Hackers Claim Breaching AV Companies, Offer Access and Source Code
A hacking group or individual is advertising access to the networks of at least three antivirus companies in the U.S. and source code for their software products. [...]
https://www.bleepingcomputer.com/news/security/hackers-claim-breaching-av-companies-offer-access-and-source-code/
A hacking group or individual is advertising access to the networks of at least three antivirus companies in the U.S. and source code for their software products. [...]
https://www.bleepingcomputer.com/news/security/hackers-claim-breaching-av-companies-offer-access-and-source-code/
BleepingComputer
Hackers Selling Access and Source Code From Antivirus Companies
A hacking group or individual is advertising access to the networks of at least three antivirus companies in the U.S. and source code for their software products.
Firefox May Add Some Tor Features for Super Private Browsing Mode
Mozilla said in the company's public Research Grants 2019H1 report that it wants to integrate some Tor features into the Firefox web browser with the end goal of adding a so-called Super Private Browsing (SPB) mode. [...]
https://www.bleepingcomputer.com/news/security/firefox-may-add-some-tor-features-for-super-private-browsing-mode/
Mozilla said in the company's public Research Grants 2019H1 report that it wants to integrate some Tor features into the Firefox web browser with the end goal of adding a so-called Super Private Browsing (SPB) mode. [...]
https://www.bleepingcomputer.com/news/security/firefox-may-add-some-tor-features-for-super-private-browsing-mode/
BleepingComputer
Firefox May Add Some Tor Features for Super Private Browsing Mode
Mozilla said in the company's public Research Grants 2019H1 report that it wants to integrate some Tor features into the Firefox web browser with the end goal of adding a so-called Super Private Browsing (SPB) mode.
Jokeroo Ransomware as a Service Pulls an Exit Scam
Since May 7th, 2019, the Tor sites for the Jokeroo Ransomware as a Service (RaaS) have started displaying a notice stating that their server was seized by the Royal Thai Police in conjunction with the Dutch National Police and Europol. It turns out that this notice is fake and the RaaS is performing an exit scam. [...]
https://www.bleepingcomputer.com/news/security/jokeroo-ransomware-as-a-service-pulls-an-exit-scam/
Since May 7th, 2019, the Tor sites for the Jokeroo Ransomware as a Service (RaaS) have started displaying a notice stating that their server was seized by the Royal Thai Police in conjunction with the Dutch National Police and Europol. It turns out that this notice is fake and the RaaS is performing an exit scam. [...]
https://www.bleepingcomputer.com/news/security/jokeroo-ransomware-as-a-service-pulls-an-exit-scam/
BleepingComputer
Jokeroo Ransomware as a Service Pulls an Exit Scam
Since May 7th, 2019, the Tor sites for the Jokeroo Ransomware as a Service (RaaS) have started displaying a notice stating that their server was seized by the Royal Thai Police in conjunction with the Dutch National Police and Europol. It turns out that thisβ¦
Android Q Hardens Security, Adds Better Encryption
Google announced the integration of more features into Android Q designed to further harden the security of critical areas like the kernel, as well as making storage encryption standard and updated biometrics API. [...]
https://www.bleepingcomputer.com/news/security/android-q-hardens-security-adds-better-encryption/
Google announced the integration of more features into Android Q designed to further harden the security of critical areas like the kernel, as well as making storage encryption standard and updated biometrics API. [...]
https://www.bleepingcomputer.com/news/security/android-q-hardens-security-adds-better-encryption/
BleepingComputer
Android Q Hardens Security, Adds Better Encryption
Google announced the integration of more features into Android Q designed to further harden the security of critical areas like the kernel, as well as making storage encryption standard and updated biometrics API.
Site Promoting KeePass Password Manager Pushes Malware
A site that pretends to promote the popular KeePass password management software is actually distributing malware on unsuspecting visitors. This site is part of a larger network of sites distributing adware bundles as free programs. [...]
https://www.bleepingcomputer.com/news/security/site-promoting-keepass-password-manager-pushes-malware/
A site that pretends to promote the popular KeePass password management software is actually distributing malware on unsuspecting visitors. This site is part of a larger network of sites distributing adware bundles as free programs. [...]
https://www.bleepingcomputer.com/news/security/site-promoting-keepass-password-manager-pushes-malware/
BleepingComputer
Site Promoting KeePass Password Manager Pushes Malware
A site that pretends to promote the popular KeePass password management software is actually distributing malware on unsuspecting visitors. This site is part of a larger network of sites distributing adware bundles as free programs.
North Korean Hackers Use ELECTRICFISH Malware to Steal Data
The Federal Bureau of Investigation (FBI) and the U.S. Department of Homeland Security (DHS) have issued a joint malware analysis report (MAR) on a new malware strain dubbed ELECTRICFISH and used by the North-Korean APT group Lazarus to exfiltrate data from victims. [...]
https://www.bleepingcomputer.com/news/security/north-korean-hackers-use-electricfish-malware-to-steal-data/
The Federal Bureau of Investigation (FBI) and the U.S. Department of Homeland Security (DHS) have issued a joint malware analysis report (MAR) on a new malware strain dubbed ELECTRICFISH and used by the North-Korean APT group Lazarus to exfiltrate data from victims. [...]
https://www.bleepingcomputer.com/news/security/north-korean-hackers-use-electricfish-malware-to-steal-data/
BleepingComputer
North Korean Hackers Use ELECTRICFISH Malware to Steal Data
The Federal Bureau of Investigation (FBI) and the U.S. Department of Homeland Security (DHS) have issued a joint malware analysis report (MAR) on a malware strain dubbed ELECTRICFISH and used by the North-Korean APT group Lazarus to exfiltrate data from victims.
Mozilla to Delete Usage Data Collected From Firefox Addon Fix
Mozilla has decided to delete all telemetry, or user's usage and performance data, that was collected by Firefox while they were rolling out the study to fix disabled Firefox addons. [...]
https://www.bleepingcomputer.com/news/software/mozilla-to-delete-usage-data-collected-from-firefox-addon-fix/
Mozilla has decided to delete all telemetry, or user's usage and performance data, that was collected by Firefox while they were rolling out the study to fix disabled Firefox addons. [...]
https://www.bleepingcomputer.com/news/software/mozilla-to-delete-usage-data-collected-from-firefox-addon-fix/
BleepingComputer
Mozilla to Delete Usage Data Collected From Firefox Addon Fix
Mozilla has decided to delete all telemetry, or user's usage and performance data, that was collected by Firefox while they were rolling out the study to fix disabled Firefox addons.
U.S Indicts Chinese Hackers for Anthem Data Breach
The U.S. Department of Justice has formally charged two members of a hacking group operating in China for illegally accessing computer systems of health insurer Anthem and stealing personally identifiable information (PII) of 78.8 million people. [...]
https://www.bleepingcomputer.com/news/security/us-indicts-chinese-hackers-for-anthem-data-breach/
The U.S. Department of Justice has formally charged two members of a hacking group operating in China for illegally accessing computer systems of health insurer Anthem and stealing personally identifiable information (PII) of 78.8 million people. [...]
https://www.bleepingcomputer.com/news/security/us-indicts-chinese-hackers-for-anthem-data-breach/
BleepingComputer
U.S Indicts Chinese Hackers for Anthem Data Breach
The U.S. Department of Justice has formally charged two members of a hacking group operating in China for illegally accessing computer systems of health insurer Anthem and stealing personally identifiable information (PII) of 78.8 million people.
Fake Pirate Chick VPN Pushed AZORult Info Stealing Trojan
Adware bundles are installing a VPN software called Pirate Chick, which then connects to a remote server to download and install malicious payloads such the AZORult password-stealing Trojan. [...]
https://www.bleepingcomputer.com/news/security/fake-pirate-chick-vpn-pushed-azorult-info-stealing-trojan/
Adware bundles are installing a VPN software called Pirate Chick, which then connects to a remote server to download and install malicious payloads such the AZORult password-stealing Trojan. [...]
https://www.bleepingcomputer.com/news/security/fake-pirate-chick-vpn-pushed-azorult-info-stealing-trojan/
BleepingComputer
Fake Pirate Chick VPN Pushed AZORult Info Stealing Trojan
Adware bundles are installing a VPN software called Pirate Chick, which then connects to a remote server to download and install malicious payloads such the AZORult password-stealing Trojan.
Six Men Accused of Stealing Over $2.4M in SIM Swapping Attacks
A fifteen-count indictment has been unsealed today by the U.S. Department of Justice charging six men part of a hacking group dubbed "The Community" for allegedly being behind a SIM swapping fraud which led to the theft of roughly $2,5M worth of cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/six-men-accused-of-stealing-over-24m-in-sim-swapping-attacks/
A fifteen-count indictment has been unsealed today by the U.S. Department of Justice charging six men part of a hacking group dubbed "The Community" for allegedly being behind a SIM swapping fraud which led to the theft of roughly $2,5M worth of cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/six-men-accused-of-stealing-over-24m-in-sim-swapping-attacks/
BleepingComputer
Six Men Accused of Stealing Over $2.4M in SIM Swapping Attacks
A fifteen-count indictment has been unsealed today by the U.S. Department of Justice charging six men part of a hacking group dubbed "The Community" for allegedly being behind a SIM swapping fraud which led to the theft of roughly $2,5M worth of cryptocurrency.
Crypto-Mining Hacking Groups Wage War in the Cloud
Two hacking groups connected to large-scale malicious crypto-mining campaigns have been targeting each other's cryptominers as part of an ongoing battle to get control of vulnerable cloud-based infrastructure. [...]
https://www.bleepingcomputer.com/news/security/crypto-mining-hacking-groups-wage-war-in-the-cloud/
Two hacking groups connected to large-scale malicious crypto-mining campaigns have been targeting each other's cryptominers as part of an ongoing battle to get control of vulnerable cloud-based infrastructure. [...]
https://www.bleepingcomputer.com/news/security/crypto-mining-hacking-groups-wage-war-in-the-cloud/
BleepingComputer
Crypto-Mining Hacking Groups Wage War in the Cloud
Two hacking groups connected to large-scale malicious crypto-mining campaigns have been targeting each other's cryptominers as part of an ongoing battle to get control of vulnerable cloud-based infrastructure.
MS Office Adds "Your Data, Controlled by You" Privacy Controls
Microsoft Office has started displaying a new dialog box titled "Your data, controlled by you" when you start applications such as Word, Excel, and PowerPoint. These dialog boxes are new Microsoft privacy controls that ask if you will allow additional Office telemetry and usage data to be sent to Microsoft. [...]
https://www.bleepingcomputer.com/news/microsoft/ms-office-adds-your-data-controlled-by-you-privacy-controls/
Microsoft Office has started displaying a new dialog box titled "Your data, controlled by you" when you start applications such as Word, Excel, and PowerPoint. These dialog boxes are new Microsoft privacy controls that ask if you will allow additional Office telemetry and usage data to be sent to Microsoft. [...]
https://www.bleepingcomputer.com/news/microsoft/ms-office-adds-your-data-controlled-by-you-privacy-controls/
BleepingComputer
MS Office Adds "Your Data, Controlled by You" Privacy Controls
Microsoft Office has started displaying a new dialog box titled "Your data, controlled by you" when you start applications such as Word, Excel, and PowerPoint. These dialog boxes are new Microsoft privacy controls that ask if you will allow additional Officeβ¦
Windows 10 Insider Build 18895 Fixes the Your Phone App
Microsoft has released Windows 10 Insider Preview Build 18895 to Insiders in the Fast ring. This build is a quick fix for the Your Phone app that broke in build 18894. Other that that, it is mostly additional bug fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18895-fixes-the-your-phone-app/
Microsoft has released Windows 10 Insider Preview Build 18895 to Insiders in the Fast ring. This build is a quick fix for the Your Phone app that broke in build 18894. Other that that, it is mostly additional bug fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18895-fixes-the-your-phone-app/
BleepingComputer
Windows 10 Insider Build 18895 Fixes the Your Phone App
Microsoft has released Windows 10 Insider Preview Build 18895 to Insiders in the Fast ring. This build is a quick fix for the Your Phone app that broke in build 18894. Other that that, it is mostly additional bug fixes.
NVIDIA Patches High Severity Windows GPU Display Driver Flaws
NVIDIA issued a security update to fix three high and medium severity security issues in the NVIDIA GPU Display Driver that could lead to code execution, denial of service, escalation of privileges, or information disclosure on vulnerable Windows machines. [...]
https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-windows-gpu-display-driver-flaws/
NVIDIA issued a security update to fix three high and medium severity security issues in the NVIDIA GPU Display Driver that could lead to code execution, denial of service, escalation of privileges, or information disclosure on vulnerable Windows machines. [...]
https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-windows-gpu-display-driver-flaws/
BleepingComputer
NVIDIA Patches High Severity Windows GPU Display Driver Flaws
NVIDIA issued a security update to fix three high and medium severity security issues in the NVIDIA GPU Display Driver that could lead to code execution, denial of service, escalation of privileges, or information disclosure on vulnerable Windows machines.
Google Considers Removing Android ADB Backup and Restore
The Android Debug Bridge (adb) backup and restore commands will be deprecated and may be removed in a future Android release, as detailed in a commit merged into the Android Open Source Project (AOSP) git repository. [...]
https://www.bleepingcomputer.com/news/mobile/google-considers-removing-android-adb-backup-and-restore/
The Android Debug Bridge (adb) backup and restore commands will be deprecated and may be removed in a future Android release, as detailed in a commit merged into the Android Open Source Project (AOSP) git repository. [...]
https://www.bleepingcomputer.com/news/mobile/google-considers-removing-android-adb-backup-and-restore/
BleepingComputer
Google Considers Removing Android ADB Backup and Restore
The Android Debug Bridge (adb) backup and restore commands will be deprecated and may be removed in a future Android release, as detailed in a commit merged into the Android Open Source Project (AOSP) git repository.
Nigerian BEC Scammers Shifting to RATs As Tool of Choice
Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids. [...]
https://www.bleepingcomputer.com/news/security/nigerian-bec-scammers-shifting-to-rats-as-tool-of-choice/
Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids. [...]
https://www.bleepingcomputer.com/news/security/nigerian-bec-scammers-shifting-to-rats-as-tool-of-choice/
BleepingComputer
Nigerian BEC Scammers Shifting to RATs As Tool of Choice
Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids.
The Week in Ransomware - May 10th 2019 - MegaCortex, Jokeroo, and More
This week the biggest news was the analysis of MegaCortex by Sophos. Then we had Dharma utilizing an ESET Remover tool as a distraction while the ransomware encrypted a victim's files. Finally, we had the Jokeroo RaaS pull an exit scam. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-10th-2019-megacortex-jokeroo-and-more/
This week the biggest news was the analysis of MegaCortex by Sophos. Then we had Dharma utilizing an ESET Remover tool as a distraction while the ransomware encrypted a victim's files. Finally, we had the Jokeroo RaaS pull an exit scam. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-10th-2019-megacortex-jokeroo-and-more/
BleepingComputer
The Week in Ransomware - May 10th 2019 - MegaCortex, Jokeroo, and More
This week the biggest news was the analysis of MegaCortex by Sophos. Then we had Dharma utilizing an ESET Remover tool as a distraction while the ransomware encrypted a victim's files. Finally, we had the Jokeroo RaaS pull an exit scam.
Microsoft is Relaunching Power Toys For Windows 10 Users
Microsoft announced this week that they will be bringing back the Windows Power Toys so that a new generation of users can enjoy them. To start they will be offering two new Power Toys, but have a list of others that they hope to add. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-is-relaunching-power-toys-for-windows-10-users/
Microsoft announced this week that they will be bringing back the Windows Power Toys so that a new generation of users can enjoy them. To start they will be offering two new Power Toys, but have a list of others that they hope to add. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-is-relaunching-power-toys-for-windows-10-users/
BleepingComputer
Microsoft is Relaunching PowerToys For Windows 10 Users
Microsoft announced this week that they will be bringing back the Windows PowerToys so that a new generation of users can enjoy them. To start they will be offering two new PowerToys, but have a list of others that they hope to add
Arch Linux for WSL is now Available in the Microsoft Store
Fans of the Windows 10 Subsystem for Linux (WSL) will be happy to learn that the Arch Linux distribution is now available from the Microsoft Store. [...]
https://www.bleepingcomputer.com/news/microsoft/arch-linux-for-wsl-is-now-available-in-the-microsoft-store/
Fans of the Windows 10 Subsystem for Linux (WSL) will be happy to learn that the Arch Linux distribution is now available from the Microsoft Store. [...]
https://www.bleepingcomputer.com/news/microsoft/arch-linux-for-wsl-is-now-available-in-the-microsoft-store/
BleepingComputer
Arch Linux for WSL is now Available in the Microsoft Store
Fans of the Windows 10 Subsystem for Linux (WSL) will be happy to learn that the Arch Linux distribution is now available from the Microsoft Store.
Blocking Hyperlink Auditing Tracking Pings with Extensions
With Chrome, Safari, and Edge enabling the tracking feature called Hyperlink Auditing, or Pings, by default without a way to disable them, users will need to rely on browser extensions to block them going forward. [...]
https://www.bleepingcomputer.com/news/security/blocking-hyperlink-auditing-tracking-pings-with-extensions/
With Chrome, Safari, and Edge enabling the tracking feature called Hyperlink Auditing, or Pings, by default without a way to disable them, users will need to rely on browser extensions to block them going forward. [...]
https://www.bleepingcomputer.com/news/security/blocking-hyperlink-auditing-tracking-pings-with-extensions/
BleepingComputer
Blocking Hyperlink Auditing Tracking Pings with Extensions
With Chrome, Safari, and Edge enabling the tracking feature called Hyperlink Auditing, or Pings, by default without a way to disable them, users will need to rely on browser extensions to block them going forward.
Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks. [...]
https://www.bleepingcomputer.com/news/security/linux-kernel-prior-to-508-vulnerable-to-remote-code-execution/
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks. [...]
https://www.bleepingcomputer.com/news/security/linux-kernel-prior-to-508-vulnerable-to-remote-code-execution/
BleepingComputer
Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks.