Cheddar Scratch Kitchen Exposes Card Data of Over 500,000

Restaurants in 23 states are on the list of Cheddar Scratch Kitchen locations affected by a cyberattack that exposed payment card information. [...]

https://www.bleepingcomputer.com/news/security/cheddar-scratch-kitchen-exposes-card-data-of-over-500-000/

Third SIM Swapper Arrested in the US

During the past two months, US law enforcement authorities have arrested three suspects on accusations of performing illicit SIM swaps. [...]

https://www.bleepingcomputer.com/news/security/third-sim-swapper-arrested-in-the-us/

T-Mobile Detects and Stops Ongoing Security Breach

T-Mobile USA announced a security breach late last night. The company says its cyber-security team discovered and shut down unauthorized access to its customers' data on Monday, August 20. [...]

https://www.bleepingcomputer.com/news/security/t-mobile-detects-and-stops-ongoing-security-breach/

Iranian Hackers Charged in March Are Still Actively Phishing Universities

An Iranian hacking group has continued its phishing operations undeterred by indictments from the US Department of Justice. [...]

https://www.bleepingcomputer.com/news/security/iranian-hackers-charged-in-march-are-still-actively-phishing-universities/

Bitdefender Disables Anti-Exploit Monitoring in Chrome After Google Policy Change

Chrome has started displaying alerts that suggest users remove programs that are considered incompatible applications with Chrome because they inject code into the browser's processes. In order to resolve these issues Bitdefender has decided to no longer monitor newer versions of Chrome with their anti-exploit technology. [...]

https://www.bleepingcomputer.com/news/google/bitdefender-disables-anti-exploit-monitoring-in-chrome-after-google-policy-change/

Senators Demand Voting Machine Vendor Explain Why It Dismisses Researchers Prodding Its Devices

Four US senators, members of the US Senate Select Committee on Intelligence, sent a letter on Wednesday to Election Systems and Software (ES&S), the largest voting machine vendor in the US, asking for clarifications on why the vendor is trying to discourage independent security reviews of its products. [...]

https://www.bleepingcomputer.com/news/government/senators-demand-voting-machine-vendor-explain-why-it-dismisses-researchers-prodding-its-devices/

Windows 10 Build 17746 Is Out for Insiders With Bug Fixes

Today, Microsoft is rolling out a new preview build for the Windows Insiders in the Fast Ring. Windows 10 Build 17746 comes with a bunch of improvements, fixes, and as well known issues. You can check out all the details here. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-build-17746-is-out-for-insiders-with-bug-fixes/

New Side-Channel Attack Uses Microphone to Read Screen Content

Using regular microphones, academic researchers managed to pick up acoustic signals from computer displays and determine in real time the type of content on the screen. [...]

https://www.bleepingcomputer.com/news/security/new-side-channel-attack-uses-microphone-to-read-screen-content/

The Week in Ransomware - August 24th 2018 - Hermes, Fox, and Ryuk

This week we had seen quite a few campaigns that had widespread distribution. These campaigns are either being installed over accessible Remote Desktop Services or malspam. The biggest news is a variant of the Hermes ransomware called Ryuk that has generated over 600k USD for the developers. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-august-24th-2018-hermes-fox-and-ryuk/

Smartphones From 11 OEMs Vulnerable to Attacks via Hidden AT Commands

Millions of mobile devices from eleven smartphone vendors are vulnerable to attacks carried out using AT commands, a team of security researchers has discovered. [...]

https://www.bleepingcomputer.com/news/security/smartphones-from-11-oems-vulnerable-to-attacks-via-hidden-at-commands/

Fortnite Android App Vulnerable to Man-in-the-Disk Attacks

Google security researchers have revealed this week that the immensely popular Fortnite Android app is vulnerable to so-called man-in-the-disk (MitD) attacks. [...]

https://www.bleepingcomputer.com/news/security/fortnite-android-app-vulnerable-to-man-in-the-disk-attacks/

NewsGuard Browser Extension Aims to Alert You to Fake News Sites

If you are having trouble keep tracking of site's that are considered reputable news sources verses ones that are not, a new browser extension from NewsGuard may be of help. [...]

https://www.bleepingcomputer.com/news/software/newsguard-browser-extension-aims-to-alert-you-to-fake-news-sites/

Ubuntu and CentOS Are Undoing a GNOME Security Feature

Current versions of Ubuntu and CentOS are disabling a security feature that was added to the GNOME desktop environment last year. [...]

https://www.bleepingcomputer.com/news/security/ubuntu-and-centos-are-undoing-a-gnome-security-feature/

Firefox Nightly Distrusts All Symantec TLS Certs

The plan to distrust TLS certificates issued by Symantec is on track as Mozilla released its first version of the browser that reacts with a security warning when users land on any page bearing the seal of trust from Symantec Certificate Authority. [...]

https://www.bleepingcomputer.com/news/security/firefox-nightly-distrusts-all-symantec-tls-certs/

Atlas Quantum Cryptocurrency Investment Platform Suffers Data Breach

Cryptocurrency investment platform Atlas Quantum announced on Sunday a data breach that exposed the personal details of all of its users. [...]

https://www.bleepingcomputer.com/news/security/atlas-quantum-cryptocurrency-investment-platform-suffers-data-breach/

Andromeda Botnet Operator Released With a Slap on the Wrist

Sergey Yarets, also known as Ar3s, a hacker arrested last year for running an instance of the Andromeda botnet, was released by Belarusian authorities with nothing more than a slap on the wrist. [...]

https://www.bleepingcomputer.com/news/security/andromeda-botnet-operator-released-with-a-slap-on-the-wrist/

Nearly 1,200 US News Sites Still Not Available for EU Users After GDPR

More than three months after the European Union introduced the new General Data Protection Regulation (GDPR), nearly 1,200 US-based news sites remain inaccessible to EU users. [...]

https://www.bleepingcomputer.com/news/technology/nearly-1-200-us-news-sites-still-not-available-for-eu-users-after-gdpr/

Windows 10 KB4100347 Intel CPU Update Causing Boot Issues & Pushed to AMD Users

On August 21st, Microsoft released an update to the May KB4100347 Intel microcodes for Windows 10 & Windows Server 2016. After installing this latest version, Windows users are reporting that they are unable to boot Windows 10 or are having performance issues. To complicate the issue, the Intel CPU update is being pushed to AMD users [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4100347-intel-cpu-update-causing-boot-issues-and-pushed-to-amd-users/

OCR Software Dev Exposes 200,000 Customer Documents

A misconfigured MongoDB server belonging to Abbyy, an optical character recognition software developer, allowed public access to customer files. [...]

https://www.bleepingcomputer.com/news/security/ocr-software-dev-exposes-200-000-customer-documents/

Novel Attack Technique Uses Smart Light Bulbs to Steal Data

Researchers have determined that some light bulbs are suitable for covert data exfiltration from personal devices, and can leak multimedia preferences by recording their luminance patterns from afar. [...]

https://www.bleepingcomputer.com/news/security/novel-attack-technique-uses-smart-light-bulbs-to-steal-data/

Booz Allen Hamilton Researchers Detail New RtPOS Point-of-Sale Malware

Security researchers from Booz Allen Hamilton have spotted a previously unseen and undocumented malware strain that targets point-of-sale (POS) systems. [...]

https://www.bleepingcomputer.com/news/security/booz-allen-hamilton-researchers-detail-new-rtpos-point-of-sale-malware/