Malware Spreads As a Worm, Uses Cryptojacking Module to Mine for Monero
A modular malware with worm capabilities exploits known vulnerabilities in servers running ElasticSearch, Hadoop, Redis, Spring, Weblogic, ThinkPHP, and SqlServer to spread from one server to another and mine for Monero cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/malware-spreads-as-a-worm-uses-cryptojacking-module-to-mine-for-monero/
A modular malware with worm capabilities exploits known vulnerabilities in servers running ElasticSearch, Hadoop, Redis, Spring, Weblogic, ThinkPHP, and SqlServer to spread from one server to another and mine for Monero cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/malware-spreads-as-a-worm-uses-cryptojacking-module-to-mine-for-monero/
BleepingComputer
Malware Spreads As a Worm, Uses Cryptojacking Module to Mine for Monero
A modular malware with worm capabilities exploits known vulnerabilities in servers running ElasticSearch, Hadoop, Redis, Spring, Weblogic, ThinkPHP, and SqlServer to spread from one server to another and mine for Monero cryptocurrency.
Microsoft Releases the March 2019 Updates for Office
Microsoft released the March 2019 Office Update today, which consists of 6 security updates and 28 non-security updates. A some of these updates resolve critical vulnerabilities, it is strongly advised that you install them as soon as possible. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-the-march-2019-updates-for-office/
Microsoft released the March 2019 Office Update today, which consists of 6 security updates and 28 non-security updates. A some of these updates resolve critical vulnerabilities, it is strongly advised that you install them as soon as possible. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-the-march-2019-updates-for-office/
BleepingComputer
Microsoft Releases the March 2019 Updates for Office
Microsoft released the March 2019 Office Update today, which consists of 6 security updates and 28 non-security updates. A some of these updates resolve critical vulnerabilities, it is strongly advised that you install them as soon as possible.
Windows 10 March 2019 Cumulative Updates Released With Fixes
Windows 10 March 2019 cumulative updates are now rolling out to the compatible devices with fixes and improvements for core components. The update includes both security and non-security improvements and fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-march-2019-cumulative-updates-released-with-fixes/
Windows 10 March 2019 cumulative updates are now rolling out to the compatible devices with fixes and improvements for core components. The update includes both security and non-security improvements and fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-march-2019-cumulative-updates-released-with-fixes/
BleepingComputer
Windows 10 March 2019 Cumulative Updates Released With Fixes
Windows 10 March 2019 cumulative updates are now rolling out to the compatible devices with fixes and improvements for core components. The update includes both security and non-security improvements and fixes.
Windows 7 KB4489878 and Windows 8.1 KB4489881 Released
The March 2019 patches are also rolling out to PCs with Windows 7 and 8.1. The new monthly rollups for Windows 7 and Windows 8.1 comes with general security fixes and improvements. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-7-kb4489878-and-windows-81-kb4489881-released/
The March 2019 patches are also rolling out to PCs with Windows 7 and 8.1. The new monthly rollups for Windows 7 and Windows 8.1 comes with general security fixes and improvements. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-7-kb4489878-and-windows-81-kb4489881-released/
BleepingComputer
Windows 7 KB4489878 and Windows 8.1 KB4489881 Released
The March 2019 patches are also rolling out to PCs with Windows 7 and 8.1. The new monthly rollups for Windows 7 and Windows 8.1 comes with general security fixes and improvements.
Windows 10 Insider Preview Build 18356 Released Along With Phone Screen Feature
Microsoft has released Windows 10 Insider Preview Build 18356 (19H1) to Insiders in the Fast ring. This release is mostly bug fixes, including numerous Night Light bug fixes and a fix for KERNEL_SECURITY_VIOLATION GSODs. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-preview-build-18356-released-along-with-phone-screen-feature/
Microsoft has released Windows 10 Insider Preview Build 18356 (19H1) to Insiders in the Fast ring. This release is mostly bug fixes, including numerous Night Light bug fixes and a fix for KERNEL_SECURITY_VIOLATION GSODs. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-preview-build-18356-released-along-with-phone-screen-feature/
BleepingComputer
Windows 10 Insider Preview Build 18356 Released Along With Phone Screen Feature
Microsoft has released Windows 10 Insider Preview Build 18356 (19H1) to Insiders in the Fast ring. This release is mostly bug fixes, including numerous Night Light bug fixes and a fix for KERNEL_SECURITY_VIOLATION GSODs.
North Korean Hackers Behind $571M Crypto Heists Says UN Report
North Korean backed hacking groups were behind multiple cyberattacks impacting financial institutions and cryptocurrency exchanges as detailed in a report issued by a panel of experts for the United Nations (UN) Security Council. [...]
https://www.bleepingcomputer.com/news/security/north-korean-hackers-behind-571m-crypto-heists-says-un-report/
North Korean backed hacking groups were behind multiple cyberattacks impacting financial institutions and cryptocurrency exchanges as detailed in a report issued by a panel of experts for the United Nations (UN) Security Council. [...]
https://www.bleepingcomputer.com/news/security/north-korean-hackers-behind-571m-crypto-heists-says-un-report/
BleepingComputer
North Korean Hackers Behind $571M Crypto Heists Says UN Report
North Korean backed hacking groups were behind multiple cyberattacks impacting financial institutions and cryptocurrency exchanges as detailed in a report issued by a panel of experts for the United Nations (UN) Security Council.
CCleaner Professional Adds Software Updater Feature
Piriform has released CCleaner v5.55 today, which for Professional users now includes a Software Updater feature that will check if installed 3rd party applications are running the latest version. [...]
https://www.bleepingcomputer.com/news/security/ccleaner-professional-adds-software-updater-feature/
Piriform has released CCleaner v5.55 today, which for Professional users now includes a Software Updater feature that will check if installed 3rd party applications are running the latest version. [...]
https://www.bleepingcomputer.com/news/security/ccleaner-professional-adds-software-updater-feature/
BleepingComputer
CCleaner Professional Adds Software Updater Feature
Piriform has released CCleaner v5.55 today, which for Professional users now includes a Software Updater feature that will check if installed 3rd party applications are running the latest version.
Unsecured API Leads to 'Yelp for Conservatives' App Data Leak
The API of the 63Red Safe mobile app known as "Yelp for conservatives" was found by French security researcher Robert Baptiste wide open, with no authentication needed to access and view the data stored within the app's database. [...]
https://www.bleepingcomputer.com/news/security/unsecured-api-leads-to-yelp-for-conservatives-app-data-leak/
The API of the 63Red Safe mobile app known as "Yelp for conservatives" was found by French security researcher Robert Baptiste wide open, with no authentication needed to access and view the data stored within the app's database. [...]
https://www.bleepingcomputer.com/news/security/unsecured-api-leads-to-yelp-for-conservatives-app-data-leak/
BleepingComputer
Unsecured API Leads to 'Yelp for Conservatives' App Data Leak
The API of the 63Red Safe mobile app known as "Yelp for conservatives" was found by French security researcher Robert Baptiste wide open, with no authentication needed to access and view the data stored within the app's database.
Microsoft March 2019 Patch Tuesday Includes Fixes for 64 Vulnerabilities
Today is Microsoft's March 2019 Patch Tuesday, which means it is time to get those security updates installed. Included in this month's are fixed for two vulnerabilities that are known to be actively exploited in the wild. [...]
https://www.bleepingcomputer.com/news/security/microsoft-march-2019-patch-tuesday-includes-fixes-for-64-vulnerabilities/
Today is Microsoft's March 2019 Patch Tuesday, which means it is time to get those security updates installed. Included in this month's are fixed for two vulnerabilities that are known to be actively exploited in the wild. [...]
https://www.bleepingcomputer.com/news/security/microsoft-march-2019-patch-tuesday-includes-fixes-for-64-vulnerabilities/
BleepingComputer
Microsoft March 2019 Patch Tuesday Includes Fixes for 64 Vulnerabilities
Today is Microsoft's March 2019 Patch Tuesday, which means it is time to get those security updates installed. Included in this month's are fixed for two vulnerabilities that are known to be actively exploited in the wild.
Windows 7 Gets SHA-2 Support To Enable Future Updates
An update was released today that adds SHA-2 code signing support to Windows 7 SP1 and Windows Server 2008 R2 SP1. If this update is not installed, these Windows operating systems will no longer be able to receive Windows updates starting on July 16th, 2019. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-7-gets-sha-2-support-to-enable-future-updates/
An update was released today that adds SHA-2 code signing support to Windows 7 SP1 and Windows Server 2008 R2 SP1. If this update is not installed, these Windows operating systems will no longer be able to receive Windows updates starting on July 16th, 2019. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-7-gets-sha-2-support-to-enable-future-updates/
BleepingComputer
Windows 7 Gets SHA-2 Support To Enable Future Updates
An update was released today that adds SHA-2 code signing support to Windows 7 SP1 and Windows Server 2008 R2 SP1. If this update is not installed, these Windows operating systems will no longer be able to receive Windows updates starting on July 16th, 2019.
SimBad Adware Found in 210 Android Apps With Over 150M Installs
Google has removed 210 Android apps with a combined total of 150 million installs that allowed attackers to display ads and open web sites once a device has been started. [...]
https://www.bleepingcomputer.com/news/security/simbad-adware-found-in-210-android-apps-with-over-150m-installs/
Google has removed 210 Android apps with a combined total of 150 million installs that allowed attackers to display ads and open web sites once a device has been started. [...]
https://www.bleepingcomputer.com/news/security/simbad-adware-found-in-210-android-apps-with-over-150m-installs/
BleepingComputer
SimBad Adware Found in 210 Android Apps With Over 150M Installs
Google has removed 210 Android apps with a combined total of 150 million installs that allowed attackers to display ads and open web sites once a device has been started.
Wordpress 5.1.1 Fixes XSS Vulnerability Leading to Website Takeovers
The WordPress team fixed a software flaw introduced in the 5.1 release that could allow potential attackers to perform stored cross-site scripting (XSS) attacks with the help of maliciously crafted comments on WordPress websites with the comments module enabled. [...]
https://www.bleepingcomputer.com/news/security/wordpress-511-fixes-xss-vulnerability-leading-to-website-takeovers/
The WordPress team fixed a software flaw introduced in the 5.1 release that could allow potential attackers to perform stored cross-site scripting (XSS) attacks with the help of maliciously crafted comments on WordPress websites with the comments module enabled. [...]
https://www.bleepingcomputer.com/news/security/wordpress-511-fixes-xss-vulnerability-leading-to-website-takeovers/
BleepingComputer
Wordpress 5.1.1 Fixes XSS Vulnerability Leading to Website Takeovers
The WordPress team fixed a software flaw introduced in the 5.1 release that could allow potential attackers to perform stored cross-site scripting (XSS) attacks with the help of maliciously crafted comments on WordPress websites with the comments module enabled.
Chinese IT Services Giant Harvests Contacts, Tracks Users
Servers controlled by Chinese IT and services giant Hangzhou Shunwang Technology collect phone contact lists, geolocation, and QQ messenger login info through a data-stealing component present in up to a dozen Android apps available from major third-party stores in the country. [...]
https://www.bleepingcomputer.com/news/security/chinese-it-services-giant-harvests-contacts-tracks-users/
Servers controlled by Chinese IT and services giant Hangzhou Shunwang Technology collect phone contact lists, geolocation, and QQ messenger login info through a data-stealing component present in up to a dozen Android apps available from major third-party stores in the country. [...]
https://www.bleepingcomputer.com/news/security/chinese-it-services-giant-harvests-contacts-tracks-users/
BleepingComputer
Chinese IT Services Giant Harvests Contacts, Tracks Users
Servers controlled by Chinese IT and services giant Hangzhou Shunwang Technology collect phone contact lists, geolocation, and QQ messenger login info through a data-stealing component present in up to a dozen Android apps available from major third-partyβ¦
Windows 10 Build 18356 Bug Opting Users Out of Insider Program
Some Windows 10 devices are being automatically opted out of the Windows Insider Program because of a bug in the new Windows 10 Insider Preview Build 18356 (19H1) released yesterday to Insiders in the Fast ring. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-build-18356-bug-opting-users-out-of-insider-program/
Some Windows 10 devices are being automatically opted out of the Windows Insider Program because of a bug in the new Windows 10 Insider Preview Build 18356 (19H1) released yesterday to Insiders in the Fast ring. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-build-18356-bug-opting-users-out-of-insider-program/
BleepingComputer
Windows 10 Build 18356 Bug Opting Users Out of Insider Program
Some Windows 10 devices are being automatically opted out of the Windows Insider Program because of a bug in the new Windows 10 Insider Preview Build 18356 (19H1) released yesterday to Insiders in the Fast ring.
Facebook and Instagram Down in Global Outage
Users worldwide are reporting that they are unable to access both Facebook and Instagram. When attempting to do so, they are given errors or maintenance messages stating that the services are aware of the problem and are working on restoring access. [...]
https://www.bleepingcomputer.com/news/technology/facebook-and-instagram-down-in-global-outage/
Users worldwide are reporting that they are unable to access both Facebook and Instagram. When attempting to do so, they are given errors or maintenance messages stating that the services are aware of the problem and are working on restoring access. [...]
https://www.bleepingcomputer.com/news/technology/facebook-and-instagram-down-in-global-outage/
BleepingComputer
Facebook and Instagram Down in Global Outage
Users worldwide are reporting that they are unable to access both Facebook and Instagram. When attempting to do so, they are given errors or maintenance messages stating that the services are aware of the problem and are working on restoring access.
Microsoft Releases Windows 10 Build 18855 (20H1) to Skip Ahead Users With Bug Fixes
Microsoft has released Windows 10 Insider Preview Build 18855 for Insiders in the Skip Ahead ring. This 20H1 build is mostly bug fixes, but does include one cool feature. It will now restore the contents of Notepad windows after a restart from installing Windows Updates [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-build-18855-20h1-to-skip-ahead-users-with-bug-fixes/
Microsoft has released Windows 10 Insider Preview Build 18855 for Insiders in the Skip Ahead ring. This 20H1 build is mostly bug fixes, but does include one cool feature. It will now restore the contents of Notepad windows after a restart from installing Windows Updates [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-build-18855-20h1-to-skip-ahead-users-with-bug-fixes/
BleepingComputer
Microsoft Releases Windows 10 Build 18855 (20H1) to Skip Ahead Users With Bug Fixes
Microsoft has released Windows 10 Insider Preview Build 18855 for Insiders in the Skip Ahead ring. This 20H1 build is mostly bug fixes, but does include one cool feature. It will now restore the contents of Notepad windows after a restart from installingβ¦
DMSniff Point-of-Sale Malware Silently Attacked SMBs For Years
A new Point-of-Sale (POS) malware which uses a domain generation algorithm to create command-and-control domains on the fly was detected in attacks against small and medium-sized businesses for the past four years according to a team of security researchers from Flashpoint. [...]
https://www.bleepingcomputer.com/news/security/dmsniff-point-of-sale-malware-silently-attacked-smbs-for-years/
A new Point-of-Sale (POS) malware which uses a domain generation algorithm to create command-and-control domains on the fly was detected in attacks against small and medium-sized businesses for the past four years according to a team of security researchers from Flashpoint. [...]
https://www.bleepingcomputer.com/news/security/dmsniff-point-of-sale-malware-silently-attacked-smbs-for-years/
BleepingComputer
DMSniff Point-of-Sale Malware Silently Attacked SMBs For Years
A Point-of-Sale (POS) malware which uses a domain generation algorithm to create command-and-control domains on the fly was detected in attacks against small and medium-sized businesses for the past four years according to a team of security researchers fromβ¦
39% of All CounterStrike 1.6 Servers Used to Infect Players
When playing a video game, most people do not worry about getting infected by the their game client. New research, though, shows that's exactly what is happening when 39% of all existing Counter-Strike 1.6 game servers were trying to infect players through vulnerabilities in the game client. [...]
https://www.bleepingcomputer.com/news/security/39-percent-of-all-counterstrike-16-servers-used-to-infect-players/
When playing a video game, most people do not worry about getting infected by the their game client. New research, though, shows that's exactly what is happening when 39% of all existing Counter-Strike 1.6 game servers were trying to infect players through vulnerabilities in the game client. [...]
https://www.bleepingcomputer.com/news/security/39-percent-of-all-counterstrike-16-servers-used-to-infect-players/
BleepingComputer
39% of All CounterStrike 1.6 Servers Used to Infect Players
When playing a video game, most people do not worry about getting infected by the their game client. New research, though, shows that's exactly what is happening when 39% of all existing Counter-Strike 1.6 game servers were trying to infect players throughβ¦
Microsoft Edge Insider Addons Store Discovered, 84 Extensions
As we get closer to Microsoft being ready to publicly reveal their Chromium-based Microsoft Edge Insider browser, an Edge Insider Addons store has been found that contains 84 extensions that will be available for the new browser. [...]
https://www.bleepingcomputer.com/news/security/microsoft-edge-insider-addons-store-discovered-84-extensions/
As we get closer to Microsoft being ready to publicly reveal their Chromium-based Microsoft Edge Insider browser, an Edge Insider Addons store has been found that contains 84 extensions that will be available for the new browser. [...]
https://www.bleepingcomputer.com/news/security/microsoft-edge-insider-addons-store-discovered-84-extensions/
BleepingComputer
Microsoft Edge Insider Addons Store Discovered, 84 Extensions
As we get closer to Microsoft being ready to publicly reveal their Chromium-based Microsoft Edge Insider browser, an Edge Insider Addons store has been found that contains 84 extensions that will be available for the new browser.
Beware of Bitcoin Investment Emails Pushing Clipboard Hijackers
A new malspam campaign is under that contains an attachment that when executed will install a Windows clipboard hijacker that attempts to steal Bitcoins from its victims. [...]
https://www.bleepingcomputer.com/news/security/beware-of-bitcoin-investment-emails-pushing-clipboard-hijackers/
A new malspam campaign is under that contains an attachment that when executed will install a Windows clipboard hijacker that attempts to steal Bitcoins from its victims. [...]
https://www.bleepingcomputer.com/news/security/beware-of-bitcoin-investment-emails-pushing-clipboard-hijackers/
BleepingComputer
Beware of Bitcoin Investment Emails Pushing Clipboard Hijackers
A new malspam campaign is under that contains an attachment that when executed will install a Windows clipboard hijacker that attempts to steal Bitcoins from its victims.
Pakistani Government Site Compromised, Logs Visitor Keystrokes
A Pakistani government site used as a tracking platform for passport applications has been compromised to deliver a ScanBox framework payload which captures the visitors' machine information and logs their keystrokes. [...]
https://www.bleepingcomputer.com/news/security/pakistani-government-site-compromised-logs-visitor-keystrokes/
A Pakistani government site used as a tracking platform for passport applications has been compromised to deliver a ScanBox framework payload which captures the visitors' machine information and logs their keystrokes. [...]
https://www.bleepingcomputer.com/news/security/pakistani-government-site-compromised-logs-visitor-keystrokes/
BleepingComputer
Pakistani Government Site Compromised, Logs Visitor Keystrokes
A Pakistani government site used as a tracking platform for passport applications has been compromised to deliver a ScanBox framework payload which captures the visitors' machine information and logs their keystrokes.