Merry Christmas Ransomware and its dev, ComodoSecurity, not bringing Holiday Cheer
The Merry X-Mas Ransomware is here and it's not bringing you any presents. Victims who become infected with this ransomware will have their files encrypted and then be shown a ransom note that wishes them a Merry Christmas while demanding they pay a ransom to get their files back. [...]
https://www.bleepingcomputer.com/news/security/merry-christmas-ransomware-and-its-dev-comodosecurity-not-bringing-holiday-cheer/
The Merry X-Mas Ransomware is here and it's not bringing you any presents. Victims who become infected with this ransomware will have their files encrypted and then be shown a ransom note that wishes them a Merry Christmas while demanding they pay a ransom to get their files back. [...]
https://www.bleepingcomputer.com/news/security/merry-christmas-ransomware-and-its-dev-comodosecurity-not-bringing-holiday-cheer/
BleepingComputer
Merry Christmas Ransomware and its dev, ComodoSecurity, not bringing Holiday Cheer
The Merry X-Mas Ransomware is here and it's not bringing you any presents. Victims who become infected with this ransomware will have their files encrypted and then be shown a ransom note that wishes them a Merry Christmas while demanding they pay a ransomβ¦
Pseudo-Darkleech Actors Behind a Large Chunk of Ransomware Attacks in 2016
A cyber-crime infrastructure known in infosec circles as pseudo-Darkleech has been the source of many ransomware infections during the past year, either by malicious spam attachments or via automated attacks carried out via exploit kits. [...]
https://www.bleepingcomputer.com/news/security/pseudo-darkleech-actors-behind-a-large-chunk-of-ransomware-attacks-in-2016/
A cyber-crime infrastructure known in infosec circles as pseudo-Darkleech has been the source of many ransomware infections during the past year, either by malicious spam attachments or via automated attacks carried out via exploit kits. [...]
https://www.bleepingcomputer.com/news/security/pseudo-darkleech-actors-behind-a-large-chunk-of-ransomware-attacks-in-2016/
BleepingComputer
Pseudo-Darkleech Actors Behind a Large Chunk of Ransomware Attacks in 2016
A cyber-crime infrastructure known in infosec circles as pseudo-Darkleech has been the source of many ransomware infections during the past year, either by malicious spam attachments or via automated attacks carried out via exploit kits.
FireCrypt Ransomware Comes With a DDoS Component
A new ransomware family named FireCrypt will encrypt the user's files, but also attempt to launch a very feeble DDoS attack on a URL hardcoded in its source code. [...]
https://www.bleepingcomputer.com/news/security/firecrypt-ransomware-comes-with-a-ddos-component/
A new ransomware family named FireCrypt will encrypt the user's files, but also attempt to launch a very feeble DDoS attack on a URL hardcoded in its source code. [...]
https://www.bleepingcomputer.com/news/security/firecrypt-ransomware-comes-with-a-ddos-component/
BleepingComputer
FireCrypt Ransomware Comes With a DDoS Component
A new ransomware family named FireCrypt will encrypt the user's files, but also attempt to launch a very feeble DDoS attack on a URL hardcoded in its source code.
Emsisoft releases a decryptor for version 3 of the Globe Ransomware
Fabian Wosar of Emisoft has released a decrypter for version 3 of the Globe Ransomware. This decryptor will decrypt the Globe Ransomware variants that commonly append the .decrypt2017 and .hnumkhotep extensions to encrypted files. [...]
https://www.bleepingcomputer.com/news/security/emsisoft-releases-a-decryptor-for-version-3-of-the-globe-ransomware/
Fabian Wosar of Emisoft has released a decrypter for version 3 of the Globe Ransomware. This decryptor will decrypt the Globe Ransomware variants that commonly append the .decrypt2017 and .hnumkhotep extensions to encrypted files. [...]
https://www.bleepingcomputer.com/news/security/emsisoft-releases-a-decryptor-for-version-3-of-the-globe-ransomware/
BleepingComputer
Emsisoft releases a decryptor for version 3 of the Globe Ransomware
Fabian Wosar of Emisoft has released a decrypter for version 3 of the Globe Ransomware. This decryptor will decrypt the Globe Ransomware variants that commonly append the .decrypt2017 and .hnumkhotep extensions to encrypted files.
Smart Meters Are Laughably Insecure, Are a Real Danger to Smart Homes
Most smart meters that are installed, or are soon to be installed, in hundreds of millions of homes around the world are woefully insecure and can be easily hacked by a remote attacker to alter energy consumption levels, hack other smart devices in the user's home, or even cause the meter to explode. [...]
https://www.bleepingcomputer.com/news/security/smart-meters-are-laughably-insecure-are-a-real-danger-to-smart-homes/
Most smart meters that are installed, or are soon to be installed, in hundreds of millions of homes around the world are woefully insecure and can be easily hacked by a remote attacker to alter energy consumption levels, hack other smart devices in the user's home, or even cause the meter to explode. [...]
https://www.bleepingcomputer.com/news/security/smart-meters-are-laughably-insecure-are-a-real-danger-to-smart-homes/
New California Law Makes Ransomware a Standalone Crime
On January 1, 2017, a new law went into effect in California that makes ransomware use a standalone crime. [...]
https://www.bleepingcomputer.com/news/government/new-california-law-makes-ransomware-a-standalone-crime/
On January 1, 2017, a new law went into effect in California that makes ransomware use a standalone crime. [...]
https://www.bleepingcomputer.com/news/government/new-california-law-makes-ransomware-a-standalone-crime/
BleepingComputer
New California Law Makes Ransomware a Standalone Crime
On January 1, 2017, a new law went into effect in California that makes ransomware use a standalone crime.
Google and Samsung Release Touchscreen-Enabled Chromebook That Runs Android Apps
Today at the Consumer Electronics Show (CES) 2017, held in Las Vegas, USA, Google together with Samsung will be unveiling the next line of Chromebook laptops that also double as a tablet thanks to its new touchscreen and built-in support for running Android apps. [...]
https://www.bleepingcomputer.com/news/hardware/google-and-samsung-release-touchscreen-enabled-chromebook-that-runs-android-apps/
Today at the Consumer Electronics Show (CES) 2017, held in Las Vegas, USA, Google together with Samsung will be unveiling the next line of Chromebook laptops that also double as a tablet thanks to its new touchscreen and built-in support for running Android apps. [...]
https://www.bleepingcomputer.com/news/hardware/google-and-samsung-release-touchscreen-enabled-chromebook-that-runs-android-apps/
BleepingComputer
Google and Samsung Release Touchscreen-Enabled Chromebook That Runs Android Apps
Today at the Consumer Electronics Show (CES) 2017, held in Las Vegas, USA, Google together with Samsung will be unveiling the next line of Chromebook laptops that also double as a tablet thanks to its new touchscreen and built-in support for running Androidβ¦
KillDisk Ransomware Now Targets Linux, Prevents Boot-Up, Has Faulty Encryption
Researchers have discovered a Linux variant of the KillDisk ransomware, which itself is a new addition to the KillDisk disk wiper malware family, previously used only to sabotage companies by randomly deleting data and altering files. [...]
https://www.bleepingcomputer.com/news/security/killdisk-ransomware-now-targets-linux-prevents-boot-up-has-faulty-encryption/
Researchers have discovered a Linux variant of the KillDisk ransomware, which itself is a new addition to the KillDisk disk wiper malware family, previously used only to sabotage companies by randomly deleting data and altering files. [...]
https://www.bleepingcomputer.com/news/security/killdisk-ransomware-now-targets-linux-prevents-boot-up-has-faulty-encryption/
BleepingComputer
KillDisk Ransomware Now Targets Linux, Prevents Boot-Up, Has Faulty Encryption
Researchers have discovered a Linux variant of the KillDisk ransomware, which itself is a new addition to the KillDisk disk wiper malware family, previously used only to sabotage companies by randomly deleting data and altering files.
Number of Hijacked MongoDB Databases Is Going Up as More Hackers Are Flocking In
MongoDB administrators are about to be tought a hard lesson in database management practices, as the number of hackers that are now involved with DB hijacking attempts has gone from one to three, and more are expected to join in the upcoming days. [...]
https://www.bleepingcomputer.com/news/security/number-of-hijacked-mongodb-databases-is-going-up-as-more-hackers-are-flocking-in/
MongoDB administrators are about to be tought a hard lesson in database management practices, as the number of hackers that are now involved with DB hijacking attempts has gone from one to three, and more are expected to join in the upcoming days. [...]
https://www.bleepingcomputer.com/news/security/number-of-hijacked-mongodb-databases-is-going-up-as-more-hackers-are-flocking-in/
BleepingComputer
Number of Hijacked MongoDB Databases Is Going Up as More Hackers Are Flocking In
MongoDB administrators are about to be tought a hard lesson in database management practices, as the number of hackers that are now involved with DB hijacking attempts has gone from one to three, and more are expected to join in the upcoming days.
Plone Developers Call "Hoax" on Alleged FBI Hack
The Plone security team has debunked claims made by a hacker, who said he sued a zero-day in the Plone CMS to hack into the FBI's website, which uses the aforementioned CMS. [...]
https://www.bleepingcomputer.com/news/security/plone-developers-call-hoax-on-alleged-fbi-hack/
The Plone security team has debunked claims made by a hacker, who said he sued a zero-day in the Plone CMS to hack into the FBI's website, which uses the aforementioned CMS. [...]
https://www.bleepingcomputer.com/news/security/plone-developers-call-hoax-on-alleged-fbi-hack/
BleepingComputer
Plone Developers Call "Hoax" on Alleged FBI Hack
The Plone security team has debunked claims made by a hacker, who said he used a zero-day in the Plone CMS to hack into the FBI's website, which uses the aforementioned CMS.
Tech Support Scam Causes Macs to Freeze
A new type of tech support scam tactic observed against Mac users relies on opening a large number of email drafts, an action which eventually causes the user's machine to become unresponsive. [...]
https://www.bleepingcomputer.com/news/security/tech-support-scam-causes-macs-to-freeze/
A new type of tech support scam tactic observed against Mac users relies on opening a large number of email drafts, an action which eventually causes the user's machine to become unresponsive. [...]
https://www.bleepingcomputer.com/news/security/tech-support-scam-causes-macs-to-freeze/
BleepingComputer
Tech Support Scam Causes Macs to Freeze
A new type of tech support scam tactic observed against Mac users relies on opening a large number of email drafts, an action which eventually causes the user's machine to become unresponsive.
Google Bans AdNauseam from Chrome, the Ad Blocker That Clicks on All Ads
Google has banned the AdNauseam Chrome extension from the Chrome Web Store, an add-on that became very popular with users because it automatically clicked on all ads on a page. [...]
https://www.bleepingcomputer.com/news/google/google-bans-adnauseam-from-chrome-the-ad-blocker-that-clicks-on-all-ads/
Google has banned the AdNauseam Chrome extension from the Chrome Web Store, an add-on that became very popular with users because it automatically clicked on all ads on a page. [...]
https://www.bleepingcomputer.com/news/google/google-bans-adnauseam-from-chrome-the-ad-blocker-that-clicks-on-all-ads/
BleepingComputer
Google Bans AdNauseam from Chrome, the Ad Blocker That Clicks on All Ads
Google has banned the AdNauseam Chrome extension from the Chrome Web Store, an add-on that became very popular with users because it automatically clicked on all ads on a page.
FTC Takes D-Link to Court Because of Insecure Routers and Cameras
The US Federal Trade Commission (FTC) has filed a lawsuit against D-Link, a Taiwanese hardware manufacturer, for misrepresentations about the security of various devices it sold in the US, and for failing to take action and secure devices when security flaws were reported. [...]
https://www.bleepingcomputer.com/news/security/ftc-takes-d-link-to-court-because-of-insecure-routers-and-cameras/
The US Federal Trade Commission (FTC) has filed a lawsuit against D-Link, a Taiwanese hardware manufacturer, for misrepresentations about the security of various devices it sold in the US, and for failing to take action and secure devices when security flaws were reported. [...]
https://www.bleepingcomputer.com/news/security/ftc-takes-d-link-to-court-because-of-insecure-routers-and-cameras/
BleepingComputer
FTC Takes D-Link to Court Because of Insecure Routers and Cameras
The US Federal Trade Commission (FTC) has filed a lawsuit against D-Link, a Taiwanese hardware manufacturer, for misrepresentations about the security of various devices it sold in the US, and for failing to take action and secure devices when security flawsβ¦
Browser Autofill Profiles Can Be Abused for Phishing Attacks
Browser autofill profiles are a reliable phishing vector that allow attackers to collect information from users via hidden fields, which the browser automatically fills with preset personal information and which the user unknowingly sends to the attacker when he submits a form. [...]
https://www.bleepingcomputer.com/news/security/browser-autofill-profiles-can-be-abused-for-phishing-attacks/
Browser autofill profiles are a reliable phishing vector that allow attackers to collect information from users via hidden fields, which the browser automatically fills with preset personal information and which the user unknowingly sends to the attacker when he submits a form. [...]
https://www.bleepingcomputer.com/news/security/browser-autofill-profiles-can-be-abused-for-phishing-attacks/
BleepingComputer
Browser Autofill Profiles Can Be Abused for Phishing Attacks
Browser autofill profiles are a reliable phishing vector that allow attackers to collect information from users via hidden fields, which the browser automatically fills with preset personal information and which the user unknowingly sends to the attackerβ¦
The Week in Ransomware - January 6th 2017 - FSociety, MongoDB, Pseudo-Darkleech, and More
2017 is here and ransomware continues to pump out at a rapid pace. We have a lot of little variants popping up this week, with a special emphasis on malware devs adopting the FSociety brand name. We also have some new decryptors, a Christmas related ransomware, and plenty of small ransomware infections. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-6th-2017-fsociety-mongodb-pseudo-darkleech-and-more/
2017 is here and ransomware continues to pump out at a rapid pace. We have a lot of little variants popping up this week, with a special emphasis on malware devs adopting the FSociety brand name. We also have some new decryptors, a Christmas related ransomware, and plenty of small ransomware infections. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-6th-2017-fsociety-mongodb-pseudo-darkleech-and-more/
BleepingComputer
The Week in Ransomware - January 6th 2017 - FSociety, MongoDB, Pseudo-Darkleech, and More
2017 is here and ransomware continues to pump out at a rapid pace. We have a lot of little variants popping up this week, with a special emphasis on malware devs adopting the FSociety brand name. We also have some new decryptors, a Christmas related ransomwareβ¦
Google Patches Security Holes in Android Bootloader for Nexus Devices
Google's automated over-the-air (OTA) update system has plugged a "high-risk" vulnerability that affected the Android bootloader on Nexus smartphones. [...]
https://www.bleepingcomputer.com/news/mobile/google-patches-security-holes-in-android-bootloader-for-nexus-devices/
Google's automated over-the-air (OTA) update system has plugged a "high-risk" vulnerability that affected the Android bootloader on Nexus smartphones. [...]
https://www.bleepingcomputer.com/news/mobile/google-patches-security-holes-in-android-bootloader-for-nexus-devices/
BleepingComputer
Google Patches Security Holes in Android Bootloader for Nexus Devices
Google's automated over-the-air (OTA) update system has plugged a "high-risk" vulnerability that affected the Android bootloader on Nexus smartphones.
MongoDB Apocalypse Is Here as Ransom Attacks Hit 10,000 Servers
What started as isolated incidents on Monday has transformed into an all out destruction of thousands of MongoDB servers by the end of the week. [...]
https://www.bleepingcomputer.com/news/security/mongodb-apocalypse-is-here-as-ransom-attacks-hit-10-000-servers/
What started as isolated incidents on Monday has transformed into an all out destruction of thousands of MongoDB servers by the end of the week. [...]
https://www.bleepingcomputer.com/news/security/mongodb-apocalypse-is-here-as-ransom-attacks-hit-10-000-servers/
BleepingComputer
MongoDB Apocalypse Is Here as Ransom Attacks Hit 10,000 Servers
What started as isolated incidents on Monday has transformed into an all out destruction of thousands of MongoDB servers by the end of the week.
Crooks Cold-Calling UK Schools and Tricking Staff Into Installing Ransomware
The "ActionFraud" UK National Fraud & Cyber Crime Reporting Center has issued an alert this week to UK educational institutes, warning against cyber-criminals cold-calling British schools and tricking staffers into installing ransomware on the school's computers. [...]
https://www.bleepingcomputer.com/news/security/crooks-cold-calling-uk-schools-and-tricking-staff-into-installing-ransomware/
The "ActionFraud" UK National Fraud & Cyber Crime Reporting Center has issued an alert this week to UK educational institutes, warning against cyber-criminals cold-calling British schools and tricking staffers into installing ransomware on the school's computers. [...]
https://www.bleepingcomputer.com/news/security/crooks-cold-calling-uk-schools-and-tricking-staff-into-installing-ransomware/
BleepingComputer
Crooks Cold-Calling UK Schools and Tricking Staff Into Installing Ransomware
The "ActionFraud" UK National Fraud & Cyber Crime Reporting Center has issued an alert this week to UK educational institutes, warning against cyber-criminals cold-calling British schools and tricking staffers into installing ransomware on the school's computers.
2016's Most Popular Web Technologies
The world of web technology changes at a rapid pace. New projects appear daily, and old tools retire to make room for new arrivals. During 2016, the web technology landscape has changed dramatically, with the arrival of AngularJS 2.0, the proliferation of React.js and maturation of several open-source CMS projects. [...]
https://www.bleepingcomputer.com/news/software/2016s-most-popular-web-technologies/
The world of web technology changes at a rapid pace. New projects appear daily, and old tools retire to make room for new arrivals. During 2016, the web technology landscape has changed dramatically, with the arrival of AngularJS 2.0, the proliferation of React.js and maturation of several open-source CMS projects. [...]
https://www.bleepingcomputer.com/news/software/2016s-most-popular-web-technologies/
BleepingComputer
2016's Most Popular Web Technologies
The world of web technology changes at a rapid pace. New projects appear daily, and old tools retire to make room for new arrivals. During 2016, the web technology landscape has changed dramatically, with the arrival of AngularJS 2.0, the proliferation ofβ¦
Clever Phishing Trick You Need to Be Aware Of
One trick, first seen in June 2016, was observed again this past month. This clever phishing attack relies on telling users they received an important or secure file, and they need to visit a web page to view it. The real trick takes place on the crook's page, which shows a blurred out document on the background. [...]
https://www.bleepingcomputer.com/news/security/clever-phishing-trick-you-need-to-be-aware-of/
One trick, first seen in June 2016, was observed again this past month. This clever phishing attack relies on telling users they received an important or secure file, and they need to visit a web page to view it. The real trick takes place on the crook's page, which shows a blurred out document on the background. [...]
https://www.bleepingcomputer.com/news/security/clever-phishing-trick-you-need-to-be-aware-of/
BleepingComputer
Clever Phishing Trick You Need to Be Aware Of
One trick, first seen in June 2016, was observed again this past month. This clever phishing attack relies on telling users they received an important or secure file, and they need to visit a web page to view it. The real trick takes place on the crook'sβ¦
WordPress, Joomla, and Magento Continue to Be the Most Hacked CMSs
Based on statistical data gathered by Sucuri from 7,937 compromised websites, WordPress, Joomla, and Magento, in this order, continued to be the most hacked CMS platforms in the third quarter of 2016 (months of July, August, and September). [...]
https://www.bleepingcomputer.com/news/security/wordpress-joomla-and-magento-continue-to-be-the-most-hacked-cmss/
Based on statistical data gathered by Sucuri from 7,937 compromised websites, WordPress, Joomla, and Magento, in this order, continued to be the most hacked CMS platforms in the third quarter of 2016 (months of July, August, and September). [...]
https://www.bleepingcomputer.com/news/security/wordpress-joomla-and-magento-continue-to-be-the-most-hacked-cmss/
BleepingComputer
WordPress, Joomla, and Magento Continue to Be the Most Hacked CMSs
Based on statistical data gathered by Sucuri from 7,937 compromised websites, WordPress, Joomla, and Magento, in this order, continued to be the most hacked CMS platforms in the third quarter of 2016 (months of July, August, and September).