Free Decrypter Available for the Latest GandCrab ransomware Versions
A newly released decryption tool allows free recovery of files encrypted by certain versions of GandCrab, a ransomware family that affected hundreds of thousands of people since the beginning of the year. [...]
https://www.bleepingcomputer.com/news/security/free-decrypter-available-for-the-latest-gandcrab-ransomware-versions/
A newly released decryption tool allows free recovery of files encrypted by certain versions of GandCrab, a ransomware family that affected hundreds of thousands of people since the beginning of the year. [...]
https://www.bleepingcomputer.com/news/security/free-decrypter-available-for-the-latest-gandcrab-ransomware-versions/
BleepingComputer
Free Decrypter Available for the Latest GandCrab Ransomware Versions
A newly released decryption tool allows free recovery of files encrypted by certain versions of GandCrab, a ransomware family that affected hundreds of thousands of people since the beginning of the year.
Windows 10 KB4462933 Cumulative Update Released With Fixes and Improvements
Windows 10 Build 17134.376 is currently rolling out via Windows Update or you can download the patch directly from Microsoft's Update Catalog website. Windows 10 Build 17134.376 comes with a huge changelog and it includes several improvements that you may not notice. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4462933-cumulative-update-released-with-fixes-and-improvements/
Windows 10 Build 17134.376 is currently rolling out via Windows Update or you can download the patch directly from Microsoft's Update Catalog website. Windows 10 Build 17134.376 comes with a huge changelog and it includes several improvements that you may not notice. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4462933-cumulative-update-released-with-fixes-and-improvements/
BleepingComputer
Windows 10 KB4462933 Cumulative Update Released With Fixes and Improvements
Windows 10 Build 17134.376 is currently rolling out via Windows Update or you can download the patch directly from Microsoft's Update Catalog website. Windows 10 Build 17134.376 comes with a huge changelog and it includes several improvements that you mayβ¦
Malware Distributors Adopt DKIM to Bypass Mail Filters
A US-CERT alert provided recommendations on how businesses can mitigate their exposure to the Emotet Trojan. Unfortunately, it looks like criminals also reading the US-CERT's warnings as they have adopted new techniques to bypass these recommendations. [...]
https://www.bleepingcomputer.com/news/security/malware-distributors-adopt-dkim-to-bypass-mail-filters/
A US-CERT alert provided recommendations on how businesses can mitigate their exposure to the Emotet Trojan. Unfortunately, it looks like criminals also reading the US-CERT's warnings as they have adopted new techniques to bypass these recommendations. [...]
https://www.bleepingcomputer.com/news/security/malware-distributors-adopt-dkim-to-bypass-mail-filters/
BleepingComputer
Malware Distributors Adopt DKIM to Bypass Mail Filters
A US-CERT alert provided recommendations on how businesses can mitigate their exposure to the Emotet Trojan. Unfortunately, it looks like criminals also reading the US-CERT's warnings as they have adopted new techniques to bypass these recommendations.
Microsoft Acknowledges Zip File Overwrite Bug - Fix Coming in November
In a post to the Microsoft Answers forum, Microsoft has acknowledged the built-in zip bug and has stated that it will be fixed in an early November. This fix will most likely be pushed out via a cumulative update or via Microsoft's November Patch Tuesday updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-acknowledges-zip-file-overwrite-bug-fix-coming-in-november/
In a post to the Microsoft Answers forum, Microsoft has acknowledged the built-in zip bug and has stated that it will be fixed in an early November. This fix will most likely be pushed out via a cumulative update or via Microsoft's November Patch Tuesday updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-acknowledges-zip-file-overwrite-bug-fix-coming-in-november/
BleepingComputer
Microsoft Acknowledges Zip File Overwrite Bug - Fix Coming in November
In a post to the Microsoft Answers forum, Microsoft has acknowledged the built-in zip bug and has stated that it will be fixed in an early November. This fix will most likely be pushed out via a cumulative update or via Microsoft's November Patch Tuesdayβ¦
77K Additional Customers Affected by British Airways' MageCart Data Breach
While British Airways was investigating their September 2018 MageCart breach that at the time affected 380,000 customers, they have discovered that an additional 77,000 customers may have been affected. [...]
https://www.bleepingcomputer.com/news/security/77k-additional-customers-affected-by-british-airways-magecart-data-breach/
While British Airways was investigating their September 2018 MageCart breach that at the time affected 380,000 customers, they have discovered that an additional 77,000 customers may have been affected. [...]
https://www.bleepingcomputer.com/news/security/77k-additional-customers-affected-by-british-airways-magecart-data-breach/
BleepingComputer
77K Additional Customers Affected by British Airways' MageCart Data Breach
While British Airways was investigating their September 2018 MageCart breach that at the time affected 380,000 customers, they have discovered that an additional 77,000 customers may have been affected.
New FilesLocker Ransomware Offered as a Ransomware as a Service
A new ransomware called FilesLocker is being distributed as a Ransomware as a Service, or RaaS, that targets Chinese and English speaking victims. [...]
https://www.bleepingcomputer.com/news/security/new-fileslocker-ransomware-offered-as-a-ransomware-as-a-service/
A new ransomware called FilesLocker is being distributed as a Ransomware as a Service, or RaaS, that targets Chinese and English speaking victims. [...]
https://www.bleepingcomputer.com/news/security/new-fileslocker-ransomware-offered-as-a-ransomware-as-a-service/
BleepingComputer
New FilesLocker Ransomware Offered as a Ransomware as a Service
A new ransomware called FilesLocker is being distributed as a Ransomware as a Service, or RaaS, that targets Chinese and English speaking victims.
Mozilla Firefox 63 Released with Enhanced Tracking Protection and More
Mozilla Firefox 63 was released this week with a bunch of new features such as enhanced tracking protection, Search Shortcuts, Tab Previews, synchronized Windows 10 themes, and security updates. [...]
https://www.bleepingcomputer.com/news/software/mozilla-firefox-63-released-with-enhanced-tracking-protection-and-more/
Mozilla Firefox 63 was released this week with a bunch of new features such as enhanced tracking protection, Search Shortcuts, Tab Previews, synchronized Windows 10 themes, and security updates. [...]
https://www.bleepingcomputer.com/news/software/mozilla-firefox-63-released-with-enhanced-tracking-protection-and-more/
BleepingComputer
Mozilla Firefox 63 Released with Enhanced Tracking Protection and More
Mozilla Firefox 63 was released this week with a bunch of new features such as enhanced tracking protection, Search Shortcuts, Tab Previews, synchronized Windows 10 themes, and security updates.
New DemonBot Botnet Pulls the YARN in Hadoop Servers
Attackers looking to increase the denial-service-power of their botnet have set their sights on servers with vulnerable Hadoop installations, compromising them via publicly available exploits. [...]
https://www.bleepingcomputer.com/news/security/new-demonbot-botnet-pulls-the-yarn-in-hadoop-servers/
Attackers looking to increase the denial-service-power of their botnet have set their sights on servers with vulnerable Hadoop installations, compromising them via publicly available exploits. [...]
https://www.bleepingcomputer.com/news/security/new-demonbot-botnet-pulls-the-yarn-in-hadoop-servers/
BleepingComputer
New DemonBot Botnet Pulls the YARN in Hadoop Servers
Attackers looking to increase the denial-service-power of their botnet have set their sights on servers with vulnerable Hadoop installations, compromising them via publicly available exploits.
The Few Privileged North Koreans Are Savvy Scammers
Despite North Korea's isolation from the rest of the world, the country's ruling elite use the internet to escape economic sanctions and to find and tackle new money-making opportunities, legal or not. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/the-few-privileged-north-koreans-are-savvy-scammers/
Despite North Korea's isolation from the rest of the world, the country's ruling elite use the internet to escape economic sanctions and to find and tackle new money-making opportunities, legal or not. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/the-few-privileged-north-koreans-are-savvy-scammers/
BleepingComputer
The Few Privileged North Koreans Are Savvy Scammers
Despite North Korea's isolation from the rest of the world, the country's ruling elite use the internet to escape economic sanctions and to find and tackle new money-making opportunities, legal or not.
Trivial Bug in X..Org Gives Root Permission on Linux and BSD Systems
A vulnerability that is trivial to exploit allows privilege escalation to root level on Linux and BSD distributions using X.Org server, the open source implementation of the X Window System that offers the graphical environment. [...]
https://www.bleepingcomputer.com/news/security/trivial-bug-in-xorg-gives-root-permission-on-linux-and-bsd-systems/
A vulnerability that is trivial to exploit allows privilege escalation to root level on Linux and BSD distributions using X.Org server, the open source implementation of the X Window System that offers the graphical environment. [...]
https://www.bleepingcomputer.com/news/security/trivial-bug-in-xorg-gives-root-permission-on-linux-and-bsd-systems/
BleepingComputer
Trivial Bug in X.Org Gives Root Permission on Linux and BSD Systems
A vulnerability that is trivial to exploit allows privilege escalation to root level on Linux and BSD distributions using X.Org server, the open source implementation of the X Window System that offers the graphical environment.
The Week in Ransomware - October 26th 2018 - Decryptors, RaaS, and More
We have had quite a bit of interesting news this week regarding ransomware. First we had the Kraken Cryptor deciding to connect to BleepingComputer.com during different stages of the encryption process, then we had a decryptor released by Bitdefender for GandCrab v1, v4, and v5, and finally a new FilesLocker rasnomware as a service. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-26th-2018-decryptors-raas-and-more/
We have had quite a bit of interesting news this week regarding ransomware. First we had the Kraken Cryptor deciding to connect to BleepingComputer.com during different stages of the encryption process, then we had a decryptor released by Bitdefender for GandCrab v1, v4, and v5, and finally a new FilesLocker rasnomware as a service. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-26th-2018-decryptors-raas-and-more/
BleepingComputer
The Week in Ransomware - October 26th 2018 - Decryptors, RaaS, and More
We have had quite a bit of interesting news this week regarding ransomware. First we had the Kraken Cryptor deciding to connect to BleepingComputer.com during different stages of the encryption process, then we had a decryptor released by Bitdefender forβ¦
Bushido-Powered DDoS Service Whipped Up from Leaked Code
Security researchers found a new DDoS-for-hire service that offers easy and cheap access to sufficient power to knock down most targets. [...]
https://www.bleepingcomputer.com/news/security/bushido-powered-ddos-service-whipped-up-from-leaked-code/
Security researchers found a new DDoS-for-hire service that offers easy and cheap access to sufficient power to knock down most targets. [...]
https://www.bleepingcomputer.com/news/security/bushido-powered-ddos-service-whipped-up-from-leaked-code/
BleepingComputer
Bushido-Powered DDoS Service Whipped Up from Leaked Code
Security researchers found a new DDoS-for-hire service that offers easy and cheap access to sufficient power to knock down most targets.
Exposed Docker APIs Continue to Be Used for Cryptojacking
Trend Micro has recently spotted an attacker that is scanning for exposed Docker Engine APIs and utilizing them to deploy containers that download and execute a coin miner. These containers then use scripts to spread to other systems. [...]
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-continue-to-be-used-for-cryptojacking/
Trend Micro has recently spotted an attacker that is scanning for exposed Docker Engine APIs and utilizing them to deploy containers that download and execute a coin miner. These containers then use scripts to spread to other systems. [...]
https://www.bleepingcomputer.com/news/security/exposed-docker-apis-continue-to-be-used-for-cryptojacking/
BleepingComputer
Exposed Docker APIs Continue to Be Used for Cryptojacking
Trend Micro has recently spotted an attacker that is scanning for exposed Docker Engine APIs and utilizing them to deploy containers that download and execute a coin miner. These containers then use scripts to spread to other systems.
Microsoft Sandboxes Windows Defender
As the infosec community talked about potential cyber attacks leveraging vulnerabilities in antivirus products, Microsoft took notes and started to work on a solution. The company announced that its Windows Defender can run in a sandbox. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-sandboxes-windows-defender/
As the infosec community talked about potential cyber attacks leveraging vulnerabilities in antivirus products, Microsoft took notes and started to work on a solution. The company announced that its Windows Defender can run in a sandbox. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-sandboxes-windows-defender/
BleepingComputer
Microsoft Sandboxes Windows Defender
As the infosec community talked about potential cyber attacks leveraging vulnerabilities in antivirus products, Microsoft took notes and started to work on a solution. The company announced that its Windows Defender can run in a sandbox.
Windows 10 Bug Allowed UWP Apps Full Access to File System
A bug in Windows 10 allowed UWP apps (Universal Windows Platform) to have access to the entire file system in Windows without permission from the user. This could have allowed a malicious app to access any data stored on the computer without the knowledge or consent of the user. [...]
https://www.bleepingcomputer.com/news/security/windows-10-bug-allowed-uwp-apps-full-access-to-file-system/
A bug in Windows 10 allowed UWP apps (Universal Windows Platform) to have access to the entire file system in Windows without permission from the user. This could have allowed a malicious app to access any data stored on the computer without the knowledge or consent of the user. [...]
https://www.bleepingcomputer.com/news/security/windows-10-bug-allowed-uwp-apps-full-access-to-file-system/
BleepingComputer
Windows 10 Bug Allowed UWP Apps Full Access to File System
A bug in Windows 10 allowed UWP apps (Universal Windows Platform) to have access to the entire file system in Windows without permission from the user. This could have allowed a malicious app to access any data stored on the computer without the knowledgeβ¦
Mirai Botnet Operator Ordered to Pay $8.6 Million
One author of the original Mirai botnet received this Friday a new sentence for launching distributed denial-of-service attacks prior to the infamous assaults two years ago. [...]
https://www.bleepingcomputer.com/news/security/mirai-botnet-operator-ordered-to-pay-86-million/
One author of the original Mirai botnet received this Friday a new sentence for launching distributed denial-of-service attacks prior to the infamous assaults two years ago. [...]
https://www.bleepingcomputer.com/news/security/mirai-botnet-operator-ordered-to-pay-86-million/
BleepingComputer
Mirai Botnet Operator Ordered to Pay $8.6 Million
One author of the original Mirai botnet received this Friday a new sentence for launching distributed denial-of-service attacks prior to the infamous assaults two years ago.
Mac CryptoCurrency Price Tracker Caught Installing Backdoors
A Trojan pretending to be a macOS cryptocurrency ticker called CoinTicker is installing two backdoors on the macs of unsuspecting users. [...]
https://www.bleepingcomputer.com/news/security/mac-cryptocurrency-price-tracker-caught-installing-backdoors/
A Trojan pretending to be a macOS cryptocurrency ticker called CoinTicker is installing two backdoors on the macs of unsuspecting users. [...]
https://www.bleepingcomputer.com/news/security/mac-cryptocurrency-price-tracker-caught-installing-backdoors/
BleepingComputer
Mac CryptoCurrency Price Tracker Caught Installing Backdoors
A Trojan pretending to be a macOS cryptocurrency ticker called CoinTicker is installing two backdoors on the macs of unsuspecting users.
Compression File Formats of the past Come Haunting in Spam Campaigns
Some ancient filetypes are making a comeback due to unwanted attention from cybercriminals looking for more effective ways to hide malware distributed through spam campaigns. [...]
https://www.bleepingcomputer.com/news/security/compression-file-formats-of-the-past-come-haunting-in-spam-campaigns/
Some ancient filetypes are making a comeback due to unwanted attention from cybercriminals looking for more effective ways to hide malware distributed through spam campaigns. [...]
https://www.bleepingcomputer.com/news/security/compression-file-formats-of-the-past-come-haunting-in-spam-campaigns/
BleepingComputer
Compression File Formats of the past Come Haunting in Spam Campaigns
Some ancient filetypes are making a comeback due to unwanted attention from cybercriminals looking for more effective ways to hide malware distributed through spam campaigns.
Majority of Top 30 Sites Don't Offer Wide Range of 2FA Options
The Dashlane password management company has released research showing that the majority of the top 30 consumer sites do not offer a complete range of two factor authentication (2FA) options for login authentication. Of the top 30 sites, only 8 offered all of the tested for 2FA options. [...]
https://www.bleepingcomputer.com/news/security/majority-of-top-30-sites-dont-offer-wide-range-of-2fa-options/
The Dashlane password management company has released research showing that the majority of the top 30 consumer sites do not offer a complete range of two factor authentication (2FA) options for login authentication. Of the top 30 sites, only 8 offered all of the tested for 2FA options. [...]
https://www.bleepingcomputer.com/news/security/majority-of-top-30-sites-dont-offer-wide-range-of-2fa-options/
BleepingComputer
Majority of Top 30 Sites Don't Offer Wide Range of 2FA Options
The Dashlane password management company has released research showing that the majority of the top 30 consumer sites do not offer a complete range of two factor authentication (2FA) options for login authentication. Of the top 30 sites, only 8 offered allβ¦
Millions of Voter Records Up for Sale Ahead of the US Midterm Elections
As the US midterm elections close in, the underground markets appear to be flush with voter databases available for affordable prices. [...]
https://www.bleepingcomputer.com/news/security/millions-of-voter-records-up-for-sale-ahead-of-the-us-midterm-elections/
As the US midterm elections close in, the underground markets appear to be flush with voter databases available for affordable prices. [...]
https://www.bleepingcomputer.com/news/security/millions-of-voter-records-up-for-sale-ahead-of-the-us-midterm-elections/
BleepingComputer
Millions of Voter Records Up for Sale Ahead of the US Midterm Elections
As the US midterm elections close in, the underground markets appear to be flush with voter databases available for affordable prices.
CommonRansom Ransomware Demands RDP Access to Decrypt Files
A new ransomware called CommonRansom was discovered that has a very bizarre request. In order to decrypt a computer after a payment is made, they require the victim to open up Remote Desktop Services on the affected computer and send them admin credentials in order to decrypt the victim's files. [...]
https://www.bleepingcomputer.com/news/security/commonransom-ransomware-demands-rdp-access-to-decrypt-files/
A new ransomware called CommonRansom was discovered that has a very bizarre request. In order to decrypt a computer after a payment is made, they require the victim to open up Remote Desktop Services on the affected computer and send them admin credentials in order to decrypt the victim's files. [...]
https://www.bleepingcomputer.com/news/security/commonransom-ransomware-demands-rdp-access-to-decrypt-files/
BleepingComputer
CommonRansom Ransomware Demands RDP Access to Decrypt Files
A new ransomware called CommonRansom was discovered that has a very bizarre request. In order to decrypt a computer after a payment is made, they require the victim to open up Remote Desktop Services on the affected computer and send them admin credentialsβ¦