Apple Patched Two Actively Exploited Zero-Days in iOS 12.1.4
As revealed by Project Zero team lead Ben Hawkes on Twitter, Apple fixed two zero-day vulnerabilities which were being exploited in the wild before the release of the iOS 12.1.4 security update. [...]
https://www.bleepingcomputer.com/news/security/apple-patched-two-actively-exploited-zero-days-in-ios-1214/
As revealed by Project Zero team lead Ben Hawkes on Twitter, Apple fixed two zero-day vulnerabilities which were being exploited in the wild before the release of the iOS 12.1.4 security update. [...]
https://www.bleepingcomputer.com/news/security/apple-patched-two-actively-exploited-zero-days-in-ios-1214/
BleepingComputer
Apple Patched Two Actively Exploited Zero-Days in iOS 12.1.4
As revealed by Project Zero team lead Ben Hawkes on Twitter, Apple fixed two zero-day vulnerabilities which were being exploited in the wild before the release of the iOS 12.1.4 security update.
Coinminer Targets Linux, Kills Competition to Maximize Profits
A new coinminer malware strain which targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner has been observed while searching for and killing other Linux malware and coin miners present on the compromised machine. [...]
https://www.bleepingcomputer.com/news/security/coinminer-targets-linux-kills-competition-to-maximize-profits/
A new coinminer malware strain which targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner has been observed while searching for and killing other Linux malware and coin miners present on the compromised machine. [...]
https://www.bleepingcomputer.com/news/security/coinminer-targets-linux-kills-competition-to-maximize-profits/
BleepingComputer
Coinminer Targets Linux, Kills Competition to Maximize Profits
A new coinminer malware strain which targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner has been observed while searching for and killing other Linux malware and coin miners present on the compromised machine.
Mail Attachment Builds Ransomware Downloader from Super Mario Image
A malicious spreadsheet has been discovered that builds a PowerShell command from individual pixels in a downloaded image of Mario from Super Mario Bros. When executed, this command will download and install malware such as the GandCrab Ransomware and other malware. [...]
https://www.bleepingcomputer.com/news/security/mail-attachment-builds-ransomware-downloader-from-super-mario-image/
A malicious spreadsheet has been discovered that builds a PowerShell command from individual pixels in a downloaded image of Mario from Super Mario Bros. When executed, this command will download and install malware such as the GandCrab Ransomware and other malware. [...]
https://www.bleepingcomputer.com/news/security/mail-attachment-builds-ransomware-downloader-from-super-mario-image/
BleepingComputer
Mail Attachment Builds Ransomware Downloader from Super Mario Image
A malicious spreadsheet has been discovered that builds a PowerShell command from individual pixels in a downloaded image of Mario from Super Mario Bros. When executed, this command will download and install malware such as the GandCrab Ransomware and otherβ¦
Windows 10 Insider Preview Build 18334 Released With Gaming Improvements
Microsoft has released Windows 10 Insider Preview Build 18334 (19H1) to insiders in the Fast ring. This build adds numerous fixes, changes, and improvements, as well as "technology tailor-made for gaming to Windows." [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-preview-build-18334-released-with-gaming-improvements/
Microsoft has released Windows 10 Insider Preview Build 18334 (19H1) to insiders in the Fast ring. This build adds numerous fixes, changes, and improvements, as well as "technology tailor-made for gaming to Windows." [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-preview-build-18334-released-with-gaming-improvements/
BleepingComputer
Windows 10 Insider Preview Build 18334 Released With Gaming Improvements
Microsoft has released Windows 10 Insider Preview Build 18334 (19H1) to insiders in the Fast ring. This build adds numerous fixes, changes, and improvements, as well as "technology tailor-made for gaming to Windows."
The Week in Ransomware - February 8th 2019 - Shady Data Recovery Companies
This week was mostly filled with new variants of existing ransomware such as STOP, Dharma, and Jigsaw ransomware. We did though have some interesting news, such as a ransomware downloader being created from the pixels of images and shady data recovery companies partnering with GandCrab to make extra profits. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-8th-2019-shady-data-recovery-companies/
This week was mostly filled with new variants of existing ransomware such as STOP, Dharma, and Jigsaw ransomware. We did though have some interesting news, such as a ransomware downloader being created from the pixels of images and shady data recovery companies partnering with GandCrab to make extra profits. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-8th-2019-shady-data-recovery-companies/
BleepingComputer
The Week in Ransomware - February 8th 2019 - Shady Data Recovery Companies
This week was mostly filled with new variants of existing ransomware such as STOP, Dharma, and Jigsaw ransomware. We did though have some interesting news, such as a ransomware downloader being created from the pixels of images and shady data recovery companiesβ¦
Decompiled Undertale RPG Source Code Released on GitHub
The decompiled source code for the popular video game Undertale has been posted to GitHub. This decompilation contains what appears to be all of the game's assets, including its images, scripts, and audio files. [...]
https://www.bleepingcomputer.com/news/gaming/decompiled-undertale-rpg-source-code-released-on-github/
The decompiled source code for the popular video game Undertale has been posted to GitHub. This decompilation contains what appears to be all of the game's assets, including its images, scripts, and audio files. [...]
https://www.bleepingcomputer.com/news/gaming/decompiled-undertale-rpg-source-code-released-on-github/
BleepingComputer
Decompiled Undertale RPG Source Code Released on GitHub
The decompiled source code for the popular video game Undertale has been posted to GitHub. This decompilation contains what appears to be all of the game's assets, including its images, scripts, and audio files.
Windows95 v2.0 Let's You Play DOOM, Wolfenstein 3D, and More
Looking for a sense of nostalgia by running Windows 95 and using it to play DOOM, Wolfenstein 3D, and other games? Now you can with the release of a new version of a Windows 95 Electron application that gives you the full experience. [...]
https://www.bleepingcomputer.com/news/security/windows95-v20-lets-you-play-doom-wolfenstein-3d-and-more/
Looking for a sense of nostalgia by running Windows 95 and using it to play DOOM, Wolfenstein 3D, and other games? Now you can with the release of a new version of a Windows 95 Electron application that gives you the full experience. [...]
https://www.bleepingcomputer.com/news/security/windows95-v20-lets-you-play-doom-wolfenstein-3d-and-more/
BleepingComputer
Windows95 v2.0 Lets You Play DOOM, Wolfenstein 3D, and More
Looking for a sense of nostalgia by running Windows 95 and using it to play DOOM, Wolfenstein 3D, and other games? Now you can with the release of a new version of a Windows 95 Electron application that gives you the full experience.
Facebook, Twitter Trackers Whitelisted by Brave Browser
The Brave Browser promotes itself on being built from the ground up to provide enhanced privacy to its users. Yet, users voiced concern today after finding a section of the browser's source code that shows tracking scripts for Facebook and Twitter are whitelisted so that they are not blocked by the browser. [...]
https://www.bleepingcomputer.com/news/security/facebook-twitter-trackers-whitelisted-by-brave-browser/
The Brave Browser promotes itself on being built from the ground up to provide enhanced privacy to its users. Yet, users voiced concern today after finding a section of the browser's source code that shows tracking scripts for Facebook and Twitter are whitelisted so that they are not blocked by the browser. [...]
https://www.bleepingcomputer.com/news/security/facebook-twitter-trackers-whitelisted-by-brave-browser/
BleepingComputer
Facebook, Twitter Trackers Whitelisted by Brave Browser
The Brave Browser promotes itself on being built from the ground up to provide enhanced privacy to its users. Yet, users voiced concern today after finding a section of the browser's source code that shows tracking scripts for Facebook and Twitter are whitelistedβ¦
First CryptoCurrency Clipboard Hijacker Found on Google Play Store
Researchers last week found the first Android app on the Google Play store that monitors a device's clipboard for Bitcoin and Ethereum addresses and swaps them for addresses under the attacker's control. This allows the attackers to steal any payments you make without your knowledge that you sent it to the wrong address. [...]
https://www.bleepingcomputer.com/news/security/first-cryptocurrency-clipboard-hijacker-found-on-google-play-store/
Researchers last week found the first Android app on the Google Play store that monitors a device's clipboard for Bitcoin and Ethereum addresses and swaps them for addresses under the attacker's control. This allows the attackers to steal any payments you make without your knowledge that you sent it to the wrong address. [...]
https://www.bleepingcomputer.com/news/security/first-cryptocurrency-clipboard-hijacker-found-on-google-play-store/
BleepingComputer
First CryptoCurrency Clipboard Hijacker Found on Google Play Store
Researchers last week found the first Android app on the Google Play store that monitors a device's clipboard for Bitcoin and Ethereum addresses and swaps them for addresses under the attacker's control. This allows the attackers to steal any payments youβ¦
New Offensive USB Cable Allows Remote Attacks over WiFi
Like a scene from a James Bond or Mission Impossible movie, a new offensive USB cable plugged into a computer could allow attackers to execute commands over WiFi as if they were using the computer's keyboard. [...]
https://www.bleepingcomputer.com/news/security/new-offensive-usb-cable-allows-remote-attacks-over-wifi/
Like a scene from a James Bond or Mission Impossible movie, a new offensive USB cable plugged into a computer could allow attackers to execute commands over WiFi as if they were using the computer's keyboard. [...]
https://www.bleepingcomputer.com/news/security/new-offensive-usb-cable-allows-remote-attacks-over-wifi/
BleepingComputer
New Offensive USB Cable Allows Remote Attacks over WiFi
Like a scene from a James Bond or Mission Impossible movie, a new offensive USB cable plugged into a computer could allow attackers to execute commands over WiFi as if they were using the computer's keyboard.
Adobe Reader Zero-Day Micropatch Stops Malicious PDFs from Calling Home
A micropatch is now available for a zero-day vulnerability in Adobe Reader which would allow maliciously crafted PDF documents to call home and send over the victim's NTLM hash to remote attackers in the form of an SMB request. [...]
https://www.bleepingcomputer.com/news/security/adobe-reader-zero-day-micropatch-stops-malicious-pdfs-from-calling-home/
A micropatch is now available for a zero-day vulnerability in Adobe Reader which would allow maliciously crafted PDF documents to call home and send over the victim's NTLM hash to remote attackers in the form of an SMB request. [...]
https://www.bleepingcomputer.com/news/security/adobe-reader-zero-day-micropatch-stops-malicious-pdfs-from-calling-home/
BleepingComputer
Adobe Reader Zero-Day Micropatch Stops Malicious PDFs from Calling Home
A micropatch is now available for a zero-day vulnerability in Adobe Reader which would allow maliciously crafted PDF documents to call home and send over the victim's NTLM hash to remote attackers in the form of an SMB request.
RunC Vulnerability Gives Attackers Root Access on Docker, Kubernetes Hosts
A container breakout security flaw found in the runc container runtime allows malicious containers to overwrite the host runc binary and gain root-level code execution on the host machine. [...]
https://www.bleepingcomputer.com/news/security/runc-vulnerability-gives-attackers-root-access-on-docker-kubernetes-hosts/
A container breakout security flaw found in the runc container runtime allows malicious containers to overwrite the host runc binary and gain root-level code execution on the host machine. [...]
https://www.bleepingcomputer.com/news/security/runc-vulnerability-gives-attackers-root-access-on-docker-kubernetes-hosts/
BleepingComputer
RunC Vulnerability Gives Attackers Root Access on Docker, Kubernetes Hosts
A container breakout security flaw found in the runc container runtime allows malicious containers to overwrite the host runc binary and gain root-level code execution on the host machine.
Microsoft States Windows Update DNS Issues are Finally Fixed
In an updated Windows 10 and Windows Server 2019 update history support article, Microsoft has stated that the Windows Update DNS issue should now be fully resolved as all local ISPs have refreshed their DNS servers and are now using the correct DNS records. [...]
https://www.bleepingcomputer.com/news/security/microsoft-states-windows-update-dns-issues-are-finally-fixed/
In an updated Windows 10 and Windows Server 2019 update history support article, Microsoft has stated that the Windows Update DNS issue should now be fully resolved as all local ISPs have refreshed their DNS servers and are now using the correct DNS records. [...]
https://www.bleepingcomputer.com/news/security/microsoft-states-windows-update-dns-issues-are-finally-fixed/
BleepingComputer
Microsoft States Windows Update DNS Issues are Finally Fixed
In an updated Windows 10 and Windows Server 2019 update history support article, Microsoft has stated that the Windows Update DNS issue should now be fully resolved as all local ISPs have refreshed their DNS servers and are now using the correct DNS records.
Privacy Protection Bypass Flaw in macOS Gives Access to Browsing History
A macOS privacy protection bypass flaw could allow potential attackers to access data stored in restricted folders on all macOS Mojave release up to the 10.14.3 Supplemental Update released on February 7.. [...]
https://www.bleepingcomputer.com/news/security/privacy-protection-bypass-flaw-in-macos-gives-access-to-browsing-history/
A macOS privacy protection bypass flaw could allow potential attackers to access data stored in restricted folders on all macOS Mojave release up to the 10.14.3 Supplemental Update released on February 7.. [...]
https://www.bleepingcomputer.com/news/security/privacy-protection-bypass-flaw-in-macos-gives-access-to-browsing-history/
BleepingComputer
Privacy Protection Bypass Flaw in macOS Gives Access to Browsing History
A macOS privacy protection bypass flaw could allow potential attackers to access data stored in restricted folders on all macOS Mojave releases up to the 10.14.3 Supplemental Update released on February 7..
Coalition of State Attorney Generals Urge FTC to Update Identity Theft Rules
A coalition of 31 state attorneys general responded to an FTC request for public comment on its Identity Theft Rules review with an appeal to update them to allow banks and creditors to keep up with new tech designed to block identity theft attempts. [...]
https://www.bleepingcomputer.com/news/security/coalition-of-state-attorney-generals-urge-ftc-to-update-identity-theft-rules/
A coalition of 31 state attorneys general responded to an FTC request for public comment on its Identity Theft Rules review with an appeal to update them to allow banks and creditors to keep up with new tech designed to block identity theft attempts. [...]
https://www.bleepingcomputer.com/news/security/coalition-of-state-attorney-generals-urge-ftc-to-update-identity-theft-rules/
BleepingComputer
Coalition of State Attorney Generals Urge FTC to Update Identity Theft Rules
A coalition of 31 state attorneys general responded to an FTC request for public comment on its Identity Theft Rules review with an appeal to update them to allow banks and creditors to keep up with new tech designed to block identity theft attempts.
Hackers Wipe VFEmail Servers, May Shut Down After Catastrophic Data Loss
The U.S. servers of privacy-focused e-mail provider VFEmail were hacked into on February 11 and all the data was destroyed, on both the main and the backup systems. According to VFEmail's owner, the hackers did not leave a ransom note and, given the extent of the destruction, the service will most likely go offline to never return. [...]
https://www.bleepingcomputer.com/news/security/hackers-wipe-vfemail-servers-may-shut-down-after-catastrophic-data-loss/
The U.S. servers of privacy-focused e-mail provider VFEmail were hacked into on February 11 and all the data was destroyed, on both the main and the backup systems. According to VFEmail's owner, the hackers did not leave a ransom note and, given the extent of the destruction, the service will most likely go offline to never return. [...]
https://www.bleepingcomputer.com/news/security/hackers-wipe-vfemail-servers-may-shut-down-after-catastrophic-data-loss/
BleepingComputer
Hackers Wipe VFEmail Servers, May Shut Down After Catastrophic Data Loss
The U.S. servers of privacy-focused e-mail provider VFEmail were hacked into on February 11 and all the data was destroyed, on both the main and the backup systems. According to VFEmail's owner, the hackers did not leave a ransom note and, given the extentβ¦
Adobe Releases Security Fixes for Flash Player, ColdFusion, and More
Adobe has published their monthly Patch Tuesday updates for the month of February 2019. These updates are for Flash Player, Creative Cloud Desktop Application, and ColdFusion. [...]
https://www.bleepingcomputer.com/news/security/adobe-releases-security-fixes-for-flash-player-coldfusion-and-more/
Adobe has published their monthly Patch Tuesday updates for the month of February 2019. These updates are for Flash Player, Creative Cloud Desktop Application, and ColdFusion. [...]
https://www.bleepingcomputer.com/news/security/adobe-releases-security-fixes-for-flash-player-coldfusion-and-more/
BleepingComputer
Adobe Releases Security Fixes for Flash Player, ColdFusion, and More
Adobe has published their monthly Patch Tuesday updates for the month of February 2019. These updates are for Flash Player, Creative Cloud Desktop Application, and ColdFusion.
Windows Malware Runs on Macs, Bypasses Gatekeeper to Target Software Pirates
If it wasn't already obvious, pirating software is a risky business and this was again proven by a set of malicious executables targeting macOS users with info stealers and adware, and compiled as Windows EXE binaries with the help of the open source Mono framework. [...]
https://www.bleepingcomputer.com/news/security/windows-malware-runs-on-macs-bypasses-gatekeeper-to-target-software-pirates/
If it wasn't already obvious, pirating software is a risky business and this was again proven by a set of malicious executables targeting macOS users with info stealers and adware, and compiled as Windows EXE binaries with the help of the open source Mono framework. [...]
https://www.bleepingcomputer.com/news/security/windows-malware-runs-on-macs-bypasses-gatekeeper-to-target-software-pirates/
BleepingComputer
Windows Malware Runs on Macs, Bypasses Gatekeeper to Target Software Pirates
If it wasn't already obvious, pirating software is a risky business and this was again proven by a set of malicious executables targeting macOS users with info stealers and adware, and compiled as Windows EXE binaries with the help of the open source Monoβ¦
Dunkin' Donuts Issues Alert for Credential Stuffing Attack, Passwords Reset
Dunkin' Donuts has issued a security notification alerting users of their DD Perks reward program that their accounts may have been involved in a credential stuffing attack. This attack may have allowed third-parties to gain access to some of their account information. [...]
https://www.bleepingcomputer.com/news/security/dunkin-donuts-issues-alert-for-credential-stuffing-attack-passwords-reset/
Dunkin' Donuts has issued a security notification alerting users of their DD Perks reward program that their accounts may have been involved in a credential stuffing attack. This attack may have allowed third-parties to gain access to some of their account information. [...]
https://www.bleepingcomputer.com/news/security/dunkin-donuts-issues-alert-for-credential-stuffing-attack-passwords-reset/
BleepingComputer
Dunkin' Donuts Issues Alert for Credential Stuffing Attack, Passwords Reset
Dunkin' Donuts has issued a security notification alerting users of their DD Perks reward program that their accounts may have been involved in a credential stuffing attack. This attack may have allowed third-parties to gain access to some of their account information.
TrickBot Banking Trojan Now Steals RDP, VNC, and PuTTY Credentials
The infamous Trickbot banking Trojan's password stealer module has been recently upgraded to grab credentials used to authenticate to remote servers using VNC, PuTTY, and Remote Desktop Protocol (RDP).. [...]
https://www.bleepingcomputer.com/news/security/trickbot-banking-trojan-now-steals-rdp-vnc-and-putty-credentials/
The infamous Trickbot banking Trojan's password stealer module has been recently upgraded to grab credentials used to authenticate to remote servers using VNC, PuTTY, and Remote Desktop Protocol (RDP).. [...]
https://www.bleepingcomputer.com/news/security/trickbot-banking-trojan-now-steals-rdp-vnc-and-putty-credentials/
BleepingComputer
TrickBot Banking Trojan Now Steals RDP, VNC, and PuTTY Credentials
The infamous Trickbot banking Trojan's password stealer module has been recently upgraded to grab credentials used to authenticate to remote servers using VNC, PuTTY, and Remote Desktop Protocol (RDP)..
Windows 10 February 2019 Cumulative Updates Released With Fixes
It's Patch Tuesday and new cumulative updates are rolling out! The focus of Windows 10's February 2019 cumulative update is on addressing the security issues and the general issues reported in the past few weeks. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-february-2019-cumulative-updates-released-with-fixes/
It's Patch Tuesday and new cumulative updates are rolling out! The focus of Windows 10's February 2019 cumulative update is on addressing the security issues and the general issues reported in the past few weeks. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-february-2019-cumulative-updates-released-with-fixes/
BleepingComputer
Windows 10 February 2019 Cumulative Updates Released With Fixes
It's Patch Tuesday and new cumulative updates are rolling out! The focus of Windows 10's February 2019 cumulative update is on addressing the security issues and the general issues reported in the past few weeks.