Command Input Typo Caused Massive AWS S3 Outage

In a postmortem status report, Amazon blamed a command input typo for the massive AWS S3 outage that took out a large chunk of the Internet three days ago. [...]

https://www.bleepingcomputer.com/news/hardware/command-input-typo-caused-massive-aws-s3-outage/

Researchers Find 26 Security Flaws in 9 Popular Android Password Managers

A team of German security professionals has discovered 26 security flaws in nine of the world's most popular Android password managers. [...]

https://www.bleepingcomputer.com/news/security/researchers-find-26-security-flaws-in-9-popular-android-password-managers/

1 Bitcoin More Valuable Than an Ounce of Gold for the First Time

For the first time, yesterday, March 2, the price of 1 Bitcoin surpassed the trading value of an ounce of gold, with Bitcoin valued at $1,265 and an ounce of gold at $1,237. Today, Bitcoin continue to grow and outrun gold price, being currently valued at $1,289. [...]

https://www.bleepingcomputer.com/news/government/1-bitcoin-more-valuable-than-an-ounce-of-gold-for-the-first-time/

Malware Retrieves PowerShell Scripts from DNS Records

Malware researchers have come across a new Remote Access Trojan (RAT) that uses a novel technique to evade detection on corporate networks by fetching malicious PowerShell commands stored inside a domain's DNS TXT records. [...]

https://www.bleepingcomputer.com/news/security/malware-retrieves-powershell-scripts-from-dns-records/

The Week in Ransomware - March 3rd 2017 - Dharma Decrypted and TorrentLocker is Back

Typical week in ransomware with a lot of small little variants released and resurgence of activity from Crypt0L0cker. The biggest news this week is that someone posted the master decryption keys for the Dharma Ransomware in the BleepingComputer.com forums, which were used to create working decryptors. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-3rd-2017-dharma-decrypted-and-torrentlocker-is-back/

New Dark Web Service Helps Crooks Trick You in Revealing Your Payment Card PIN

A new service launched on the Dark Web this week simplifies the process of tricking victims whose card details have been exposed into revealing their card's PIN. [...]

https://www.bleepingcomputer.com/news/security/new-dark-web-service-helps-crooks-trick-you-in-revealing-your-payment-card-pin/

Windows Insider Build 15048 Released as a Bug Fix with No New Features

Today Microsoft released Insider Preview Build 15048 for PC to insiders in the fast ring, This release is almost entirely bug fixes and improvements, with no new features added. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-insider-build-15048-released-as-a-bug-fix-with-no-new-features/

Mozilla Testing Three Firefox Experimental Features

Mozilla engineers are testing three new features called Containers, SnoozeTabs, and Pulse, which, if users react positively, might find their way inside Firefox, in upcoming versions. [...]

https://www.bleepingcomputer.com/news/software/mozilla-testing-three-firefox-experimental-features/

Third-Party Vendor Issues Temporary Patch for Windows GDI Vulnerability

A vulnerability discovered by Google Project Zero security researchers and left without a patch by Microsoft received a temporary fix from third-party security vendor ACROS Security. [...]

https://www.bleepingcomputer.com/news/microsoft/third-party-vendor-issues-temporary-patch-for-windows-gdi-vulnerability/

Researchers Store Movie, Malware, and Computer OS Inside DNA Molecules

Scientists from the Data Science Institute at Columbia University and the New York Genome Center (NYGC) published new research this week detailing a new data storage technique that leverages DNA molecules to store digital information. [...]

https://www.bleepingcomputer.com/news/hardware/researchers-store-movie-malware-and-computer-os-inside-dna-molecules/

LeakedSource Clone Pops Up on Russian Domain

A website surfaced online today, posing to be the infamous LeakedSource data hoarding service, which went down shrouded in mystery at the end of January 2017. [...]

https://www.bleepingcomputer.com/news/security/leakedsource-clone-pops-up-on-russian-domain/

Ransomware Hits Pennsylvania Senate Democrats

A ransomware infection shut down the computer network of the Pennsylvania Senate Democratic Caucus on Friday morning, officials said in a statement issued to the local press. [...]

https://www.bleepingcomputer.com/news/government/ransomware-hits-pennsylvania-senate-democrats/

SHA1 Collision Attack Can Serve Backdoored Torrents to Track Down Pirates

A theoretical scenario that leverages the SHA1 collision attack disclosed recently by Google can serve backdoored BitTorrent files that execute code on the victim's machine, deliver malware, or alert copyright owners when their software has been pirated. [...]

https://www.bleepingcomputer.com/news/security/sha1-collision-attack-can-serve-backdoored-torrents-to-track-down-pirates/

Proposed Bill Will Allow Victims to Hack Their Attackers to Stop Cyber-Attacks

The US is discussing new legislation that will allow victims of ongoing cyber-attacks to fight back against hackers by granting more powers to entities under attack in regards to the defensive measures they can take. [...]

https://www.bleepingcomputer.com/news/government/proposed-bill-will-allow-victims-to-hack-their-attackers-to-stop-cyber-attacks/

Poachers Hack GPS Trackers, Extract Metadata from Public Photos to Hunt Animals

A report published in the Conservation Biology magazine cites several incidents gathered from all over the world in the past years, where technologies introduced to simplify the work of animal protection groups and state authorities have been hijacked or turned against the animals they were meant to protect. [...]

https://www.bleepingcomputer.com/news/government/poachers-hack-gps-trackers-extract-metadata-from-public-photos-to-hunt-animals/

Multiple Unpatched Vulnerabilities Discovered in Western Digital NAS Hard Drives

Multiple Western Digital MyCloud Networked Attached Storage (NAS) devices are affected by several security flaws, varying in severity, that allow attackers to bypass authentication, execute code on the device, and upload or download user data. [...]

https://www.bleepingcomputer.com/news/security/multiple-unpatched-vulnerabilities-discovered-in-western-digital-nas-hard-drives/

The Dark Web Has Shrunk by 85%

The number of Dark web services has gone down significantly following the Freedom Hosting II hack that took place at the start of February, and is only around 4,400 services, according to a recently published OnionScan report. [...]

https://www.bleepingcomputer.com/news/security/the-dark-web-has-shrunk-by-85-percent/

Shamoon Disk-Wiping Malware Upgraded with Ransomware Module

The Shamoon disk-wiping malware has received a major upgrade during the past few months, and now features a ransomware module, along with support for both 32-bit and 64-bit architectures, researchers from Kaspersky Lab revealed on Monday. [...]

https://www.bleepingcomputer.com/news/security/shamoon-disk-wiping-malware-upgraded-with-ransomware-module/

WikiLeaks Publishes Vault 7, Collection of Alleged CIA Hacking Tools

Earlier today, WikiLeaks published a collection of hacking tools which the organization claims belong to the United States Central Intelligence Agency (CIA). [...]

https://www.bleepingcomputer.com/news/government/wikileaks-publishes-vault-7-collection-of-alleged-cia-hacking-tools/

WikiLeaks Claims CIA Could Turn Samsung Smart TVs Into Listening Devices

The CIA has developed a hacking tool named Weeping Angel that can turn Samsung smart TVs into covert listening devices. [...]

https://www.bleepingcomputer.com/news/hardware/wikileaks-claims-cia-could-turn-samsung-smart-tvs-into-listening-devices/

Vault 7: CIA Developed 24 Decoy Applications to Spy on Targets

Along the tens of hacking tools dumped today by WikiLeaks claiming to belong to the CIA, there was one that was different from the others. Named "Fine Dining," this isn't a zero-day exploit or vulnerability like most, but a collection of malware-laced applications. [...]

https://www.bleepingcomputer.com/news/security/vault-7-cia-developed-24-decoy-applications-to-spy-on-targets/