The Week in Ransomware - June 14th 2019 - pyLocky and GandCrab Cleans Up
This week we saw French law enforcement releasing a decryptor for the pyLocky Ransomware. We also saw a charity in Washington and a airplane manufacturer become infected with ransomware. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-14th-2019-pylocky-and-gandcrab-cleans-up/
This week we saw French law enforcement releasing a decryptor for the pyLocky Ransomware. We also saw a charity in Washington and a airplane manufacturer become infected with ransomware. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-14th-2019-pylocky-and-gandcrab-cleans-up/
BleepingComputer
The Week in Ransomware - June 14th 2019 - pyLocky and GandCrab Cleans Up
This week we saw French law enforcement releasing a decryptor for the pyLocky Ransomware. We also saw a charity in Washington and a airplane manufacturer become infected with ransomware.
Three U.S. Universities Disclose Data Breaches Over Two-Day Span
Three U.S. universities have disclosed data breach incidents impacting personally identifiable information of students or employees following unauthorized access to some of their employees' email accounts. [...]
https://www.bleepingcomputer.com/news/security/three-us-universities-disclose-data-breaches-over-two-day-span/
Three U.S. universities have disclosed data breach incidents impacting personally identifiable information of students or employees following unauthorized access to some of their employees' email accounts. [...]
https://www.bleepingcomputer.com/news/security/three-us-universities-disclose-data-breaches-over-two-day-span/
BleepingComputer
Three U.S. Universities Disclose Data Breaches Over Two-Day Span
Three U.S. universities have disclosed data breach incidents impacting personally identifiable information of students or employees following unauthorized access to some of their employees' email accounts.
Google Chrome Canary Flag Makes The Browser a Colorful Mess
Google is testing a new feature in the Chrome Canary builds that allows you to change the colors used by various user interface elements of the browser. This allows users to make the browser and its New Tab Page a colorful mess that some may find amusing, while others find painful. [...]
https://www.bleepingcomputer.com/news/google/google-chrome-canary-flag-makes-the-browser-a-colorful-mess/
Google is testing a new feature in the Chrome Canary builds that allows you to change the colors used by various user interface elements of the browser. This allows users to make the browser and its New Tab Page a colorful mess that some may find amusing, while others find painful. [...]
https://www.bleepingcomputer.com/news/google/google-chrome-canary-flag-makes-the-browser-a-colorful-mess/
BleepingComputer
Google Chrome Canary Flag Makes The Browser a Colorful Mess
Google is testing a new feature in the Chrome Canary builds that allows you to change the colors used by various user interface elements of the browser. This allows users to make the browser and its New Tab Page a colorful mess that some may find amusingβ¦
Windows 10: The Upcoming Features and Improvements in 20H1
Windows 10 20H1 builds are available for Windows Insiders with several new changes, giving us a glimpse of what's coming. In this article, we'll take a closer look at the changes and improvements included in Windows 10 20H1 preview builds. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-the-upcoming-features-and-improvements-in-20h1/
Windows 10 20H1 builds are available for Windows Insiders with several new changes, giving us a glimpse of what's coming. In this article, we'll take a closer look at the changes and improvements included in Windows 10 20H1 preview builds. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-the-upcoming-features-and-improvements-in-20h1/
BleepingComputer
Windows 10: The Upcoming Features and Improvements in 20H1
Windows 10 20H1 builds are available for Windows Insiders with several new changes, giving us a glimpse of what's coming. In this article, we'll take a closer look at the changes and improvements included in Windows 10 20H1 preview builds.
Bella Thorne Tweets Her Nude Photos After Threats From Hacker
Instead of giving in to the threats of a hacker who gained access to actress Bella Thorne's nude photos, Thorne has decided to release them herself on Twitter along with the hacker's messages to her. [...]
https://www.bleepingcomputer.com/news/security/bella-thorne-tweets-her-nude-photos-after-threats-from-hacker/
Instead of giving in to the threats of a hacker who gained access to actress Bella Thorne's nude photos, Thorne has decided to release them herself on Twitter along with the hacker's messages to her. [...]
https://www.bleepingcomputer.com/news/security/bella-thorne-tweets-her-nude-photos-after-threats-from-hacker/
BleepingComputer
Bella Thorne Tweets Her Nude Photos After Threats From Hacker
Instead of giving in to the threats of a hacker who gained access to actress Bella Thorne's nude photos, Thorne has decided to release them herself on Twitter along with the hacker's messages to her.
Phishing Scam Asks You to Login to Read Encrypted Message
A new phishing campaign is underway that pretends to be an alert from your email server that it has received an encrypted message for you. It then prompts you to login to a fake OneDrive site in order to read the message. [...]
https://www.bleepingcomputer.com/news/security/phishing-scam-asks-you-to-login-to-read-encrypted-message/
A new phishing campaign is underway that pretends to be an alert from your email server that it has received an encrypted message for you. It then prompts you to login to a fake OneDrive site in order to read the message. [...]
https://www.bleepingcomputer.com/news/security/phishing-scam-asks-you-to-login-to-read-encrypted-message/
BleepingComputer
Phishing Scam Asks You to Login to Read Encrypted Message
A new phishing campaign is underway that pretends to be an alert from your email server that it has received an encrypted message for you. It then prompts you to login to a fake OneDrive site in order to read the message.
Microsoft Warns about Worm Attacking Exim Servers on Azure
Microsoft issued a warning over the weekend about an active Linux worm that is targeting a recently disclosed Linux Exim mail server vulnerability. Though existing mitigations exist to block the worm functionality of this infection, Microsoft states that Azure servers can still be infected or hacked through this vulnerability. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-about-worm-attacking-exim-servers-on-azure/
Microsoft issued a warning over the weekend about an active Linux worm that is targeting a recently disclosed Linux Exim mail server vulnerability. Though existing mitigations exist to block the worm functionality of this infection, Microsoft states that Azure servers can still be infected or hacked through this vulnerability. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-about-worm-attacking-exim-servers-on-azure/
BleepingComputer
Microsoft Warns about Worm Attacking Exim Servers on Azure
Microsoft issued a warning over the weekend about an active Linux worm that is targeting a recently disclosed Linux Exim mail server vulnerability. Though existing mitigations exist to block the worm functionality of this infection, Microsoft states thatβ¦
Release of GandCrab 5.2 Decryptor Ends a Bad Ransomware Story
In collaboration with law enforcement agencies around the world, Bitdefender has released an updated decryptor for the GandCrab Ransomware that can decrypt files encrypted by versions 1, 4, and 5 through 5.2. [...]
https://www.bleepingcomputer.com/news/security/release-of-gandcrab-52-decryptor-ends-a-bad-ransomware-story/
In collaboration with law enforcement agencies around the world, Bitdefender has released an updated decryptor for the GandCrab Ransomware that can decrypt files encrypted by versions 1, 4, and 5 through 5.2. [...]
https://www.bleepingcomputer.com/news/security/release-of-gandcrab-52-decryptor-ends-a-bad-ransomware-story/
BleepingComputer
Release of GandCrab 5.2 Decryptor Ends a Bad Ransomware Story
In collaboration with law enforcement agencies around the world, Bitdefender has released an updated decryptor for the GandCrab Ransomware that can decrypt files encrypted by versions 1, 4, and 5 through 5.2.
Samsung's Smart TV Malware Scan Reminder Met by User Criticism
Samsung issued a reminder for customers to scan their Internet-connected Smart QLED TVs for malware to prevent malicious campaigns from targeting their devices and use them as part of cyber attacks. [...]
https://www.bleepingcomputer.com/news/security/samsungs-smart-tv-malware-scan-reminder-met-by-user-criticism/
Samsung issued a reminder for customers to scan their Internet-connected Smart QLED TVs for malware to prevent malicious campaigns from targeting their devices and use them as part of cyber attacks. [...]
https://www.bleepingcomputer.com/news/security/samsungs-smart-tv-malware-scan-reminder-met-by-user-criticism/
BleepingComputer
Samsung's Smart TV Malware Scan Reminder Met by User Criticism
Samsung issued a reminder for customers to scan their Internet-connected Smart QLED TVs for malware to prevent malicious campaigns from targeting their devices and use them as part of cyber attacks.
U.S. Govt Achieves BlueKeep Remote Code Execution, Issues Alert
The Cybersecurity and Infrastructure Security Agency (CISA) published an alert for Windows users to patch the critical severity Remote Desktop Services (RDS) RCE security flaw dubbed BlueKeep. [...]
https://www.bleepingcomputer.com/news/security/us-govt-achieves-bluekeep-remote-code-execution-issues-alert/
The Cybersecurity and Infrastructure Security Agency (CISA) published an alert for Windows users to patch the critical severity Remote Desktop Services (RDS) RCE security flaw dubbed BlueKeep. [...]
https://www.bleepingcomputer.com/news/security/us-govt-achieves-bluekeep-remote-code-execution-issues-alert/
BleepingComputer
U.S. Govt Achieves BlueKeep Remote Code Execution, Issues Alert
The Cybersecurity and Infrastructure Security Agency (CISA) published an alert for Windows users to patch the critical severity Remote Desktop Services (RDS) RCE security flaw dubbed BlueKeep.
Android Malware Bypasses 2FA by Stealing One-Time Passwords
Researchers monitoring malware that affects Android devices discovered malicious apps that can steal one-time passwords (OTP) from the notification system. This development bypasses Google's ban on apps that access SMS and call logs without justification. [...]
https://www.bleepingcomputer.com/news/security/android-malware-bypasses-2fa-by-stealing-one-time-passwords/
Researchers monitoring malware that affects Android devices discovered malicious apps that can steal one-time passwords (OTP) from the notification system. This development bypasses Google's ban on apps that access SMS and call logs without justification. [...]
https://www.bleepingcomputer.com/news/security/android-malware-bypasses-2fa-by-stealing-one-time-passwords/
BleepingComputer
Android Malware Bypasses 2FA by Stealing One-Time Passwords
Researchers monitoring malware that affects Android devices discovered malicious apps that can steal one-time passwords (OTP) from the notification system. This development bypasses Google's ban on apps that access SMS and call logs without justification.
How To Secure Your Network: Five Modern Alternatives to VPN
Are there alternatives to VPNs that provide better security and anonymity for users, and more visibility and control for IT when and where needed? While the answer depends mostly on your organization's needs, five solutions deliver where traditional VPNs fall short. [...]
https://www.bleepingcomputer.com/news/security/how-to-secure-your-network-five-modern-alternatives-to-vpn/
Are there alternatives to VPNs that provide better security and anonymity for users, and more visibility and control for IT when and where needed? While the answer depends mostly on your organization's needs, five solutions deliver where traditional VPNs fall short. [...]
https://www.bleepingcomputer.com/news/security/how-to-secure-your-network-five-modern-alternatives-to-vpn/
BleepingComputer
How To Secure Your Network: Five Modern Alternatives to VPN
Are there alternatives to VPNs that provide better security and anonymity for users, and more visibility and control for IT when and where needed? While the answer depends mostly on your organization's needs, five solutions deliver where traditional VPNsβ¦
Multiple Linux and FreeBSD DoS Vulnerabilities Found by Netflix
A denial of service flaw found in the way recent Linux and FreeBSD kernels handle TCP networking can be exploited by remote attackers to trigger a kernel panic in vulnerable systems. [...]
https://www.bleepingcomputer.com/news/security/multiple-linux-and-freebsd-dos-vulnerabilities-found-by-netflix/
A denial of service flaw found in the way recent Linux and FreeBSD kernels handle TCP networking can be exploited by remote attackers to trigger a kernel panic in vulnerable systems. [...]
https://www.bleepingcomputer.com/news/security/multiple-linux-and-freebsd-dos-vulnerabilities-found-by-netflix/
BleepingComputer
Multiple Linux and FreeBSD DoS Vulnerabilities Found by Netflix
A denial of service flaw found in the way recent Linux and FreeBSD kernels handle TCP networking can be exploited by remote attackers to trigger a kernel panic in vulnerable systems.
Accidental Cat Filter Makes Politician's Live Stream Hilarious
In what feels like a skit, a Pakistani politician forgot to turn off a cat filter during a Facebook Live press conference. [...]
https://www.bleepingcomputer.com/news/government/accidental-cat-filter-makes-politicians-live-stream-hilarious/
In what feels like a skit, a Pakistani politician forgot to turn off a cat filter during a Facebook Live press conference. [...]
https://www.bleepingcomputer.com/news/government/accidental-cat-filter-makes-politicians-live-stream-hilarious/
BleepingComputer
Accidental Cat Filter Makes Politician's Live Stream Hilarious
In what feels like a skit, a Pakistani politician forgot to turn off a cat filter during a Facebook Live press conference.
Docker Desktop for Windows 10 Will Soon Switch to WSL 2
Docker announced that its native Docker Desktop Windows application will soon switch to the Windows Subsystem for Linux 2 (WSL 2) from the Windows-native Hyper-V virtualization it currently uses. [...]
https://www.bleepingcomputer.com/news/security/docker-desktop-for-windows-10-will-soon-switch-to-wsl-2/
Docker announced that its native Docker Desktop Windows application will soon switch to the Windows Subsystem for Linux 2 (WSL 2) from the Windows-native Hyper-V virtualization it currently uses. [...]
https://www.bleepingcomputer.com/news/security/docker-desktop-for-windows-10-will-soon-switch-to-wsl-2/
BleepingComputer
Docker Desktop for Windows 10 Will Soon Switch to WSL 2
Docker announced that its native Docker Desktop Windows application will soon switch to the Windows Subsystem for Linux 2 (WSL 2) from the Windows-native Hyper-V virtualization it currently uses.
Hacker Steals Customer Payment Info in EatStreet Data Breach
Online food ordering service EatStreet disclosed a security incident from May which led to a data breach involving customer payment card information, as well as sensitive info of delivery and restaurant partners. [...]
https://www.bleepingcomputer.com/news/security/hacker-steals-customer-payment-info-in-eatstreet-data-breach/
Online food ordering service EatStreet disclosed a security incident from May which led to a data breach involving customer payment card information, as well as sensitive info of delivery and restaurant partners. [...]
https://www.bleepingcomputer.com/news/security/hacker-steals-customer-payment-info-in-eatstreet-data-breach/
BleepingComputer
Hacker Steals Customer Payment Info in EatStreet Data Breach
Online food ordering service EatStreet disclosed a security incident from May which led to a data breach involving customer payment card information, as well as sensitive info of delivery and restaurant partners.
Threat Actors Use Older Cobalt Strike Versions to Blend In
Plenty of outdated Cobalt Strike servers exist in the wild, helping cybercriminals or giving security professionals the upper hand when testing corporate defenses; and they can be easily identified to stifle intrusions of any purpose. [...]
https://www.bleepingcomputer.com/news/security/threat-actors-use-older-cobalt-strike-versions-to-blend-in/
Plenty of outdated Cobalt Strike servers exist in the wild, helping cybercriminals or giving security professionals the upper hand when testing corporate defenses; and they can be easily identified to stifle intrusions of any purpose. [...]
https://www.bleepingcomputer.com/news/security/threat-actors-use-older-cobalt-strike-versions-to-blend-in/
BleepingComputer
Threat Actors Use Older Cobalt Strike Versions to Blend In
Plenty of outdated Cobalt Strike servers exist in the wild, helping cybercriminals or giving security professionals the upper hand when testing corporate defenses; and they can be easily identified to stifle intrusions of any purpose.
Microsoft Azure Bastion Preview: Remote VM Access via Azure Portal
Microsoft announced the preview of Azure Bastion, a managed PaaS service designed to provide RDP and SSH access via a web browser to VMs on an Azure Virtual Network (VNet) without having to assign public IP addresses. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-azure-bastion-preview-remote-vm-access-via-azure-portal/
Microsoft announced the preview of Azure Bastion, a managed PaaS service designed to provide RDP and SSH access via a web browser to VMs on an Azure Virtual Network (VNet) without having to assign public IP addresses. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-azure-bastion-preview-remote-vm-access-via-azure-portal/
BleepingComputer
Microsoft Azure Bastion Preview: Remote VM Access via Azure Portal
Microsoft announced the preview of Azure Bastion, a managed PaaS service designed to provide RDP and SSH access via a web browser to VMs on an Azure Virtual Network (VNet) without having to assign public IP addresses.
Google Adds Deceptive URL Alerts To Chrome, Unsafe URL Report Add-on
Google announced the addition of a new feature which warns users of sites that try to pose as recently visited pages and a Google Chrome extension designed to allow them to report suspicious sites to Google's Safe Browsing team. [...]
https://www.bleepingcomputer.com/news/google/google-adds-deceptive-url-alerts-to-chrome-unsafe-url-report-add-on/
Google announced the addition of a new feature which warns users of sites that try to pose as recently visited pages and a Google Chrome extension designed to allow them to report suspicious sites to Google's Safe Browsing team. [...]
https://www.bleepingcomputer.com/news/google/google-adds-deceptive-url-alerts-to-chrome-unsafe-url-report-add-on/
BleepingComputer
Google Adds Deceptive URL Alerts To Chrome, Unsafe URL Report Add-on
Google announced the addition of a new feature which warns users of sites that try to pose as recently visited pages and a Google Chrome extension designed to allow them to report suspicious sites to Google's Safe Browsing team.
Open Source Clones Unofficially Sold on the Microsoft Store
Developers are taking free open source programs, repackaging them as Windows 10 UWP apps under different names, and then offering them on the Microsoft Store. In some cases, the developers are offering these programs as paid apps or with in-app purchases. [...]
https://www.bleepingcomputer.com/news/microsoft/open-source-clones-unofficially-sold-on-the-microsoft-store/
Developers are taking free open source programs, repackaging them as Windows 10 UWP apps under different names, and then offering them on the Microsoft Store. In some cases, the developers are offering these programs as paid apps or with in-app purchases. [...]
https://www.bleepingcomputer.com/news/microsoft/open-source-clones-unofficially-sold-on-the-microsoft-store/
BleepingComputer
Open Source Clones Unofficially Sold on the Microsoft Store
Developers are taking free open source programs, repackaging them as Windows 10 UWP apps under different names, and then offering them on the Microsoft Store. In some cases, the developers are offering these programs as paid apps or with in-app purchases.
Mozilla Firefox 67.0.3 Patches Actively Exploited Zero-Day
Mozilla released Firefox 67.0.3 and Firefox ESR 60.7.1 to patch an actively exploited and critical severity vulnerability which could allow attackers to remotely execute arbitrary code on machines running vulnerable Firefox versions. [...]
https://www.bleepingcomputer.com/news/security/mozilla-firefox-6703-patches-actively-exploited-zero-day/
Mozilla released Firefox 67.0.3 and Firefox ESR 60.7.1 to patch an actively exploited and critical severity vulnerability which could allow attackers to remotely execute arbitrary code on machines running vulnerable Firefox versions. [...]
https://www.bleepingcomputer.com/news/security/mozilla-firefox-6703-patches-actively-exploited-zero-day/
BleepingComputer
Mozilla Firefox 67.0.3 Patches Actively Exploited Zero-Day
Mozilla released Firefox 67.0.3 and Firefox ESR 60.7.1 to patch an actively exploited and critical severity vulnerability which could allow attackers to remotely execute arbitrary code on machines running vulnerable Firefox versions.