Google Chrome Starts Testing Third-Party Cookie Blocking
With yesterday's release of Firefox 69, Mozilla has started blocking third-party tracking cookies by default as part of their Enhanced Tracking Protection feature. Not to be outdone by Firefox, Google has also started to test a new feature that will block third-party tracking cookies within Google Chrome. [...]
https://www.bleepingcomputer.com/news/google/google-chrome-starts-testing-third-party-cookie-blocking/
With yesterday's release of Firefox 69, Mozilla has started blocking third-party tracking cookies by default as part of their Enhanced Tracking Protection feature. Not to be outdone by Firefox, Google has also started to test a new feature that will block third-party tracking cookies within Google Chrome. [...]
https://www.bleepingcomputer.com/news/google/google-chrome-starts-testing-third-party-cookie-blocking/
BleepingComputer
Google Chrome Starts Testing Third-Party Cookie Blocking
With yesterday's release of Firefox 69, Mozilla has started blocking third-party tracking cookies by default as part of their Enhanced Tracking Protection feature. Not to be outdone by Firefox, Google has also started to test a new feature that will blockβ¦
Glupteba Malware Uses Bitcoin Blockchain to Update C2 Domains
A new variant of the Glupteba malware dropper is using the Bitcoin blockchain to fetch command and control (C2) server domains from Bitcoin transactions marked with OP_RETURN script opcodes. [...]
https://www.bleepingcomputer.com/news/security/glupteba-malware-uses-bitcoin-blockchain-to-update-c2-domains/
A new variant of the Glupteba malware dropper is using the Bitcoin blockchain to fetch command and control (C2) server domains from Bitcoin transactions marked with OP_RETURN script opcodes. [...]
https://www.bleepingcomputer.com/news/security/glupteba-malware-uses-bitcoin-blockchain-to-update-c2-domains/
BleepingComputer
Glupteba Malware Uses Bitcoin Blockchain to Update C2 Domains
A new variant of the Glupteba malware dropper is using the Bitcoin blockchain to fetch command and control (C2) server domains from Bitcoin transactions marked with OP_RETURN script opcodes.
Year-Old Samba Bug Allows Access to Forbidden Root Share Paths
For almost a year, threat actors could exploit a vulnerability in Samba software that allowed them to bypass file-sharing permissions and escape outside the share root directory. [...]
https://www.bleepingcomputer.com/news/security/year-old-samba-bug-allows-access-to-forbidden-root-share-paths/
For almost a year, threat actors could exploit a vulnerability in Samba software that allowed them to bypass file-sharing permissions and escape outside the share root directory. [...]
https://www.bleepingcomputer.com/news/security/year-old-samba-bug-allows-access-to-forbidden-root-share-paths/
BleepingComputer
Year-Old Samba Bug Allows Access to Forbidden Root Share Paths
For almost a year, threat actors could exploit a vulnerability in Samba software that allowed them to bypass file-sharing permissions and escape outside the share root directory.
Stealthy Android Trojan Spy Signs You Up For Premium Subscriptions
Security researchers discovered a new Android Trojan with malware dropper and spyware capabilities in 24 Google Play Store apps with more than 472,000 downloads in total. [...]
https://www.bleepingcomputer.com/news/security/stealthy-android-trojan-spy-signs-you-up-for-premium-subscriptions/
Security researchers discovered a new Android Trojan with malware dropper and spyware capabilities in 24 Google Play Store apps with more than 472,000 downloads in total. [...]
https://www.bleepingcomputer.com/news/security/stealthy-android-trojan-spy-signs-you-up-for-premium-subscriptions/
BleepingComputer
Stealthy Android Trojan Spy Signs You Up For Premium Subscriptions
Security researchers discovered a new Android Trojan with malware dropper and spyware capabilities in 24 Google Play Store apps with more than 472,000 downloads in total.
Facebook and Instagram Start Fighting Vaccine Misinformation
Facebook and Instagram have started rolling out information pop-ups to provide users with authoritative vaccine information before accessing vaccine-related content on the two social networks. [...]
https://www.bleepingcomputer.com/news/technology/facebook-and-instagram-start-fighting-vaccine-misinformation/
Facebook and Instagram have started rolling out information pop-ups to provide users with authoritative vaccine information before accessing vaccine-related content on the two social networks. [...]
https://www.bleepingcomputer.com/news/technology/facebook-and-instagram-start-fighting-vaccine-misinformation/
BleepingComputer
Facebook and Instagram Start Fighting Vaccine Misinformation
Facebook and Instagram have started rolling out information pop-ups to provide users with authoritative vaccine information before accessing vaccine-related content on the two social networks.
Android Zero-Day Bug Does Not Make It on Googleβs 'Fix' List
Google yesterday rolled out security patches for the Android mobile operating system but did not include the fix for at least one bug that enables increasing permissions to kernel level. [...]
https://www.bleepingcomputer.com/news/security/android-zero-day-bug-does-not-make-it-on-google-s-fix-list/
Google yesterday rolled out security patches for the Android mobile operating system but did not include the fix for at least one bug that enables increasing permissions to kernel level. [...]
https://www.bleepingcomputer.com/news/security/android-zero-day-bug-does-not-make-it-on-google-s-fix-list/
BleepingComputer
Android Zero-Day Bug Does Not Make It on Googleβs 'Fix' List
Google yesterday rolled out security patches for the Android mobile operating system but did not include the fix for at least one bug that enables increasing permissions to kernel level.
Hackers Ask for $5.3 Million Ransom, Turn Down $400k, Get Nothing
Hackers infecting the computer systems of the city of New Bedford, Massachusetts, with ransomware wouldn't settle for anything less that than $5.3 million to decrypt the data. The ransom was too high and they got a big fat nothing in return. [...]
https://www.bleepingcomputer.com/news/security/hackers-ask-for-53-million-ransom-turn-down-400k-get-nothing/
Hackers infecting the computer systems of the city of New Bedford, Massachusetts, with ransomware wouldn't settle for anything less that than $5.3 million to decrypt the data. The ransom was too high and they got a big fat nothing in return. [...]
https://www.bleepingcomputer.com/news/security/hackers-ask-for-53-million-ransom-turn-down-400k-get-nothing/
BleepingComputer
Hackers Ask for $5.3 Million Ransom, Turn Down $400k, Get Nothing
Hackers infecting the computer systems of the city of New Bedford, Massachusetts, with ransomware wouldn't settle for anything less that than $5.3 million to decrypt the data. The ransom was too high and they got a big fat nothing in return.
Ransomware Adopts DoppelPaymer Name Given by Researchers
Whether it be malware devs contacting us about our stories or commenting in our forums, we all know that the ransomware developers monitor researchers and technology sites for information about their programs. Nothing shows this better, than a ransomware that recently decided to adopt the name given to it by researchers. [...]
https://www.bleepingcomputer.com/news/security/ransomware-adopts-doppelpaymer-name-given-by-researchers/
Whether it be malware devs contacting us about our stories or commenting in our forums, we all know that the ransomware developers monitor researchers and technology sites for information about their programs. Nothing shows this better, than a ransomware that recently decided to adopt the name given to it by researchers. [...]
https://www.bleepingcomputer.com/news/security/ransomware-adopts-doppelpaymer-name-given-by-researchers/
BleepingComputer
Ransomware Adopts DoppelPaymer Name Given by Researchers
Whether it be malware devs contacting us about our stories or commenting in our forums, we all know that the ransomware developers monitor researchers and technology sites for information about their programs. Nothing shows this better, than a ransomwareβ¦
Twitter Suspends SMS-Based Tweeting After High-Profile Account Hacks
Twitter on Wednesday announced that it would turn off its Tweet via SMS feature for an unspecified period following abuses that led to hackers posting from at least two high-profile accounts. [...]
https://www.bleepingcomputer.com/news/security/twitter-suspends-sms-based-tweeting-after-high-profile-account-hacks/
Twitter on Wednesday announced that it would turn off its Tweet via SMS feature for an unspecified period following abuses that led to hackers posting from at least two high-profile accounts. [...]
https://www.bleepingcomputer.com/news/security/twitter-suspends-sms-based-tweeting-after-high-profile-account-hacks/
BleepingComputer
Twitter Suspends SMS-Based Tweeting After High-Profile Account Hacks
Twitter on Wednesday announced that it would turn off its Tweet via SMS feature for an unspecified period following abuses that led to hackers posting from at least two high-profile accounts.
WordPress 5.2.3 Released with Security and Bug Fixes
WordPress 5.2.3 has been released and includes fixes for six vulnerabilities and 29 bugs or enhancements. As WordPress is a common target for threat actors looking to host their malicious campaigns, it is important that all WordPress users upgrade to the latest release as soon as possible. [...]
https://www.bleepingcomputer.com/news/security/wordpress-523-released-with-security-and-bug-fixes/
WordPress 5.2.3 has been released and includes fixes for six vulnerabilities and 29 bugs or enhancements. As WordPress is a common target for threat actors looking to host their malicious campaigns, it is important that all WordPress users upgrade to the latest release as soon as possible. [...]
https://www.bleepingcomputer.com/news/security/wordpress-523-released-with-security-and-bug-fixes/
BleepingComputer
WordPress 5.2.3 Released with Security and Bug Fixes
WordPress 5.2.3 has been released and includes fixes for six vulnerabilities and 29 bugs or enhancements. As WordPress is a common target for threat actors looking to host their malicious campaigns, it is important that all WordPress users upgrade to theβ¦
Buggy GPS Trackers Expose Childrensβ Real-Time Location
Several vulnerabilities impacting twenty-nine models of GPS trackers designed to monitor the location of children, pets, and valuable possessions expose real-time location data as Avast Threat Labs researchers found. [...]
https://www.bleepingcomputer.com/news/security/buggy-gps-trackers-expose-childrens-real-time-location/
Several vulnerabilities impacting twenty-nine models of GPS trackers designed to monitor the location of children, pets, and valuable possessions expose real-time location data as Avast Threat Labs researchers found. [...]
https://www.bleepingcomputer.com/news/security/buggy-gps-trackers-expose-childrens-real-time-location/
BleepingComputer
Buggy GPS Trackers Expose Childrensβ Real-Time Location
Several vulnerabilities impacting twenty-nine models of GPS trackers designed to monitor the location of children, pets, and valuable possessions expose real-time location data as Avast Threat Labs researchers found.
Amazon AWS Outage Shows Data in the Cloud is Not Always Safe
A recent power outage outage at an Amazon AWS data facility and the resulting data loss for some customers shows that storing data in the cloud does not mean you do not also need a backup. [...]
https://www.bleepingcomputer.com/news/technology/amazon-aws-outage-shows-data-in-the-cloud-is-not-always-safe/
A recent power outage outage at an Amazon AWS data facility and the resulting data loss for some customers shows that storing data in the cloud does not mean you do not also need a backup. [...]
https://www.bleepingcomputer.com/news/technology/amazon-aws-outage-shows-data-in-the-cloud-is-not-always-safe/
BleepingComputer
Amazon AWS Outage Shows Data in the Cloud is Not Always Safe
A recent power outage outage at an Amazon AWS data facility and the resulting data loss for some customers shows that storing data in the cloud does not mean you do not also need a backup.
Students Rejoice: School District Closed by Ransomware Attack
The summer school holiday has not ended for students in Flagstaff, Arizona, as a ransomware attack hitting the School District computers forces the decision to cancel classes for today. The schedule for tomorrow is uncertain. [...]
https://www.bleepingcomputer.com/news/security/students-rejoice-school-district-closed-by-ransomware-attack/
The summer school holiday has not ended for students in Flagstaff, Arizona, as a ransomware attack hitting the School District computers forces the decision to cancel classes for today. The schedule for tomorrow is uncertain. [...]
https://www.bleepingcomputer.com/news/security/students-rejoice-school-district-closed-by-ransomware-attack/
BleepingComputer
Students Rejoice: School District Closed by Ransomware Attack
The summer school holiday has not ended for students in Flagstaff, Arizona, as a ransomware attack hitting the School District computers forces the decision to cancel classes for today. The schedule for tomorrow is uncertain.
Microsoft Announces First PowerToys Preview Release for Windows 10
Microsoft announced today that the first preview release of PowerToys utilities for Windows 10 is now available for download, together with docs and tools that will make it simple to create new PowerToys apps. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-first-powertoys-preview-release-for-windows-10/
Microsoft announced today that the first preview release of PowerToys utilities for Windows 10 is now available for download, together with docs and tools that will make it simple to create new PowerToys apps. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-first-powertoys-preview-release-for-windows-10/
BleepingComputer
Microsoft Announces First PowerToys Preview Release for Windows 10
Microsoft announced today that the first preview release of PowerToys utilities for Windows 10 is now available for download, together with docs and tools that will make it simple to create new PowerToys apps.
FBI Warns Students to Think Before They Post Online Threats
The U.S. Federal Bureau of Investigation (FBI) asked students not to make hoax threats via social media, emails, or text messages, in a warning published as part of its 'Think Before You Post' campaign. [...]
https://www.bleepingcomputer.com/news/security/fbi-warns-students-to-think-before-they-post-online-threats/
The U.S. Federal Bureau of Investigation (FBI) asked students not to make hoax threats via social media, emails, or text messages, in a warning published as part of its 'Think Before You Post' campaign. [...]
https://www.bleepingcomputer.com/news/security/fbi-warns-students-to-think-before-they-post-online-threats/
BleepingComputer
FBI Warns Students to Think Before They Post Online Threats
The U.S. Federal Bureau of Investigation (FBI) asked students not to make hoax threats via social media, emails, or text messages, in a warning published as part of its 'Think Before You Post' campaign.
Windows and AV Software Ignore Malware in Virtual Disk Files
Windows operating system and antivirus software treat VHD and VHDX disk image downloads like a black box. Scanning the files inside these containers does not happen until the image is mounted and the files run. [...]
https://www.bleepingcomputer.com/news/security/windows-and-av-software-ignore-malware-in-virtual-disk-files/
Windows operating system and antivirus software treat VHD and VHDX disk image downloads like a black box. Scanning the files inside these containers does not happen until the image is mounted and the files run. [...]
https://www.bleepingcomputer.com/news/security/windows-and-av-software-ignore-malware-in-virtual-disk-files/
BleepingComputer
Windows and AV Software Ignore Malware in Virtual Disk Files
Windows operating system and antivirus software treat VHD and VHDX disk image downloads like a black box. Scanning the files inside these containers does not happen until the image is mounted and the files run.
Critical Exim TLS Flaw Lets Attackers Remotely Execute Commands as Root
The Exim mail transfer agent (MTA) software is impacted by a critical severity vulnerability present in all versions up to and including 4.92.1, and allowing remote attackers to execute programs with root privileges on all servers that accept TLS connections. [...]
https://www.bleepingcomputer.com/news/security/critical-exim-tls-flaw-lets-attackers-remotely-execute-commands-as-root/
The Exim mail transfer agent (MTA) software is impacted by a critical severity vulnerability present in all versions up to and including 4.92.1, and allowing remote attackers to execute programs with root privileges on all servers that accept TLS connections. [...]
https://www.bleepingcomputer.com/news/security/critical-exim-tls-flaw-lets-attackers-remotely-execute-commands-as-root/
BleepingComputer
Critical Exim TLS Flaw Lets Attackers Remotely Execute Commands as Root
The Exim mail transfer agent (MTA) software is impacted by a critical severity vulnerability present in versions 4.80 up to and including 4.92.1.
GootKit Malware Bypasses Windows Defender by Setting Path Exclusions
As Windows Defender matures and becomes tightly integrated into Windows 10, malware writers are creating techniques to evade its detection. Such is the case with the GootKit banking Trojan, which use a UAC bypass and WMIC commands to exclude the malware executable from being scanned by Windows Defender Antivirus. [...]
https://www.bleepingcomputer.com/news/security/gootkit-malware-bypasses-windows-defender-by-setting-path-exclusions/
As Windows Defender matures and becomes tightly integrated into Windows 10, malware writers are creating techniques to evade its detection. Such is the case with the GootKit banking Trojan, which use a UAC bypass and WMIC commands to exclude the malware executable from being scanned by Windows Defender Antivirus. [...]
https://www.bleepingcomputer.com/news/security/gootkit-malware-bypasses-windows-defender-by-setting-path-exclusions/
BleepingComputer
GootKit Malware Bypasses Windows Defender by Setting Path Exclusions
As Windows Defender matures and becomes tightly integrated into Windows 10, malware writers are creating techniques to evade its detection. Such is the case with the GootKit banking Trojan, which use a UAC bypass and WMIC commands to exclude the malware executableβ¦
Lilocked Ransomware Actively Targeting Servers and Web Sites
A relatively new ransomware named Lilocked by researchers and Lilu by the developers is actively targeting servers and encrypting the data located on them. All of the known infected servers are web sites, which is causing the encrypted files to show up in Google search results. [...]
https://www.bleepingcomputer.com/news/security/lilocked-ransomware-actively-targeting-servers-and-web-sites/
A relatively new ransomware named Lilocked by researchers and Lilu by the developers is actively targeting servers and encrypting the data located on them. All of the known infected servers are web sites, which is causing the encrypted files to show up in Google search results. [...]
https://www.bleepingcomputer.com/news/security/lilocked-ransomware-actively-targeting-servers-and-web-sites/
BleepingComputer
Lilocked Ransomware Actively Targeting Servers and Web Sites
A relatively new ransomware named Lilocked by researchers and Lilu by the developers is actively targeting servers and encrypting the data located on them. All of the known infected servers are web sites, which is causing the encrypted files to show up inβ¦
Over $37 Million Lost by Toyota Boshoku Subsidiary in BEC Scam
Toyota Boshoku Corporation, a car components manufacturer member of the Toyota Group, announced today that one of its European subsidiaries lost more than $37 million following a business email compromise (BEC) attack. [...]
https://www.bleepingcomputer.com/news/security/over-37-million-lost-by-toyota-boshoku-subsidiary-in-bec-scam/
Toyota Boshoku Corporation, a car components manufacturer member of the Toyota Group, announced today that one of its European subsidiaries lost more than $37 million following a business email compromise (BEC) attack. [...]
https://www.bleepingcomputer.com/news/security/over-37-million-lost-by-toyota-boshoku-subsidiary-in-bec-scam/
BleepingComputer
Over $37 Million Lost by Toyota Boshoku Subsidiary in BEC Scam
Toyota Boshoku Corporation, a car components manufacturer member of the Toyota Group, announced today that one of its European subsidiaries lost more than $37 million following a business email compromise (BEC) attack.
Public BlueKeep Exploit Module Released by MetaSploit
A public exploit module for the BlueKeep Windows vulnerability has been added today to the open-source Metasploit penetration testing framework, developed by Rapid7 in collaboration with the open-source community. [...]
https://www.bleepingcomputer.com/news/security/public-bluekeep-exploit-module-released-by-metasploit/
A public exploit module for the BlueKeep Windows vulnerability has been added today to the open-source Metasploit penetration testing framework, developed by Rapid7 in collaboration with the open-source community. [...]
https://www.bleepingcomputer.com/news/security/public-bluekeep-exploit-module-released-by-metasploit/
BleepingComputer
Public BlueKeep Exploit Module Released by MetaSploit
A public exploit module for the BlueKeep Windows vulnerability has been added today to the open-source Metasploit penetration testing framework, developed by Rapid7 in collaboration with the open-source community.