Facebook Removed Pre-Approval for Some Cryptocurrency-Related Ads
Facebook announced an update to the platform's advertising policies which removes the requirement of businesses to get pre-approved for cryptocurrency ads related to blockchain tech, education or events, industry news, and more. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/facebook-removed-pre-approval-for-some-cryptocurrency-related-ads/
Facebook announced an update to the platform's advertising policies which removes the requirement of businesses to get pre-approved for cryptocurrency ads related to blockchain tech, education or events, industry news, and more. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/facebook-removed-pre-approval-for-some-cryptocurrency-related-ads/
BleepingComputer
Facebook Removed Pre-Approval for Some Cryptocurrency-Related Ads
Facebook announced an update to the platform's advertising policies which removes the requirement of businesses to get pre-approved for cryptocurrency ads related to blockchain tech, education or events, industry news, and more.
Over 275 Million Records Exposed by Unsecured MongoDB Database
A huge MongoDB database exposing 275,265,298 records of Indian citizens containing detailed personally identifiable information (PII) was left unprotected on the Internet for more than two weeks. [...]
https://www.bleepingcomputer.com/news/security/over-275-million-records-exposed-by-unsecured-mongodb-database/
A huge MongoDB database exposing 275,265,298 records of Indian citizens containing detailed personally identifiable information (PII) was left unprotected on the Internet for more than two weeks. [...]
https://www.bleepingcomputer.com/news/security/over-275-million-records-exposed-by-unsecured-mongodb-database/
BleepingComputer
Over 275 Million Records Exposed by Unsecured MongoDB Database
A huge MongoDB database exposing 275,265,298 records of Indian citizens containing detailed personally identifiable information (PII) was left unprotected on the Internet for more than two weeks.
Bug in Alpine Linux Docker Image Leaves Root Account Unlocked
A security vulnerability in the Official Docker images based on the Alpine Linux distribution allowed for more than three years logging into the root account using a blank password. [...]
https://www.bleepingcomputer.com/news/security/bug-in-alpine-linux-docker-image-leaves-root-account-unlocked/
A security vulnerability in the Official Docker images based on the Alpine Linux distribution allowed for more than three years logging into the root account using a blank password. [...]
https://www.bleepingcomputer.com/news/security/bug-in-alpine-linux-docker-image-leaves-root-account-unlocked/
BleepingComputer
Bug in Alpine Linux Docker Image Leaves Root Account Unlocked
A security vulnerability in the Official Docker images based on the Alpine Linux distribution allowed for more than three years logging into the root account using a blank password.
Developer Creates a Two-Way Chat Using Only CSS and HTML
A software developer from San Francisco managed to do what no one else did before, creating a fully-functional two-way chat using only CSS and HTML, completely ditching JavaScript in the process. [...]
https://www.bleepingcomputer.com/news/software/developer-creates-a-two-way-chat-using-only-css-and-html/
A software developer from San Francisco managed to do what no one else did before, creating a fully-functional two-way chat using only CSS and HTML, completely ditching JavaScript in the process. [...]
https://www.bleepingcomputer.com/news/software/developer-creates-a-two-way-chat-using-only-css-and-html/
BleepingComputer
Developer Creates a Two-Way Chat Using Only CSS and HTML
A software developer from San Francisco managed to do what no one else did before, creating a fully-functional two-way chat using only CSS and HTML, completely ditching JavaScript in the process.
Hackers Claim Breaching AV Companies, Offer Access and Source Code
A hacking group or individual is advertising access to the networks of at least three antivirus companies in the U.S. and source code for their software products. [...]
https://www.bleepingcomputer.com/news/security/hackers-claim-breaching-av-companies-offer-access-and-source-code/
A hacking group or individual is advertising access to the networks of at least three antivirus companies in the U.S. and source code for their software products. [...]
https://www.bleepingcomputer.com/news/security/hackers-claim-breaching-av-companies-offer-access-and-source-code/
BleepingComputer
Hackers Selling Access and Source Code From Antivirus Companies
A hacking group or individual is advertising access to the networks of at least three antivirus companies in the U.S. and source code for their software products.
Firefox May Add Some Tor Features for Super Private Browsing Mode
Mozilla said in the company's public Research Grants 2019H1 report that it wants to integrate some Tor features into the Firefox web browser with the end goal of adding a so-called Super Private Browsing (SPB) mode. [...]
https://www.bleepingcomputer.com/news/security/firefox-may-add-some-tor-features-for-super-private-browsing-mode/
Mozilla said in the company's public Research Grants 2019H1 report that it wants to integrate some Tor features into the Firefox web browser with the end goal of adding a so-called Super Private Browsing (SPB) mode. [...]
https://www.bleepingcomputer.com/news/security/firefox-may-add-some-tor-features-for-super-private-browsing-mode/
BleepingComputer
Firefox May Add Some Tor Features for Super Private Browsing Mode
Mozilla said in the company's public Research Grants 2019H1 report that it wants to integrate some Tor features into the Firefox web browser with the end goal of adding a so-called Super Private Browsing (SPB) mode.
Jokeroo Ransomware as a Service Pulls an Exit Scam
Since May 7th, 2019, the Tor sites for the Jokeroo Ransomware as a Service (RaaS) have started displaying a notice stating that their server was seized by the Royal Thai Police in conjunction with the Dutch National Police and Europol. It turns out that this notice is fake and the RaaS is performing an exit scam. [...]
https://www.bleepingcomputer.com/news/security/jokeroo-ransomware-as-a-service-pulls-an-exit-scam/
Since May 7th, 2019, the Tor sites for the Jokeroo Ransomware as a Service (RaaS) have started displaying a notice stating that their server was seized by the Royal Thai Police in conjunction with the Dutch National Police and Europol. It turns out that this notice is fake and the RaaS is performing an exit scam. [...]
https://www.bleepingcomputer.com/news/security/jokeroo-ransomware-as-a-service-pulls-an-exit-scam/
BleepingComputer
Jokeroo Ransomware as a Service Pulls an Exit Scam
Since May 7th, 2019, the Tor sites for the Jokeroo Ransomware as a Service (RaaS) have started displaying a notice stating that their server was seized by the Royal Thai Police in conjunction with the Dutch National Police and Europol. It turns out that thisβ¦
Android Q Hardens Security, Adds Better Encryption
Google announced the integration of more features into Android Q designed to further harden the security of critical areas like the kernel, as well as making storage encryption standard and updated biometrics API. [...]
https://www.bleepingcomputer.com/news/security/android-q-hardens-security-adds-better-encryption/
Google announced the integration of more features into Android Q designed to further harden the security of critical areas like the kernel, as well as making storage encryption standard and updated biometrics API. [...]
https://www.bleepingcomputer.com/news/security/android-q-hardens-security-adds-better-encryption/
BleepingComputer
Android Q Hardens Security, Adds Better Encryption
Google announced the integration of more features into Android Q designed to further harden the security of critical areas like the kernel, as well as making storage encryption standard and updated biometrics API.
Site Promoting KeePass Password Manager Pushes Malware
A site that pretends to promote the popular KeePass password management software is actually distributing malware on unsuspecting visitors. This site is part of a larger network of sites distributing adware bundles as free programs. [...]
https://www.bleepingcomputer.com/news/security/site-promoting-keepass-password-manager-pushes-malware/
A site that pretends to promote the popular KeePass password management software is actually distributing malware on unsuspecting visitors. This site is part of a larger network of sites distributing adware bundles as free programs. [...]
https://www.bleepingcomputer.com/news/security/site-promoting-keepass-password-manager-pushes-malware/
BleepingComputer
Site Promoting KeePass Password Manager Pushes Malware
A site that pretends to promote the popular KeePass password management software is actually distributing malware on unsuspecting visitors. This site is part of a larger network of sites distributing adware bundles as free programs.
North Korean Hackers Use ELECTRICFISH Malware to Steal Data
The Federal Bureau of Investigation (FBI) and the U.S. Department of Homeland Security (DHS) have issued a joint malware analysis report (MAR) on a new malware strain dubbed ELECTRICFISH and used by the North-Korean APT group Lazarus to exfiltrate data from victims. [...]
https://www.bleepingcomputer.com/news/security/north-korean-hackers-use-electricfish-malware-to-steal-data/
The Federal Bureau of Investigation (FBI) and the U.S. Department of Homeland Security (DHS) have issued a joint malware analysis report (MAR) on a new malware strain dubbed ELECTRICFISH and used by the North-Korean APT group Lazarus to exfiltrate data from victims. [...]
https://www.bleepingcomputer.com/news/security/north-korean-hackers-use-electricfish-malware-to-steal-data/
BleepingComputer
North Korean Hackers Use ELECTRICFISH Malware to Steal Data
The Federal Bureau of Investigation (FBI) and the U.S. Department of Homeland Security (DHS) have issued a joint malware analysis report (MAR) on a malware strain dubbed ELECTRICFISH and used by the North-Korean APT group Lazarus to exfiltrate data from victims.
Mozilla to Delete Usage Data Collected From Firefox Addon Fix
Mozilla has decided to delete all telemetry, or user's usage and performance data, that was collected by Firefox while they were rolling out the study to fix disabled Firefox addons. [...]
https://www.bleepingcomputer.com/news/software/mozilla-to-delete-usage-data-collected-from-firefox-addon-fix/
Mozilla has decided to delete all telemetry, or user's usage and performance data, that was collected by Firefox while they were rolling out the study to fix disabled Firefox addons. [...]
https://www.bleepingcomputer.com/news/software/mozilla-to-delete-usage-data-collected-from-firefox-addon-fix/
BleepingComputer
Mozilla to Delete Usage Data Collected From Firefox Addon Fix
Mozilla has decided to delete all telemetry, or user's usage and performance data, that was collected by Firefox while they were rolling out the study to fix disabled Firefox addons.
U.S Indicts Chinese Hackers for Anthem Data Breach
The U.S. Department of Justice has formally charged two members of a hacking group operating in China for illegally accessing computer systems of health insurer Anthem and stealing personally identifiable information (PII) of 78.8 million people. [...]
https://www.bleepingcomputer.com/news/security/us-indicts-chinese-hackers-for-anthem-data-breach/
The U.S. Department of Justice has formally charged two members of a hacking group operating in China for illegally accessing computer systems of health insurer Anthem and stealing personally identifiable information (PII) of 78.8 million people. [...]
https://www.bleepingcomputer.com/news/security/us-indicts-chinese-hackers-for-anthem-data-breach/
BleepingComputer
U.S Indicts Chinese Hackers for Anthem Data Breach
The U.S. Department of Justice has formally charged two members of a hacking group operating in China for illegally accessing computer systems of health insurer Anthem and stealing personally identifiable information (PII) of 78.8 million people.
Fake Pirate Chick VPN Pushed AZORult Info Stealing Trojan
Adware bundles are installing a VPN software called Pirate Chick, which then connects to a remote server to download and install malicious payloads such the AZORult password-stealing Trojan. [...]
https://www.bleepingcomputer.com/news/security/fake-pirate-chick-vpn-pushed-azorult-info-stealing-trojan/
Adware bundles are installing a VPN software called Pirate Chick, which then connects to a remote server to download and install malicious payloads such the AZORult password-stealing Trojan. [...]
https://www.bleepingcomputer.com/news/security/fake-pirate-chick-vpn-pushed-azorult-info-stealing-trojan/
BleepingComputer
Fake Pirate Chick VPN Pushed AZORult Info Stealing Trojan
Adware bundles are installing a VPN software called Pirate Chick, which then connects to a remote server to download and install malicious payloads such the AZORult password-stealing Trojan.
Six Men Accused of Stealing Over $2.4M in SIM Swapping Attacks
A fifteen-count indictment has been unsealed today by the U.S. Department of Justice charging six men part of a hacking group dubbed "The Community" for allegedly being behind a SIM swapping fraud which led to the theft of roughly $2,5M worth of cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/six-men-accused-of-stealing-over-24m-in-sim-swapping-attacks/
A fifteen-count indictment has been unsealed today by the U.S. Department of Justice charging six men part of a hacking group dubbed "The Community" for allegedly being behind a SIM swapping fraud which led to the theft of roughly $2,5M worth of cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/six-men-accused-of-stealing-over-24m-in-sim-swapping-attacks/
BleepingComputer
Six Men Accused of Stealing Over $2.4M in SIM Swapping Attacks
A fifteen-count indictment has been unsealed today by the U.S. Department of Justice charging six men part of a hacking group dubbed "The Community" for allegedly being behind a SIM swapping fraud which led to the theft of roughly $2,5M worth of cryptocurrency.
Crypto-Mining Hacking Groups Wage War in the Cloud
Two hacking groups connected to large-scale malicious crypto-mining campaigns have been targeting each other's cryptominers as part of an ongoing battle to get control of vulnerable cloud-based infrastructure. [...]
https://www.bleepingcomputer.com/news/security/crypto-mining-hacking-groups-wage-war-in-the-cloud/
Two hacking groups connected to large-scale malicious crypto-mining campaigns have been targeting each other's cryptominers as part of an ongoing battle to get control of vulnerable cloud-based infrastructure. [...]
https://www.bleepingcomputer.com/news/security/crypto-mining-hacking-groups-wage-war-in-the-cloud/
BleepingComputer
Crypto-Mining Hacking Groups Wage War in the Cloud
Two hacking groups connected to large-scale malicious crypto-mining campaigns have been targeting each other's cryptominers as part of an ongoing battle to get control of vulnerable cloud-based infrastructure.
MS Office Adds "Your Data, Controlled by You" Privacy Controls
Microsoft Office has started displaying a new dialog box titled "Your data, controlled by you" when you start applications such as Word, Excel, and PowerPoint. These dialog boxes are new Microsoft privacy controls that ask if you will allow additional Office telemetry and usage data to be sent to Microsoft. [...]
https://www.bleepingcomputer.com/news/microsoft/ms-office-adds-your-data-controlled-by-you-privacy-controls/
Microsoft Office has started displaying a new dialog box titled "Your data, controlled by you" when you start applications such as Word, Excel, and PowerPoint. These dialog boxes are new Microsoft privacy controls that ask if you will allow additional Office telemetry and usage data to be sent to Microsoft. [...]
https://www.bleepingcomputer.com/news/microsoft/ms-office-adds-your-data-controlled-by-you-privacy-controls/
BleepingComputer
MS Office Adds "Your Data, Controlled by You" Privacy Controls
Microsoft Office has started displaying a new dialog box titled "Your data, controlled by you" when you start applications such as Word, Excel, and PowerPoint. These dialog boxes are new Microsoft privacy controls that ask if you will allow additional Officeβ¦
Windows 10 Insider Build 18895 Fixes the Your Phone App
Microsoft has released Windows 10 Insider Preview Build 18895 to Insiders in the Fast ring. This build is a quick fix for the Your Phone app that broke in build 18894. Other that that, it is mostly additional bug fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18895-fixes-the-your-phone-app/
Microsoft has released Windows 10 Insider Preview Build 18895 to Insiders in the Fast ring. This build is a quick fix for the Your Phone app that broke in build 18894. Other that that, it is mostly additional bug fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18895-fixes-the-your-phone-app/
BleepingComputer
Windows 10 Insider Build 18895 Fixes the Your Phone App
Microsoft has released Windows 10 Insider Preview Build 18895 to Insiders in the Fast ring. This build is a quick fix for the Your Phone app that broke in build 18894. Other that that, it is mostly additional bug fixes.
NVIDIA Patches High Severity Windows GPU Display Driver Flaws
NVIDIA issued a security update to fix three high and medium severity security issues in the NVIDIA GPU Display Driver that could lead to code execution, denial of service, escalation of privileges, or information disclosure on vulnerable Windows machines. [...]
https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-windows-gpu-display-driver-flaws/
NVIDIA issued a security update to fix three high and medium severity security issues in the NVIDIA GPU Display Driver that could lead to code execution, denial of service, escalation of privileges, or information disclosure on vulnerable Windows machines. [...]
https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-windows-gpu-display-driver-flaws/
BleepingComputer
NVIDIA Patches High Severity Windows GPU Display Driver Flaws
NVIDIA issued a security update to fix three high and medium severity security issues in the NVIDIA GPU Display Driver that could lead to code execution, denial of service, escalation of privileges, or information disclosure on vulnerable Windows machines.
Google Considers Removing Android ADB Backup and Restore
The Android Debug Bridge (adb) backup and restore commands will be deprecated and may be removed in a future Android release, as detailed in a commit merged into the Android Open Source Project (AOSP) git repository. [...]
https://www.bleepingcomputer.com/news/mobile/google-considers-removing-android-adb-backup-and-restore/
The Android Debug Bridge (adb) backup and restore commands will be deprecated and may be removed in a future Android release, as detailed in a commit merged into the Android Open Source Project (AOSP) git repository. [...]
https://www.bleepingcomputer.com/news/mobile/google-considers-removing-android-adb-backup-and-restore/
BleepingComputer
Google Considers Removing Android ADB Backup and Restore
The Android Debug Bridge (adb) backup and restore commands will be deprecated and may be removed in a future Android release, as detailed in a commit merged into the Android Open Source Project (AOSP) git repository.
Nigerian BEC Scammers Shifting to RATs As Tool of Choice
Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids. [...]
https://www.bleepingcomputer.com/news/security/nigerian-bec-scammers-shifting-to-rats-as-tool-of-choice/
Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids. [...]
https://www.bleepingcomputer.com/news/security/nigerian-bec-scammers-shifting-to-rats-as-tool-of-choice/
BleepingComputer
Nigerian BEC Scammers Shifting to RATs As Tool of Choice
Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids.
The Week in Ransomware - May 10th 2019 - MegaCortex, Jokeroo, and More
This week the biggest news was the analysis of MegaCortex by Sophos. Then we had Dharma utilizing an ESET Remover tool as a distraction while the ransomware encrypted a victim's files. Finally, we had the Jokeroo RaaS pull an exit scam. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-10th-2019-megacortex-jokeroo-and-more/
This week the biggest news was the analysis of MegaCortex by Sophos. Then we had Dharma utilizing an ESET Remover tool as a distraction while the ransomware encrypted a victim's files. Finally, we had the Jokeroo RaaS pull an exit scam. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-10th-2019-megacortex-jokeroo-and-more/
BleepingComputer
The Week in Ransomware - May 10th 2019 - MegaCortex, Jokeroo, and More
This week the biggest news was the analysis of MegaCortex by Sophos. Then we had Dharma utilizing an ESET Remover tool as a distraction while the ransomware encrypted a victim's files. Finally, we had the Jokeroo RaaS pull an exit scam.