South Korea is Censoring the Internet by Snooping on SNI Traffic
South Korea has been blocking HTTP websites that are on their censor list for a while now and they have recently started using SNI filtering to block their counterparts served over HTTPS. [...]
https://www.bleepingcomputer.com/news/security/south-korea-is-censoring-the-internet-by-snooping-on-sni-traffic/
South Korea has been blocking HTTP websites that are on their censor list for a while now and they have recently started using SNI filtering to block their counterparts served over HTTPS. [...]
https://www.bleepingcomputer.com/news/security/south-korea-is-censoring-the-internet-by-snooping-on-sni-traffic/
BleepingComputer
South Korea is Censoring the Internet by Snooping on SNI Traffic
South Korea has been blocking HTTP websites that are on their censor list for a while now and they have recently started using SNI filtering to block their counterparts served over HTTPS.
Mozilla Adds Persistent Private Browsing to Firefox for iOS
Mozilla announced the addition of persistent private browsing in the Firefox web browser for iOS which will allow users to stay in Private Browsing mode at all times, even between browsing sessions. [...]
https://www.bleepingcomputer.com/news/security/mozilla-adds-persistent-private-browsing-to-firefox-for-ios/
Mozilla announced the addition of persistent private browsing in the Firefox web browser for iOS which will allow users to stay in Private Browsing mode at all times, even between browsing sessions. [...]
https://www.bleepingcomputer.com/news/security/mozilla-adds-persistent-private-browsing-to-firefox-for-ios/
BleepingComputer
Mozilla Adds Persistent Private Browsing to Firefox for iOS
Mozilla announced the addition of persistent private browsing in the Firefox web browser for iOS which will allow users to stay in Private Browsing mode at all times, even between browsing sessions.
Ransomware Attacks Target MSPs to Mass-Infect Customers
Ransomware distributors have started to target managed service providers (MSPs) in order to mass-infect all of their clients in a single attack. Recent reports indicate that multiple MSPs have been hacked recently, which has led to hundreds, if not thousands, of clients being infected with the GandCrab Ransomware. [...]
https://www.bleepingcomputer.com/news/security/ransomware-attacks-target-msps-to-mass-infect-customers/
Ransomware distributors have started to target managed service providers (MSPs) in order to mass-infect all of their clients in a single attack. Recent reports indicate that multiple MSPs have been hacked recently, which has led to hundreds, if not thousands, of clients being infected with the GandCrab Ransomware. [...]
https://www.bleepingcomputer.com/news/security/ransomware-attacks-target-msps-to-mass-infect-customers/
BleepingComputer
Ransomware Attacks Target MSPs to Mass-Infect Customers
Ransomware distributors have started to target managed service providers (MSPs) in order to mass-infect all of their clients in a single attack. Recent reports indicate that multiple MSPs have been hacked recently, which has led to hundreds, if not thousandsβ¦
Microsoft Releases First Windows 10 20H1 Build 18836 To Skip Ahead Users
Microsoft has released the Windows 10 Insider Preview Build 18836, which is the first insider build in the 20H1 development branch. This build is available to Insiders in the Skip Ahead ring and is just a general bug fix without any new features. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-first-windows-10-20h1-build-18836-to-skip-ahead-users/
Microsoft has released the Windows 10 Insider Preview Build 18836, which is the first insider build in the 20H1 development branch. This build is available to Insiders in the Skip Ahead ring and is just a general bug fix without any new features. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-first-windows-10-20h1-build-18836-to-skip-ahead-users/
BleepingComputer
Microsoft Releases First Windows 10 20H1 Build 18836 To Skip Ahead Users
Microsoft has released the Windows 10 Insider Preview Build 18836, which is the first insider build in the 20H1 development branch. This build is available to Insiders in the Skip Ahead ring and is just a general bug fix without any new features.
Emotet Uses Camouflaged Malicious Macros to Avoid Antivirus Detection
A new Emotet Trojan variant has been observed in the wild with the added ability to hide from anti-malware software by embedding malicious macros used to drop the main payload inside XML files disguised as Word documents. [...]
https://www.bleepingcomputer.com/news/security/emotet-uses-camouflaged-malicious-macros-to-avoid-antivirus-detection/
A new Emotet Trojan variant has been observed in the wild with the added ability to hide from anti-malware software by embedding malicious macros used to drop the main payload inside XML files disguised as Word documents. [...]
https://www.bleepingcomputer.com/news/security/emotet-uses-camouflaged-malicious-macros-to-avoid-antivirus-detection/
BleepingComputer
Emotet Uses Camouflaged Malicious Macros to Avoid Antivirus Detection
A new Emotet Trojan variant has been observed in the wild with the added ability to hide from anti-malware software by embedding malicious macros used to drop the main payload inside XML files disguised as Word documents.
Coffee Meets Bagel Dating App Discloses Data Breach on Valentine's Day
As a Valentine's Day gift to all its users, online dating app Coffee Meets Bagel disclosed a data breach that contained user's email addresses and names. This data breach was discovered as part of a compilation of leaked credentials that was being sold on criminal marketplaces. [...]
https://www.bleepingcomputer.com/news/security/coffee-meets-bagel-dating-app-discloses-data-breach-on-valentines-day/
As a Valentine's Day gift to all its users, online dating app Coffee Meets Bagel disclosed a data breach that contained user's email addresses and names. This data breach was discovered as part of a compilation of leaked credentials that was being sold on criminal marketplaces. [...]
https://www.bleepingcomputer.com/news/security/coffee-meets-bagel-dating-app-discloses-data-breach-on-valentines-day/
BleepingComputer
Coffee Meets Bagel Dating App Discloses Data Breach on Valentine's Day
As a Valentine's Day gift to all its users, online dating app Coffee Meets Bagel disclosed a data breach that contained user's email addresses and names. This data breach was discovered as part of a compilation of leaked credentials that was being sold onβ¦
Google Rejected Roughly 55% More Android Apps in 2018, Still Not Enough
As revealed by Google in its 2018 Google Play Store yearly review, the company has rejected 55% more Android applications than it did in 2017, and also increased the app suspension rate by approximately 66 percent year-over-year. [...]
https://www.bleepingcomputer.com/news/google/google-rejected-roughly-55-percent-more-android-apps-in-2018-still-not-enough/
As revealed by Google in its 2018 Google Play Store yearly review, the company has rejected 55% more Android applications than it did in 2017, and also increased the app suspension rate by approximately 66 percent year-over-year. [...]
https://www.bleepingcomputer.com/news/google/google-rejected-roughly-55-percent-more-android-apps-in-2018-still-not-enough/
BleepingComputer
Google Rejected Roughly 55% More Android Apps in 2018, Still Not Enough
As revealed by Google in its 2018 Google Play Store yearly review, the company has rejected 55% more Android applications than it did in 2017, and also increased the app suspension rate by approximately 66 percent year-over-year.
Collection of 127 Million Stolen Accounts Up for Sale on the Dark Web
A batch of 127 million records stolen in data breaches affecting eight companies was put up for sale on the Dream Market marketplace by a seller who goes by the name of "gnosticplayers" and asking the equivalent of $14,500 in bitcoin for the entire collection. [...]
https://www.bleepingcomputer.com/news/security/collection-of-127-million-stolen-accounts-up-for-sale-on-the-dark-web/
A batch of 127 million records stolen in data breaches affecting eight companies was put up for sale on the Dream Market marketplace by a seller who goes by the name of "gnosticplayers" and asking the equivalent of $14,500 in bitcoin for the entire collection. [...]
https://www.bleepingcomputer.com/news/security/collection-of-127-million-stolen-accounts-up-for-sale-on-the-dark-web/
BleepingComputer
Collection of 127 Million Stolen Accounts Up for Sale on the Dark Web
A batch of 127 million records stolen in data breaches affecting eight companies was put up for sale on the Dream Market marketplace by a seller who goes by the name of "gnosticplayers" and asking the equivalent of $14,500 in bitcoin for the entire collection.
Cryptojacking Coinhive Miners Land on the Microsoft Store For the First Time
A batch of eight potentially unwanted applications (PUAs) were found on the Microsoft Store dropping malicious Monero (XMR) Coinhive cryptomining scripts, delivered with the help of Google's legitimate Google Tag Manager (GTM) library. [...]
https://www.bleepingcomputer.com/news/security/cryptojacking-coinhive-miners-land-on-the-microsoft-store-for-the-first-time/
A batch of eight potentially unwanted applications (PUAs) were found on the Microsoft Store dropping malicious Monero (XMR) Coinhive cryptomining scripts, delivered with the help of Google's legitimate Google Tag Manager (GTM) library. [...]
https://www.bleepingcomputer.com/news/security/cryptojacking-coinhive-miners-land-on-the-microsoft-store-for-the-first-time/
BleepingComputer
Cryptojacking Coinhive Miners Land on the Microsoft Store For the First Time
A batch of eight potentially unwanted applications (PUAs) were found on the Microsoft Store dropping malicious Monero (XMR) Coinhive cryptomining scripts, delivered with the help of Google's legitimate Google Tag Manager (GTM) library.
18,000 Android Apps Track Users by Violating Advertising ID Policies
18K Android apps with tens or hundreds of millions of installs have been found to violate Google's Advertising ID policy guidance by collecting persistent device identifiers such as serial numbers, IMEI, WiFi MAC addresses, SIM card serial numbers, and sending them to mobile advertising related domains alongside ad IDs. [...]
https://www.bleepingcomputer.com/news/security/18-000-android-apps-track-users-by-violating-advertising-id-policies/
18K Android apps with tens or hundreds of millions of installs have been found to violate Google's Advertising ID policy guidance by collecting persistent device identifiers such as serial numbers, IMEI, WiFi MAC addresses, SIM card serial numbers, and sending them to mobile advertising related domains alongside ad IDs. [...]
https://www.bleepingcomputer.com/news/security/18-000-android-apps-track-users-by-violating-advertising-id-policies/
BleepingComputer
18,000 Android Apps Track Users by Violating Advertising ID Policies
18K Android apps with tens or hundreds of millions of installs have been found to violate Google's Advertising ID policy guidance by collecting persistent device identifiers such as serial numbers, IMEI, WiFi MAC addresses, SIM card serial numbers, and sendingβ¦
Ai-Powered Website Generates Realistic Human Faces On the Spot
A website created by Philip Wang, an Uber software engineer, and hosted at thispersondoesnotexist.com allows its visitors to generate realistic looking human faces of people that do NOT actually exist each time they hit the Refresh button. [...]
https://www.bleepingcomputer.com/news/technology/ai-powered-website-generates-realistic-human-faces-on-the-spot/
A website created by Philip Wang, an Uber software engineer, and hosted at thispersondoesnotexist.com allows its visitors to generate realistic looking human faces of people that do NOT actually exist each time they hit the Refresh button. [...]
https://www.bleepingcomputer.com/news/technology/ai-powered-website-generates-realistic-human-faces-on-the-spot/
BleepingComputer
Ai-Powered Website Generates Realistic Human Faces On the Spot
A website created by Philip Wang, an Uber software engineer, and hosted at thispersondoesnotexist.com allows its visitors to generate realistic looking human faces of people that do NOT actually exist each time they hit the Refresh button.
Brokerage Firms Warned by FINRA Regulator of New Phishing Attack
The Financial Industry Regulatory Authority (FINRA) has issued an information notice to brokerage firms regarding an ongoing phishing attack which currently targets member firms with malicious spam e-mails. [...]
https://www.bleepingcomputer.com/news/security/brokerage-firms-warned-by-finra-regulator-of-new-phishing-attack/
The Financial Industry Regulatory Authority (FINRA) has issued an information notice to brokerage firms regarding an ongoing phishing attack which currently targets member firms with malicious spam e-mails. [...]
https://www.bleepingcomputer.com/news/security/brokerage-firms-warned-by-finra-regulator-of-new-phishing-attack/
BleepingComputer
Brokerage Firms Warned by FINRA Regulator of New Phishing Attack
The Financial Industry Regulatory Authority (FINRA) has issued an information notice to brokerage firms regarding an ongoing phishing attack which currently targets member firms with malicious spam e-mails.
Google Fixing Chrome API to Prevent Incognito Mode Detection
When browsing the web with Google Chrome, some sites are using a method to determine if a visitor is in a regular browsing session or in incognito mode. As this can be considered a breach in privacy, Google will be changing how a particular API works so that web sites can no longer utilize this technique. [...]
https://www.bleepingcomputer.com/news/google/google-fixing-chrome-api-to-prevent-incognito-mode-detection/
When browsing the web with Google Chrome, some sites are using a method to determine if a visitor is in a regular browsing session or in incognito mode. As this can be considered a breach in privacy, Google will be changing how a particular API works so that web sites can no longer utilize this technique. [...]
https://www.bleepingcomputer.com/news/google/google-fixing-chrome-api-to-prevent-incognito-mode-detection/
BleepingComputer
Google Fixing Chrome API to Prevent Incognito Mode Detection
When browsing the web with Google Chrome, some sites are using a method to determine if a visitor is in a regular browsing session or in incognito mode. As this can be considered a breach in privacy, Google will be changing how a particular API works so thatβ¦
Apple Requiring 2-Factor Authentication on Developer Account Holders
Users who are part of the Apple Developer program have started receiving emails that state they need to add 2-factor authentication to their accounts by February 27th, 2019. Otherwise, they will be locked out of their Developer accounts and be unable to access their Certificates, Identifiers, and Profiles. [...]
https://www.bleepingcomputer.com/news/apple/apple-requiring-2-factor-authentication-on-developer-account-holders/
Users who are part of the Apple Developer program have started receiving emails that state they need to add 2-factor authentication to their accounts by February 27th, 2019. Otherwise, they will be locked out of their Developer accounts and be unable to access their Certificates, Identifiers, and Profiles. [...]
https://www.bleepingcomputer.com/news/apple/apple-requiring-2-factor-authentication-on-developer-account-holders/
BleepingComputer
Apple Requiring 2-Factor Authentication on Developer Account Holders
Users who are part of the Apple Developer program have started receiving emails that state they need to add 2-factor authentication to their accounts by February 27th, 2019. Otherwise, they will be locked out of their Developer accounts and be unable to accessβ¦
The Week in Ransomware - February 15th 2019 - Attack on MSPs
It has been a really dead week with ransomware, which we are always happy to see. Not much new variants released, other than the standard ones such as Matrix and Dharma. The biggest news this week has been GandCrab affiliates targeting vulnerabilities in MSP software that allows them to infect all the clients they manage. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-15th-2019-attack-on-msps/
It has been a really dead week with ransomware, which we are always happy to see. Not much new variants released, other than the standard ones such as Matrix and Dharma. The biggest news this week has been GandCrab affiliates targeting vulnerabilities in MSP software that allows them to infect all the clients they manage. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-15th-2019-attack-on-msps/
BleepingComputer
The Week in Ransomware - February 15th 2019 - Attack on MSPs
It has been a really dead week with ransomware, which we are always happy to see. Not much new variants released, other than the standard ones such as Matrix and Dharma. The biggest news this week has been GandCrab affiliates targeting vulnerabilities inβ¦
Google to Let you Link Directly to a Word or Phrase in Chrome
Chrome is adding a new feature to Chrome that lets you link directly to a word or phrase without the need of special markup on the web page. This will make it much easier to share a section of a page that is relevant to the person you are sending it to, rather than having them read the entire page. [...]
https://www.bleepingcomputer.com/news/google/google-to-let-you-link-directly-to-a-word-or-phrase-in-chrome/
Chrome is adding a new feature to Chrome that lets you link directly to a word or phrase without the need of special markup on the web page. This will make it much easier to share a section of a page that is relevant to the person you are sending it to, rather than having them read the entire page. [...]
https://www.bleepingcomputer.com/news/google/google-to-let-you-link-directly-to-a-word-or-phrase-in-chrome/
BleepingComputer
Google to Let you Link Directly to a Word or Phrase in Chrome
Google is adding a new feature to Chrome that lets you link directly to a word or phrase without the need of special markup on the web page. This will make it much easier to share a section of a page that is relevant to the person you are sending it to, ratherβ¦
Mozilla Adding a Picture-in-Picture Mode to Firefox
Like Chrome, Mozilla Firefox is adding a Picture-in-Picture Mode that allows users to pop the video out of the web page in a stay on top video that they can watch while using other applications. [...]
https://www.bleepingcomputer.com/news/software/mozilla-adding-a-picture-in-picture-mode-to-firefox/
Like Chrome, Mozilla Firefox is adding a Picture-in-Picture Mode that allows users to pop the video out of the web page in a stay on top video that they can watch while using other applications. [...]
https://www.bleepingcomputer.com/news/software/mozilla-adding-a-picture-in-picture-mode-to-firefox/
BleepingComputer
Mozilla Adding a Picture-in-Picture Mode to Firefox
Like Chrome, Mozilla Firefox is adding a Picture-in-Picture Mode that allows users to pop the video out of the web page in a stay on top video that they can watch while using other applications.
2.7 Million Health-Related Calls, Sensitive Info Exposed for Six Years
A server used to store real-time recordings of phone calls made to the 1177 Swedish Healthcare Guide service for health care information was found completely exposed to the Internet, with no user or password to protect it. [...]
https://www.bleepingcomputer.com/news/security/27-million-health-related-calls-sensitive-info-exposed-for-six-years/
A server used to store real-time recordings of phone calls made to the 1177 Swedish Healthcare Guide service for health care information was found completely exposed to the Internet, with no user or password to protect it. [...]
https://www.bleepingcomputer.com/news/security/27-million-health-related-calls-sensitive-info-exposed-for-six-years/
BleepingComputer
2.7 Million Health-Related Calls, Sensitive Info Exposed for Six Years
A server used to store real-time recordings of phone calls made to the 1177 Swedish Healthcare Guide service for health care information was found completely exposed to the Internet, with no user or password to protect it.
State Actor Behind Parliament Breach Says Australian Prime Minister
The computer network of Australia's Federal Parliament has been breached in a cyber attack which targeted the country's major political parties and carried out by a "sophisticated state actor" according to Prime Minister Scott Morrison. [...]
https://www.bleepingcomputer.com/news/security/state-actor-behind-parliament-breach-says-australian-prime-minister/
The computer network of Australia's Federal Parliament has been breached in a cyber attack which targeted the country's major political parties and carried out by a "sophisticated state actor" according to Prime Minister Scott Morrison. [...]
https://www.bleepingcomputer.com/news/security/state-actor-behind-parliament-breach-says-australian-prime-minister/
BleepingComputer
State Actor Behind Parliament Breach Says Australian Prime Minister
The computer network of Australia's Federal Parliament has been breached in a cyber attack which targeted the country's major political parties and carried out by a "sophisticated state actor" according to Prime Minister Scott Morrison.
Multi-Stage Rietspoof Malware Drops Multiple Malicious Payloads
Rietspoof is a new malware family which uses a multi-stage delivery system, is designed to drop multiple payloads on the systems it infects, and that offers very little to no information on what audience it targets. [...]
https://www.bleepingcomputer.com/news/security/multi-stage-rietspoof-malware-drops-multiple-malicious-payloads/
Rietspoof is a new malware family which uses a multi-stage delivery system, is designed to drop multiple payloads on the systems it infects, and that offers very little to no information on what audience it targets. [...]
https://www.bleepingcomputer.com/news/security/multi-stage-rietspoof-malware-drops-multiple-malicious-payloads/
BleepingComputer
Multi-Stage Rietspoof Malware Drops Multiple Malicious Payloads
Rietspoof is a new malware family which uses a multi-stage delivery system, is designed to drop multiple payloads on the systems it infects, and that offers very little to no information on what audience it targets.
Windows 7 and Server 2008 Updates to Require SHA-2 Support Starting July
Microsoft announced on its support website that future Windows 7 and Windows Server 2008 updates will require SHA-2 code signing support to be installed starting with July 16, 2019. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-7-and-server-2008-updates-to-require-sha-2-support-starting-july/
Microsoft announced on its support website that future Windows 7 and Windows Server 2008 updates will require SHA-2 code signing support to be installed starting with July 16, 2019. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-7-and-server-2008-updates-to-require-sha-2-support-starting-july/
BleepingComputer
Windows 7 and Server 2008 Updates to Require SHA-2 Support Starting July
Microsoft announced on its support website that future Windows 7 and Windows Server 2008 updates will require SHA-2 code signing support to be installed starting with July 16, 2019.