Bipartisan Bill Introduced to Ban Sale of US Tech to Chinese Companies
Bipartisan Telecommunications Denial Order Enforcement Act (H.R. 7255) was introduced today to impose a ban on selling US technology to Huawei and ZTE, as well as other Chinese companies in violation of sanctions laws and export control. [...]
https://www.bleepingcomputer.com/news/government/bipartisan-bill-introduced-to-ban-sale-of-us-tech-to-chinese-companies/
Bipartisan Telecommunications Denial Order Enforcement Act (H.R. 7255) was introduced today to impose a ban on selling US technology to Huawei and ZTE, as well as other Chinese companies in violation of sanctions laws and export control. [...]
https://www.bleepingcomputer.com/news/government/bipartisan-bill-introduced-to-ban-sale-of-us-tech-to-chinese-companies/
BleepingComputer
Bipartisan Bill Introduced to Ban Sale of US Tech to Chinese Companies
Bipartisan Telecommunications Denial Order Enforcement Act (H.R. 7255) was introduced today to impose a ban on selling US technology to Huawei and ZTE, as well as other Chinese companies in violation of sanctions laws and export control.
Emsisoft Browser Security Protects You from Malicious Sites
For those looking for extra protection while browsing the web, Emsisoft has a released a browser extension that will block you from interacting with known phishing, malware, or scam sites. [...]
https://www.bleepingcomputer.com/news/security/emsisoft-browser-security-protects-you-from-malicious-sites/
For those looking for extra protection while browsing the web, Emsisoft has a released a browser extension that will block you from interacting with known phishing, malware, or scam sites. [...]
https://www.bleepingcomputer.com/news/security/emsisoft-browser-security-protects-you-from-malicious-sites/
BleepingComputer
Emsisoft Browser Security Protects You from Malicious Sites
For those looking for extra protection while browsing the web, Emsisoft has a released a browser extension that will block you from interacting with known phishing, malware, or scam sites.
Banks in West Africa Hit with Off-The-Shelf Malware, Free Tools
Attacks hitting financial organizations in West Africa since at least mid-2017 rely on off-the-shelf malware, free hacking tools, and utilities already available on the target systems to steal credentials, install backdoors, and run commands. [...]
https://www.bleepingcomputer.com/news/security/banks-in-west-africa-hit-with-off-the-shelf-malware-free-tools/
Attacks hitting financial organizations in West Africa since at least mid-2017 rely on off-the-shelf malware, free hacking tools, and utilities already available on the target systems to steal credentials, install backdoors, and run commands. [...]
https://www.bleepingcomputer.com/news/security/banks-in-west-africa-hit-with-off-the-shelf-malware-free-tools/
BleepingComputer
Banks in West Africa Hit with Off-The-Shelf Malware, Free Tools
Attacks hitting financial organizations in West Africa since at least mid-2017 rely on off-the-shelf malware, free hacking tools, and utilities already available on the target systems to steal credentials, install backdoors, and run commands.
Flaw in Telegram Reveals Awful OpSec from Malware Author
A weakness in the protection of messages delivered using the Telegram Bot API gave researchers access to the communication flow between a piece of malware and its operator. [...]
https://www.bleepingcomputer.com/news/security/flaw-in-telegram-reveals-awful-opsec-from-malware-author/
A weakness in the protection of messages delivered using the Telegram Bot API gave researchers access to the communication flow between a piece of malware and its operator. [...]
https://www.bleepingcomputer.com/news/security/flaw-in-telegram-reveals-awful-opsec-from-malware-author/
BleepingComputer
Flaw in Telegram Reveals Awful OpSec from Malware Author
A weakness in the protection of messages delivered using the Telegram Bot API gave researchers access to the communication flow between a piece of malware and its operator.
Rocke's Cryptominers Kills Competition, Uninstall Cloud Security Products
Analysis of new malware samples used by the Rocke group for cryptojacking reveals code that uninstalls from Linux servers multiple cloud security and monitoring products developed by Tencent Cloud and Alibaba Cloud [...]
https://www.bleepingcomputer.com/news/security/rockes-cryptominers-kills-competition-uninstall-cloud-security-products/
Analysis of new malware samples used by the Rocke group for cryptojacking reveals code that uninstalls from Linux servers multiple cloud security and monitoring products developed by Tencent Cloud and Alibaba Cloud [...]
https://www.bleepingcomputer.com/news/security/rockes-cryptominers-kills-competition-uninstall-cloud-security-products/
BleepingComputer
Rocke's Cryptominers Kills Competition, Uninstall Cloud Security Products
Analysis of new malware samples used by the Rocke group for cryptojacking reveals code that uninstalls from Linux servers multiple cloud security and monitoring products developed by Tencent Cloud and Alibaba Cloud
Fake GPS Apps with 50M Installs Just Show Ads and Run Google Maps
19 Android apps with over 50 million installs were found on the Google Play store that state that they are full featured GPS apps, but instead simply show an advertisement and then show Google Maps. [...]
https://www.bleepingcomputer.com/news/security/fake-gps-apps-with-50m-installs-just-show-ads-and-run-google-maps/
19 Android apps with over 50 million installs were found on the Google Play store that state that they are full featured GPS apps, but instead simply show an advertisement and then show Google Maps. [...]
https://www.bleepingcomputer.com/news/security/fake-gps-apps-with-50m-installs-just-show-ads-and-run-google-maps/
BleepingComputer
Fake GPS Apps with 50M Installs Just Show Ads and Run Google Maps
19 Android apps with over 50 million installs were found on the Google Play store that state that they are full featured GPS apps, but instead simply show an advertisement and then show Google Maps.
Android Apps Steal Banking Info, Use Motion Sensor to Evade Detection
Two Android apps infected with a banking malware dropper were found on the Google Play Store, already having been installed on thousands of Android devices and sporting dozens of fake five-star ratings. [...]
https://www.bleepingcomputer.com/news/security/android-apps-steal-banking-info-use-motion-sensor-to-evade-detection/
Two Android apps infected with a banking malware dropper were found on the Google Play Store, already having been installed on thousands of Android devices and sporting dozens of fake five-star ratings. [...]
https://www.bleepingcomputer.com/news/security/android-apps-steal-banking-info-use-motion-sensor-to-evade-detection/
BleepingComputer
Android Apps Steal Banking Info, Use Motion Sensor to Evade Detection
Two Android apps infected with a banking malware dropper were found on the Google Play Store, already having been installed on thousands of Android devices and sporting dozens of fake five-star ratings.
Microsoft Launches Azure DevOps Bounty Program
Microsoft Security Response Center (MSRC) announced the launch of a bug bounty program starting January 17 and targeting the Azure DevOps services and the latest release of Azure DevOps server [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-launches-azure-devops-bounty-program/
Microsoft Security Response Center (MSRC) announced the launch of a bug bounty program starting January 17 and targeting the Azure DevOps services and the latest release of Azure DevOps server [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-launches-azure-devops-bounty-program/
BleepingComputer
Microsoft Launches Azure DevOps Bounty Program
Microsoft Security Response Center (MSRC) announced the launch of a bug bounty program starting January 17 and targeting the Azure DevOps services and the latest release of Azure DevOps server
ES File Explorer Flaws Put 100 Million Users' Data at Risk, Fix Promised
ES File Explorer users now have to wait to see what issue will be fixed in the next update: the always-on web server giving access to all their files to anyone on the same Wi-Fi network or the MitM attack vulnerability [...]
https://www.bleepingcomputer.com/news/security/es-file-explorer-flaws-put-100-million-users-data-at-risk-fix-promised/
ES File Explorer users now have to wait to see what issue will be fixed in the next update: the always-on web server giving access to all their files to anyone on the same Wi-Fi network or the MitM attack vulnerability [...]
https://www.bleepingcomputer.com/news/security/es-file-explorer-flaws-put-100-million-users-data-at-risk-fix-promised/
BleepingComputer
ES File Explorer Flaws Put 100 Million Users' Data at Risk, Fix Promised
ES File Explorer users now have to wait to see what issue will be fixed in the next update: the always-on web server giving access to all their files to anyone on the same Wi-Fi network or the MitM attack vulnerability
Data Breach Collection with 773 Million Email Entries Leaked Online
A giant 87 gigabyte archive consisting of 773 million unique email addresses and their associated cracked, or dehashed, passwords has been spotted being promoted on an online hacking forum. This file is being called "Collection #1" and was designed to easily be used in credential stuffing attacks. [...]
https://www.bleepingcomputer.com/news/security/data-breach-collection-with-773-million-email-entries-leaked-online/
A giant 87 gigabyte archive consisting of 773 million unique email addresses and their associated cracked, or dehashed, passwords has been spotted being promoted on an online hacking forum. This file is being called "Collection #1" and was designed to easily be used in credential stuffing attacks. [...]
https://www.bleepingcomputer.com/news/security/data-breach-collection-with-773-million-email-entries-leaked-online/
BleepingComputer
Data Breach Collection with 773 Million Email Entries Leaked Online
A giant 87 gigabyte archive consisting of 773 million unique email addresses and their associated cracked, or dehashed, passwords has been spotted being promoted on an online hacking forum. This file is being called "Collection #1" and was designed to easilyβ¦
Twitter Fixes Four Year Old Bug in Android App Exposing Private Tweets
Twitter announced today that an issue in its app for Android exposed some users' protected tweets for over four years, if they made certain changes to their account settings. [...]
https://www.bleepingcomputer.com/news/security/twitter-fixes-four-year-old-bug-in-android-app-exposing-private-tweets/
Twitter announced today that an issue in its app for Android exposed some users' protected tweets for over four years, if they made certain changes to their account settings. [...]
https://www.bleepingcomputer.com/news/security/twitter-fixes-four-year-old-bug-in-android-app-exposing-private-tweets/
BleepingComputer
Twitter Fixes Four Year Old Bug in Android App Exposing Private Tweets
Twitter announced today that an issue in its app for Android exposed some users' protected tweets for over four years, if they made certain changes to their account settings.
BlackRouter Ransomware Promoted as a RaaS by Iranian Developer
A ransomware called BlackRouter has been discovered being promoted as a Ransomware-as-a-Service on Telegram by an Iranian developer. This same actor previousl distributed another ransomware called Blackheart and promotes other infections such as a RAT. [...]
https://www.bleepingcomputer.com/news/security/blackrouter-ransomware-promoted-as-a-raas-by-iranian-developer/
A ransomware called BlackRouter has been discovered being promoted as a Ransomware-as-a-Service on Telegram by an Iranian developer. This same actor previousl distributed another ransomware called Blackheart and promotes other infections such as a RAT. [...]
https://www.bleepingcomputer.com/news/security/blackrouter-ransomware-promoted-as-a-raas-by-iranian-developer/
BleepingComputer
BlackRouter Ransomware Promoted as a RaaS by Iranian Developer
A ransomware called BlackRouter has been discovered being promoted as a Ransomware-as-a-Service on Telegram by an Iranian developer. This same actor previousl distributed another ransomware called Blackheart and promotes other infections such as a RAT.
Windows Zero-Day Bug that Overwrites Files Gets Interim Fix
A micropatch has been released today for a vulnerability in Windows that allows overwriting files, even system one, with arbitrary data. [...]
https://www.bleepingcomputer.com/news/security/windows-zero-day-bug-that-overwrites-files-gets-interim-fix/
A micropatch has been released today for a vulnerability in Windows that allows overwriting files, even system one, with arbitrary data. [...]
https://www.bleepingcomputer.com/news/security/windows-zero-day-bug-that-overwrites-files-gets-interim-fix/
BleepingComputer
Windows Zero-Day Bug that Overwrites Files Gets Interim Fix
A micropatch has been released today for a vulnerability in Windows that allows overwriting files, even system one, with arbitrary data.
Facebook Caught Red Handed While Swiping Money From Children
According to court documents part of a 2012 class-action lawsuit made public by a federal judge at the request of The Center for Investigative Reporting's Reveal, social network giant Facebook has made a habit of charging kids without their parents' knowledge while playing games on its platform . [...]
https://www.bleepingcomputer.com/news/security/facebook-caught-red-handed-while-swiping-money-from-children/
According to court documents part of a 2012 class-action lawsuit made public by a federal judge at the request of The Center for Investigative Reporting's Reveal, social network giant Facebook has made a habit of charging kids without their parents' knowledge while playing games on its platform . [...]
https://www.bleepingcomputer.com/news/security/facebook-caught-red-handed-while-swiping-money-from-children/
BleepingComputer
Facebook Caught Red Handed While Swiping Money From Children
According to court documents part of a 2012 class-action lawsuit made public by a federal judge at the request of The Center for Investigative Reporting's Reveal, social network giant Facebook has made a habit of charging kids without their parents' knowledgeβ¦
Vulnerabilities Found in Highly Popular Firmware for WiFi Chips
WiFi chip firmware in a variety of devices used mainly for gaming, but also for personal computing, and communication comes with multiple issues. At least some of them could be exploited to run arbitrary code remotely without requiring user interaction. [...]
https://www.bleepingcomputer.com/news/security/vulnerabilities-found-in-highly-popular-firmware-for-wifi-chips/
WiFi chip firmware in a variety of devices used mainly for gaming, but also for personal computing, and communication comes with multiple issues. At least some of them could be exploited to run arbitrary code remotely without requiring user interaction. [...]
https://www.bleepingcomputer.com/news/security/vulnerabilities-found-in-highly-popular-firmware-for-wifi-chips/
BleepingComputer
Vulnerabilities Found in Highly Popular Firmware for WiFi Chips
WiFi chip firmware in a variety of devices used mainly for gaming, but also for personal computing, and communication comes with multiple issues. At least some of them could be exploited to run arbitrary code remotely without requiring user interaction.
Amazon, Apple, Others Hit with GDPR Complaints, β¬18.8B Maximum Penalties
Ten GDPR complaints were filed by noyb against Amazon, Apple, DAZN, Spotify, SoundCloud, YouTube, Flimmit, Netflix with the Austrian Data Protection Authority for violations of Article 15, with a maximum penalty across all complaints of β¬18.8 billion [...]
https://www.bleepingcomputer.com/news/security/amazon-apple-others-hit-with-gdpr-complaints-188b-maximum-penalties/
Ten GDPR complaints were filed by noyb against Amazon, Apple, DAZN, Spotify, SoundCloud, YouTube, Flimmit, Netflix with the Austrian Data Protection Authority for violations of Article 15, with a maximum penalty across all complaints of β¬18.8 billion [...]
https://www.bleepingcomputer.com/news/security/amazon-apple-others-hit-with-gdpr-complaints-188b-maximum-penalties/
BleepingComputer
Amazon, Apple, Others Hit with GDPR Complaints, β¬18.8B Maximum Penalties
Ten GDPR complaints were filed by noyb against Amazon, Apple, DAZN, Spotify, SoundCloud, YouTube, Flimmit, Netflix with the Austrian Data Protection Authority for violations of Article 15, with a maximum penalty across all complaints of β¬18.8 billion
Fallout Exploit Kit is Back with New Vulnerabilities and Payloads
The Fallout exploit kit is back in business after a short downtime, with new tools under its belt: a new Flash exploit for CVE-2018-15982, HTTPS support, a new landing page format, and the capability to deliver payloads using Powershell [...]
https://www.bleepingcomputer.com/news/security/fallout-exploit-kit-is-back-with-new-vulnerabilities-and-payloads/
The Fallout exploit kit is back in business after a short downtime, with new tools under its belt: a new Flash exploit for CVE-2018-15982, HTTPS support, a new landing page format, and the capability to deliver payloads using Powershell [...]
https://www.bleepingcomputer.com/news/security/fallout-exploit-kit-is-back-with-new-vulnerabilities-and-payloads/
BleepingComputer
Fallout Exploit Kit is Back with New Vulnerabilities and Payloads
The Fallout exploit kit is back in business after a short downtime, with new tools under its belt: a new Flash exploit for CVE-2018-15982, HTTPS support, a new landing page format, and the capability to deliver payloads using Powershell
The Week in Ransomware - January 18th 2019 - Devs Back from Vacation
The ransomware developers must be back from vacation as there were a lot of new releases this week. In addition to new variants of existing ransomware such as Dharma, Scarab, Matrix, and more, we also had a few new variants pop up. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-18th-2019-devs-back-from-vacation/
The ransomware developers must be back from vacation as there were a lot of new releases this week. In addition to new variants of existing ransomware such as Dharma, Scarab, Matrix, and more, we also had a few new variants pop up. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-18th-2019-devs-back-from-vacation/
BleepingComputer
The Week in Ransomware - January 18th 2019 - Devs Back from Vacation
The ransomware developers must be back from vacation as there were a lot of new releases this week. In addition to new variants of existing ransomware such as Dharma, Scarab, Matrix, and more, we also had a few new variants pop up.
Phishing Attack Allegedly Targeted US DNC After 2018 Midterms
According to documents added to an amended complaint filed on January 17, the Democratic National Committee says that it was allegedly targeted by a Russian intelligence-coordinated phishing attack just a few days after the 2018 midterms. [...]
https://www.bleepingcomputer.com/news/security/phishing-attack-allegedly-targeted-us-dnc-after-2018-midterms/
According to documents added to an amended complaint filed on January 17, the Democratic National Committee says that it was allegedly targeted by a Russian intelligence-coordinated phishing attack just a few days after the 2018 midterms. [...]
https://www.bleepingcomputer.com/news/security/phishing-attack-allegedly-targeted-us-dnc-after-2018-midterms/
BleepingComputer
Phishing Attack Allegedly Targeted US DNC After 2018 Midterms
According to documents added to an amended complaint filed on January 17, the Democratic National Committee says that it was allegedly targeted by a Russian intelligence-coordinated phishing attack just a few days after the 2018 midterms.
Mozilla is Adding an Ad Blocker to Firefox Focus 9.0
Mozilla is adding an ad blocker to Firefox Focus 9.0, which is scheduled to be released next month. While some Focus users may currently see ads blocked, this is not being done intentionally, but is more of a byproduct of their tracker blocking. [...]
https://www.bleepingcomputer.com/news/software/mozilla-is-adding-an-ad-blocker-to-firefox-focus-90/
Mozilla is adding an ad blocker to Firefox Focus 9.0, which is scheduled to be released next month. While some Focus users may currently see ads blocked, this is not being done intentionally, but is more of a byproduct of their tracker blocking. [...]
https://www.bleepingcomputer.com/news/software/mozilla-is-adding-an-ad-blocker-to-firefox-focus-90/
BleepingComputer
Mozilla is Adding an Ad Blocker to Firefox Focus 9.0
Mozilla is adding an ad blocker to Firefox Focus 9.0, which is scheduled to be released next month. While some Focus users may currently see ads blocked, this is not being done intentionally, but is more of a byproduct of their tracker blocking.
DarkHydrus APT Uses Google Drive to Send Commands to RogueRobin Trojan
New malicious campaigns attributed to DarkHydrus APT group show the adversary's use of a new variant of the RogueRobin Trojan and of Google Drive as an alternative command and control (C2) communication channel. [...]
https://www.bleepingcomputer.com/news/security/darkhydrus-apt-uses-google-drive-to-send-commands-to-roguerobin-trojan/
New malicious campaigns attributed to DarkHydrus APT group show the adversary's use of a new variant of the RogueRobin Trojan and of Google Drive as an alternative command and control (C2) communication channel. [...]
https://www.bleepingcomputer.com/news/security/darkhydrus-apt-uses-google-drive-to-send-commands-to-roguerobin-trojan/
BleepingComputer
DarkHydrus APT Uses Google Drive to Send Commands to RogueRobin Trojan
New malicious campaigns attributed to DarkHydrus APT group show the adversary's use of a new variant of the RogueRobin Trojan and of Google Drive as an alternative command and control (C2) communication channel.