The Week in Ransomware - November 9th 2018 - Mostly Dharma Variants
It was a very slow week for ransomware news. For the most part, it was mostly new Dharma ransomware variants and a few smaller variants being released. Stay vigilant, though, as a slow week does not mean ransomware is not a threat. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-9th-2018-mostly-dharma-variants/
It was a very slow week for ransomware news. For the most part, it was mostly new Dharma ransomware variants and a few smaller variants being released. Stay vigilant, though, as a slow week does not mean ransomware is not a threat. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-9th-2018-mostly-dharma-variants/
BleepingComputer
The Week in Ransomware - November 9th 2018 - Mostly Dharma Variants
It was a very slow week for ransomware news. For the most part, it was mostly new Dharma ransomware variants and a few smaller variants being released. Stay vigilant, though, as a slow week does not mean ransomware is not a threat.
Internal Chrome Page Shows All Google Interstitial Warnings
An internal Google Chrome page allows users to see all interstitial warnings or notifications that may be encountered while browsing the web with Chrome. [...]
https://www.bleepingcomputer.com/news/security/internal-chrome-page-shows-all-google-interstitial-warnings/
An internal Google Chrome page allows users to see all interstitial warnings or notifications that may be encountered while browsing the web with Chrome. [...]
https://www.bleepingcomputer.com/news/security/internal-chrome-page-shows-all-google-interstitial-warnings/
BleepingComputer
Internal Chrome Page Shows All Google Interstitial Warnings
An internal Google Chrome page allows users to see all interstitial warnings or notifications that may be encountered while browsing the web with Chrome.
Cloudflare Brings its 1.1.1.1 DNS Service to Android & iOS Mobile Devices
This past April, Cloudflare and APNIC released a new 1.1.1.1 public DNS resolver service whose goal was not only to make looking up Internet addresses faster, but also make them more private. Today, Cloudflare has released a 1.1.1.1 app for Android and iOS to easily bring these same features to your mobile devices. [...]
https://www.bleepingcomputer.com/news/security/cloudflare-brings-its-1111-dns-service-to-android-and-ios-mobile-devices/
This past April, Cloudflare and APNIC released a new 1.1.1.1 public DNS resolver service whose goal was not only to make looking up Internet addresses faster, but also make them more private. Today, Cloudflare has released a 1.1.1.1 app for Android and iOS to easily bring these same features to your mobile devices. [...]
https://www.bleepingcomputer.com/news/security/cloudflare-brings-its-1111-dns-service-to-android-and-ios-mobile-devices/
BleepingComputer
Cloudflare Brings its 1.1.1.1 DNS Service to Android & iOS Mobile Devices
This past April, Cloudflare and APNIC released a new 1.1.1.1 public DNS resolver service whose goal was not only to make looking up Internet addresses faster, but also make them more private. Today, Cloudflare has released a 1.1.1.1 app for Android and iOSβ¦
iSH - A iOS Linux Shell for Your iPhone or iPad
Have you ever wanted to run a Linux shell on your iOS device to transfer files, write shell scripts, or simply to use Vi to develop code or edit files? Now you can, with a project called iSH that is currently available as a TestFlight beta for iOS devices. [...]
https://www.bleepingcomputer.com/news/linux/ish-a-ios-linux-shell-for-your-iphone-or-ipad/
Have you ever wanted to run a Linux shell on your iOS device to transfer files, write shell scripts, or simply to use Vi to develop code or edit files? Now you can, with a project called iSH that is currently available as a TestFlight beta for iOS devices. [...]
https://www.bleepingcomputer.com/news/linux/ish-a-ios-linux-shell-for-your-iphone-or-ipad/
BleepingComputer
iSH - A iOS Linux Shell for Your iPhone or iPad
Have you ever wanted to run a Linux shell on your iOS device to transfer files, write shell scripts, or simply to use Vi to develop code or edit files? Now you can, with a project called iSH that is currently available as a TestFlight beta for iOS devices.
The Intel Microcode Boot Loader Protects Older CPUs From Spectre
The Intel Microcode Boot Loader creates a bootable USB flash drive that automatically applies the latest Intel microcodes to your identified CPU so that you are protected from the speculative execution side-channel attacks called Spectre. [...]
https://www.bleepingcomputer.com/news/security/the-intel-microcode-boot-loader-protects-older-cpus-from-spectre/
The Intel Microcode Boot Loader creates a bootable USB flash drive that automatically applies the latest Intel microcodes to your identified CPU so that you are protected from the speculative execution side-channel attacks called Spectre. [...]
https://www.bleepingcomputer.com/news/security/the-intel-microcode-boot-loader-protects-older-cpus-from-spectre/
BleepingComputer
The Intel Microcode Boot Loader Protects Older CPUs From Spectre
The Intel Microcode Boot Loader creates a bootable USB flash drive that automatically applies the latest Intel microcodes to your identified CPU so that you are protected from the speculative execution side-channel attacks called Spectre.
HookAds Malvertising Installing Malware via the Fallout Exploit Kit
The HookAds malvertising campaign has been active lately and redirecting visitors to the Fallout Exploit Kit. Once the kit is activated, it will attempt to exploit known vulnerabilities in Windows to install different malware such as the DanaBot banking Trojan, the Nocturnal information stealer, and GlobeImposter ransomware. [...]
https://www.bleepingcomputer.com/news/security/hookads-malvertising-installing-malware-via-the-fallout-exploit-kit/
The HookAds malvertising campaign has been active lately and redirecting visitors to the Fallout Exploit Kit. Once the kit is activated, it will attempt to exploit known vulnerabilities in Windows to install different malware such as the DanaBot banking Trojan, the Nocturnal information stealer, and GlobeImposter ransomware. [...]
https://www.bleepingcomputer.com/news/security/hookads-malvertising-installing-malware-via-the-fallout-exploit-kit/
BleepingComputer
HookAds Malvertising Installing Malware via the Fallout Exploit Kit
The HookAds malvertising campaign has been active lately and redirecting visitors to the Fallout Exploit Kit. Once the kit is activated, it will attempt to exploit known vulnerabilities in Windows to install different malware such as the DanaBot banking Trojanβ¦
Google Services Unreachable After Traffic Hijacking
[...]
https://www.bleepingcomputer.com/news/security/google-services-unreachable-after-traffic-hijacking/
[...]
https://www.bleepingcomputer.com/news/security/google-services-unreachable-after-traffic-hijacking/
BleepingComputer
Google Services Unreachable After Traffic Hijacking
Services from Google on Monday became unavailable for up to two hours as user traffic followed a tortuous path through operators in Russia and Nigeria before hitting the Great Firewall of China.
Microsoft Resumes Rollout of Windows 10 October 2018 Update
Windows 10 October 2018 Update is once again available for download but it's rolling out in stages so it may not show up on your device now. To check if it is available, you can head over to Settings > Update & Security > Windows Update and check for new updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-resumes-rollout-of-windows-10-october-2018-update/
Windows 10 October 2018 Update is once again available for download but it's rolling out in stages so it may not show up on your device now. To check if it is available, you can head over to Settings > Update & Security > Windows Update and check for new updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-resumes-rollout-of-windows-10-october-2018-update/
BleepingComputer
Microsoft Resumes Rollout of Windows 10 October 2018 Update
Windows 10 October 2018 Update is once again available for download but it's rolling out in stages so it may not show up on your device now. To check if it is available, you can head over to Settings > Update & Security > Windows Update and check for newβ¦
Windows 10 Cumulative Update KB4467708, KB4464455 and KB4467702 Released
Windows 10 cumulative updates for Windows 10 October 2018 Update, Windows 10 April 2018 Update and Windows 10 Fall Creators Update is now rolling out to compatible devices. Today's update for Windows 10 has addressed the security and non-security issues. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-update-kb4467708-kb4464455-and-kb4467702-released/
Windows 10 cumulative updates for Windows 10 October 2018 Update, Windows 10 April 2018 Update and Windows 10 Fall Creators Update is now rolling out to compatible devices. Today's update for Windows 10 has addressed the security and non-security issues. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-update-kb4467708-kb4464455-and-kb4467702-released/
BleepingComputer
Windows 10 Cumulative Update KB4467708, KB4464455 and KB4467702 Released
Windows 10 cumulative updates for Windows 10 October 2018 Update, Windows 10 April 2018 Update and Windows 10 Fall Creators Update is now rolling out to compatible devices. Today's update for Windows 10 has addressed the security and non-security issues.
Microsoft November 2018 Patch Tuesday Fixes 12 Critical Vulnerabilities
Today is Microsoft's November 2018 Patch Tuesday, which means we get a ton of security updates to install for Windows and other Microsoft products. As these updates are commonly exploited by attackers, malware, and exploit kits, it is strongly advised that all users install these updates as soon as possible. [...]
https://www.bleepingcomputer.com/news/security/microsoft-november-2018-patch-tuesday-fixes-12-critical-vulnerabilities/
Today is Microsoft's November 2018 Patch Tuesday, which means we get a ton of security updates to install for Windows and other Microsoft products. As these updates are commonly exploited by attackers, malware, and exploit kits, it is strongly advised that all users install these updates as soon as possible. [...]
https://www.bleepingcomputer.com/news/security/microsoft-november-2018-patch-tuesday-fixes-12-critical-vulnerabilities/
BleepingComputer
Microsoft November 2018 Patch Tuesday Fixes 12 Critical Vulnerabilities
Today is Microsoft's November 2018 Patch Tuesday, which means we get a ton of security updates to install for Windows and other Microsoft products. As these updates are commonly exploited by attackers, malware, and exploit kits, it is strongly advised thatβ¦
Microsoft Releases Windows 7 & 8.1 Cumulative Updates KB4467107 & KB4467697
After releasing cumulative updates for all supported versions of Windows 10, Microsoft has also released a new patch for Windows 7 and 8.1 with security and general fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-7-and-81-cumulative-updates-kb4467107-and-kb4467697/
After releasing cumulative updates for all supported versions of Windows 10, Microsoft has also released a new patch for Windows 7 and 8.1 with security and general fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-7-and-81-cumulative-updates-kb4467107-and-kb4467697/
BleepingComputer
Microsoft Releases Windows 7 & 8.1 Cumulative Updates KB4467107 & KB4467697
After releasing cumulative updates for all supported versions of Windows 10, Microsoft has also released a new patch for Windows 7 and 8.1 with security and general fixes.
Adobe Releases Security Update for Acrobat Vulnerability with Public PoC
Adobe has published their monthly Patch Tuesday updates for the month of November 2018. These updates are for Flash Player, Adobe Acrobat and Reader, and Photoshop CC. [...]
https://www.bleepingcomputer.com/news/security/adobe-releases-security-update-for-acrobat-vulnerability-with-public-poc/
Adobe has published their monthly Patch Tuesday updates for the month of November 2018. These updates are for Flash Player, Adobe Acrobat and Reader, and Photoshop CC. [...]
https://www.bleepingcomputer.com/news/security/adobe-releases-security-update-for-acrobat-vulnerability-with-public-poc/
BleepingComputer
Adobe Releases Security Update for Acrobat Vulnerability with Public PoC
Adobe has published their monthly Patch Tuesday updates for the month of November 2018. These updates are for Flash Player, Adobe Acrobat and Reader, and Photoshop CC.
The US Office of Personnel Management Systems Are Still Insecure
The security posture of the Office of Personnel Management has improved drastically and by the end of the year, the agency is on track to meeting almost all recommendations the US Government Accountability Office (GAO) made over the past two years. Full compliance is expected by the end of 2019. [...]
https://www.bleepingcomputer.com/news/security/the-us-office-of-personnel-management-systems-are-still-insecure/
The security posture of the Office of Personnel Management has improved drastically and by the end of the year, the agency is on track to meeting almost all recommendations the US Government Accountability Office (GAO) made over the past two years. Full compliance is expected by the end of 2019. [...]
https://www.bleepingcomputer.com/news/security/the-us-office-of-personnel-management-systems-are-still-insecure/
BleepingComputer
The US Office of Personnel Management Systems Are Still Insecure
The security posture of the Office of Personnel Management has improved drastically and by the end of the year, the agency is on track to meeting almost all recommendations the US Government Accountability Office (GAO) made over the past two years. Full complianceβ¦
Microsoft Patches Windows Zero-Day Exploited in Cyber Attacks
A zero-day vulnerability in certain editions of Windows operating system helped at least one advanced threat group increase their privileges on compromised machines until Microsoft patched it with this month's release of security updates. [...]
https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-exploited-in-cyber-attacks/
A zero-day vulnerability in certain editions of Windows operating system helped at least one advanced threat group increase their privileges on compromised machines until Microsoft patched it with this month's release of security updates. [...]
https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-exploited-in-cyber-attacks/
BleepingComputer
Microsoft Patches Windows Zero-Day Exploited in Cyber Attacks
A zero-day vulnerability in certain editions of Windows operating system helped at least one advanced threat group increase their privileges on compromised machines until Microsoft patched it with this month's release of security updates.
State-Sponsored Actors Focus Attacks on Asia
Southeast Asia is the most actively attacked region, accordingly to Cyber Security firm, Group-IB. Their annual Hi-Tech Crime Trends Report 2018 advises: "In just one year, 21 state-sponsored groups were detected in this area, which is more than in the United States and Europe." [...]
https://www.bleepingcomputer.com/news/security/state-sponsored-actors-focus-attacks-on-asia/
Southeast Asia is the most actively attacked region, accordingly to Cyber Security firm, Group-IB. Their annual Hi-Tech Crime Trends Report 2018 advises: "In just one year, 21 state-sponsored groups were detected in this area, which is more than in the United States and Europe." [...]
https://www.bleepingcomputer.com/news/security/state-sponsored-actors-focus-attacks-on-asia/
BleepingComputer
State-Sponsored Actors Focus Attacks on Asia
Southeast Asia is the most actively attacked region, accordingly to Cyber Security firm, Group-IB. Their annual Hi-Tech Crime Trends Report 2018 advises: "In just one year, 21 state-sponsored groups were detected in this area, which is more than in the Unitedβ¦
Infowars Store Affected by Magecart Credit Card Stealing Hack
A MageCart credit card skimming attack has been discovered on the online store for the Infowars web site. Visitors who purchased anything on the store while the malicious code was present, would have had their payment information sent to the attacker's server in Lithuania. [...]
https://www.bleepingcomputer.com/news/security/infowars-store-affected-by-magecart-credit-card-stealing-hack/
A MageCart credit card skimming attack has been discovered on the online store for the Infowars web site. Visitors who purchased anything on the store while the malicious code was present, would have had their payment information sent to the attacker's server in Lithuania. [...]
https://www.bleepingcomputer.com/news/security/infowars-store-affected-by-magecart-credit-card-stealing-hack/
BleepingComputer
Infowars Store Affected by Magecart Credit Card Stealing Hack
A MageCart credit card skimming attack has been discovered on the online store for the Infowars web site. Visitors who purchased anything on the store while the malicious code was present, would have had their payment information sent to the attacker's serverβ¦
iPhone X, Galaxy S9, Xiaomi Mi6 Fall at Pwn2Own Tokyo
iPhone X, Samsung Galaxy S9, and Xiaomi Mi6 all fell at the hands of hackers that found bugs in various components and crafted exploits that allowed complete take over of the targeted device. [...]
https://www.bleepingcomputer.com/news/security/iphone-x-galaxy-s9-xiaomi-mi6-fall-at-pwn2own-tokyo/
iPhone X, Samsung Galaxy S9, and Xiaomi Mi6 all fell at the hands of hackers that found bugs in various components and crafted exploits that allowed complete take over of the targeted device. [...]
https://www.bleepingcomputer.com/news/security/iphone-x-galaxy-s9-xiaomi-mi6-fall-at-pwn2own-tokyo/
BleepingComputer
iPhone X, Galaxy S9, Xiaomi Mi6 Fall at Pwn2Own Tokyo
iPhone X, Samsung Galaxy S9, and Xiaomi Mi6 all fell at the hands of hackers that found bugs in various components and crafted exploits that allowed complete take over of the targeted device.
Windows 10 Build 18282 Released To Insiders With New Light Theme
Windows 10 19H1 Build 18282 is now available to Insiders in Fast and Skip Ahead Rings. Today's preview update for Windows 10 brings a light theme to Start Menu, Taskbar, Action Center and other elements. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-build-18282-released-to-insiders-with-new-light-theme/
Windows 10 19H1 Build 18282 is now available to Insiders in Fast and Skip Ahead Rings. Today's preview update for Windows 10 brings a light theme to Start Menu, Taskbar, Action Center and other elements. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-build-18282-released-to-insiders-with-new-light-theme/
BleepingComputer
Windows 10 Build 18282 Released To Insiders With New Light Theme
Windows 10 19H1 Build 18282 is now available to Insiders in Fast and Skip Ahead Rings. Today's preview update for Windows 10 brings a light theme to Start Menu, Taskbar, Action Center and other elements.
Misconfigured Docker Services Actively Exploited in Cryptojacking Operation
Adversaries looking for an easy way to mine for cryptocurrency are actively targeting publicly exposed Docker services. They use a malicious script capable to scan the network in search of vulnerable hosts and compromise them. [...]
https://www.bleepingcomputer.com/news/security/misconfigured-docker-services-actively-exploited-in-cryptojacking-operation/
Adversaries looking for an easy way to mine for cryptocurrency are actively targeting publicly exposed Docker services. They use a malicious script capable to scan the network in search of vulnerable hosts and compromise them. [...]
https://www.bleepingcomputer.com/news/security/misconfigured-docker-services-actively-exploited-in-cryptojacking-operation/
BleepingComputer
Misconfigured Docker Services Actively Exploited in Cryptojacking Operation
Adversaries looking for an easy way to mine for cryptocurrency are actively targeting publicly exposed Docker services. They use a malicious script capable to scan the network in search of vulnerable hosts and compromise them.
Firefox Now Shows Warnings On Sites with Data Breaches
Mozilla's has added a new feature to their desktop Quantum Browser that displays a warning from Firefox Monitor when visiting a site that previously had a data breach. These warnings are designed to alert people about possible concerns and to suggest they check their email to see if it was part of the breach. [...]
https://www.bleepingcomputer.com/news/security/firefox-now-shows-warnings-on-sites-with-data-breaches/
Mozilla's has added a new feature to their desktop Quantum Browser that displays a warning from Firefox Monitor when visiting a site that previously had a data breach. These warnings are designed to alert people about possible concerns and to suggest they check their email to see if it was part of the breach. [...]
https://www.bleepingcomputer.com/news/security/firefox-now-shows-warnings-on-sites-with-data-breaches/
BleepingComputer
Firefox Now Shows Warnings On Sites with Data Breaches
Mozilla's has added a new feature to their desktop Quantum Browser that displays a warning from Firefox Monitor when visiting a site that previously had a data breach. These warnings are designed to alert people about possible concerns and to suggest they checkβ¦
New Gmail Bug Allows Sending Messages Anonymously
A new bug discovered in Gmail affects the web app's user experience by hiding the source address of an email, a situation that comes with an obvious potential for abuse. [...]
https://www.bleepingcomputer.com/news/security/new-gmail-bug-allows-sending-messages-anonymously/
A new bug discovered in Gmail affects the web app's user experience by hiding the source address of an email, a situation that comes with an obvious potential for abuse. [...]
https://www.bleepingcomputer.com/news/security/new-gmail-bug-allows-sending-messages-anonymously/
BleepingComputer
New Gmail Bug Allows Sending Messages Anonymously
A new bug discovered in Gmail affects the web app's user experience by hiding the source address of an email, a situation that comes with an obvious potential for abuse.