Facebook Caught Red Handed While Swiping Money From Children
According to court documents part of a 2012 class-action lawsuit made public by a federal judge at the request of The Center for Investigative Reporting's Reveal, social network giant Facebook has made a habit of charging kids without their parents' knowledge while playing games on its platform . [...]
https://www.bleepingcomputer.com/news/security/facebook-caught-red-handed-while-swiping-money-from-children/
According to court documents part of a 2012 class-action lawsuit made public by a federal judge at the request of The Center for Investigative Reporting's Reveal, social network giant Facebook has made a habit of charging kids without their parents' knowledge while playing games on its platform . [...]
https://www.bleepingcomputer.com/news/security/facebook-caught-red-handed-while-swiping-money-from-children/
BleepingComputer
Facebook Caught Red Handed While Swiping Money From Children
According to court documents part of a 2012 class-action lawsuit made public by a federal judge at the request of The Center for Investigative Reporting's Reveal, social network giant Facebook has made a habit of charging kids without their parents' knowledgeβ¦
Vulnerabilities Found in Highly Popular Firmware for WiFi Chips
WiFi chip firmware in a variety of devices used mainly for gaming, but also for personal computing, and communication comes with multiple issues. At least some of them could be exploited to run arbitrary code remotely without requiring user interaction. [...]
https://www.bleepingcomputer.com/news/security/vulnerabilities-found-in-highly-popular-firmware-for-wifi-chips/
WiFi chip firmware in a variety of devices used mainly for gaming, but also for personal computing, and communication comes with multiple issues. At least some of them could be exploited to run arbitrary code remotely without requiring user interaction. [...]
https://www.bleepingcomputer.com/news/security/vulnerabilities-found-in-highly-popular-firmware-for-wifi-chips/
BleepingComputer
Vulnerabilities Found in Highly Popular Firmware for WiFi Chips
WiFi chip firmware in a variety of devices used mainly for gaming, but also for personal computing, and communication comes with multiple issues. At least some of them could be exploited to run arbitrary code remotely without requiring user interaction.
Amazon, Apple, Others Hit with GDPR Complaints, β¬18.8B Maximum Penalties
Ten GDPR complaints were filed by noyb against Amazon, Apple, DAZN, Spotify, SoundCloud, YouTube, Flimmit, Netflix with the Austrian Data Protection Authority for violations of Article 15, with a maximum penalty across all complaints of β¬18.8 billion [...]
https://www.bleepingcomputer.com/news/security/amazon-apple-others-hit-with-gdpr-complaints-188b-maximum-penalties/
Ten GDPR complaints were filed by noyb against Amazon, Apple, DAZN, Spotify, SoundCloud, YouTube, Flimmit, Netflix with the Austrian Data Protection Authority for violations of Article 15, with a maximum penalty across all complaints of β¬18.8 billion [...]
https://www.bleepingcomputer.com/news/security/amazon-apple-others-hit-with-gdpr-complaints-188b-maximum-penalties/
BleepingComputer
Amazon, Apple, Others Hit with GDPR Complaints, β¬18.8B Maximum Penalties
Ten GDPR complaints were filed by noyb against Amazon, Apple, DAZN, Spotify, SoundCloud, YouTube, Flimmit, Netflix with the Austrian Data Protection Authority for violations of Article 15, with a maximum penalty across all complaints of β¬18.8 billion
Fallout Exploit Kit is Back with New Vulnerabilities and Payloads
The Fallout exploit kit is back in business after a short downtime, with new tools under its belt: a new Flash exploit for CVE-2018-15982, HTTPS support, a new landing page format, and the capability to deliver payloads using Powershell [...]
https://www.bleepingcomputer.com/news/security/fallout-exploit-kit-is-back-with-new-vulnerabilities-and-payloads/
The Fallout exploit kit is back in business after a short downtime, with new tools under its belt: a new Flash exploit for CVE-2018-15982, HTTPS support, a new landing page format, and the capability to deliver payloads using Powershell [...]
https://www.bleepingcomputer.com/news/security/fallout-exploit-kit-is-back-with-new-vulnerabilities-and-payloads/
BleepingComputer
Fallout Exploit Kit is Back with New Vulnerabilities and Payloads
The Fallout exploit kit is back in business after a short downtime, with new tools under its belt: a new Flash exploit for CVE-2018-15982, HTTPS support, a new landing page format, and the capability to deliver payloads using Powershell
The Week in Ransomware - January 18th 2019 - Devs Back from Vacation
The ransomware developers must be back from vacation as there were a lot of new releases this week. In addition to new variants of existing ransomware such as Dharma, Scarab, Matrix, and more, we also had a few new variants pop up. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-18th-2019-devs-back-from-vacation/
The ransomware developers must be back from vacation as there were a lot of new releases this week. In addition to new variants of existing ransomware such as Dharma, Scarab, Matrix, and more, we also had a few new variants pop up. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-18th-2019-devs-back-from-vacation/
BleepingComputer
The Week in Ransomware - January 18th 2019 - Devs Back from Vacation
The ransomware developers must be back from vacation as there were a lot of new releases this week. In addition to new variants of existing ransomware such as Dharma, Scarab, Matrix, and more, we also had a few new variants pop up.
Phishing Attack Allegedly Targeted US DNC After 2018 Midterms
According to documents added to an amended complaint filed on January 17, the Democratic National Committee says that it was allegedly targeted by a Russian intelligence-coordinated phishing attack just a few days after the 2018 midterms. [...]
https://www.bleepingcomputer.com/news/security/phishing-attack-allegedly-targeted-us-dnc-after-2018-midterms/
According to documents added to an amended complaint filed on January 17, the Democratic National Committee says that it was allegedly targeted by a Russian intelligence-coordinated phishing attack just a few days after the 2018 midterms. [...]
https://www.bleepingcomputer.com/news/security/phishing-attack-allegedly-targeted-us-dnc-after-2018-midterms/
BleepingComputer
Phishing Attack Allegedly Targeted US DNC After 2018 Midterms
According to documents added to an amended complaint filed on January 17, the Democratic National Committee says that it was allegedly targeted by a Russian intelligence-coordinated phishing attack just a few days after the 2018 midterms.
Mozilla is Adding an Ad Blocker to Firefox Focus 9.0
Mozilla is adding an ad blocker to Firefox Focus 9.0, which is scheduled to be released next month. While some Focus users may currently see ads blocked, this is not being done intentionally, but is more of a byproduct of their tracker blocking. [...]
https://www.bleepingcomputer.com/news/software/mozilla-is-adding-an-ad-blocker-to-firefox-focus-90/
Mozilla is adding an ad blocker to Firefox Focus 9.0, which is scheduled to be released next month. While some Focus users may currently see ads blocked, this is not being done intentionally, but is more of a byproduct of their tracker blocking. [...]
https://www.bleepingcomputer.com/news/software/mozilla-is-adding-an-ad-blocker-to-firefox-focus-90/
BleepingComputer
Mozilla is Adding an Ad Blocker to Firefox Focus 9.0
Mozilla is adding an ad blocker to Firefox Focus 9.0, which is scheduled to be released next month. While some Focus users may currently see ads blocked, this is not being done intentionally, but is more of a byproduct of their tracker blocking.
DarkHydrus APT Uses Google Drive to Send Commands to RogueRobin Trojan
New malicious campaigns attributed to DarkHydrus APT group show the adversary's use of a new variant of the RogueRobin Trojan and of Google Drive as an alternative command and control (C2) communication channel. [...]
https://www.bleepingcomputer.com/news/security/darkhydrus-apt-uses-google-drive-to-send-commands-to-roguerobin-trojan/
New malicious campaigns attributed to DarkHydrus APT group show the adversary's use of a new variant of the RogueRobin Trojan and of Google Drive as an alternative command and control (C2) communication channel. [...]
https://www.bleepingcomputer.com/news/security/darkhydrus-apt-uses-google-drive-to-send-commands-to-roguerobin-trojan/
BleepingComputer
DarkHydrus APT Uses Google Drive to Send Commands to RogueRobin Trojan
New malicious campaigns attributed to DarkHydrus APT group show the adversary's use of a new variant of the RogueRobin Trojan and of Google Drive as an alternative command and control (C2) communication channel.
Ex-Employee Hacks WPML WordPress Plugin Site and Spams Users
Last night the web site for the WordPress Multilingual Plugin (WPML) WordPress plugin was hacked and users of the plugin started receiving receiving emails stating that the plugin is filled with vulnerabilities. According to WPML, this was caused by a ex-employee who left a backdoor in their site. [...]
https://www.bleepingcomputer.com/news/security/ex-employee-hacks-wpml-wordpress-plugin-site-and-spams-users/
Last night the web site for the WordPress Multilingual Plugin (WPML) WordPress plugin was hacked and users of the plugin started receiving receiving emails stating that the plugin is filled with vulnerabilities. According to WPML, this was caused by a ex-employee who left a backdoor in their site. [...]
https://www.bleepingcomputer.com/news/security/ex-employee-hacks-wpml-wordpress-plugin-site-and-spams-users/
BleepingComputer
Ex-Employee Hacks WPML WordPress Plugin Site and Spams Users
Last night the web site for the WordPress Multilingual Plugin (WPML) WordPress plugin was hacked and users of the plugin started receiving receiving emails stating that the plugin is filled with vulnerabilities. According to WPML, this was caused by a exβ¦
MySQL Design Flaw Allows Malicious Servers to Steal Files from Clients
A design flaw in the file transfer interaction between a client host and a MySQL server allows the latter to request from the former any data the client user has read access to. [...]
https://www.bleepingcomputer.com/news/security/mysql-design-flaw-allows-malicious-servers-to-steal-files-from-clients/
A design flaw in the file transfer interaction between a client host and a MySQL server allows the latter to request from the former any data the client user has read access to. [...]
https://www.bleepingcomputer.com/news/security/mysql-design-flaw-allows-malicious-servers-to-steal-files-from-clients/
BleepingComputer
MySQL Design Flaw Allows Malicious Servers to Steal Files from Clients
A design flaw in the file transfer interaction between a client host and a MySQL server allows the latter to request from the former any data the client user has read access to.
Google Fined β¬50 Million by French Watchdog for Lack of Transparency
Google was hit with a β¬50 (56,8) million financial penalty in accordance with the General Data Protection Regulation (GDPR) by the French Commission Nationale de l'informatique et des LibertΓ©s (CNIL) for violating transparency and information obligations and for not obtaining user consent for processing data for ads personalization [...]
https://www.bleepingcomputer.com/news/google/google-fined-50-million-by-french-watchdog-for-lack-of-transparency/
Google was hit with a β¬50 (56,8) million financial penalty in accordance with the General Data Protection Regulation (GDPR) by the French Commission Nationale de l'informatique et des LibertΓ©s (CNIL) for violating transparency and information obligations and for not obtaining user consent for processing data for ads personalization [...]
https://www.bleepingcomputer.com/news/google/google-fined-50-million-by-french-watchdog-for-lack-of-transparency/
BleepingComputer
Google Fined β¬50 Million by French Watchdog for Lack of Transparency
Google was hit with a β¬50 (56,8) million financial penalty in accordance with the General Data Protection Regulation (GDPR) by the French Commission Nationale de l'informatique et des LibertΓ©s (CNIL) for violating transparency and information obligationsβ¦
Data Collected from Old Breaches Is Not a New Data Breach
Knowing what I typically write about, my phone has been dinging and ringing lately as people were concerned about the new MONSTER MEGA DATA BREACH that they read about online. Of course they were referring to the numerous stories published this week about a giant data breach with 773 million unique email addresses in it. [...]
https://www.bleepingcomputer.com/editorial/security/data-collected-from-old-breaches-is-not-a-new-data-breach/
Knowing what I typically write about, my phone has been dinging and ringing lately as people were concerned about the new MONSTER MEGA DATA BREACH that they read about online. Of course they were referring to the numerous stories published this week about a giant data breach with 773 million unique email addresses in it. [...]
https://www.bleepingcomputer.com/editorial/security/data-collected-from-old-breaches-is-not-a-new-data-breach/
BleepingComputer
Data Collected from Old Breaches Is Not a New Data Breach
Knowing what I typically write about, my phone has been dinging and ringing lately as people were concerned about the new MONSTER MEGA DATA BREACH that they read about online. Of course they were referring to the numerous stories published this week aboutβ¦
Windows Zero-Day Bug That Lets Attackers Read Any File Gets Micropatch
A micropatch is now available for a zero-day vulnerability in Windows that allows unauthorized read access with the highest privileges to any file on the operating system. [...]
https://www.bleepingcomputer.com/news/security/windows-zero-day-bug-that-lets-attackers-read-any-file-gets-micropatch/
A micropatch is now available for a zero-day vulnerability in Windows that allows unauthorized read access with the highest privileges to any file on the operating system. [...]
https://www.bleepingcomputer.com/news/security/windows-zero-day-bug-that-lets-attackers-read-any-file-gets-micropatch/
BleepingComputer
Windows Zero-Day Bug That Lets Attackers Read Any File Gets Micropatch
A micropatch is now available for a zero-day vulnerability in Windows that allows unauthorized read access with the highest privileges to any file on the operating system.
Malware, User Privacy Failures Found in Top Free VPN Android Apps
One in five apps from the top 150 free VPN Android apps in Google's Play Store was flagged as a potential source of malware, while a quarter of them come with user privacy breaking bugs such as DNS leaks which expose user DNS queries to their ISPs [...]
https://www.bleepingcomputer.com/news/security/malware-user-privacy-failures-found-in-top-free-vpn-android-apps/
One in five apps from the top 150 free VPN Android apps in Google's Play Store was flagged as a potential source of malware, while a quarter of them come with user privacy breaking bugs such as DNS leaks which expose user DNS queries to their ISPs [...]
https://www.bleepingcomputer.com/news/security/malware-user-privacy-failures-found-in-top-free-vpn-android-apps/
BleepingComputer
Malware, User Privacy Failures Found in Top Free VPN Android Apps
One in five apps from the top 150 free VPN Android apps in Google's Play Store was flagged as a potential source of malware, while a quarter of them come with user privacy breaking bugs such as DNS leaks which expose user DNS queries to their ISPs
Ransomware Attacks to Require Disclosure in North Carolina
Attorney General Josh Stein and Rep. Jason Saine announced updates designed to strengthen the state's identity theft protection legislation, targeting prevention and consumer protection boost in the face of breaches. [...]
https://www.bleepingcomputer.com/news/legal/ransomware-attacks-to-require-disclosure-in-north-carolina/
Attorney General Josh Stein and Rep. Jason Saine announced updates designed to strengthen the state's identity theft protection legislation, targeting prevention and consumer protection boost in the face of breaches. [...]
https://www.bleepingcomputer.com/news/legal/ransomware-attacks-to-require-disclosure-in-north-carolina/
BleepingComputer
Ransomware Attacks to Require Disclosure in North Carolina
Attorney General Josh Stein and Rep. Jason Saine announced updates designed to strengthen the state's identity theft protection legislation, targeting prevention and consumer protection boost in the face of breaches.
New Rumba STOP Ransomware Being Installed by Software Cracks
The STOP ransomware has seen very heavy distribution over the last month using adware installers disguised as cracks. This campaign continues with a new variant released over the past few days that appends the .rumba extension to the names of encrypted files. [...]
https://www.bleepingcomputer.com/news/security/new-rumba-stop-ransomware-being-installed-by-software-cracks/
The STOP ransomware has seen very heavy distribution over the last month using adware installers disguised as cracks. This campaign continues with a new variant released over the past few days that appends the .rumba extension to the names of encrypted files. [...]
https://www.bleepingcomputer.com/news/security/new-rumba-stop-ransomware-being-installed-by-software-cracks/
BleepingComputer
New Rumba STOP Ransomware Being Installed by Software Cracks
The STOP ransomware has seen very heavy distribution over the last month using adware installers disguised as cracks. This campaign continues with a new variant released over the past few days that appends the .rumba extension to the names of encrypted files.
Malwarebytes Fixes Windows 7 Freeze Problem in New Update
Malwarebytes released an update today for the component package that fixes the problem with Windows 7 stations freezing. The problem manifests on systems with the Web Protection feature enabled in the security solution. [...]
https://www.bleepingcomputer.com/news/security/malwarebytes-fixes-windows-7-freeze-problem-in-new-update/
Malwarebytes released an update today for the component package that fixes the problem with Windows 7 stations freezing. The problem manifests on systems with the Web Protection feature enabled in the security solution. [...]
https://www.bleepingcomputer.com/news/security/malwarebytes-fixes-windows-7-freeze-problem-in-new-update/
BleepingComputer
Malwarebytes Fixes Windows 7 Freeze Problem in New Update
Malwarebytes released an update today for the component package that fixes the problem with Windows 7 stations freezing. The problem manifests on systems with the Web Protection feature enabled in the security solution.
Apple Pay Rolls Out to Target, Taco Bell and Other Top US Retailers
Apple announced the rollout of its Apple Pay mobile contactless payment system to the Target, Taco Bell, Hy-Vee, and Jack in the Box US retailers, now covering 74 of the top 100 US merchants and approximately 65 percent of all retail locations across the country [...]
https://www.bleepingcomputer.com/news/apple/apple-pay-rolls-out-to-target-taco-bell-and-other-top-us-retailers/
Apple announced the rollout of its Apple Pay mobile contactless payment system to the Target, Taco Bell, Hy-Vee, and Jack in the Box US retailers, now covering 74 of the top 100 US merchants and approximately 65 percent of all retail locations across the country [...]
https://www.bleepingcomputer.com/news/apple/apple-pay-rolls-out-to-target-taco-bell-and-other-top-us-retailers/
BleepingComputer
Apple Pay Rolls Out to Target, Taco Bell and Other Top US Retailers
Apple announced the rollout of its Apple Pay mobile contactless payment system to the Target, Taco Bell, Hy-Vee, and Jack in the Box US retailers, now covering 74 of the top 100 US merchants and approximately 65 percent of all retail locations across theβ¦
Windows Contacts Remote Code Execution Zero-Day Gets Micropatch
Another zero-day vulnerability in Windows receives a temporary fix today, as the 0patch platform added code for a bug in Windows Contacts app that allows remote execution of arbitrary code. [...]
https://www.bleepingcomputer.com/news/security/windows-contacts-remote-code-execution-zero-day-gets-micropatch/
Another zero-day vulnerability in Windows receives a temporary fix today, as the 0patch platform added code for a bug in Windows Contacts app that allows remote execution of arbitrary code. [...]
https://www.bleepingcomputer.com/news/security/windows-contacts-remote-code-execution-zero-day-gets-micropatch/
BleepingComputer
Windows Contacts Remote Code Execution Zero-Day Gets Micropatch
Another zero-day vulnerability in Windows receives a temporary fix today, as the 0patch platform added code for a bug in Windows Contacts app that allows remote execution of arbitrary code.
Remote Code Execution Bug Patched in APT Linux Package Manager
A remote code execution bug was discovered by security contractor Max Justicz in the APT high level package manager used by Debian, Ubuntu, and other related Linux distributions. The bug has been fixed today in the latest versions of APT. [...]
https://www.bleepingcomputer.com/news/security/remote-code-execution-bug-patched-in-apt-linux-package-manager/
A remote code execution bug was discovered by security contractor Max Justicz in the APT high level package manager used by Debian, Ubuntu, and other related Linux distributions. The bug has been fixed today in the latest versions of APT. [...]
https://www.bleepingcomputer.com/news/security/remote-code-execution-bug-patched-in-apt-linux-package-manager/
BleepingComputer
Remote Code Execution Bug Patched in APT Linux Package Manager
A remote code execution bug was discovered by security contractor Max Justicz in the APT high level package manager used by Debian, Ubuntu, and other related Linux distributions. The bug has been fixed today in the latest versions of APT.
Microsoft Announces New Windows 10 Devices, Personalized Learning Tools
Ahead of BETT UK 2019, Microsoft announced seven new education-focused Windows 10 devices, multiple updates to Teams that make it easier to personalize to better match each student's learning experience, as well as the addition of mixed reality curriculum via a partnership with VictoryVR [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-new-windows-10-devices-personalized-learning-tools/
Ahead of BETT UK 2019, Microsoft announced seven new education-focused Windows 10 devices, multiple updates to Teams that make it easier to personalize to better match each student's learning experience, as well as the addition of mixed reality curriculum via a partnership with VictoryVR [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-new-windows-10-devices-personalized-learning-tools/
BleepingComputer
Microsoft Announces New Windows 10 Devices, Personalized Learning Tools
Ahead of BETT UK 2019, Microsoft announced seven new education-focused Windows 10 devices, multiple updates to Teams that make it easier to personalize to better match each student's learning experience, as well as the addition of mixed reality curriculumβ¦