Phisher Announces More Attacks Against Hedge Funds and Financial Firms
A new phishing campaign called "Beyond the Grave" targeted international hedge funds on January 9th, 2019. In a statement posted to BleepingComputer, the attackers have stated that they will continue to target banking and financial institutions in the future. [...]
https://www.bleepingcomputer.com/news/security/phisher-announces-more-attacks-against-hedge-funds-and-financial-firms/
A new phishing campaign called "Beyond the Grave" targeted international hedge funds on January 9th, 2019. In a statement posted to BleepingComputer, the attackers have stated that they will continue to target banking and financial institutions in the future. [...]
https://www.bleepingcomputer.com/news/security/phisher-announces-more-attacks-against-hedge-funds-and-financial-firms/
BleepingComputer
Phisher Announces More Attacks Against Hedge Funds and Financial Firms
A new phishing campaign called "Beyond the Grave" targeted international hedge funds on January 9th, 2019. In a statement posted to BleepingComputer, the attackers have stated that they will continue to target banking and financial institutions in the future.
Update ColdFusion Now, Critical Zero-Day Bug Exploited in the Wild
Adobe today released emergency updates that fix a critical vulnerability for the ColdFusion web app development platform. The bug can lead to arbitrary code execution and has been exploited in the wild. [...]
https://www.bleepingcomputer.com/news/security/update-coldfusion-now-critical-zero-day-bug-exploited-in-the-wild/
Adobe today released emergency updates that fix a critical vulnerability for the ColdFusion web app development platform. The bug can lead to arbitrary code execution and has been exploited in the wild. [...]
https://www.bleepingcomputer.com/news/security/update-coldfusion-now-critical-zero-day-bug-exploited-in-the-wild/
BleepingComputer
Update ColdFusion Now, Critical Zero-Day Bug Exploited in the Wild
Adobe today released emergency updates that fix a critical vulnerability for the ColdFusion web app development platform. The bug can lead to arbitrary code execution and has been exploited in the wild.
The Week in Ransomware - March 1st 2019 - Cr1ptT0r, B0r0nt0K, and More
Over the past two weeks, there has been some interesting ransomware news regarding a new GandCrab decryptor and two new ransomware infections. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-1st-2019-cr1ptt0r-b0r0nt0k-and-more/
Over the past two weeks, there has been some interesting ransomware news regarding a new GandCrab decryptor and two new ransomware infections. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-1st-2019-cr1ptt0r-b0r0nt0k-and-more/
BleepingComputer
The Week in Ransomware - March 1st 2019 - Cr1ptT0r, B0r0nt0K, and More
Over the past two weeks, there has been some interesting ransomware news regarding a new GandCrab decryptor and two new ransomware infections.
Ransomware Pretends to Be Proton Security Team Securing Data From Hackers
A recent variant of the GarrantyDecrypt ransomware has been found that pretends to be from the security team for Proton Technologies, the company behind ProtonMail and ProtonVPN. [...]
https://www.bleepingcomputer.com/news/security/ransomware-pretends-to-be-proton-security-team-securing-data-from-hackers/
A recent variant of the GarrantyDecrypt ransomware has been found that pretends to be from the security team for Proton Technologies, the company behind ProtonMail and ProtonVPN. [...]
https://www.bleepingcomputer.com/news/security/ransomware-pretends-to-be-proton-security-team-securing-data-from-hackers/
BleepingComputer
Ransomware Pretends to Be Proton Security Team Securing Data From Hackers
A recent variant of the GarrantyDecrypt ransomware has been found that pretends to be from the security team for Proton Technologies, the company behind ProtonMail and ProtonVPN.
Windows 10 Update KB4482887 Released With Performance Fix for Spectre Bug
Microsoft has released the Windows 10 KB4482887 cumulative update for build 1809 that includes numerous fixes including Retpoline Spectre mitigation, a fix for an annoying Action Center bug, and numerous other bug fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-update-kb4482887-released-with-performance-fix-for-spectre-bug/
Microsoft has released the Windows 10 KB4482887 cumulative update for build 1809 that includes numerous fixes including Retpoline Spectre mitigation, a fix for an annoying Action Center bug, and numerous other bug fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-update-kb4482887-released-with-performance-fix-for-spectre-bug/
BleepingComputer
Windows 10 Update KB4482887 Released With Performance Fix for Spectre Bug
Microsoft has released the Windows 10 KB4482887 cumulative update for build 1809 that includes numerous fixes including Retpoline Spectre mitigation, a fix for an annoying Action Center bug, and numerous other bug fixes.
Op 'Sharpshooter' Connected to North Korea's Lazarus Group
After analyzing a command and control (C2) server used in the global cyber-espionage campaign dubbed 'Sharpshooter', security researcher found more evidence linking it to North Korea's Lazarus threat actor. [...]
https://www.bleepingcomputer.com/news/security/op-sharpshooter-connected-to-north-koreas-lazarus-group/
After analyzing a command and control (C2) server used in the global cyber-espionage campaign dubbed 'Sharpshooter', security researcher found more evidence linking it to North Korea's Lazarus threat actor. [...]
https://www.bleepingcomputer.com/news/security/op-sharpshooter-connected-to-north-koreas-lazarus-group/
BleepingComputer
Op 'Sharpshooter' Connected to North Korea's Lazarus Group
After analyzing a command and control (C2) server used in the global cyber-espionage campaign dubbed 'Sharpshooter', security researcher found more evidence linking it to North Korea's Lazarus threat actor.
Open MongoDB Databases Expose Chinese Surveillance Data
18 MongoDB databases with information generated by accounts on several online social services in China have been sitting on the web ready for plucking by anyone knowing where to look. [...]
https://www.bleepingcomputer.com/news/security/open-mongodb-databases-expose-chinese-surveillance-data/
18 MongoDB databases with information generated by accounts on several online social services in China have been sitting on the web ready for plucking by anyone knowing where to look. [...]
https://www.bleepingcomputer.com/news/security/open-mongodb-databases-expose-chinese-surveillance-data/
BleepingComputer
Open MongoDB Databases Expose Chinese Surveillance Data
18 MongoDB databases with information generated by accounts on several online social services in China have been sitting on the web ready for plucking by anyone knowing where to look.
Windows Exploit Suggester Lists Known Exploits for Your Windows Install
A program called Windows Exploit Suggester - Next Generation, or WES-NG, has been released that will list the known vulnerabilities affecting a Windows installation, any exploits that are available, and what security updates are needed to patch the bugs. [...]
https://www.bleepingcomputer.com/news/security/windows-exploit-suggester-lists-known-exploits-for-your-windows-install/
A program called Windows Exploit Suggester - Next Generation, or WES-NG, has been released that will list the known vulnerabilities affecting a Windows installation, any exploits that are available, and what security updates are needed to patch the bugs. [...]
https://www.bleepingcomputer.com/news/security/windows-exploit-suggester-lists-known-exploits-for-your-windows-install/
BleepingComputer
Windows Exploit Suggester Lists Known Exploits for Your Windows Install
A program called Windows Exploit Suggester - Next Generation, or WES-NG, has been released that will list the known vulnerabilities affecting a Windows installation, any exploits that are available, and what security updates are needed to patch the bugs.
Windows 10 IoT Core Test Interface Lets Attackers Take Over Devices
Embedded and IoT cable-connected devices running Microsoft's Windows 10 IoT Core are exposed to remote command execution attacks with SYSTEM privileges that require no authentication, with the help of an open source RAT tool released on GitHub. [...]
https://www.bleepingcomputer.com/news/security/windows-10-iot-core-test-interface-lets-attackers-take-over-devices/
Embedded and IoT cable-connected devices running Microsoft's Windows 10 IoT Core are exposed to remote command execution attacks with SYSTEM privileges that require no authentication, with the help of an open source RAT tool released on GitHub. [...]
https://www.bleepingcomputer.com/news/security/windows-10-iot-core-test-interface-lets-attackers-take-over-devices/
BleepingComputer
Windows 10 IoT Core Test Interface Lets Attackers Take Over Devices
Embedded and IoT cable-connected devices running Microsoft's Windows 10 IoT Core are exposed to remote command execution attacks with SYSTEM privileges that require no authentication, with the help of an open source RAT tool released on GitHub.
Alphabet's Backstory Helps Enterprises Hunt Down Security Threats
Alphabet company Chronicle announced the release of Backstory, a cloud-powered data analysis platform designed to allow security professionals to analyze their enterprise's internal telemetry data to detect potential cyber threats. [...]
https://www.bleepingcomputer.com/news/security/alphabets-backstory-helps-enterprises-hunt-down-security-threats/
Alphabet company Chronicle announced the release of Backstory, a cloud-powered data analysis platform designed to allow security professionals to analyze their enterprise's internal telemetry data to detect potential cyber threats. [...]
https://www.bleepingcomputer.com/news/security/alphabets-backstory-helps-enterprises-hunt-down-security-threats/
BleepingComputer
Alphabet's Backstory Helps Enterprises Hunt Down Security Threats
Alphabet company Chronicle announced the release of Backstory, a cloud-powered data analysis platform designed to allow security professionals to analyze their enterprise's internal telemetry data to detect potential cyber threats.
#OpJerusalem Targeted Israeli Windows Users with JCry Ransomware
Over the weekend, hundreds of popular Israeli sites were targeted by an attack called #OpJerusalem whose goal was to infect Windows users with the JCry ransomware. Thankfully, a mistake in the attacker's code caused the page to show a defacement rather than causing the ransomware to be distributed. [...]
https://www.bleepingcomputer.com/news/security/opjerusalem-targeted-israeli-windows-users-with-jcry-ransomware/
Over the weekend, hundreds of popular Israeli sites were targeted by an attack called #OpJerusalem whose goal was to infect Windows users with the JCry ransomware. Thankfully, a mistake in the attacker's code caused the page to show a defacement rather than causing the ransomware to be distributed. [...]
https://www.bleepingcomputer.com/news/security/opjerusalem-targeted-israeli-windows-users-with-jcry-ransomware/
BleepingComputer
#OpJerusalem Targeted Israeli Windows Users with JCry Ransomware
Over the weekend, hundreds of popular Israeli sites were targeted by an attack called #OpJerusalem whose goal was to infect Windows users with the JCry ransomware. Thankfully, a mistake in the attacker's code caused the page to show a defacement rather thanβ¦
Microsoft Sees 250% Phishing Increase, Malware Decline by 34%
Phishing attacks have seen an impressive 250% increase between January and December 2018, with attackers moving to multiple points of attacks during the same campaign, switching between malicious URLs, domains, and malware ridden attachments. [...]
https://www.bleepingcomputer.com/news/security/microsoft-sees-250-percent-phishing-increase-malware-decline-by-34-percent/
Phishing attacks have seen an impressive 250% increase between January and December 2018, with attackers moving to multiple points of attacks during the same campaign, switching between malicious URLs, domains, and malware ridden attachments. [...]
https://www.bleepingcomputer.com/news/security/microsoft-sees-250-percent-phishing-increase-malware-decline-by-34-percent/
BleepingComputer
Microsoft Sees 250% Phishing Increase, Malware Decline by 34%
Phishing attacks have seen an impressive 250% increase between January and December 2018, with attackers moving to multiple points of attacks during the same campaign, switching between malicious URLs, domains, and malware ridden attachments.
Windows 10 May Soon Run on the Nintendo Switch
Using a custom UEFI firmware, a Windows driver and UEFI developer is getting closer to installing Windows 10 on a Nintendo Switch. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-may-soon-run-on-the-nintendo-switch/
Using a custom UEFI firmware, a Windows driver and UEFI developer is getting closer to installing Windows 10 on a Nintendo Switch. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-may-soon-run-on-the-nintendo-switch/
BleepingComputer
Windows 10 May Soon Run on the Nintendo Switch
Using a custom UEFI firmware, a Windows driver and UEFI developer is getting closer to installing Windows 10 on a Nintendo Switch.
Vulnerable Docker Hosts Actively Abused in Cryptojacking Campaigns
Hundreds of vulnerable and exposed Docker hosts are being abused in cryptojacking campaigns after being compromised with the help of exploits designed to take advantage of the CVE-2019-5736 runc vulnerability discovered last month. [...]
https://www.bleepingcomputer.com/news/security/vulnerable-docker-hosts-actively-abused-in-cryptojacking-campaigns/
Hundreds of vulnerable and exposed Docker hosts are being abused in cryptojacking campaigns after being compromised with the help of exploits designed to take advantage of the CVE-2019-5736 runc vulnerability discovered last month. [...]
https://www.bleepingcomputer.com/news/security/vulnerable-docker-hosts-actively-abused-in-cryptojacking-campaigns/
BleepingComputer
Vulnerable Docker Hosts Actively Abused in Cryptojacking Campaigns
Hundreds of vulnerable and exposed Docker hosts are being abused in cryptojacking campaigns after being compromised with the help of exploits designed to take advantage of the CVE-2019-5736 runc vulnerability discovered last month.
CryptoMix Clop Ransomware Says It's Targeting Networks, Not Computers
A new CryptoMix Ransomware variant has been discovered that appends the .CLOP or .CIOP extension to encrypted files. Of particular interest, is that this variant is now indicating that the attackers are targeting entire networks rather than individual computers. [...]
https://www.bleepingcomputer.com/news/security/cryptomix-clop-ransomware-says-its-targeting-networks-not-computers/
A new CryptoMix Ransomware variant has been discovered that appends the .CLOP or .CIOP extension to encrypted files. Of particular interest, is that this variant is now indicating that the attackers are targeting entire networks rather than individual computers. [...]
https://www.bleepingcomputer.com/news/security/cryptomix-clop-ransomware-says-its-targeting-networks-not-computers/
BleepingComputer
CryptoMix Clop Ransomware Says It's Targeting Networks, Not Computers
A new CryptoMix Ransomware variant has been discovered that appends the .CLOP or .CIOP extension to encrypted files. Of particular interest, is that this variant is now indicating that the attackers are targeting entire networks rather than individual computers.
Boost Windows 10 Performance with Retpoline Spectre Mitigation
If you are using older Intel processors or AMD processors, you can boost the performance of Windows 10 by enabling the Retpoline Spectre mitigations that were recently ported to Windows 10 October 2018 Update build 1809. [...]
https://www.bleepingcomputer.com/news/security/boost-windows-10-performance-with-retpoline-spectre-mitigation/
If you are using older Intel processors or AMD processors, you can boost the performance of Windows 10 by enabling the Retpoline Spectre mitigations that were recently ported to Windows 10 October 2018 Update build 1809. [...]
https://www.bleepingcomputer.com/news/security/boost-windows-10-performance-with-retpoline-spectre-mitigation/
BleepingComputer
Boost Windows 10 Performance with Retpoline Spectre Mitigation
If you are using older Intel processors or AMD processors, you can boost the performance of Windows 10 by enabling the Retpoline Spectre mitigations that were recently ported to Windows 10 October 2018 Update build 1809.
Screenshots of Microsoftβs Chromium-Based Edge Browser Leaked Online
Screenshots of Microsoft's in-house Edge Chromium-based web browser have leaked online, showing the large amounts of user interface DNA the two browsers share with each other and providing details on a future Microsoft Edge Store. [...]
https://www.bleepingcomputer.com/news/microsoft/screenshots-of-microsoft-s-chromium-based-edge-browser-leaked-online/
Screenshots of Microsoft's in-house Edge Chromium-based web browser have leaked online, showing the large amounts of user interface DNA the two browsers share with each other and providing details on a future Microsoft Edge Store. [...]
https://www.bleepingcomputer.com/news/microsoft/screenshots-of-microsoft-s-chromium-based-edge-browser-leaked-online/
BleepingComputer
Screenshots of Microsoftβs Chromium-Based Edge Browser Leaked Online
Screenshots of Microsoft's in-house Edge Chromium-based web browser have leaked online, showing the large amounts of user interface DNA the two browsers share with each other and providing details on a future Microsoft Edge Store.
Microsoft Releases Windows 10 Build 18351 (19H1) With Only Bug Fixes
Microsoft has released Windows 10 Insider Preview Build 18351 for Insiders in the Fast ring. As the 19H1 builds move closer to being released, we should expect to see only bug fixes and no new major features being added to this development branch. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-build-18351-19h1-with-only-bug-fixes/
Microsoft has released Windows 10 Insider Preview Build 18351 for Insiders in the Fast ring. As the 19H1 builds move closer to being released, we should expect to see only bug fixes and no new major features being added to this development branch. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-build-18351-19h1-with-only-bug-fixes/
BleepingComputer
Microsoft Releases Windows 10 Build 18351 (19H1) With Only Bug Fixes
Microsoft has released Windows 10 Insider Preview Build 18351 for Insiders in the Fast ring. As the 19H1 builds move closer to being released, we should expect to see only bug fixes and no new major features being added to this development branch.
Jokeroo Ransomware-as-a-Service Offers Multiple Membership Packages
A new Ransomware-as-a-Service called Jokeroo is being promoted on underground hacking sites and via Twitter that allows affiliates to allegedly gain access to a fully functional ransomware and payment server. [...]
https://www.bleepingcomputer.com/news/security/jokeroo-ransomware-as-a-service-offers-multiple-membership-packages/
A new Ransomware-as-a-Service called Jokeroo is being promoted on underground hacking sites and via Twitter that allows affiliates to allegedly gain access to a fully functional ransomware and payment server. [...]
https://www.bleepingcomputer.com/news/security/jokeroo-ransomware-as-a-service-offers-multiple-membership-packages/
BleepingComputer
Jokeroo Ransomware-as-a-Service Offers Multiple Membership Packages
A new Ransomware-as-a-Service called Jokeroo is being promoted on underground hacking sites and via Twitter that allows affiliates to allegedly gain access to a fully functional ransomware and payment server.
Malicious Mobile Software Attacks Almost Doubled in 2018
Mobile users have been targeted by almost twice as many attacks using malicious software during 2018, going up from 66.4 million in 2017 events detected during 2017 to 116.5 million until the end of last year according to a report by Kaspersky Lab. [...]
https://www.bleepingcomputer.com/news/security/malicious-mobile-software-attacks-almost-doubled-in-2018/
Mobile users have been targeted by almost twice as many attacks using malicious software during 2018, going up from 66.4 million in 2017 events detected during 2017 to 116.5 million until the end of last year according to a report by Kaspersky Lab. [...]
https://www.bleepingcomputer.com/news/security/malicious-mobile-software-attacks-almost-doubled-in-2018/
BleepingComputer
Malicious Mobile Software Attacks Almost Doubled in 2018
Mobile users have been targeted by almost twice as many attacks using malicious software during 2018, going up from 66.4 million in 2017 events detected during 2017 to 116.5 million until the end of last year according to a report by Kaspersky Lab.
Cloudflare Deploys Firewall Rule to Block New Drupal Exploits
Exploitation attempts of a highly critical vulnerability discovered in the Drupal content management software (CMS) on February 20 were blocked by Cloudfare using Web Application Firewall (WAF) rules designed to protect its customers' websites from being compromised. [...]
https://www.bleepingcomputer.com/news/security/cloudflare-deploys-firewall-rule-to-block-new-drupal-exploits/
Exploitation attempts of a highly critical vulnerability discovered in the Drupal content management software (CMS) on February 20 were blocked by Cloudfare using Web Application Firewall (WAF) rules designed to protect its customers' websites from being compromised. [...]
https://www.bleepingcomputer.com/news/security/cloudflare-deploys-firewall-rule-to-block-new-drupal-exploits/
BleepingComputer
Cloudflare Deploys Firewall Rule to Block New Drupal Exploits
Exploitation attempts of a highly critical vulnerability discovered in the Drupal content management software (CMS) on February 20 were blocked by Cloudfare using Web Application Firewall (WAF) rules designed to protect its customers' websites from beingβ¦