3 of 4 Zero-Days Microsoft Patched Yesterday Were Used by Russian Cyberspies

Microsoft's May 2017 Patch Tuesday, released yesterday, included fixes for three zero-days, which according to ESET and FireEye, were used by cyber-espionage groups operating out of Russia. [...]

https://www.bleepingcomputer.com/news/security/3-of-4-zero-days-microsoft-patched-yesterday-were-used-by-russian-cyberspies/

Kaspersky Denies Report It Might Help Russian Government Spy on US Citizens

In an article published yesterday, ABC News cited congressional sources who claimed the Senate Intelligence Committee had started an investigation into Kaspersky Lab's relationship with the Russian government. [...]

https://www.bleepingcomputer.com/news/security/kaspersky-denies-report-it-might-help-russian-government-spy-on-us-citizens/

Upcoming NIST Guideline Advocates Simpler Rules for Online Passwords

The US National Institute of Standards and Technology (NIST) is preparing to issue a new Digital Identity Guideline, which unlike its previous editions, will take a softer stance on the complexity of online passwords. [...]

https://www.bleepingcomputer.com/news/security/upcoming-nist-guideline-advocates-simpler-rules-for-online-passwords/

Microsoft Has Effectively Banned Third-Party Browsers From the Windows Store

A one-liner in the Windows Store policy is the reason why we'll never have the "original" Chrome, Firefox, Opera, or other browsers available through the official Windows Store. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-has-effectively-banned-third-party-browsers-from-the-windows-store/

Microsoft Bans SHA-1 Certificates in Edge and Internet Explorer

Starting yesterday, via updates delivered in the May 2017 Patch Tuesday, Microsoft browsers such as Edge and Internet Explorer, have begun flagging websites as insecure if they use SSL/TLS certificates signed with the SHA-1 algorithm. [...]

https://www.bleepingcomputer.com/news/security/microsoft-bans-sha-1-certificates-in-edge-and-internet-explorer/

Opera 45 Is Here With New UI, WhatsApp, Telegram, and Facebook Messenger Support

Opera Software released today Opera v45, nicknamed "Reborn," a brand new version of the Opera browser that comes not only with a new graphical user interface, but also adds a new feature not seen in any other browser. [...]

https://www.bleepingcomputer.com/news/software/opera-45-is-here-with-new-ui-whatsapp-telegram-and-facebook-messenger-support/

An unnamed UK-based regional water supply company lost over £500,000 ($645,000) in a sophisticated scam that involved social engineering, an inside man, and international bank transfers. [...]

https://www.bleepingcomputer.com/news/security/uk-water-supplier-loses-500-000-in-sophisticated-scam/

40 Asus RT Router Models Are Vulnerable to Simple Hacks

40 models of the Asus RT line of home routers are affected by five vulnerabilities that allow an attacker to get ahold of the router password, change router settings without authentication, and exfiltrate router data. [...]

https://www.bleepingcomputer.com/news/security/40-asus-rt-router-models-are-vulnerable-to-simple-hacks/

Edge Security Flaw Allows Theft of Facebook and Twitter Credentials

Argentinian security researcher Manuel Caballero has discovered another vulnerability in Microsoft's Edge browser that can be exploited to bypass a security protection feature and steal data such as passwords from other sites, or cookie files that contain sensitive information. [...]

https://www.bleepingcomputer.com/news/security/edge-security-flaw-allows-theft-of-facebook-and-twitter-credentials/

Keylogger Found in Audio Driver of HP Laptops

The audio driver installed on some HP laptops includes a feature that could best be described as a keylogger, which records all the user's keystrokes and saves the information to a local file, accessible to anyone or any third-party software or malware that knows where to look. [...]

https://www.bleepingcomputer.com/news/security/keylogger-found-in-audio-driver-of-hp-laptops/

Avast Antivirus Update Blocks Internet Access

An update to the Avast antivirus has blocked users' ability to access the Internet, most customers needing to disable the antivirus in order to be able to get online (and complain to Avast). [...]

https://www.bleepingcomputer.com/news/software/avast-antivirus-update-blocks-internet-access/

SLocker Android Ransomware Makes Furious Comeback with 400 New Variations

The SLocker Android ransomware is back with a new wave of infections, after previously wreaking havoc in the summer of 2016. [...]

https://www.bleepingcomputer.com/news/security/slocker-android-ransomware-makes-furious-comeback-with-400-new-variations/

Jaff Ransomware Distributed via Necurs MALSPAM and asking for a $3,700 Ransom

A new ransomware was discovered today called Jaff ransomware. This ransomware will encrypt your files and append the .jaff extension to encrypted files. It also joins the ranks of other ransomware that steal payment site templates from Locky. [...]

https://www.bleepingcomputer.com/news/security/jaff-ransomware-distributed-via-necurs-malspam-and-asking-for-a-3-700-ransom/

Researchers Use Digitally Created Fingerprints to Unlock Smartphones

A team of researchers from the Tandon School of Engineering at the New York University has created a method of generating fake digital fingerprints capable of unlocking random smartphones. [...]

https://www.bleepingcomputer.com/news/security/researchers-use-digitally-created-fingerprints-to-unlock-smartphones/

Windows 10 Insider Build 16193 Introduces Story Remix

Today Microsoft released Insider Preview Build 16193 for PC and Insider Preview Build 15213 for Mobile to insiders on the fast ring. With build 16193, Microsoft gives insiders the ability to try out a new feature called Story Remix that uses AI to automatically tag your photos and string them into videos with accompanying music. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-16193-introduces-story-remix/

OnePlus Smartphones Vulnerable to OS Downgrade Attacks

Almost all recent OnePlus smartphones are vulnerable to attacks that can downgrade the phone's operating system and expose the device to previously patched security flaws. [...]

https://www.bleepingcomputer.com/news/security/oneplus-smartphones-vulnerable-to-os-downgrade-attacks/

Microsoft Announces a New UI for Future Windows 10 Releases (Photos)

At the Build conference held yesterday in Seattle, Microsoft announced a new UI for its products, which the company has officially named the "Microsoft Fluent Design Language." [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-a-new-ui-for-future-windows-10-releases-photos-/

Telefonica Tells Employees to Shut Down Computers Amid Massive Ransomware Outbreak

A ransomware outbreak is wreaking havoc all over the world, but especially in Spain, where Telefonica — one of the country's biggest telecommunications companies — has fallen victim, and its IT staff is desperately telling employees to shut down computers and VPN connections in order to limit the ransomware's reach. [...]

https://www.bleepingcomputer.com/news/security/telefonica-tells-employees-to-shut-down-computers-amid-massive-ransomware-outbreak/

HP Releases Driver Update to Remove Accidental Keylogger

HP has issued an update to remove a keylogging mechanism found in the audio drivers included with some of its high-end laptops. [...]

https://www.bleepingcomputer.com/news/hardware/hp-releases-driver-update-to-remove-accidental-keylogger/

Wana Decrypt0r Ransomware Using NSA Exploit Leaked by Shadow Brokers Is on a Rampage

Ransomware scum are using an SMB exploit leaked by the Shadow Brokers last month to fuel a massive ransomware outbreak that exploded online today, making victims all over the world in huge numbers. [...]

https://www.bleepingcomputer.com/news/security/wana-decrypt0r-ransomware-using-nsa-exploit-leaked-by-shadow-brokers-is-on-a-rampage/