The Week in Ransomware - January 13th 2017 - MongoDB Apocalypse, Spora, Decryptors, and More
The ransomware scourge does not want to let up. This week we have seen lots of small infections released, a very professional Spora Ransomware payment site, the continuing relentless attack on MongoDB databases, and a big time ransomware payout. The good news is that wwe also had a few decryptors released by Emsisoft! [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-13th-2017-mongodb-apocalypse-spora-decryptors-and-more/
The ransomware scourge does not want to let up. This week we have seen lots of small infections released, a very professional Spora Ransomware payment site, the continuing relentless attack on MongoDB databases, and a big time ransomware payout. The good news is that wwe also had a few decryptors released by Emsisoft! [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-13th-2017-mongodb-apocalypse-spora-decryptors-and-more/
Researcher: WhatsApp Bug Exposes Encrypted Messages
Security researcher Tobias Boelter has discovered a bug in the encrypted communications system used by WhatsApp that allows a determined third-party actor, possibly Facebook, to intercept encrypted messages. [...]
https://www.bleepingcomputer.com/news/security/researcher-whatsapp-bug-exposes-encrypted-messages/
Security researcher Tobias Boelter has discovered a bug in the encrypted communications system used by WhatsApp that allows a determined third-party actor, possibly Facebook, to intercept encrypted messages. [...]
https://www.bleepingcomputer.com/news/security/researcher-whatsapp-bug-exposes-encrypted-messages/
BleepingComputer
Researcher: WhatsApp Bug Exposes Encrypted Messages
Security researcher Tobias Boelter has discovered a bug in the encrypted communications system used by WhatsApp that allows a determined third-party actor, possibly Facebook, to intercept encrypted messages.
Misconfigured Server Gives Insight Into Cerber Ransomware Operation
Security researchers have gained access to one of the servers used by the Cerber gang, from where they were able to extract basic statistics about their operation. [...]
https://www.bleepingcomputer.com/news/security/misconfigured-server-gives-insight-into-cerber-ransomware-operation/
Security researchers have gained access to one of the servers used by the Cerber gang, from where they were able to extract basic statistics about their operation. [...]
https://www.bleepingcomputer.com/news/security/misconfigured-server-gives-insight-into-cerber-ransomware-operation/
BleepingComputer
Misconfigured Server Gives Insight Into Cerber Ransomware Operation
Security researchers have gained access to one of the servers used by the Cerber gang, from where they were able to extract basic statistics about their operation.
Author of Limitless Keylogger Faces Up to 10 Years in Prison
Zachary Shames pleaded guilty today to charges of developing and selling malware that was later used to infect thousands of victims. [...]
https://www.bleepingcomputer.com/news/security/author-of-limitless-keylogger-faces-up-to-10-years-in-prison/
Zachary Shames pleaded guilty today to charges of developing and selling malware that was later used to infect thousands of victims. [...]
https://www.bleepingcomputer.com/news/security/author-of-limitless-keylogger-faces-up-to-10-years-in-prison/
BleepingComputer
Author of Limitless Keylogger Faces Up to 10 Years in Prison
Zachary Shames pleaded guilty today to charges of developing and selling malware that was later used to infect thousands of victims.
FLAC Support Coming to Chrome 56, Firefox 51
Two major browsers makers, Mozilla and Google, are adding support for the FLAC audio format this month, with the releases of Firefox 51 and Chrome 56. [...]
https://www.bleepingcomputer.com/news/software/flac-support-coming-to-chrome-56-firefox-51/
Two major browsers makers, Mozilla and Google, are adding support for the FLAC audio format this month, with the releases of Firefox 51 and Chrome 56. [...]
https://www.bleepingcomputer.com/news/software/flac-support-coming-to-chrome-56-firefox-51/
BleepingComputer
FLAC Support Coming to Chrome 56, Firefox 51
Two major browsers makers, Mozilla and Google, are adding support for the FLAC audio format this month, with the releases of Firefox 51 and Chrome 56.
Internet Archive Launches Chrome Extension That Replaces 404 Pages With Archived Copies
The Internet Archive has launched on Friday a Chrome extension that will detect "Page not found" and other web errors and replace them with a copy from its Wayback Machine, if available. The extension is already available on the Chrome Web Store. [...]
https://www.bleepingcomputer.com/news/software/internet-archive-launches-chrome-extension-that-replaces-404-pages-with-archived-copies/
The Internet Archive has launched on Friday a Chrome extension that will detect "Page not found" and other web errors and replace them with a copy from its Wayback Machine, if available. The extension is already available on the Chrome Web Store. [...]
https://www.bleepingcomputer.com/news/software/internet-archive-launches-chrome-extension-that-replaces-404-pages-with-archived-copies/
BleepingComputer
Internet Archive Launches Chrome Extension That Replaces 404 Pages With Archived Copies
The Internet Archive has launched on Friday a Chrome extension that will detect "Page not found" and other web errors and replace them with a copy from its Wayback Machine, if available. The extension is already available on the Chrome Web Store.
CryptoSearch Finds Files Encrypted by Ransomware, Moves Them to New Location
Named CryptoSearch, this tool identifies files encrypted by several types of ransomware families and provides the user with the option to copy or move the files to a new location, in hopes that a decrypter that can recover the locked files will be released in the future. [...]
https://www.bleepingcomputer.com/news/security/cryptosearch-finds-files-encrypted-by-ransomware-moves-them-to-new-location/
Named CryptoSearch, this tool identifies files encrypted by several types of ransomware families and provides the user with the option to copy or move the files to a new location, in hopes that a decrypter that can recover the locked files will be released in the future. [...]
https://www.bleepingcomputer.com/news/security/cryptosearch-finds-files-encrypted-by-ransomware-moves-them-to-new-location/
BleepingComputer
CryptoSearch Finds Files Encrypted by Ransomware, Moves Them to New Location
Named CryptoSearch, this tool identifies files encrypted by several types of ransomware families and provides the user with the option to copy or move the files to a new location, in hopes that a decrypter that can recover the locked files will be releasedβ¦
Israeli Military Tricked Into Installing Malware by Hamas Agents Posing as Women
Members of the Hamas Palestinian militant group have posed as women and tricked Israeli soldiers into installing malware on their phones, a member of the Israeli Defence Force (IDF) said last week. [...]
https://www.bleepingcomputer.com/news/government/israeli-military-tricked-into-installing-malware-by-hamas-agents-posing-as-women/
Members of the Hamas Palestinian militant group have posed as women and tricked Israeli soldiers into installing malware on their phones, a member of the Israeli Defence Force (IDF) said last week. [...]
https://www.bleepingcomputer.com/news/government/israeli-military-tricked-into-installing-malware-by-hamas-agents-posing-as-women/
BleepingComputer
Israeli Military Tricked Into Installing Malware by Hamas Agents Posing as Women
Members of the Hamas Palestinian militant group have posed as women and tricked Israeli soldiers into installing malware on their phones, a member of the Israeli Defence Force (IDF) said last week.
Over 1.1 Million People Signed New 'Pardon Snowden' Petition
1,101,252 people signed a petition that asks President Barack Obama to pardon and exonerate NSA whistleblower Edward Snowden of all charges. The petition was set in motion in September 2016, just before the premiere of the Snowden movie, directed by Oliver Stone, and starring Joseph Gordon-Levitt as Snowden. [...]
https://www.bleepingcomputer.com/news/government/over-1-1-million-people-signed-new-pardon-snowden-petition/
1,101,252 people signed a petition that asks President Barack Obama to pardon and exonerate NSA whistleblower Edward Snowden of all charges. The petition was set in motion in September 2016, just before the premiere of the Snowden movie, directed by Oliver Stone, and starring Joseph Gordon-Levitt as Snowden. [...]
https://www.bleepingcomputer.com/news/government/over-1-1-million-people-signed-new-pardon-snowden-petition/
BleepingComputer
Over 1.1 Million People Signed New 'Pardon Snowden' Petition
1,101,252 people signed a petition that asks President Barack Obama to pardon and exonerate NSA whistleblower Edward Snowden of all charges. The petition was set in motion in September 2016, just before the premiere of the Snowden movie, directed by Oliverβ¦
Android Apps Caught Stealing Instagram Passwords for Turkish Users
Mobile security experts with Intel Security (McAfee) have discovered a rash of Android apps available through the Google Play Store that were stealing Instagram credentials and uploading the data to a remote server. [...]
https://www.bleepingcomputer.com/news/security/android-apps-caught-stealing-instagram-passwords-for-turkish-users/
Mobile security experts with Intel Security (McAfee) have discovered a rash of Android apps available through the Google Play Store that were stealing Instagram credentials and uploading the data to a remote server. [...]
https://www.bleepingcomputer.com/news/security/android-apps-caught-stealing-instagram-passwords-for-turkish-users/
BleepingComputer
Android Apps Caught Stealing Instagram Passwords for Turkish Users
Mobile security experts with Intel Security (McAfee) have discovered a rash of Android apps available through the Google Play Store that were stealing Instagram credentials and uploading the data to a remote server.
One in Six Accounts Secured With Password '123456'
The team at Keeper, a password manager application, has compiled a list of 2016's most commonly used passwords, and yet again people have chosen the simplistic "123456" as their favorite password in 2016. [...]
https://www.bleepingcomputer.com/news/security/one-in-six-accounts-secured-with-password-123456/
The team at Keeper, a password manager application, has compiled a list of 2016's most commonly used passwords, and yet again people have chosen the simplistic "123456" as their favorite password in 2016. [...]
https://www.bleepingcomputer.com/news/security/one-in-six-accounts-secured-with-password-123456/
BleepingComputer
One in Six Accounts Secured With Password '123456'
The team at Keeper, a password manager application, has compiled a list of 2016's most commonly used passwords, and yet again people have chosen the simplistic "123456" as their favorite password in 2016.
The Fine Art of Trolling a Security Researcher
Malware authors are trolling security researchers on VirusTotal by posting abusing comments, marking their websites as dangerous sites, and voting recently discovered malicious files as "harmless." [...]
https://www.bleepingcomputer.com/news/security/the-fine-art-of-trolling-a-security-researcher/
Malware authors are trolling security researchers on VirusTotal by posting abusing comments, marking their websites as dangerous sites, and voting recently discovered malicious files as "harmless." [...]
https://www.bleepingcomputer.com/news/security/the-fine-art-of-trolling-a-security-researcher/
BleepingComputer
The Fine Art of Trolling a Security Researcher
Malware authors are trolling security researchers on VirusTotal by posting abusing comments, marking their websites as dangerous sites, and voting recently discovered malicious files as "harmless."
Dutch Developer Added Backdoor to Websites He Built, Phished Over 20,000 Users
A Dutch developer illegally accessed the accounts of over 20,000 users after he collected their login information via backdoors installed on websites he built. According to an official statement, Dutch police officials are now in the process of notifying these victims about the crook's actions. [...]
https://www.bleepingcomputer.com/news/security/dutch-developer-added-backdoor-to-websites-he-built-phished-over-20-000-users/
A Dutch developer illegally accessed the accounts of over 20,000 users after he collected their login information via backdoors installed on websites he built. According to an official statement, Dutch police officials are now in the process of notifying these victims about the crook's actions. [...]
https://www.bleepingcomputer.com/news/security/dutch-developer-added-backdoor-to-websites-he-built-phished-over-20-000-users/
BleepingComputer
Dutch Developer Added Backdoor to Websites He Built, Phished Over 20,000 Users
A Dutch developer illegally accessed the accounts of over 20,000 users after he collected their login information via backdoors installed on websites he built. According to an official statement, Dutch police officials are now in the process of notifyingβ¦
McDonald's Official Website Exposes Passwords in Cleartext
Security researcher Tijme Gommers has discovered and publicly disclosed an issue in the McDonald's official website that allows an attacker to gain access to a user's password in cleartext. [...]
https://www.bleepingcomputer.com/news/security/mcdonalds-official-website-exposes-passwords-in-cleartext/
Security researcher Tijme Gommers has discovered and publicly disclosed an issue in the McDonald's official website that allows an attacker to gain access to a user's password in cleartext. [...]
https://www.bleepingcomputer.com/news/security/mcdonalds-official-website-exposes-passwords-in-cleartext/
BleepingComputer
McDonald's Official Website Exposes Passwords in Cleartext
Security researcher Tijme Gommers has discovered and publicly disclosed an issue in the McDonald's official website that allows an attacker to gain access to a user's password in cleartext.
Opera Presto Source Code Leaks Online
An unknown third-party has leaked the source code of the old Opera Presto browser engine on GitHub, and later on Bitbucket, two services for hosting and sharing source code online. [...]
https://www.bleepingcomputer.com/news/software/opera-presto-source-code-leaks-online/
An unknown third-party has leaked the source code of the old Opera Presto browser engine on GitHub, and later on Bitbucket, two services for hosting and sharing source code online. [...]
https://www.bleepingcomputer.com/news/software/opera-presto-source-code-leaks-online/
BleepingComputer
Opera Presto Source Code Leaks Online
An unknown third-party has leaked the source code of the old Opera Presto browser engine on GitHub, and later on Bitbucket, two services for hosting and sharing source code online.
New GhostAdmin Malware Used for Data Theft and Exfiltration
Security researcher MalwareHunterTeam discovered today a new malware family that can infect computers and allow crooks to take control of these PCs using commands sent via an IRC channel. [...]
https://www.bleepingcomputer.com/news/security/new-ghostadmin-malware-used-for-data-theft-and-exfiltration/
Security researcher MalwareHunterTeam discovered today a new malware family that can infect computers and allow crooks to take control of these PCs using commands sent via an IRC channel. [...]
https://www.bleepingcomputer.com/news/security/new-ghostadmin-malware-used-for-data-theft-and-exfiltration/
BleepingComputer
New GhostAdmin Malware Used for Data Theft and Exfiltration
Security researcher MalwareHunterTeam discovered today a new malware family that can infect computers and allow crooks to take control of these PCs using commands sent via an IRC channel.
Locky Ransomware Activity Goes Down by 81%
For more than four weeks, the only source of Locky ransomware infections has been through spam campaigns that distributed the Kovter click-fraud malware, as the primary source of Locky infections, the Necurs botnet, has been offline for the Christmas and New Year holidays. [...]
https://www.bleepingcomputer.com/news/security/locky-ransomware-activity-goes-down-by-81-percent/
For more than four weeks, the only source of Locky ransomware infections has been through spam campaigns that distributed the Kovter click-fraud malware, as the primary source of Locky infections, the Necurs botnet, has been offline for the Christmas and New Year holidays. [...]
https://www.bleepingcomputer.com/news/security/locky-ransomware-activity-goes-down-by-81-percent/
BleepingComputer
Locky Ransomware Activity Goes Down by 81%
For more than four weeks, the only source of Locky ransomware infections has been through spam campaigns that distributed the Kovter click-fraud malware, as the primary source of Locky infections, the Necurs botnet, has been offline for the Christmas andβ¦
Malware Uses Google Services as Command-and-Control Servers
Recent versions of the Carbanak malware are now abusing several Google services to host command-and-control (C&C) infrastructure, which they use to manage infections and exfiltrate stolen data. [...]
https://www.bleepingcomputer.com/news/security/malware-uses-google-services-as-command-and-control-servers/
Recent versions of the Carbanak malware are now abusing several Google services to host command-and-control (C&C) infrastructure, which they use to manage infections and exfiltrate stolen data. [...]
https://www.bleepingcomputer.com/news/security/malware-uses-google-services-as-command-and-control-servers/
BleepingComputer
Malware Uses Google Services as Command-and-Control Servers
Recent versions of the Carbanak malware are now abusing several Google services to host command-and-control (C&C) infrastructure, which they use to manage infections and exfiltrate stolen data.
Indiana Cancer Agency Hit by Aggressive Ransomware Group
A ransomware group has infected the computers of an Indiana-based cancer agency and have asked for a large payment of 50 Bitcoin ($44,800). The victim is Cancer Services of East Central Indiana-Little Red Door, an organization that helps "reduce the financial and emotional burdens of those dealing with a cancer diagnosis." [...]
https://www.bleepingcomputer.com/news/security/indiana-cancer-agency-hit-by-aggressive-ransomware-group/
A ransomware group has infected the computers of an Indiana-based cancer agency and have asked for a large payment of 50 Bitcoin ($44,800). The victim is Cancer Services of East Central Indiana-Little Red Door, an organization that helps "reduce the financial and emotional burdens of those dealing with a cancer diagnosis." [...]
https://www.bleepingcomputer.com/news/security/indiana-cancer-agency-hit-by-aggressive-ransomware-group/
BleepingComputer
Indiana Cancer Agency Hit by Aggressive Ransomware Group
A ransomware group has infected the computers of an Indiana-based cancer agency and have asked for a large payment of 50 Bitcoin ($44,800). The victim is Cancer Services of East Central Indiana-Little Red Door, an organization that helps "reduce the financialβ¦
Chrome Users Targeted with Malware via New "Font Wasn't Found" Technique
Google Chrome users need to be on the lookout for websites trying to trick them into downloading a font update package for their browser, as most chances are that the file is laced with malware. [...]
https://www.bleepingcomputer.com/news/security/chrome-users-targeted-with-malware-via-new-font-wasnt-found-technique/
Google Chrome users need to be on the lookout for websites trying to trick them into downloading a font update package for their browser, as most chances are that the file is laced with malware. [...]
https://www.bleepingcomputer.com/news/security/chrome-users-targeted-with-malware-via-new-font-wasnt-found-technique/
BleepingComputer
Chrome Users Targeted with Malware via New "Font Wasn't Found" Technique
Google Chrome users need to be on the lookout for websites trying to trick them into downloading a font update package for their browser, as most chances are that the file is laced with malware.
Intel CPUs Can Be Pwned via USB Port and Debugging Interface
Attackers with access to a device can take control over a target's computer and bypass all local security systems by abusing a hardware debugging interface included with Intel CPUs, which in recent years has become accessible via an external USB 3.0 port. [...]
https://www.bleepingcomputer.com/news/hardware/intel-cpus-can-be-pwned-via-usb-port-and-debugging-interface/
Attackers with access to a device can take control over a target's computer and bypass all local security systems by abusing a hardware debugging interface included with Intel CPUs, which in recent years has become accessible via an external USB 3.0 port. [...]
https://www.bleepingcomputer.com/news/hardware/intel-cpus-can-be-pwned-via-usb-port-and-debugging-interface/
BleepingComputer
Intel CPUs Can Be Pwned via USB Port and Debugging Interface
Attackers with access to a device can take control over a target's computer and bypass all local security systems by abusing a hardware debugging interface included with Intel CPUs, which in recent years has become accessible via an external USB 3.0 port.