

https://www.bleepingcomputer.com/news/google/google-sued-over-misleading-location-tracking-setting/

Microsoft Disrupts APT28 Hacking Campaign Aimed at US Midterm Elections

Microsoft revealed last night that it successfully disrupted a hacking campaign associated with the Russian military intelligence service GRU. [...]

https://www.bleepingcomputer.com/news/security/microsoft-disrupts-apt28-hacking-campaign-aimed-at-us-midterm-elections/

Ryuk Ransomware Crew Makes $640,000 in Recent Activity Surge

A new ransomware strain named Ryuk is making the rounds, and, according to current reports, the group behind it has already made over $640,000 worth of Bitcoin. [...]

https://www.bleepingcomputer.com/news/security/ryuk-ransomware-crew-makes-640-000-in-recent-activity-surge/

Microsoft Office 2016 Updated on Windows Desktop With New Features for Insiders

Microsoft has just rolled out a new Insider update for Office 2016 productivity suite on Windows desktop. The Office 2016 Build 10813.20004 for Windows desktop comes with new features for Word, Excel and PowerPoint [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-office-2016-updated-on-windows-desktop-with-new-features-for-insiders/

MongoDB Server Exposes Babysitting App's Database

The makers of Sitter, a popular app for connecting babysitters with parents, have involuntarily exposed the personal details of over 93,000 users. [...]

https://www.bleepingcomputer.com/news/security/mongodb-server-exposes-babysitting-apps-database/

TLS Certs Outliving Domain Ownership Open Door to MitM and DoS

Digital certificates that allow secure data exchange over the internet can survive domain ownership transfer and can open the door for malicious actions to the previous holder. [...]

https://www.bleepingcomputer.com/news/security/tls-certs-outliving-domain-ownership-open-door-to-mitm-and-dos/

Cloud Product Accidentally Exposes Users' TLS Certificate Private Keys

A severe issue was addressed on Monday, an issue that under certain conditions could be used to expose the private keys for TLS certificates used by companies running their infrastructure on cloud servers. [...]

https://www.bleepingcomputer.com/news/security/cloud-product-accidentally-exposes-users-tls-certificate-private-keys/

Mozilla to Remove Legacy Firefox Add-Ons From Add-On Portal in Early October

Mozilla announced today plans to remove all Firefox legacy add-ons from the official Mozilla add-ons portal later this year, in early October. [...]

https://www.bleepingcomputer.com/news/software/mozilla-to-remove-legacy-firefox-add-ons-from-add-on-portal-in-early-october/

Windows 10 Build 17744 Released With Bug Fixes And Improvements

There are only general fixes and improvements in Windows 10 Build 17744 as the software maker is now focused on squashing bugs and less on new features. Microsoft has fixed issues with Timeline and Cortana. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-build-17744-released-with-bug-fixes-and-improvements/

No Patch Available Yet for New Major Vulnerability in Ghostscript Interpreter

Tavis Ormandy, a Google Project Zero security researcher, has revealed details about a new major vulnerability discovered in Ghostscript, an interpreter for Adobe's PostScript and PDF page description languages. [...]

https://www.bleepingcomputer.com/news/security/no-patch-available-yet-for-new-major-vulnerability-in-ghostscript-interpreter/

New Attack Recovers RSA Encryption Keys from EM Waves Within Seconds

A research paper presented at the Usenix security conference last week detailed a new technique for retrieving encryption keys from electronic devices, a method that is much faster than all previously known techniques. [...]

https://www.bleepingcomputer.com/news/security/new-attack-recovers-rsa-encryption-keys-from-em-waves-within-seconds/

Supply Chain Attack Hits Organizations In South Korea

Security researchers have uncovered a new supply chain attack that targets organizations in South Korea. The threat actor chooses the victims selectively, based on an IP range for groups of interest. [...]

https://www.bleepingcomputer.com/news/security/supply-chain-attack-hits-organizations-in-south-korea/

Vulnerability Affects All OpenSSH Versions Released in the Past Two Decades

A vulnerability affects all versions of the OpenSSH client released in the past two decades, ever since the application was released in 1999. [...]

https://www.bleepingcomputer.com/news/security/vulnerability-affects-all-openssh-versions-released-in-the-past-two-decades/

Legacy System Exposes Contact Info of BlackHat 2018 Attendees

Full contact information of everyone attending the BlackHat security conference this year has been exposed in clear text, a researcher has found. The data trove includes name, email, company, and phone number. [...]

https://www.bleepingcomputer.com/news/security/legacy-system-exposes-contact-info-of-blackhat-2018-attendees/

New Android Triout Malware Can Record Phone Calls, Steal Pictures

Security researchers from Bitdefender have discovered a new Android malware strain named Triout that comes equipped with intrusive spyware capabilities, such as the ability to record phone calls and steal pictures taken with the device. [...]

https://www.bleepingcomputer.com/news/security/new-android-triout-malware-can-record-phone-calls-steal-pictures/

Facebook Thwarts Iranian Social Media Influence Campaign Aimed at Western Users

Following a report from US cyber-security firm FireEye, Facebook has removed 652 pages, groups, and accounts associated with social media influence campaigns coming out of Iran. [...]

https://www.bleepingcomputer.com/news/technology/facebook-thwarts-iranian-social-media-influence-campaign-aimed-at-western-users/

Microsoft Plans to Make Monthly Windows 10 Updates Smaller in Size

Microsoft announced that they're developing an improved Windows Update mechanism that would create a small update package for easier and faster deployment. This new update type is is coming later this year with Windows 10 version 1809. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-plans-to-make-monthly-windows-10-updates-smaller-in-size/

Turla Outlook Backdoor Uses Clever Tactics for Stealth and Persistence

The Outlook backdoor Turla APT group uses for espionage operations is an unusual beast built for stealth and persistence, capable to survive in highly restricted networks. [...]

https://www.bleepingcomputer.com/news/security/turla-outlook-backdoor-uses-clever-tactics-for-stealth-and-persistence/