Microsoft Patches Third Zero-Day Used in Massive Malvertising Campaign
Microsoft has patched a zero-day vulnerability that was used in the massive AdGholas malvertising campaign and later integrated into the Neutrino exploit kit. [...]
https://www.bleepingcomputer.com/news/security/microsoft-patches-third-zero-day-used-in-massive-malvertising-campaign/
Microsoft has patched a zero-day vulnerability that was used in the massive AdGholas malvertising campaign and later integrated into the Neutrino exploit kit. [...]
https://www.bleepingcomputer.com/news/security/microsoft-patches-third-zero-day-used-in-massive-malvertising-campaign/
BleepingComputer
Microsoft Patches Third Zero-Day Used in Massive Malvertising Campaign
Microsoft has patched a zero-day vulnerability that was used in the massive AdGholas malvertising campaign and later integrated into the Neutrino exploit kit.
Adware Replaces Phone Numbers for Security Firms Returned in Search Results
A new adware family named Crusader will rewrite tech support phone numbers returned in Google search results, display ads, and show popups pushing tech support scams. [...]
https://www.bleepingcomputer.com/news/security/adware-replaces-phone-numbers-for-security-firms-returned-in-search-results/
A new adware family named Crusader will rewrite tech support phone numbers returned in Google search results, display ads, and show popups pushing tech support scams. [...]
https://www.bleepingcomputer.com/news/security/adware-replaces-phone-numbers-for-security-firms-returned-in-search-results/
BleepingComputer
Adware Replaces Phone Numbers for Security Firms Returned in Search Results
A new adware family named Crusader will rewrite tech support phone numbers returned in Google search results, display ads, and show popups pushing tech support scams.
Researcher Says API Flaw Exposed Symantec Certificates, Including Private Keys
Flaws in the API used by Symantec partners would have allowed an attacker to retrieve certificates, including private keys, security researcher Chris Byrne said in a Facebook post published over the weekend. [...]
https://www.bleepingcomputer.com/news/security/researcher-says-api-flaw-exposed-symantec-certificates-including-private-keys/
Flaws in the API used by Symantec partners would have allowed an attacker to retrieve certificates, including private keys, security researcher Chris Byrne said in a Facebook post published over the weekend. [...]
https://www.bleepingcomputer.com/news/security/researcher-says-api-flaw-exposed-symantec-certificates-including-private-keys/
BleepingComputer
Researcher Says API Flaw Exposed Symantec Certificates, Including Private Keys
Flaws in the API used by Symantec partners would have allowed an attacker to retrieve certificates, including private keys, security researcher Chris Byrne said in a Facebook post published over the weekend.
Microsoft Quietly Patched Windows Zero-Day Used in Attacks by Zirconium Group
Without making too much fuss about it, Microsoft patched a zero-day vulnerability used in live attacks by a cyber-espionage group named Zirconium. The zero-day, tracked as CVE-2017-0005, affects the Windows Win32k component in the Windows GDI (Graphics Device Interface), included in all Windows OS versions. [...]
https://www.bleepingcomputer.com/news/security/microsoft-quietly-patched-windows-zero-day-used-in-attacks-by-zirconium-group/
Without making too much fuss about it, Microsoft patched a zero-day vulnerability used in live attacks by a cyber-espionage group named Zirconium. The zero-day, tracked as CVE-2017-0005, affects the Windows Win32k component in the Windows GDI (Graphics Device Interface), included in all Windows OS versions. [...]
https://www.bleepingcomputer.com/news/security/microsoft-quietly-patched-windows-zero-day-used-in-attacks-by-zirconium-group/
BleepingComputer
Microsoft Quietly Patched Windows Zero-Day Used in Attacks by Zirconium Group
Without making too much fuss about it, Microsoft patched a zero-day vulnerability used in live attacks by a cyber-espionage group named Zirconium. The zero-day, tracked as CVE-2017-0005, affects the Windows Win32k component in the Windows GDI (Graphics Deviceβ¦
FBI Alert Urges Companies to Secure FTP Servers
In an alert sent to medical and dental healthcare entities, the FBI is asking organizations to mind and secure their FTP servers in the face of hackers trying to get protected health information (PHI) and personally identifiable information (PII). [...]
https://www.bleepingcomputer.com/news/security/fbi-alert-urges-companies-to-secure-ftp-servers/
In an alert sent to medical and dental healthcare entities, the FBI is asking organizations to mind and secure their FTP servers in the face of hackers trying to get protected health information (PHI) and personally identifiable information (PII). [...]
https://www.bleepingcomputer.com/news/security/fbi-alert-urges-companies-to-secure-ftp-servers/
BleepingComputer
FBI Alert Urges Companies to Secure FTP Servers
In an alert sent to medical and dental healthcare entities, the FBI is asking organizations to mind and secure their FTP servers in the face of hackers trying to get protected health information (PHI) and personally identifiable information (PII).
Unskilled Group Behind Many Junk Ransomware Strains
A person or group of malware authors calling themselves "Mafia Malware Indonesia" claimed responsibility for writing a collection of ransomware families that includes threats such as KimcilWare, MireWare, MafiaWare, CryPy, and the recent SADStory and the eponymous Mafia Malware Indonesia ransomware. [...]
https://www.bleepingcomputer.com/news/security/unskilled-group-behind-many-junk-ransomware-strains/
A person or group of malware authors calling themselves "Mafia Malware Indonesia" claimed responsibility for writing a collection of ransomware families that includes threats such as KimcilWare, MireWare, MafiaWare, CryPy, and the recent SADStory and the eponymous Mafia Malware Indonesia ransomware. [...]
https://www.bleepingcomputer.com/news/security/unskilled-group-behind-many-junk-ransomware-strains/
BleepingComputer
Unskilled Group Behind Many Junk Ransomware Strains
A person or group of malware authors calling themselves "Mafia Malware Indonesia" claimed responsibility for writing a collection of ransomware families that includes threats such as KimcilWare, MireWare, MafiaWare, CryPy, and the recent SADStory and theβ¦
Yesterday's iOS 10.3 Update Bring Safari Ransomware Campaign to an End
iOS 10.3, released yesterday, has thwarted a screen-locking ransomware campaign that used a bug in mobile Safari to lock users' browsers and demand a ransom paid in iTunes pre-paid gift cards. [...]
https://www.bleepingcomputer.com/news/security/yesterdays-ios-10-3-update-bring-safari-ransomware-campaign-to-an-end/
iOS 10.3, released yesterday, has thwarted a screen-locking ransomware campaign that used a bug in mobile Safari to lock users' browsers and demand a ransom paid in iTunes pre-paid gift cards. [...]
https://www.bleepingcomputer.com/news/security/yesterdays-ios-10-3-update-bring-safari-ransomware-campaign-to-an-end/
BleepingComputer
Yesterday's iOS 10.3 Update Bring Safari Ransomware Campaign to an End
iOS 10.3, released yesterday, has thwarted a screen-locking ransomware campaign that used a bug in mobile Safari to lock users' browsers and demand a ransom paid in iTunes pre-paid gift cards.
PyCL Ransomware Delivered via RIG EK in Distribution Test
Security researchers discover a new ransomware being distributed through the RIG exploit kit on Saturday. This ransomware has a strong resemblance to CTB-Locker, but does not appear to be related as it is programmed in Python. [...]
https://www.bleepingcomputer.com/news/security/pycl-ransomware-delivered-via-rig-ek-in-distribution-test/
Security researchers discover a new ransomware being distributed through the RIG exploit kit on Saturday. This ransomware has a strong resemblance to CTB-Locker, but does not appear to be related as it is programmed in Python. [...]
https://www.bleepingcomputer.com/news/security/pycl-ransomware-delivered-via-rig-ek-in-distribution-test/
BleepingComputer
PyCL Ransomware Delivered via RIG EK in Distribution Test
Security researchers discover a new ransomware being distributed through the RIG exploit kit on Saturday. This ransomware has a strong resemblance to CTB-Locker, but does not appear to be related as it is programmed in Python.
Apple Releases New APFS File System, Critical Security Updates
Yesterday, Apple unleashed a wave of security updates for several of its products, including the new and highly anticipated APFS file system, currently only available with iOS 10.3. [...]
https://www.bleepingcomputer.com/news/apple/apple-releases-new-apfs-file-system-critical-security-updates/
Yesterday, Apple unleashed a wave of security updates for several of its products, including the new and highly anticipated APFS file system, currently only available with iOS 10.3. [...]
https://www.bleepingcomputer.com/news/apple/apple-releases-new-apfs-file-system-critical-security-updates/
BleepingComputer
Apple Releases New APFS File System, Critical Security Updates
Yesterday, Apple unleashed a wave of security updates for several of its products, including the new and highly anticipated APFS file system, currently only available with iOS 10.3.
Humbled Malware Author Leaks His Own Source Code to Regain Community's Trust
The author of the Nuclear Bot banking trojan has leaked the source code of his own malware in a desperate attempt to regain trust and credibility in underground cybercrime forums. [...]
https://www.bleepingcomputer.com/news/security/humbled-malware-author-leaks-his-own-source-code-to-regain-communitys-trust/
The author of the Nuclear Bot banking trojan has leaked the source code of his own malware in a desperate attempt to regain trust and credibility in underground cybercrime forums. [...]
https://www.bleepingcomputer.com/news/security/humbled-malware-author-leaks-his-own-source-code-to-regain-communitys-trust/
BleepingComputer
Humbled Malware Author Leaks His Own Source Code to Regain Community's Trust
The author of the Nuclear Bot banking trojan has leaked the source code of his own malware in a desperate attempt to regain trust and credibility in underground cybercrime forums.
Russian Hacker Pleads Guilty for Role in Infamous Linux Ebury Malware
The US Department of Justice announced yesterday that Maxim Senakh, 41, of Velikii Novgorod, Russia, pleaded guilty for his role in the creation of the Ebury malware and for maintaining its infamous botnet. [...]
https://www.bleepingcomputer.com/news/security/russian-hacker-pleads-guilty-for-role-in-infamous-linux-ebury-malware/
The US Department of Justice announced yesterday that Maxim Senakh, 41, of Velikii Novgorod, Russia, pleaded guilty for his role in the creation of the Ebury malware and for maintaining its infamous botnet. [...]
https://www.bleepingcomputer.com/news/security/russian-hacker-pleads-guilty-for-role-in-infamous-linux-ebury-malware/
BleepingComputer
Russian Hacker Pleads Guilty for Role in Infamous Linux Ebury Malware
The US Department of Justice announced yesterday that Maxim Senakh, 41, of Velikii Novgorod, Russia, pleaded guilty for his role in the creation of the Ebury malware and for maintaining its infamous botnet.
Vivaldi 1.8 Released with One-of-a-Kind Browsing History Panel
Once more, Vivaldi broke the classic browser model with the release of Vivaldi 1.8, its latest version, which now features a one-of-a-kind History panel, unlike anything you've seen in other browsers. [...]
https://www.bleepingcomputer.com/news/software/vivaldi-1-8-released-with-one-of-a-kind-browsing-history-panel/
Once more, Vivaldi broke the classic browser model with the release of Vivaldi 1.8, its latest version, which now features a one-of-a-kind History panel, unlike anything you've seen in other browsers. [...]
https://www.bleepingcomputer.com/news/software/vivaldi-1-8-released-with-one-of-a-kind-browsing-history-panel/
BleepingComputer
Vivaldi 1.8 Released with One-of-a-Kind Browsing History Panel
Once more, Vivaldi broke the classic browser model with the release of Vivaldi 1.8, its latest version, which now features a one-of-a-kind History panel, unlike anything you've seen in other browsers.
New IIS 6.0 Zero-Day Exploited in Live Attacks Since July 2016
Since July 2016, attackers have been using a zero-day in IIS 6.0 to compromise and take over Windows servers. The vulnerability only affects IIS 6.0, which was released in November 2010, and shipped with Windows Server 2003 and Windows XP Professional x64 Edition. [...]
https://www.bleepingcomputer.com/news/security/new-iis-6-0-zero-day-exploited-in-live-attacks-since-july-2016/
Since July 2016, attackers have been using a zero-day in IIS 6.0 to compromise and take over Windows servers. The vulnerability only affects IIS 6.0, which was released in November 2010, and shipped with Windows Server 2003 and Windows XP Professional x64 Edition. [...]
https://www.bleepingcomputer.com/news/security/new-iis-6-0-zero-day-exploited-in-live-attacks-since-july-2016/
BleepingComputer
New IIS 6.0 Zero-Day Exploited in Live Attacks Since July 2016
Since July 2016, attackers have been using a zero-day in IIS 6.0 to compromise and take over Windows servers. The vulnerability only affects IIS 6.0, which was released in November 2010, and shipped with Windows Server 2003 and Windows XP Professional x64β¦
GitHub Users Targeted with Dimnie Trojan
Developers sharing code on GitHub are being targeted in a malicious email campaign that's infecting their computers with a modular trojan known as Dimnie. [...]
https://www.bleepingcomputer.com/news/security/github-users-targeted-with-dimnie-trojan/
Developers sharing code on GitHub are being targeted in a malicious email campaign that's infecting their computers with a modular trojan known as Dimnie. [...]
https://www.bleepingcomputer.com/news/security/github-users-targeted-with-dimnie-trojan/
BleepingComputer
GitHub Users Targeted with Dimnie Trojan
Developers sharing code on GitHub are being targeted in a malicious email campaign that's infecting their computers with a modular trojan known as Dimnie.
Microsoft Will Release Windows 10 Creators Update on the Day It Kills Vista
Microsoft confirmed today the launch date for the next major Windows 10 version, nicknamed Creators Update, which will roll out on April 11, the same day the company will be officially retiring the dreaded Windows Vista OS. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-will-release-windows-10-creators-update-on-the-day-it-kills-vista/
Microsoft confirmed today the launch date for the next major Windows 10 version, nicknamed Creators Update, which will roll out on April 11, the same day the company will be officially retiring the dreaded Windows Vista OS. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-will-release-windows-10-creators-update-on-the-day-it-kills-vista/
BleepingComputer
Microsoft Will Release Windows 10 Creators Update on the Day It Kills Vista
Microsoft confirmed today the launch date for the next major Windows 10 version, nicknamed Creators Update, which will roll out on April 11, the same day the company will be officially retiring the dreaded Windows Vista OS.
About 90% of Smart TVs Vulnerable to Remote Hacking via Rogue TV Signals
A new attack on smart TVs allows a malicious actor to take over devices using rogue DVB-T (Digital Video Broadcasting β Terrestrial) signals, get root access on the smart TV, and use the device for all sorts of nasty actions, ranging from DDoS attacks to spying on end users. [...]
https://www.bleepingcomputer.com/news/security/about-90-percent-of-smart-tvs-vulnerable-to-remote-hacking-via-rogue-tv-signals/
A new attack on smart TVs allows a malicious actor to take over devices using rogue DVB-T (Digital Video Broadcasting β Terrestrial) signals, get root access on the smart TV, and use the device for all sorts of nasty actions, ranging from DDoS attacks to spying on end users. [...]
https://www.bleepingcomputer.com/news/security/about-90-percent-of-smart-tvs-vulnerable-to-remote-hacking-via-rogue-tv-signals/
BleepingComputer
About 90% of Smart TVs Vulnerable to Remote Hacking via Rogue TV Signals
A new attack on smart TVs allows a malicious actor to take over devices using rogue DVB-T (Digital Video Broadcasting β Terrestrial) signals, get root access on the smart TV, and use the device for all sorts of nasty actions, ranging from DDoS attacks toβ¦
New Mirai Botnet Slams US College with 54-Hour DDoS Attack
What appears to be a new version of the Mirai malware was behind a massive DDoS attack that targeted an unnamed US college and lasted for 54 hours straight, reports cyber-security firm Incapsula, who was providing DDoS mitigation service for the affected college. [...]
https://www.bleepingcomputer.com/news/security/new-mirai-botnet-slams-us-college-with-54-hour-ddos-attack/
What appears to be a new version of the Mirai malware was behind a massive DDoS attack that targeted an unnamed US college and lasted for 54 hours straight, reports cyber-security firm Incapsula, who was providing DDoS mitigation service for the affected college. [...]
https://www.bleepingcomputer.com/news/security/new-mirai-botnet-slams-us-college-with-54-hour-ddos-attack/
BleepingComputer
New Mirai Botnet Slams US College with 54-Hour DDoS Attack
What appears to be a new version of the Mirai malware was behind a massive DDoS attack that targeted an unnamed US college and lasted for 54 hours straight, reports cyber-security firm Incapsula, who was providing DDoS mitigation service for the affectedβ¦
Google Wants to Change JavaScript Popups After Abuse from Tech Support Scammers
Chromium engineers are discussing plans to change how JavaScript popups work inside Chrome and other similar browsers. [...]
https://www.bleepingcomputer.com/news/security/google-wants-to-change-javascript-popups-after-abuse-from-tech-support-scammers/
Chromium engineers are discussing plans to change how JavaScript popups work inside Chrome and other similar browsers. [...]
https://www.bleepingcomputer.com/news/security/google-wants-to-change-javascript-popups-after-abuse-from-tech-support-scammers/
BleepingComputer
Google Wants to Change JavaScript Popups After Abuse from Tech Support Scammers
Chromium engineers are discussing plans to change how JavaScript popups work inside Chrome and other similar browsers.
EU to Propose New Measures for Accessing Encrypted IM Apps
The European Commission, through the voice of EU Justice Commissioner Vera Jourova, announced plans to find a way for law enforcement to access data exchanged via encrypted instant messaging services, such as WhatsApp, Telegram, Signal, and others. [...]
https://www.bleepingcomputer.com/news/government/eu-to-propose-new-measures-for-accessing-encrypted-im-apps/
The European Commission, through the voice of EU Justice Commissioner Vera Jourova, announced plans to find a way for law enforcement to access data exchanged via encrypted instant messaging services, such as WhatsApp, Telegram, Signal, and others. [...]
https://www.bleepingcomputer.com/news/government/eu-to-propose-new-measures-for-accessing-encrypted-im-apps/
BleepingComputer
EU to Propose New Measures for Accessing Encrypted IM Apps
The European Commission, through the voice of EU Justice Commissioner Vera Jourova, announced plans to find a way for law enforcement to access data exchanged via encrypted instant messaging services, such as WhatsApp, Telegram, Signal, and others.
Google: Ransomware on Android Is Exceedingly Rare
Android apps spreading ransomware aren't as common as most users and security experts think, says Jason Woloz, Sr. Program Manager for Android Security at Google. [...]
https://www.bleepingcomputer.com/news/security/google-ransomware-on-android-is-exceedingly-rare/
Android apps spreading ransomware aren't as common as most users and security experts think, says Jason Woloz, Sr. Program Manager for Android Security at Google. [...]
https://www.bleepingcomputer.com/news/security/google-ransomware-on-android-is-exceedingly-rare/
BleepingComputer
Google: Ransomware on Android Is Exceedingly Rare
Android apps spreading ransomware aren't as common as most users and security experts think, says Jason Woloz, Sr. Program Manager for Android Security at Google.
FedEx Will Give You $5 If You Install Flash
In an era of the Internet when most browser vendors are taking steps to migrate away from Flash and all security experts recommend you blast that piece of insecure junk off your computer, the nice people at FedEx are giving you a $5 promo code to (re)install or reactivate it in your browser. [...]
https://www.bleepingcomputer.com/news/software/fedex-will-give-you-5-if-you-install-flash/
In an era of the Internet when most browser vendors are taking steps to migrate away from Flash and all security experts recommend you blast that piece of insecure junk off your computer, the nice people at FedEx are giving you a $5 promo code to (re)install or reactivate it in your browser. [...]
https://www.bleepingcomputer.com/news/software/fedex-will-give-you-5-if-you-install-flash/
BleepingComputer
FedEx Will Give You $5 If You Install Flash
In an era of the Internet when most browser vendors are taking steps to migrate away from Flash and all security experts recommend you blast that piece of insecure junk off your computer, the nice people at FedEx are giving you a $5 promo code to (re)installβ¦