The Week in Ransomware - April 7th 2017 - Fluffy, Matrix, and RensenWare
The big news this week was the POC for a UEFI Ransomware presented at BlackHat Asia, Matrix Ransomware being distributed by RIG and having worm characteristics, and the joke ransomware called RensenWare that required a victim to get a very high score in a game to get a decryption key. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-7th-2017-fluffy-matrix-and-rensenware/
The big news this week was the POC for a UEFI Ransomware presented at BlackHat Asia, Matrix Ransomware being distributed by RIG and having worm characteristics, and the joke ransomware called RensenWare that required a victim to get a very high score in a game to get a decryption key. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-7th-2017-fluffy-matrix-and-rensenware/
BleepingComputer
The Week in Ransomware - April 7th 2017 - Fluffy, Matrix, and RensenWare
The big news this week was the POC for a UEFI Ransomware presented at BlackHat Asia, Matrix Ransomware being distributed by RIG and having worm characteristics, and the joke ransomware called RensenWare that required a victim to get a very high score in aβ¦
Irresponsible Chinese DVR Vendor Still the Target of IoT Botnets One Year Later
A Chinese company that manufactures white-labeled DVRs still hasn't patched a security flaw that's been targeted by IoT botnets for over a year. [...]
https://www.bleepingcomputer.com/news/security/irresponsible-chinese-dvr-vendor-still-the-target-of-iot-botnets-one-year-later/
A Chinese company that manufactures white-labeled DVRs still hasn't patched a security flaw that's been targeted by IoT botnets for over a year. [...]
https://www.bleepingcomputer.com/news/security/irresponsible-chinese-dvr-vendor-still-the-target-of-iot-botnets-one-year-later/
BleepingComputer
Irresponsible Chinese DVR Vendor Still the Target of IoT Botnets One Year Later
A Chinese company that manufactures white-labeled DVRs still hasn't patched a security flaw that's been targeted by IoT botnets for over a year.
Unofficial Windows 10 Creators Update Changelog
Microsoft is set to launch the Windows 10 Creators Update next week, on Tuesday, on April 11, at which time we'll have all the official details about the company's next major Windows 10 version. Until then, here's an unofficial changelog. [...]
https://www.bleepingcomputer.com/news/microsoft/unofficial-windows-10-creators-update-changelog/
Microsoft is set to launch the Windows 10 Creators Update next week, on Tuesday, on April 11, at which time we'll have all the official details about the company's next major Windows 10 version. Until then, here's an unofficial changelog. [...]
https://www.bleepingcomputer.com/news/microsoft/unofficial-windows-10-creators-update-changelog/
BleepingComputer
Unofficial Windows 10 Creators Update Changelog
Microsoft is set to launch the Windows 10 Creators Update next week, on Tuesday, on April 11, at which time we'll have all the official details about the company's next major Windows 10 version. Until then, here's an unofficial changelog.
Server Snafu Exposes Ask.com User Search Queries via Internal Status Page
The Ask.com search engine went through some sort of technical issue late last night, as its servers were exposing the internal Apache server status page, revealing recently processed search queries. [...]
https://www.bleepingcomputer.com/news/technology/server-snafu-exposes-ask-com-user-search-queries-via-internal-status-page/
The Ask.com search engine went through some sort of technical issue late last night, as its servers were exposing the internal Apache server status page, revealing recently processed search queries. [...]
https://www.bleepingcomputer.com/news/technology/server-snafu-exposes-ask-com-user-search-queries-via-internal-status-page/
BleepingComputer
Server Snafu Exposes Ask.com User Search Queries via Internal Status Page
The Ask.com search engine went through some sort of technical issue late last night, as its servers were exposing the internal Apache server status page, revealing recently processed search queries.
Shadow Brokers Publish the Password for the Rest the Stolen NSA Hacking Tools
The Shadow Brokers (TSB) are back, and they've released the password for the rest of the hacking tools they claim to have stolen from the NSA last year. [...]
https://www.bleepingcomputer.com/news/security/shadow-brokers-publish-the-password-for-the-rest-the-stolen-nsa-hacking-tools/
The Shadow Brokers (TSB) are back, and they've released the password for the rest of the hacking tools they claim to have stolen from the NSA last year. [...]
https://www.bleepingcomputer.com/news/security/shadow-brokers-publish-the-password-for-the-rest-the-stolen-nsa-hacking-tools/
BleepingComputer
Shadow Brokers Publish the Password for the Rest the Stolen NSA Hacking Tools
The Shadow Brokers (TSB) are back, and they've released the password for the rest of the hacking tools they claim to have stolen from the NSA last year.
Attacks Detected with New Microsoft Office Zero-Day
Cyber-security firms McAfee and FireEye have both disclosed in-the-wild attacks with a new Microsoft Office zero-day that allows attackers to silently execute code on targeted machines and secretly install malware. [...]
https://www.bleepingcomputer.com/news/security/attacks-detected-with-new-microsoft-office-zero-day/
Cyber-security firms McAfee and FireEye have both disclosed in-the-wild attacks with a new Microsoft Office zero-day that allows attackers to silently execute code on targeted machines and secretly install malware. [...]
https://www.bleepingcomputer.com/news/security/attacks-detected-with-new-microsoft-office-zero-day/
BleepingComputer
Attacks Detected with New Microsoft Office Zero-Day
Cyber-security firms McAfee and FireEye have both disclosed in-the-wild attacks with a new Microsoft Office zero-day that allows attackers to silently execute code on targeted machines and secretly install malware.
Scientists Create New Material That May Lead to Self-Healing Electronics
Scientists have developed a new type of material that could be used in the future to create self-healing electronics, such as smartphones, batteries, speakers, robotics, and others. [...]
https://www.bleepingcomputer.com/news/technology/scientists-create-new-material-that-may-lead-to-self-healing-electronics/
Scientists have developed a new type of material that could be used in the future to create self-healing electronics, such as smartphones, batteries, speakers, robotics, and others. [...]
https://www.bleepingcomputer.com/news/technology/scientists-create-new-material-that-may-lead-to-self-healing-electronics/
BleepingComputer
Scientists Create New Material That May Lead to Self-Healing Electronics
Scientists have developed a new type of material that could be used in the future to create self-healing electronics, such as smartphones, batteries, speakers, robotics, and others.
Hacker Sets off All Tornado Sirens in the City of Dallas in the Middle of the Night
A hacker, or group of hackers, has set off all 156 tornado sirens in the city of Dallas, Texas, on the night between Friday and Saturday, April 7 and 8. [...]
https://www.bleepingcomputer.com/news/security/hacker-sets-off-all-tornado-sirens-in-the-city-of-dallas-in-the-middle-of-the-night/
A hacker, or group of hackers, has set off all 156 tornado sirens in the city of Dallas, Texas, on the night between Friday and Saturday, April 7 and 8. [...]
https://www.bleepingcomputer.com/news/security/hacker-sets-off-all-tornado-sirens-in-the-city-of-dallas-in-the-middle-of-the-night/
BleepingComputer
Hacker Sets off All Tornado Sirens in the City of Dallas in the Middle of the Night
A hacker, or group of hackers, has set off all 156 tornado sirens in the city of Dallas, Texas, on the night between Friday and Saturday, April 7 and 8.
Spanish Police Arrest Russian Hacker on Suspicion of Meddling in US Election
Spanish police arrested a Russian hacker in Barcelona on the behest of US authorities on suspicion of meddling in last year's US presidential election process. [...]
https://www.bleepingcomputer.com/news/security/spanish-police-arrest-russian-hacker-on-suspicion-of-meddling-in-us-election/
Spanish police arrested a Russian hacker in Barcelona on the behest of US authorities on suspicion of meddling in last year's US presidential election process. [...]
https://www.bleepingcomputer.com/news/security/spanish-police-arrest-russian-hacker-on-suspicion-of-meddling-in-us-election/
BleepingComputer
Spanish Police Arrest Russian Hacker on Suspicion of Meddling in US Election
Spanish police arrested a Russian hacker in Barcelona on the behest of US authorities on suspicion of meddling in last year's US presidential election process.
Thousands of Fake Google Maps Cards Redirect Users to Fraudulent Sites Each Month
Tens of thousands of fake listings are added to Google Maps each month, redirecting users to fraudulent websites selling phony or overpriced services, or part of some referral scam. [...]
https://www.bleepingcomputer.com/news/google/thousands-of-fake-google-maps-cards-redirect-users-to-fraudulent-sites-each-month/
Tens of thousands of fake listings are added to Google Maps each month, redirecting users to fraudulent websites selling phony or overpriced services, or part of some referral scam. [...]
https://www.bleepingcomputer.com/news/google/thousands-of-fake-google-maps-cards-redirect-users-to-fraudulent-sites-each-month/
BleepingComputer
Thousands of Fake Google Maps Cards Redirect Users to Fraudulent Sites Each Month
Tens of thousands of fake listings are added to Google Maps each month, redirecting users to fraudulent websites selling phony or overpriced services, or part of some referral scam.
HTTPS Certificate Issuance Becomes More Secure Thanks to New CAA Standard
Last week, the CA/Browser Forum voted to implement CAA mandatory checks before the issuance of new SSL/TLS certificates, as a measure to prevent the misissuance of HTTPS certificates. [...]
https://www.bleepingcomputer.com/news/security/https-certificate-issuance-becomes-more-secure-thanks-to-new-caa-standard/
Last week, the CA/Browser Forum voted to implement CAA mandatory checks before the issuance of new SSL/TLS certificates, as a measure to prevent the misissuance of HTTPS certificates. [...]
https://www.bleepingcomputer.com/news/security/https-certificate-issuance-becomes-more-secure-thanks-to-new-caa-standard/
BleepingComputer
HTTPS Certificate Issuance Becomes More Secure Thanks to New CAA Standard
Last week, the CA/Browser Forum voted to implement CAA mandatory checks before the issuance of new SSL/TLS certificates, as a measure to prevent the misissuance of HTTPS certificates.
Epic Fail: TP-Link 3G Router Spews Admin Password via SMS
A particular TP-Link router model will spew out its admin password in cleatext to anyone that sends an SMS message to the router's SIM card with a particular script inside, according to German security researcher Jan HΓΆrsch. [...]
https://www.bleepingcomputer.com/news/security/epic-fail-tp-link-3g-router-spews-admin-password-via-sms/
A particular TP-Link router model will spew out its admin password in cleatext to anyone that sends an SMS message to the router's SIM card with a particular script inside, according to German security researcher Jan HΓΆrsch. [...]
https://www.bleepingcomputer.com/news/security/epic-fail-tp-link-3g-router-spews-admin-password-via-sms/
BleepingComputer
Epic Fail: TP-Link 3G Router Spews Admin Password via SMS
A particular TP-Link router model will spew out its admin password in cleatext to anyone that sends an SMS message to the router's SIM card with a particular script inside, according to German security researcher Jan HΓΆrsch.
Longhorn Cyber-Espionage Group Is Actually the CIA
Security researchers from Symantec have tied the CIA hacking tools leaked by WikiLeaks last month to a cyber-espionage group responsible for at least 40 hacks in 16 countries. [...]
https://www.bleepingcomputer.com/news/security/longhorn-cyber-espionage-group-is-actually-the-cia/
Security researchers from Symantec have tied the CIA hacking tools leaked by WikiLeaks last month to a cyber-espionage group responsible for at least 40 hacks in 16 countries. [...]
https://www.bleepingcomputer.com/news/security/longhorn-cyber-espionage-group-is-actually-the-cia/
BleepingComputer
Longhorn Cyber-Espionage Group Is Actually the CIA
Security researchers from Symantec have tied the CIA hacking tools leaked by WikiLeaks last month to a cyber-espionage group responsible for at least 40 hacks in 16 countries.
Mirai Botnet Temporarily Adds Bitcoin Mining Component, Removes It After a Week
For around a week at the end of March, one of the many versions of the Mirai malware was spotted delivering a Bitcoin-mining module to its infected hosts, which typically are routers, DVRs, and IP cameras. [...]
https://www.bleepingcomputer.com/news/security/mirai-botnet-temporarily-adds-bitcoin-mining-component-removes-it-after-a-week/
For around a week at the end of March, one of the many versions of the Mirai malware was spotted delivering a Bitcoin-mining module to its infected hosts, which typically are routers, DVRs, and IP cameras. [...]
https://www.bleepingcomputer.com/news/security/mirai-botnet-temporarily-adds-bitcoin-mining-component-removes-it-after-a-week/
BleepingComputer
Mirai Botnet Temporarily Adds Bitcoin Mining Component, Removes It After a Week
For around a week at the end of March, one of the many versions of the Mirai malware was spotted delivering a Bitcoin-mining module to its infected hosts, which typically are routers, DVRs, and IP cameras.
Microsoft Office Zero-Day Used to Push Dridex Banking Trojan
The operators of the Dridex botnet are using the recently disclosed Microsoft Office zero-day to spread a version of their malware, the infamous Dridex banking trojan. [...]
https://www.bleepingcomputer.com/news/security/microsoft-office-zero-day-used-to-push-dridex-banking-trojan/
The operators of the Dridex botnet are using the recently disclosed Microsoft Office zero-day to spread a version of their malware, the infamous Dridex banking trojan. [...]
https://www.bleepingcomputer.com/news/security/microsoft-office-zero-day-used-to-push-dridex-banking-trojan/
BleepingComputer
Microsoft Office Zero-Day Used to Push Dridex Banking Trojan
The operators of the Dridex botnet are using the recently disclosed Microsoft Office zero-day to spread a version of their malware, the infamous Dridex banking trojan.
Firefox Will Add a Settings Section That Lets You Control "Performance"
Mozilla engineers are working on a new section in the browser's preferences that will let users control the browser's performance. [...]
https://www.bleepingcomputer.com/news/software/firefox-will-add-a-settings-section-that-lets-you-control-performance-/
Mozilla engineers are working on a new section in the browser's preferences that will let users control the browser's performance. [...]
https://www.bleepingcomputer.com/news/software/firefox-will-add-a-settings-section-that-lets-you-control-performance-/
BleepingComputer
Firefox Will Add a Settings Section That Lets You Control "Performance"
Mozilla engineers are working on a new section in the browser's preferences that will let users control the browser's performance.
Attackers Can Decipher PINs and Passwords From the Way Users Tilt Their Phone
A JavaScript file secretly loaded without your knowledge on a site, or app you load on your mobile device, can access data from various sensors and collect information needed to guess the passwords or PIN a user is entering on his device. [...]
https://www.bleepingcomputer.com/news/security/attackers-can-decipher-pins-and-passwords-from-the-way-users-tilt-their-phone/
A JavaScript file secretly loaded without your knowledge on a site, or app you load on your mobile device, can access data from various sensors and collect information needed to guess the passwords or PIN a user is entering on his device. [...]
https://www.bleepingcomputer.com/news/security/attackers-can-decipher-pins-and-passwords-from-the-way-users-tilt-their-phone/
BleepingComputer
Attackers Can Decipher PINs and Passwords From the Way Users Tilt Their Phone
A JavaScript file secretly loaded without your knowledge on a site, or app you load on your mobile device, can access data from various sensors and collect information needed to guess the passwords or PIN a user is entering on his device.
Adobe Publishes Security Updates for Flash, Reader, Photoshop, and Creative Cloud
Earlier today, Adobe has released security patches for several of its applications, including Adobe Flash Player, Adobe Campaign, Adobe Photoshop CC, the Creative Cloud Desktop Application, and Adobe Acrobat and Reader. [...]
https://www.bleepingcomputer.com/news/security/adobe-publishes-security-updates-for-flash-reader-photoshop-and-creative-cloud/
Earlier today, Adobe has released security patches for several of its applications, including Adobe Flash Player, Adobe Campaign, Adobe Photoshop CC, the Creative Cloud Desktop Application, and Adobe Acrobat and Reader. [...]
https://www.bleepingcomputer.com/news/security/adobe-publishes-security-updates-for-flash-reader-photoshop-and-creative-cloud/
BleepingComputer
Adobe Publishes Security Updates for Flash, Reader, Photoshop, and Creative Cloud
Earlier today, Adobe has released security patches for several of its applications, including Adobe Flash Player, Adobe Campaign, Adobe Photoshop CC, the Creative Cloud Desktop Application, and Adobe Acrobat and Reader.
Microsoft Starts Windows 10 Creators Update Rollout
A few hours ago, Microsoft officially launched the Windows 10 Creators Update, which has slowly started rolling out to a few selected Windows 10 users and will continue to reach new devices in the upcoming weeks. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-starts-windows-10-creators-update-rollout/
A few hours ago, Microsoft officially launched the Windows 10 Creators Update, which has slowly started rolling out to a few selected Windows 10 users and will continue to reach new devices in the upcoming weeks. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-starts-windows-10-creators-update-rollout/
BleepingComputer
Microsoft Starts Windows 10 Creators Update Rollout
A few hours ago, Microsoft officially launched the Windows 10 Creators Update, which has slowly started rolling out to a few selected Windows 10 users and will continue to reach new devices in the upcoming weeks.
Microsoft's April 2017 Patch Tuesday Comes with 61 Security Updates
As part of the April 2017 Patch Tuesday, Microsoft released today 61 security updates for products such as its operating systems, browsers, the Office suite, and others. [...]
https://www.bleepingcomputer.com/news/microsoft/microsofts-april-2017-patch-tuesday-comes-with-61-security-updates/
As part of the April 2017 Patch Tuesday, Microsoft released today 61 security updates for products such as its operating systems, browsers, the Office suite, and others. [...]
https://www.bleepingcomputer.com/news/microsoft/microsofts-april-2017-patch-tuesday-comes-with-61-security-updates/
BleepingComputer
Microsoft's April 2017 Patch Tuesday Comes with 61 Security Updates
As part of the April 2017 Patch Tuesday, Microsoft released today 61 security updates for products such as its operating systems, browsers, the Office suite, and others.
In the Mess of Its New Security Updates Format, Microsoft Patched 3 Bugs Exploited in Live Attacks
Yesterday, Microsoft migrated to a new Patch Tuesday format, which now lists update information via a portal named the Microsoft Security Update Guide, which for the time being, has managed to confuse most sysadmins. [...]
https://www.bleepingcomputer.com/news/microsoft/in-the-mess-of-its-new-security-updates-format-microsoft-patched-3-bugs-exploited-in-live-attacks/
Yesterday, Microsoft migrated to a new Patch Tuesday format, which now lists update information via a portal named the Microsoft Security Update Guide, which for the time being, has managed to confuse most sysadmins. [...]
https://www.bleepingcomputer.com/news/microsoft/in-the-mess-of-its-new-security-updates-format-microsoft-patched-3-bugs-exploited-in-live-attacks/
BleepingComputer
In the Mess of Its New Security Updates Format, Microsoft Patched 3 Bugs Exploited in Live Attacks
Yesterday, Microsoft migrated to a new Patch Tuesday format, which now lists update information via a portal named the Microsoft Security Update Guide, which for the time being, has managed to confuse most sysadmins.