U.S Indicts Chinese Hackers for Anthem Data Breach
The U.S. Department of Justice has formally charged two members of a hacking group operating in China for illegally accessing computer systems of health insurer Anthem and stealing personally identifiable information (PII) of 78.8 million people. [...]
https://www.bleepingcomputer.com/news/security/us-indicts-chinese-hackers-for-anthem-data-breach/
The U.S. Department of Justice has formally charged two members of a hacking group operating in China for illegally accessing computer systems of health insurer Anthem and stealing personally identifiable information (PII) of 78.8 million people. [...]
https://www.bleepingcomputer.com/news/security/us-indicts-chinese-hackers-for-anthem-data-breach/
BleepingComputer
U.S Indicts Chinese Hackers for Anthem Data Breach
The U.S. Department of Justice has formally charged two members of a hacking group operating in China for illegally accessing computer systems of health insurer Anthem and stealing personally identifiable information (PII) of 78.8 million people.
Fake Pirate Chick VPN Pushed AZORult Info Stealing Trojan
Adware bundles are installing a VPN software called Pirate Chick, which then connects to a remote server to download and install malicious payloads such the AZORult password-stealing Trojan. [...]
https://www.bleepingcomputer.com/news/security/fake-pirate-chick-vpn-pushed-azorult-info-stealing-trojan/
Adware bundles are installing a VPN software called Pirate Chick, which then connects to a remote server to download and install malicious payloads such the AZORult password-stealing Trojan. [...]
https://www.bleepingcomputer.com/news/security/fake-pirate-chick-vpn-pushed-azorult-info-stealing-trojan/
BleepingComputer
Fake Pirate Chick VPN Pushed AZORult Info Stealing Trojan
Adware bundles are installing a VPN software called Pirate Chick, which then connects to a remote server to download and install malicious payloads such the AZORult password-stealing Trojan.
Six Men Accused of Stealing Over $2.4M in SIM Swapping Attacks
A fifteen-count indictment has been unsealed today by the U.S. Department of Justice charging six men part of a hacking group dubbed "The Community" for allegedly being behind a SIM swapping fraud which led to the theft of roughly $2,5M worth of cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/six-men-accused-of-stealing-over-24m-in-sim-swapping-attacks/
A fifteen-count indictment has been unsealed today by the U.S. Department of Justice charging six men part of a hacking group dubbed "The Community" for allegedly being behind a SIM swapping fraud which led to the theft of roughly $2,5M worth of cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/six-men-accused-of-stealing-over-24m-in-sim-swapping-attacks/
BleepingComputer
Six Men Accused of Stealing Over $2.4M in SIM Swapping Attacks
A fifteen-count indictment has been unsealed today by the U.S. Department of Justice charging six men part of a hacking group dubbed "The Community" for allegedly being behind a SIM swapping fraud which led to the theft of roughly $2,5M worth of cryptocurrency.
Crypto-Mining Hacking Groups Wage War in the Cloud
Two hacking groups connected to large-scale malicious crypto-mining campaigns have been targeting each other's cryptominers as part of an ongoing battle to get control of vulnerable cloud-based infrastructure. [...]
https://www.bleepingcomputer.com/news/security/crypto-mining-hacking-groups-wage-war-in-the-cloud/
Two hacking groups connected to large-scale malicious crypto-mining campaigns have been targeting each other's cryptominers as part of an ongoing battle to get control of vulnerable cloud-based infrastructure. [...]
https://www.bleepingcomputer.com/news/security/crypto-mining-hacking-groups-wage-war-in-the-cloud/
BleepingComputer
Crypto-Mining Hacking Groups Wage War in the Cloud
Two hacking groups connected to large-scale malicious crypto-mining campaigns have been targeting each other's cryptominers as part of an ongoing battle to get control of vulnerable cloud-based infrastructure.
MS Office Adds "Your Data, Controlled by You" Privacy Controls
Microsoft Office has started displaying a new dialog box titled "Your data, controlled by you" when you start applications such as Word, Excel, and PowerPoint. These dialog boxes are new Microsoft privacy controls that ask if you will allow additional Office telemetry and usage data to be sent to Microsoft. [...]
https://www.bleepingcomputer.com/news/microsoft/ms-office-adds-your-data-controlled-by-you-privacy-controls/
Microsoft Office has started displaying a new dialog box titled "Your data, controlled by you" when you start applications such as Word, Excel, and PowerPoint. These dialog boxes are new Microsoft privacy controls that ask if you will allow additional Office telemetry and usage data to be sent to Microsoft. [...]
https://www.bleepingcomputer.com/news/microsoft/ms-office-adds-your-data-controlled-by-you-privacy-controls/
BleepingComputer
MS Office Adds "Your Data, Controlled by You" Privacy Controls
Microsoft Office has started displaying a new dialog box titled "Your data, controlled by you" when you start applications such as Word, Excel, and PowerPoint. These dialog boxes are new Microsoft privacy controls that ask if you will allow additional Officeβ¦
Windows 10 Insider Build 18895 Fixes the Your Phone App
Microsoft has released Windows 10 Insider Preview Build 18895 to Insiders in the Fast ring. This build is a quick fix for the Your Phone app that broke in build 18894. Other that that, it is mostly additional bug fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18895-fixes-the-your-phone-app/
Microsoft has released Windows 10 Insider Preview Build 18895 to Insiders in the Fast ring. This build is a quick fix for the Your Phone app that broke in build 18894. Other that that, it is mostly additional bug fixes. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-18895-fixes-the-your-phone-app/
BleepingComputer
Windows 10 Insider Build 18895 Fixes the Your Phone App
Microsoft has released Windows 10 Insider Preview Build 18895 to Insiders in the Fast ring. This build is a quick fix for the Your Phone app that broke in build 18894. Other that that, it is mostly additional bug fixes.
NVIDIA Patches High Severity Windows GPU Display Driver Flaws
NVIDIA issued a security update to fix three high and medium severity security issues in the NVIDIA GPU Display Driver that could lead to code execution, denial of service, escalation of privileges, or information disclosure on vulnerable Windows machines. [...]
https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-windows-gpu-display-driver-flaws/
NVIDIA issued a security update to fix three high and medium severity security issues in the NVIDIA GPU Display Driver that could lead to code execution, denial of service, escalation of privileges, or information disclosure on vulnerable Windows machines. [...]
https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-windows-gpu-display-driver-flaws/
BleepingComputer
NVIDIA Patches High Severity Windows GPU Display Driver Flaws
NVIDIA issued a security update to fix three high and medium severity security issues in the NVIDIA GPU Display Driver that could lead to code execution, denial of service, escalation of privileges, or information disclosure on vulnerable Windows machines.
Google Considers Removing Android ADB Backup and Restore
The Android Debug Bridge (adb) backup and restore commands will be deprecated and may be removed in a future Android release, as detailed in a commit merged into the Android Open Source Project (AOSP) git repository. [...]
https://www.bleepingcomputer.com/news/mobile/google-considers-removing-android-adb-backup-and-restore/
The Android Debug Bridge (adb) backup and restore commands will be deprecated and may be removed in a future Android release, as detailed in a commit merged into the Android Open Source Project (AOSP) git repository. [...]
https://www.bleepingcomputer.com/news/mobile/google-considers-removing-android-adb-backup-and-restore/
BleepingComputer
Google Considers Removing Android ADB Backup and Restore
The Android Debug Bridge (adb) backup and restore commands will be deprecated and may be removed in a future Android release, as detailed in a commit merged into the Android Open Source Project (AOSP) git repository.
Nigerian BEC Scammers Shifting to RATs As Tool of Choice
Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids. [...]
https://www.bleepingcomputer.com/news/security/nigerian-bec-scammers-shifting-to-rats-as-tool-of-choice/
Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids. [...]
https://www.bleepingcomputer.com/news/security/nigerian-bec-scammers-shifting-to-rats-as-tool-of-choice/
BleepingComputer
Nigerian BEC Scammers Shifting to RATs As Tool of Choice
Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids.
The Week in Ransomware - May 10th 2019 - MegaCortex, Jokeroo, and More
This week the biggest news was the analysis of MegaCortex by Sophos. Then we had Dharma utilizing an ESET Remover tool as a distraction while the ransomware encrypted a victim's files. Finally, we had the Jokeroo RaaS pull an exit scam. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-10th-2019-megacortex-jokeroo-and-more/
This week the biggest news was the analysis of MegaCortex by Sophos. Then we had Dharma utilizing an ESET Remover tool as a distraction while the ransomware encrypted a victim's files. Finally, we had the Jokeroo RaaS pull an exit scam. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-10th-2019-megacortex-jokeroo-and-more/
BleepingComputer
The Week in Ransomware - May 10th 2019 - MegaCortex, Jokeroo, and More
This week the biggest news was the analysis of MegaCortex by Sophos. Then we had Dharma utilizing an ESET Remover tool as a distraction while the ransomware encrypted a victim's files. Finally, we had the Jokeroo RaaS pull an exit scam.
Microsoft is Relaunching Power Toys For Windows 10 Users
Microsoft announced this week that they will be bringing back the Windows Power Toys so that a new generation of users can enjoy them. To start they will be offering two new Power Toys, but have a list of others that they hope to add. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-is-relaunching-power-toys-for-windows-10-users/
Microsoft announced this week that they will be bringing back the Windows Power Toys so that a new generation of users can enjoy them. To start they will be offering two new Power Toys, but have a list of others that they hope to add. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-is-relaunching-power-toys-for-windows-10-users/
BleepingComputer
Microsoft is Relaunching PowerToys For Windows 10 Users
Microsoft announced this week that they will be bringing back the Windows PowerToys so that a new generation of users can enjoy them. To start they will be offering two new PowerToys, but have a list of others that they hope to add
Arch Linux for WSL is now Available in the Microsoft Store
Fans of the Windows 10 Subsystem for Linux (WSL) will be happy to learn that the Arch Linux distribution is now available from the Microsoft Store. [...]
https://www.bleepingcomputer.com/news/microsoft/arch-linux-for-wsl-is-now-available-in-the-microsoft-store/
Fans of the Windows 10 Subsystem for Linux (WSL) will be happy to learn that the Arch Linux distribution is now available from the Microsoft Store. [...]
https://www.bleepingcomputer.com/news/microsoft/arch-linux-for-wsl-is-now-available-in-the-microsoft-store/
BleepingComputer
Arch Linux for WSL is now Available in the Microsoft Store
Fans of the Windows 10 Subsystem for Linux (WSL) will be happy to learn that the Arch Linux distribution is now available from the Microsoft Store.
Blocking Hyperlink Auditing Tracking Pings with Extensions
With Chrome, Safari, and Edge enabling the tracking feature called Hyperlink Auditing, or Pings, by default without a way to disable them, users will need to rely on browser extensions to block them going forward. [...]
https://www.bleepingcomputer.com/news/security/blocking-hyperlink-auditing-tracking-pings-with-extensions/
With Chrome, Safari, and Edge enabling the tracking feature called Hyperlink Auditing, or Pings, by default without a way to disable them, users will need to rely on browser extensions to block them going forward. [...]
https://www.bleepingcomputer.com/news/security/blocking-hyperlink-auditing-tracking-pings-with-extensions/
BleepingComputer
Blocking Hyperlink Auditing Tracking Pings with Extensions
With Chrome, Safari, and Edge enabling the tracking feature called Hyperlink Auditing, or Pings, by default without a way to disable them, users will need to rely on browser extensions to block them going forward.
Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks. [...]
https://www.bleepingcomputer.com/news/security/linux-kernel-prior-to-508-vulnerable-to-remote-code-execution/
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks. [...]
https://www.bleepingcomputer.com/news/security/linux-kernel-prior-to-508-vulnerable-to-remote-code-execution/
BleepingComputer
Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks.
Sensitive Information of Millions of Panama Citizens Leaked
An unprotected Elasticsearch cluster exposed 3,427,396 records containing sensitive personal information on Panama citizens with "patient" labels, together with another 468,086 records labeled as test patients. [...]
https://www.bleepingcomputer.com/news/security/sensitive-information-of-millions-of-panama-citizens-leaked/
An unprotected Elasticsearch cluster exposed 3,427,396 records containing sensitive personal information on Panama citizens with "patient" labels, together with another 468,086 records labeled as test patients. [...]
https://www.bleepingcomputer.com/news/security/sensitive-information-of-millions-of-panama-citizens-leaked/
BleepingComputer
Sensitive Information of Millions of Panama Citizens Leaked
An unprotected Elasticsearch cluster exposed 3,427,396 records containing sensitive personal information on Panama citizens with "patient" labels, together with another 468,086 records labeled as test patients.
New Details Emerge of Fxmsp's Hacking of Antivirus Companies
It is difficult to fathom that a threat actor may be able to breach the networks of a reputed security company. Yet, this is not only possible but also happened in the past; and it is not far-fetched to believe that it is the case with at least three antivirus makers, as reported by BleepingComputer earlier this week. [...]
https://www.bleepingcomputer.com/news/security/new-details-emerge-of-fxmsps-hacking-of-antivirus-companies/
It is difficult to fathom that a threat actor may be able to breach the networks of a reputed security company. Yet, this is not only possible but also happened in the past; and it is not far-fetched to believe that it is the case with at least three antivirus makers, as reported by BleepingComputer earlier this week. [...]
https://www.bleepingcomputer.com/news/security/new-details-emerge-of-fxmsps-hacking-of-antivirus-companies/
BleepingComputer
New Details Emerge of Fxmsp's Hacking of Antivirus Companies
It is difficult to fathom that a threat actor may be able to breach the networks of a reputed security company. Yet, this is not only possible but also happened in the past; and it is not far-fetched to believe that it is the case with at least three antivirusβ¦
New Game Boy Emulator Has a Remote 'Cloud Gaming' Mode
A new Game Boy emulator written in Go has been released that offers the interesting ability of making your games accessible over the Internet using Telnet. While the online games are rendered using ANSI and are not as visually appealing, it illustrates how emulator developers can extend their features to the Internet. [...]
https://www.bleepingcomputer.com/news/gaming/new-game-boy-emulator-has-a-remote-cloud-gaming-mode/
A new Game Boy emulator written in Go has been released that offers the interesting ability of making your games accessible over the Internet using Telnet. While the online games are rendered using ANSI and are not as visually appealing, it illustrates how emulator developers can extend their features to the Internet. [...]
https://www.bleepingcomputer.com/news/gaming/new-game-boy-emulator-has-a-remote-cloud-gaming-mode/
BleepingComputer
New Game Boy Emulator Has a Remote 'Cloud Gaming' Mode
A new Game Boy emulator written in Go has been released that offers the interesting ability of making your games accessible over the Internet using Telnet. While the online games are rendered using ANSI and are not as visually appealing, it illustrates howβ¦
U.S. Govt Issues Microsoft Office 365 Security Best Practices
The Cybersecurity and Infrastructure Security Agency (CISA) issued a set of best practices designed to help organizations to mitigate risks and vulnerabilities associated with migrating their email services to Microsoft Office 365. [...]
https://www.bleepingcomputer.com/news/security/us-govt-issues-microsoft-office-365-security-best-practices/
The Cybersecurity and Infrastructure Security Agency (CISA) issued a set of best practices designed to help organizations to mitigate risks and vulnerabilities associated with migrating their email services to Microsoft Office 365. [...]
https://www.bleepingcomputer.com/news/security/us-govt-issues-microsoft-office-365-security-best-practices/
BleepingComputer
U.S. Govt Issues Microsoft Office 365 Security Best Practices
The Cybersecurity and Infrastructure Security Agency (CISA) issued a set of best practices designed to help organizations to mitigate risks and vulnerabilities associated with migrating their email services to Microsoft Office 365.
Linksys Smart Wi-Fi Routers Leak Info of Connected Devices
More than 25,000 Linksys Smart Wi-Fi routers are currently impacted by an information disclosure vulnerability which allows remote and unauthenticated access to a vast array of sensitive device information. [...]
https://www.bleepingcomputer.com/news/security/linksys-smart-wi-fi-routers-leak-info-of-connected-devices/
More than 25,000 Linksys Smart Wi-Fi routers are currently impacted by an information disclosure vulnerability which allows remote and unauthenticated access to a vast array of sensitive device information. [...]
https://www.bleepingcomputer.com/news/security/linksys-smart-wi-fi-routers-leak-info-of-connected-devices/
BleepingComputer
Linksys Smart Wi-Fi Routers Leak Info of Connected Devices
More than 25,000 Linksys Smart Wi-Fi routers are currently impacted by an information disclosure vulnerability which allows remote and unauthenticated access to a vast array of sensitive device information.
Fxmsp Chat Logs Reveal the Hacked Antivirus Vendors, AVs Respond
A report last week about Fxmsp hacker group claiming access to the networks and source code of three antivirus companies with offices in the U.S. generated from alleged victims statements that are disputed by the firm that sounded the alarm. [...]
https://www.bleepingcomputer.com/news/security/fxmsp-chat-logs-reveal-the-hacked-antivirus-vendors-avs-respond/
A report last week about Fxmsp hacker group claiming access to the networks and source code of three antivirus companies with offices in the U.S. generated from alleged victims statements that are disputed by the firm that sounded the alarm. [...]
https://www.bleepingcomputer.com/news/security/fxmsp-chat-logs-reveal-the-hacked-antivirus-vendors-avs-respond/
BleepingComputer
Fxmsp Chat Logs Reveal the Hacked Antivirus Vendors, AVs Respond
A report last week about Fxmsp hacker group claiming access to the networks and source code of three antivirus companies with offices in the U.S. generated statements from alleged victims that are disputed by the firm that sounded the alarm.
Adobe Says Upgrade Creative Cloud Apps or Risk 3rd Party Claims
On May 8th, 2019, Creative Cloud users have started receiving emails from Adobe stating that older versions of the products they are using have been discontinued and that users are no longer licensed to use them. For many of these developers, this not a reasonable request as they need to utilize older versions for certain projects. [...]
https://www.bleepingcomputer.com/news/software/adobe-says-upgrade-creative-cloud-apps-or-risk-3rd-party-claims/
On May 8th, 2019, Creative Cloud users have started receiving emails from Adobe stating that older versions of the products they are using have been discontinued and that users are no longer licensed to use them. For many of these developers, this not a reasonable request as they need to utilize older versions for certain projects. [...]
https://www.bleepingcomputer.com/news/software/adobe-says-upgrade-creative-cloud-apps-or-risk-3rd-party-claims/
BleepingComputer
Adobe Says Upgrade Creative Cloud Apps or Risk 3rd Party Claims
On May 8th, 2019, Creative Cloud users have started receiving emails from Adobe stating that older versions of the products they are using have been discontinued and that users are no longer licensed to use them. For many of these developers, this not a reasonableβ¦