Mozilla's Site Isolation Coming to Firefox, First Milestone in February

Mozilla's Project Fission team is working on implementing a site isolation Firefox security feature similar to the one implemented by Google in version 67 of its Chrome web browser to mitigate speculative side-channel attacks launched by malicious websites. [...]

https://www.bleepingcomputer.com/news/security/mozillas-site-isolation-coming-to-firefox-first-milestone-in-february/

Researcher Declines to Share Zero-Day macOS Keychain Exploit with Apple

Security researcher Linus Henze demoed a zero-day macOS exploit impacting the Keychain password management system which can store passwords for applications, servers, and websites, as well as sensitive information related to banking accounts. [...]

https://www.bleepingcomputer.com/news/security/researcher-declines-to-share-zero-day-macos-keychain-exploit-with-apple/

59K Data Breaches Reported, 91 Fines Imposed Since GDPR Enactment

More than 59,000 data breach notifications have been reported to Data Protection Authorities (DPAs) across Europe by both public and privately-owned organizations since EU's GDPR was passed on May 25, 2018. Google's €50 million fine from January. was the largest ever imposed. [...]

https://www.bleepingcomputer.com/news/security/59k-data-breaches-reported-91-fines-imposed-since-gdpr-enactment/

"Lucky Draw" Smishing Campaign Asks Money to Deliver Car Prize

A new smishing campaign, or text message phishing campaign, is targeting Nokia owners in India. These text messages pretend to be from Nokia and state that the recipient has won a lucky draw to win a car or money. [...]

https://www.bleepingcomputer.com/news/security/lucky-draw-smishing-campaign-asks-money-to-deliver-car-prize/

New Docs Show Pricing for Windows 7 Extended Security Updates

Microsoft has stated that Windows 7 support will end in January 2020 and customers are recommended to upgrade to Windows 10 for monthly security updates. For those who wish to continue using Windows 7 beyond January 2020, you can either risk using the OS without updatess or pay Microsoft to get support for another three years. [...]

https://www.bleepingcomputer.com/news/microsoft/new-docs-show-pricing-for-windows-7-extended-security-updates/

Netography to Make Network Security Autonomous, Funded by Andreessen Horowitz

Netography, a self-governing network security platform designed to function as an enterprise security crow's nest received $2.6 million in funding from Andreessen Horowitz as part of its seed round. Netography implements an autonomous network security and telemetry tools that stop security threats which usually go unnoticed. [...]

https://www.bleepingcomputer.com/news/security/netography-to-make-network-security-autonomous-funded-by-andreessen-horowitz/

Business Email Compromise Attacks See Almost 500% Increase

Business email compromised (BEC) attacks have seen an explosive 476% growth between Q4 2017 and Q4 2018, while the number of email fraud attempts against companies increased 226% QoQ. [...]

https://www.bleepingcomputer.com/news/security/business-email-compromise-attacks-see-almost-500-percent-increase/

Apple Releases Fix for Group FaceTime Snooping Bug in iOS and macOS

Apple has released security updates for iOS and macOS that fix a severe bug in FaceTime that allowed callers to listen in, and potentially view, the people they were calling without the call being answered. [...]

https://www.bleepingcomputer.com/news/security/apple-releases-fix-for-group-facetime-snooping-bug-in-ios-and-macos/

Google Introduces Adiantum Storage Encryption to Low-End Android Devices

Google unveiled today the new Adiantium storage encryption method for devices without cryptographic acceleration and running Android 9 or later on processors which do not support AES or other crypto instructions. [...]

https://www.bleepingcomputer.com/news/google/google-introduces-adiantum-storage-encryption-to-low-end-android-devices/

Microsoft Now Allows Skype Users to Blur the Background on Video Calls

Microsoft has started rolling out new updates for Skype that add the background blur feature to video calls. This feature will enable you to blur the background while on video calls to protect you from embarrassing moments. [...]

https://www.bleepingcomputer.com/news/security/microsoft-now-allows-skype-users-to-blur-the-background-on-video-calls/

Microsoft Provides Mitigations, Workarounds for PrivExchange Vulnerability

Microsoft released a security advisory with mitigation measures and workarounds for an elevation of privilege vulnerability affecting Microsoft Exchange 2013 and newer which was made public by security researcher Dirk-jan Mollema, together with a proof-of-concept tool named PrivExchange. [...]

https://www.bleepingcomputer.com/news/security/microsoft-provides-mitigations-workarounds-for-privexchange-vulnerability/

Wells Fargo Hit By Nationwide Outage, ATMs and Online Banking Down

Wells Fargo customers from all over the U.S. have been reporting that multiple services offered by the multinational financial services company's banking branch, with credit cards, ATMs, and the online banking system reportedly being down. [...]

https://www.bleepingcomputer.com/news/technology/wells-fargo-hit-by-nationwide-outage-atms-and-online-banking-down/

New Phishing Attack Uses Google Translate as Camouflage

A phishing campaign that attempts to steal Google account and Facebook credentials has been discovered that utilizes Google Translate as camouflage on mobile browsers. [...]

https://www.bleepingcomputer.com/news/security/new-phishing-attack-uses-google-translate-as-camouflage/

TWOSENSE.AI Awarded $2.42M Behavioral Biometrics Security Contract by DoD

New York AI startup TWOSENSE.AI was awarded a $2.42M contract by the U.S. Department of Defense (DoD) under which it will have to implement an uninterrupted multifactor authentication using deep neural networks which will eventually replace DoD's physical ID chip cards (CAC), with its continuous behavioral biometric authentication. [...]

https://www.bleepingcomputer.com/news/security/twosenseai-awarded-242m-behavioral-biometrics-security-contract-by-dod/

Like Microsoft Edge, Chrome is Getting Tab Hover Card Images

Recently Google added a new experimental feature that displays a small info card when you hover over a tab in Chrome. Similar to Microsoft Edge's tab hover card implementation, Chrome 74 will show a preview image of the associated web site when you hover over its tab. [...]

https://www.bleepingcomputer.com/news/security/like-microsoft-edge-chrome-is-getting-tab-hover-card-images/

Apple Patched Two Actively Exploited Zero-Days in iOS 12.1.4

As revealed by Project Zero team lead Ben Hawkes on Twitter, Apple fixed two zero-day vulnerabilities which were being exploited in the wild before the release of the iOS 12.1.4 security update. [...]

https://www.bleepingcomputer.com/news/security/apple-patched-two-actively-exploited-zero-days-in-ios-1214/

Coinminer Targets Linux, Kills Competition to Maximize Profits

A new coinminer malware strain which targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner has been observed while searching for and killing other Linux malware and coin miners present on the compromised machine. [...]

https://www.bleepingcomputer.com/news/security/coinminer-targets-linux-kills-competition-to-maximize-profits/

Mail Attachment Builds Ransomware Downloader from Super Mario Image

A malicious spreadsheet has been discovered that builds a PowerShell command from individual pixels in a downloaded image of Mario from Super Mario Bros. When executed, this command will download and install malware such as the GandCrab Ransomware and other malware. [...]

https://www.bleepingcomputer.com/news/security/mail-attachment-builds-ransomware-downloader-from-super-mario-image/

Windows 10 Insider Preview Build 18334 Released With Gaming Improvements

Microsoft has released Windows 10 Insider Preview Build 18334 (19H1) to insiders in the Fast ring. This build adds numerous fixes, changes, and improvements, as well as "technology tailor-made for gaming to Windows." [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-preview-build-18334-released-with-gaming-improvements/

The Week in Ransomware - February 8th 2019 - Shady Data Recovery Companies

This week was mostly filled with new variants of existing ransomware such as STOP, Dharma, and Jigsaw ransomware. We did though have some interesting news, such as a ransomware downloader being created from the pixels of images and shady data recovery companies partnering with GandCrab to make extra profits. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-8th-2019-shady-data-recovery-companies/

Decompiled Undertale RPG Source Code Released on GitHub

The decompiled source code for the popular video game Undertale has been posted to GitHub. This decompilation contains what appears to be all of the game's assets, including its images, scripts, and audio files. [...]

https://www.bleepingcomputer.com/news/gaming/decompiled-undertale-rpg-source-code-released-on-github/