Apple Removes iPhone 7 and 8 From German Stores

The iPhone sales ban follows a German court decision from December imposing a preliminary injunction on these two models [...]

https://www.bleepingcomputer.com/news/apple/apple-removes-iphone-7-and-8-from-german-stores/

Microsoft Released the January 2019 Non-Security Office Updates

This update release fixes issues and adds improvements to the Microsoft Installer versions of Office 2010, Office 2013, and Office 2016 [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-released-the-january-2019-non-security-office-updates/

How to Decrypt the Aurora Ransomware with AuroraDecrypter

If you have been infected with a Aurora Ransomware variant, then you are in luck as a program called AuroraDecrypter has been created by Michael Gillespie that allows you recover your encryption key without having to pay the ransom. [...]

https://www.bleepingcomputer.com/news/security/how-to-decrypt-the-aurora-ransomware-with-auroradecrypter/

Face Unlock Feature Is Useless in 4 out of 10 Phones

According to a Consumentenbond report, face recognition was fooled with a photo in 42 of the 110 tested devices [...]

https://www.bleepingcomputer.com/news/security/face-unlock-feature-is-useless-in-4-out-of-10-phones/

Google Acquires Q&A Startup Superpod to Boost Assistant IQ

Google silently acquired Superpod, a startup founded by ex-Googlers William Li and Sophia Yang in 2016, and focused on providing its users with a platform to obtain answers from experts to questions from a wide variety of fields. [...]

https://www.bleepingcomputer.com/news/google/google-acquires-qanda-startup-superpod-to-boost-assistant-iq/

5.25 Million Unencrypted Passport Numbers Accessed in Starwood Breach

In November 2018, Marriott announced that there was unauthorized access to their Starwood reservation system & that the data for up to 500 million guests had been compromised. In an update today for this incident, Marriott has lowered the amount of affected victims, but states 5.25 million unencrypted passport numbers were accessed. [...]

https://www.bleepingcomputer.com/news/security/525-million-unencrypted-passport-numbers-accessed-in-starwood-breach/

Google Speech2Text API Helps Defeat reCAPTCHA Challenge, Again

Google's reCAPTCHA system designed to separate bots from humans when signing up to web services has been defeated once more using Google's speech-to-text service to bypass the challenge. [...]

https://www.bleepingcomputer.com/news/security/google-speech2text-api-helps-defeat-recaptcha-challenge-again/

The Week in Ransomware - January 4th 2019 - IPMI, FilesLocker, and More

For the past two weeks, we have seen a lot of new variants, decryptors, and Ryuk ransomware outbreaks. Of particular interest is the JungleSec ransomware, which has been hacking into servers via IPMI in order to install the ransomware. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-4th-2019-ipmi-fileslocker-and-more/

NSA Releasing the GHIDRA Reverse Engineering Tool at RSAConference

At the RSAConference in March, a free reverse engineering framework called GHIDRA is being released that was developed by the U.S. National Security Agency. [...]

https://www.bleepingcomputer.com/news/security/nsa-releasing-the-ghidra-reverse-engineering-tool-at-rsaconference/

New ReiKey app for macOS can Detect Mac Keyloggers

macOS users have a new open source tool to help them identify generic keyloggers on their system. Called ReiKey, the app can scan and monitor for software that installs keyboard event taps to intercept keystrokes. [...]

https://www.bleepingcomputer.com/news/security/new-reikey-app-for-macos-can-detect-mac-keyloggers/

27% of Passwords From Town of Salem Breach Already Cracked

Over the holiday, the popular browser-based game Town of Salem had a data breach that exposed the hashed passwords for approximately 7.6 million unique accounts. At the time of this writing, over 27% of the passwords have already been cracked. [...]

https://www.bleepingcomputer.com/news/security/27-percent-of-passwords-from-town-of-salem-breach-already-cracked/

Opera Blacklists Tampermonkey Extension Being Installed by Malware

Opera blacklisted the version of Tampermonkey that is currently offered on the Chrome Web Store as it is being installed by Windows malware. This prevents the extension from working in the Opera browser. [...]

https://www.bleepingcomputer.com/news/software/opera-blacklists-tampermonkey-extension-being-installed-by-malware/

Hacker Uses Australian Early Warning Network to Send Spam Alerts

Over the weekend, a hacker gained unauthorized access to the Queensland EWN, or Early Warning Network, and used it to send a spam alert via SMS, landline, and email to the company's subscribers. [...]

https://www.bleepingcomputer.com/news/security/hacker-uses-australian-early-warning-network-to-send-spam-alerts/

Acer Unveils RTX2080-Powered Predator Triton Gaming Notebooks

The Predator Triton 900 and the Predator Triton 500 both come with NVIDIA's GeForce RTX2080 GPU and Intel's Core i7-8750H CPU [...]

https://www.bleepingcomputer.com/news/hardware/acer-unveils-rtx2080-powered-predator-triton-gaming-notebooks/

Apple Taunts Competitors on Lack of Privacy With CES 2019 Ad

This year Apple came to CES in the form of a giant ad near the CES 2019 conference center that takes a swing at its competitors, such as Google and Amazon, by taunting them about their privacy concerns. [...]

https://www.bleepingcomputer.com/news/apple/apple-taunts-competitors-on-lack-of-privacy-with-ces-2019-ad/

App Store Games Found Communicating with Golduck Malware C&C servers

Researchers found 14 retro games in Apple's App Store that communicated with command-and-control servers previously used by the Android Golduck Loader [...]

https://www.bleepingcomputer.com/news/security/app-store-games-found-communicating-with-golduck-malware-candc-servers/

GandCrab Operators Use Vidar Infostealer as a Forerunner

Cybercriminals behind GandCrab have mixed the infostealer Vidar in the distribution process of the ransomware piece, which helps increase their profits by pilfering sensitive information before encrypting the computer files. [...]

https://www.bleepingcomputer.com/news/security/gandcrab-operators-use-vidar-infostealer-as-a-forerunner/

Google Emails Users About Private Data Exposed by Google+ API Bug

Google has started sending out notifications to those who were affected by their Google+ API bug that was disclosed in December 2018. This notification provides details regarding what profile data was exposed and the apps that had access to it. [...]

https://www.bleepingcomputer.com/news/google/google-emails-users-about-private-data-exposed-by-google-api-bug/

Microsoft Pulls Office 2010 January 2019 Updates After Excel Blunder

After releasing the first Microsoft Office updates of 2019 designed to fix non-security issues in Office 2010, Office 2013, and Office 2016 on January 2, Microsoft pulled the Office 2010 updates from the server following multiple reports of Excel not being able to start. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-pulls-office-2010-january-2019-updates-after-excel-blunder/

Microsoft Announces Unlimited Private Repos for GitHub Free

GitHub Free users can now create private repositories which can have up to three collaborators per repo [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-unlimited-private-repos-for-github-free/

OXO Discloses MageCart Attack That Targeted Customer Data on Oxo.com

United States based kitchen utensil manufacturer OXO International disclosed a data breach that spans numerous periods over two years. This breach notification states that customer and payment information may have been exposed and further research by BleepingComputer indicates this was most likely a MageCart attack. [...]

https://www.bleepingcomputer.com/news/security/oxo-discloses-magecart-attack-that-targeted-customer-data-on-oxocom/