Kaspersky Opens Code to 3rd-Party Review in Effort to Combat Spying Accusations

In an attempt to dispell rumors that its software is being used as a backdoor into users' computers, Kaspersky Labs said today it would subject its security products to an independent third-party source code review. [...]

https://www.bleepingcomputer.com/news/security/kaspersky-opens-code-to-3rd-party-review-in-effort-to-combat-spying-accusations/

Russian Cyberspies Carry Out the Silliest Cyber-Espionage Campaign of the Year

A Russian cyber-espionage group has tried to infect security researchers with malware via a spear-phishing campaign that can easily receive a Pwnie Awards nomination for one of the year's biggest epic fails. [...]

https://www.bleepingcomputer.com/news/security/russian-cyberspies-carry-out-the-silliest-cyber-espionage-campaign-of-the-year/

Google Open-Sources Some of Chrome's Usage Stats

Google open-sourced today some of Chrome's usage metrics in an attempt to help developers create better websites. [...]

https://www.bleepingcomputer.com/news/google/google-open-sources-some-of-chromes-usage-stats/

LokiBot Android Banking Trojan Turns Into Ransomware When You Try to Remove It

Security researchers have spotted a new Android banking trojan named LokiBot that turns into ransomware and locks users' phones when they try to remove its admin privileges. [...]

https://www.bleepingcomputer.com/news/security/lokibot-android-banking-trojan-turns-into-ransomware-when-you-try-to-remove-it/

APNIC Whois Database Password Hashes Were Available for Download

The Asia-Pacific Network Information Centre (APNIC), the organization that manages domain name information for the Asia-Pacific region, fixed on Monday an error that exposed password hashes needed to access and edit domain ownership details. [...]

https://www.bleepingcomputer.com/news/security/apnic-whois-database-password-hashes-were-available-for-download/

DUHK Crypto Attack Recovers Encryption Keys, Exposes VPN Connections, More

After last week we had the KRACK and ROCA cryptographic attacks, this week has gotten off to a similarly "great" start with the publication of a new crypto attack known as DUHK (Don't Use Hard-coded Keys) [...]

https://www.bleepingcomputer.com/news/security/duhk-crypto-attack-recovers-encryption-keys-exposes-vpn-connections-more/

Banks Sue Computer Parts Site Newegg for Participation in Massive Fraud Scheme

Four major banks from South Korea have filed a lawsuit against Newegg, a US-based computer parts retailer, alleging the company has participated in a massive financial scheme that has defrauded the banks with hundreds of millions of dollars. [...]

https://www.bleepingcomputer.com/news/hardware/banks-sue-computer-parts-site-newegg-for-participation-in-massive-fraud-scheme/

Bad Rabbit Ransomware Outbreak Hits Eastern Europe

A new ransomware strain named Bad Rabbit is wreaking havoc in many Eastern European countries, affecting both government agencies and private businesses alike. [...]

https://www.bleepingcomputer.com/news/security/bad-rabbit-ransomware-outbreak-hits-eastern-europe/

Hacker Takes Over Coinhive DNS Server After Company Reuses Old Password

An unknown attacker has hijacked Coinhive's DNS server and replaced the legitimate Coinhive JavaScript in-browser miner with a malicious version that mined Monero for the hacker's own wallet. [...]

https://www.bleepingcomputer.com/news/security/hacker-takes-over-coinhive-dns-server-after-company-reuses-old-password/

Tyrant Ransomware Spreads in Iran Disguised as Popular VPN App

The Iran Computer Emergency Response Team Coordination Center (Iran CERTCC) has issued a security alert about a ransomware distribution campaign currently active in the country. [...]

https://www.bleepingcomputer.com/news/security/tyrant-ransomware-spreads-in-iran-disguised-as-popular-vpn-app/

Millennials Twice More Likely to Fall for Phishing Scams Compared to the Elderly

Millennials are twice more likely to fall for phishing and online scams, compared to baby boomers, according to a recently concluded study carried out by UK's Get Safe Online organization. [...]

https://www.bleepingcomputer.com/news/security/millennials-twice-more-likely-to-fall-for-phishing-scams-compared-to-the-elderly/

Small Amount of Bad Rabbit Ransomware Victims Detected in the USA

According to cybersecurity vendor Avast, the Bad Rabbit Ransomware has now been detected in the U.S.A. This article will provide, suggested steps that an organization or consumer can use to protect themselves. [...]

https://www.bleepingcomputer.com/news/security/small-amount-of-bad-rabbit-ransomware-victims-detected-in-the-usa/

Ethereum Phishing Attack Nets Criminals 15K in Two Hours

A Ethereum phishing scam netted attackers over $15,000 in just two hours. This was done by creating a site pretended to be a popular online Ethereum wallet site and using it steal people's wallets.. [...]

https://www.bleepingcomputer.com/news/security/ethereum-phishing-attack-nets-criminals-15k-in-two-hours/

Appleby, a Bermuda law firm that handles the finances for some of the world's richest people, admitted yesterday to a security breach that took place last year. [...]

https://www.bleepingcomputer.com/news/security/offshore-law-firm-prepares-for-panama-papers-like-expos-after-admitting-breach/

Windows 10 Insider Build 17025 for PC Brings an Updated Microsoft Yahei Font

Today Microsoft released Insider Preview Build 17025 for PC to insiders on the fast ring and to those who opted to Skip Ahead. This build includes revamped Ease of Access Settings, the ability to see tasks for UWP programs that are configured to autostart, and an updated Microsoft Yahei font. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-17025-for-pc-brings-an-updated-microsoft-yahei-font/

Kaspersky Gives Its Side of the Story on How the NSA Lost Some Its Hacking Tools

Russian cyber-security vendor Kaspersky Lab published today a report detailing its side of events on the whole Kaspersky-stole-US-government-files-for-Russia saga. [...]

https://www.bleepingcomputer.com/news/security/kaspersky-gives-its-side-of-the-story-on-how-the-nsa-lost-some-its-hacking-tools/

Security Firms Say Bad Rabbit Attack Carried Out by NotPetya Group

Several security firms have come forward today with evidence that shows links connecting the Bad Rabbit ransomware outbreak that happened yesterday with the NotPetya ransomware outbreak that took place at the end of June, this year. [...]

https://www.bleepingcomputer.com/news/security/security-firms-say-bad-rabbit-attack-carried-out-by-notpetya-group/

Android's New Google Play Protect System Miserably Fails First Security Test

Google's new Play Protect security system did not survive its first real-world tests, and the system was ranked dead last in an experiment carried out by German antivirus testing lab AV-Test. [...]

https://www.bleepingcomputer.com/news/security/androids-new-google-play-protect-system-miserably-fails-first-security-test/

Backdoor Account Found in Popular Ship Satellite Communications System

A popular satellite communications (SATCOM) system installed on ships across the world is affected by two serious security flaws — a hidden backdoor account with full system privileges access and an SQL injection in the login form. [...]

https://www.bleepingcomputer.com/news/security/backdoor-account-found-in-popular-ship-satellite-communications-system/

Mobile Ads Can Be Weaponized to Track Desired Users for Less Than $1,000

User targeting capabilities provided by mobile advertisers can also be abused to track users with an accuracy of 8 meters and for a budget of $1,000 or less. [...]

https://www.bleepingcomputer.com/news/security/mobile-ads-can-be-weaponized-to-track-desired-users-for-less-than-1-000/