Apple App Store Earns $1.22B During Holidays, But Stock Still Struggles

Despite announcing a record-breaking App Store 2018 holiday week, Apple's stock took a 38% nosedive since October [...]

https://www.bleepingcomputer.com/news/apple/apple-app-store-earns-122b-during-holidays-but-stock-still-struggles/

Python 3.7 Is Now Available in the Microsoft Store for Windows 10

Last month the Python Software Foundation quietly published Python 3.7 in the Microsoft Store for Windows 10 devices. The Microsoft Store version of Python 3.7 is a simplified installer for running scripts and packages. [...]

https://www.bleepingcomputer.com/news/microsoft/python-37-is-now-available-in-the-microsoft-store-for-windows-10/

Adobe Acrobat and Reader Security Updates Released for Critical Bugs

Today, Adobe released security bulletin APSB19-02 that describes two security updates for critical vulnerabilities in Adobe Acrobat and Reader. In these updates only two vulnerabilities were fixed, but they are classified as Critical because they allow privilege escalation and arbitrary code execution. [...]

https://www.bleepingcomputer.com/news/security/adobe-acrobat-and-reader-security-updates-released-for-critical-bugs/

Android Messages Can Now Detect and Block Spam

Google rolled out its opt-out automated spam protection feature to help Android users fight spam messages [...]

https://www.bleepingcomputer.com/news/google/android-messages-can-now-detect-and-block-spam/

Microsoft Edge for iOS Beta Brings Picture-in-Picture and MSN Kids News Feed

Microsoft Edge version 42.9.0 comes with Picture-in-Picture mode which allows users to pop a video out from a webpage such as YouTube and watch the content on a floating window which apparently hovers above the other Edge tabs. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-for-ios-beta-brings-picture-in-picture-and-msn-kids-news-feed/

New Android Malware Combines Info-Stealing and Phishing Features

Android malware that combines info/data-stealing and phishing capabilities lurked in Google Play using the guise of legitimate looking apps; one of them was installed at least 100,000 times. [...]

https://www.bleepingcomputer.com/news/security/new-android-malware-combines-info-stealing-and-phishing-features/

Windows 10 Insider Build 18309 Released With More Password-less Sign-in Options

Microsoft has released Windows 10 Insider Preview Build 18309 (19H1) to insiders in the Fast ring. This build primarily focuses on bringing the password-less sign-in options they were testing with Windows 10 Home users to all other Windows 10 Insider versions.  [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18309-released-with-more-password-less-sign-in-options/

New Phishing Tactic Uses Custom Web Fonts to Prevent Detection

Threat actors in the phishing business have adopted a new technique to obfuscate the source code for the forged page by using a custom web font to implement a substitution cipher that looks like plaintext. [...]

https://www.bleepingcomputer.com/news/security/new-phishing-tactic-uses-custom-web-fonts-to-prevent-detection/

Private Data, Official Docs of Hundreds of German Politicians Leaking for at Least a Month

Germany's Cyber Defense Center is on high alert as personal information and official documents of hundreds of German politicians, Chancellor Angela Merkel and President Frank-Walter Steinmeier included, have been leaking online since at least early December 2018. [...]

https://www.bleepingcomputer.com/news/security/private-data-official-docs-of-hundreds-of-german-politicians-leaking-for-at-least-a-month/

Apple Removes iPhone 7 and 8 From German Stores

The iPhone sales ban follows a German court decision from December imposing a preliminary injunction on these two models [...]

https://www.bleepingcomputer.com/news/apple/apple-removes-iphone-7-and-8-from-german-stores/

Microsoft Released the January 2019 Non-Security Office Updates

This update release fixes issues and adds improvements to the Microsoft Installer versions of Office 2010, Office 2013, and Office 2016 [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-released-the-january-2019-non-security-office-updates/

How to Decrypt the Aurora Ransomware with AuroraDecrypter

If you have been infected with a Aurora Ransomware variant, then you are in luck as a program called AuroraDecrypter has been created by Michael Gillespie that allows you recover your encryption key without having to pay the ransom. [...]

https://www.bleepingcomputer.com/news/security/how-to-decrypt-the-aurora-ransomware-with-auroradecrypter/

Face Unlock Feature Is Useless in 4 out of 10 Phones

According to a Consumentenbond report, face recognition was fooled with a photo in 42 of the 110 tested devices [...]

https://www.bleepingcomputer.com/news/security/face-unlock-feature-is-useless-in-4-out-of-10-phones/

Google Acquires Q&A Startup Superpod to Boost Assistant IQ

Google silently acquired Superpod, a startup founded by ex-Googlers William Li and Sophia Yang in 2016, and focused on providing its users with a platform to obtain answers from experts to questions from a wide variety of fields. [...]

https://www.bleepingcomputer.com/news/google/google-acquires-qanda-startup-superpod-to-boost-assistant-iq/

5.25 Million Unencrypted Passport Numbers Accessed in Starwood Breach

In November 2018, Marriott announced that there was unauthorized access to their Starwood reservation system & that the data for up to 500 million guests had been compromised. In an update today for this incident, Marriott has lowered the amount of affected victims, but states 5.25 million unencrypted passport numbers were accessed. [...]

https://www.bleepingcomputer.com/news/security/525-million-unencrypted-passport-numbers-accessed-in-starwood-breach/

Google Speech2Text API Helps Defeat reCAPTCHA Challenge, Again

Google's reCAPTCHA system designed to separate bots from humans when signing up to web services has been defeated once more using Google's speech-to-text service to bypass the challenge. [...]

https://www.bleepingcomputer.com/news/security/google-speech2text-api-helps-defeat-recaptcha-challenge-again/

The Week in Ransomware - January 4th 2019 - IPMI, FilesLocker, and More

For the past two weeks, we have seen a lot of new variants, decryptors, and Ryuk ransomware outbreaks. Of particular interest is the JungleSec ransomware, which has been hacking into servers via IPMI in order to install the ransomware. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-4th-2019-ipmi-fileslocker-and-more/

NSA Releasing the GHIDRA Reverse Engineering Tool at RSAConference

At the RSAConference in March, a free reverse engineering framework called GHIDRA is being released that was developed by the U.S. National Security Agency. [...]

https://www.bleepingcomputer.com/news/security/nsa-releasing-the-ghidra-reverse-engineering-tool-at-rsaconference/

New ReiKey app for macOS can Detect Mac Keyloggers

macOS users have a new open source tool to help them identify generic keyloggers on their system. Called ReiKey, the app can scan and monitor for software that installs keyboard event taps to intercept keystrokes. [...]

https://www.bleepingcomputer.com/news/security/new-reikey-app-for-macos-can-detect-mac-keyloggers/

27% of Passwords From Town of Salem Breach Already Cracked

Over the holiday, the popular browser-based game Town of Salem had a data breach that exposed the hashed passwords for approximately 7.6 million unique accounts. At the time of this writing, over 27% of the passwords have already been cracked. [...]

https://www.bleepingcomputer.com/news/security/27-percent-of-passwords-from-town-of-salem-breach-already-cracked/

Opera Blacklists Tampermonkey Extension Being Installed by Malware

Opera blacklisted the version of Tampermonkey that is currently offered on the Chrome Web Store as it is being installed by Windows malware. This prevents the extension from working in the Opera browser. [...]

https://www.bleepingcomputer.com/news/software/opera-blacklists-tampermonkey-extension-being-installed-by-malware/