HummingBad Android Malware Found in 20 Google Play Store Apps

HummingBad, an Android malware estimated to have touched over 85 million devices worldwide, was recently found in 46 new applications, 20 of which had even made their way into the official Play Store, passing Google's security checks. [...]

https://www.bleepingcomputer.com/news/security/hummingbad-android-malware-found-in-20-google-play-store-apps/

Firefox 51 Released with Support for FLAC, WebGL 2, and Improved Security

Mozilla will release later today Firefox 51, the latest version of its famous browser, which will include a series of small upgrades, but which will make a difference in the long run. [...]

https://www.bleepingcomputer.com/news/software/firefox-51-released-with-support-for-flac-webgl-2-and-improved-security/

Bug Allowed Access to Over 218K Private Messages on Dark Web Marketplace AlphaBay

AlphaBay admins announced today they've plugged a security hole that allowed an attacker to gain access to around 218,000 private user messages. [...]

https://www.bleepingcomputer.com/news/security/bug-allowed-access-to-over-218k-private-messages-on-dark-web-marketplace-alphabay/

Dropbox Kept Files Around for Years Due to 'Delete' Bug

Dropbox engineers have fixed what appears to be a very ancient bug that during the past two weeks has resurfaced previously deleted folders for several Dropbox users. [...]

https://www.bleepingcomputer.com/news/software/dropbox-kept-files-around-for-years-due-to-delete-bug/

Linux Systemd Flaw Gives Attackers Root Access

Security researcher Sebastian Krahmer has recently discovered that a previously known security flaw in the systemd project can be used for more than crashing a Linux distro but also to grant local attackers root access to the device. [...]

https://www.bleepingcomputer.com/news/security/linux-systemd-flaw-gives-attackers-root-access/

A Benevolent Hacker Is Warning Owners of Unsecured Cassandra Databases

An unknown hacker is accessing public and unsecured Apache Cassandra databases and adding an extra table through which it warns server owners that their DB was left exposed to online attacks. [...]

https://www.bleepingcomputer.com/news/security/a-benevolent-hacker-is-warning-owners-of-unsecured-cassandra-databases/

Meet TorWorld, an Upcoming Tor-as-a-Service Portal

TorWorld project wants to teach you about Tor and become a hosting provider for Tor nodes. [...]

https://www.bleepingcomputer.com/news/security/meet-torworld-an-upcoming-tor-as-a-service-portal/

Trojan Transforms Linux Devices into Proxies for Malicious Traffic

Security researchers have uncovered a new trojan that targets Linux devices that is capable of transforming infected machines into proxy servers and relay malicious traffic, hiding the true origin of attacks or other nefarious activities. [...]

https://www.bleepingcomputer.com/news/security/trojan-transforms-linux-devices-into-proxies-for-malicious-traffic/

Charger Android Ransomware Reaches Google Play Store

Google has removed an app from the Play Store that contained a new Android ransomware family named Charger. [...]

https://www.bleepingcomputer.com/news/security/charger-android-ransomware-reaches-google-play-store/

Russia Arrests Top Kaspersky Lab Security Researcher on Charges of Treason

Russian authorities arrested Ruslan Stoyanov, one of Kaspersky Lab's top-ranked security researchers, under article 275 of the Russian criminal code, which refers to treason. [...]

https://www.bleepingcomputer.com/news/security/russia-arrests-top-kaspersky-lab-security-researcher-on-charges-of-treason/

HP Recalls 101,000 Laptop Batteries Due to Fire Hazard

HP issued a recall today for 101,000 Panasonic batteries that the company used in various laptop and notebook models, sold between March 2013 and October 2016. [...]

https://www.bleepingcomputer.com/news/hardware/hp-recalls-101-000-laptop-batteries-due-to-fire-hazard/

Ripper.cc Helps Cyber Criminals Avoid Getting Scammed

Crooks lurking around the Internet's underbelly have created a service called Ripper.cc, a database of known and proven fraudsters. [...]

https://www.bleepingcomputer.com/news/security/ripper-cc-helps-cyber-criminals-avoid-getting-scammed/

Gmail will Block JS Attachments for Security Reasons Starting February 13

To increase security for its users, starting on February 13th Google will begin block JS attachments in Gmail. Though this move This move definitely brings greater security to Gmail users, but will only cause malware distributors to switch to [...]

https://www.bleepingcomputer.com/news/google/gmail-will-block-js-attachments-for-security-reasons-starting-february-13/

Google Chrome 56 Rolls out with HTML5 by Default, Sticky Elements, and the Web Bluetooth Api

Chrome 56 is being rolled out to Windows, Linux, and Mac users and should be available to everyone over the next few days. Along with 56 security updates, this new version comes with quite a few goodies such as HTML5 by default, support for the Sticky position attribute, and the Web Bluetooth API. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-56-rolls-out-with-html5-by-default-sticky-elements-and-the-web-bluetooth-api/

Android VPN Apps Caught Intercepting Traffic, Failing to Encrypt

New research released this week reveals that a large chunk of today Android VPN clients are a serious security and privacy risk, with some clients failing to encrypt traffic, and some even injecting ads in a customer's browsing experience. [...]

https://www.bleepingcomputer.com/news/security/android-vpn-apps-caught-intercepting-traffic-failing-to-encrypt/

Former Mozilla Engineer: Disable Your Antivirus Software, Except Microsoft's

"Antivirus software vendors are terrible; don't buy antivirus software, and uninstall it if you already have it (except for Microsoft's)." This is how Robert "Roc" O'Callahan, a former Mozilla bigwig engineer started a blog post today, in which he details a long list of issues that antivirus software have caused to browser vendors. [...]

https://www.bleepingcomputer.com/news/security/former-mozilla-engineer-disable-your-antivirus-software-except-microsofts/

Chrome Plans to Limit the Activity of Background Tabs to Improve Performance

Google Chrome engineers are working on a throttling system that would impose a limitation on the number of JavaScript (timers) operations that unfocused background tabs can perform. [...]

https://www.bleepingcomputer.com/news/software/chrome-plans-to-limit-the-activity-of-background-tabs-to-improve-performance/

Police Department Loses Years Worth of Evidence in Ransomware Incident

Police in Cockrell Hill, Texas admitted yesterday in a press release that they lost years worth of evidence after the department's server was infected with ransomware. [...]

https://www.bleepingcomputer.com/news/security/police-department-loses-years-worth-of-evidence-in-ransomware-incident/

Android Pattern Locks Can Be Cracked Using Video Recordings

Scientists from universities in China and the UK have published research that details a novel method that breaks Android's pattern lock system based on videos of people entering their patterns from distances of up to nine meters away. [...]

https://www.bleepingcomputer.com/news/security/android-pattern-locks-can-be-cracked-using-video-recordings/

VirLocker Ransomware Returns Just as Virulent as Ever

The VirLocker ransomware made a comeback this past week with a new and very virulent version, but the Malwarebytes security team says there's a way for victims to recover files by entering a special code in the payment field. [...]

https://www.bleepingcomputer.com/news/security/virlocker-ransomware-returns-just-as-virulent-as-ever/

SMS-Exploitable Bug in Samsung Galaxy Phones Can Be Used for Ransomware Attacks

Samsung has patched a combo of four security flaws that affected Galaxy handsets that an attacker could have combined and used to put devices in endless reboot loops or hijack handsets for ransomware. [...]

https://www.bleepingcomputer.com/news/security/sms-exploitable-bug-in-samsung-galaxy-phones-can-be-used-for-ransomware-attacks/