Firefox Will Add a Settings Section That Lets You Control "Performance"

Mozilla engineers are working on a new section in the browser's preferences that will let users control the browser's performance. [...]

https://www.bleepingcomputer.com/news/software/firefox-will-add-a-settings-section-that-lets-you-control-performance-/

Attackers Can Decipher PINs and Passwords From the Way Users Tilt Their Phone

A JavaScript file secretly loaded without your knowledge on a site, or app you load on your mobile device, can access data from various sensors and collect information needed to guess the passwords or PIN a user is entering on his device. [...]

https://www.bleepingcomputer.com/news/security/attackers-can-decipher-pins-and-passwords-from-the-way-users-tilt-their-phone/

Adobe Publishes Security Updates for Flash, Reader, Photoshop, and Creative Cloud

Earlier today, Adobe has released security patches for several of its applications, including Adobe Flash Player, Adobe Campaign, Adobe Photoshop CC, the Creative Cloud Desktop Application, and Adobe Acrobat and Reader. [...]

https://www.bleepingcomputer.com/news/security/adobe-publishes-security-updates-for-flash-reader-photoshop-and-creative-cloud/

Microsoft Starts Windows 10 Creators Update Rollout

A few hours ago, Microsoft officially launched the Windows 10 Creators Update, which has slowly started rolling out to a few selected Windows 10 users and will continue to reach new devices in the upcoming weeks. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-starts-windows-10-creators-update-rollout/

Microsoft's April 2017 Patch Tuesday Comes with 61 Security Updates

As part of the April 2017 Patch Tuesday, Microsoft released today 61 security updates for products such as its operating systems, browsers, the Office suite, and others. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-april-2017-patch-tuesday-comes-with-61-security-updates/

In the Mess of Its New Security Updates Format, Microsoft Patched 3 Bugs Exploited in Live Attacks

Yesterday, Microsoft migrated to a new Patch Tuesday format, which now lists update information via a portal named the Microsoft Security Update Guide, which for the time being, has managed to confuse most sysadmins. [...]

https://www.bleepingcomputer.com/news/microsoft/in-the-mess-of-its-new-security-updates-format-microsoft-patched-3-bugs-exploited-in-live-attacks/

Home Routers Used to Hack WordPress Sites

There's a group of hackers who are hijacking unsecured home routers and using these devices to launch coordinated brute-force attacks on the administration panel of WordPress sites. [...]

https://www.bleepingcomputer.com/news/security/home-routers-used-to-hack-wordpress-sites/

Google Chrome Uses New Feature to Prevent Unexpected Page Jumps

With little fanfare, Google added a new Chrome feature that prevents the content of current pages from jumping up or down as other content gets loaded on the same page. [...]

https://www.bleepingcomputer.com/news/software/google-chrome-uses-new-feature-to-prevent-unexpected-page-jumps/

Mole Ransomware Distributed Through Fake online Word Docs

A new ransomware called Mole was found by security researcher Brad Duncan while he was analyzing a new SPAM campaign. After examining this sample, I feel that this is probably another variant of the CryptoMix family as it has many similarities to the Revenge and CryptoShield variants. [...]

https://www.bleepingcomputer.com/news/security/mole-ransomware-distributed-through-fake-online-word-docs/

Microsoft Edge Beats Chrome by Over Three Hours in New Battery Usage Test

With the launch of the Windows 10 Creators Update and Edge 40 (EdgeHTML 15), Microsoft has released a new battery usage test that, naturally, trashes the company's competition. [...]

https://www.bleepingcomputer.com/news/software/microsoft-edge-beats-chrome-by-over-three-hours-in-new-battery-usage-test/

Kelihos Botnet Had Around 60K Bots When It Was Taken Down (Fourth Time's a Charm)

The Kelihos botnet is no more. Or at least that's what authorities hope happens, after attempting to bring it down three times in the past, but to no avail. [...]

https://www.bleepingcomputer.com/news/security/kelihos-botnet-had-around-60k-bots-when-it-was-taken-down-fourth-times-a-charm-/

Five Inmates Built Two PCs and Hacked a Prison From Within

Five inmates from the Marion Correctional Institution (MCI) built two computers from spare parts, hid them in the ceiling of a training room closet, and used them to hack into the prison's network. [...]

https://www.bleepingcomputer.com/news/security/five-inmates-built-two-pcs-and-hacked-a-prison-from-within/

It's Probably a Bad Idea to Run a Tor Exit Node in Your Home, in Russia

Russian authorities have arrested a mathematics teacher from Moscow on accusations of organizing riots and calling for terrorist activities or justifying the use of terrorism via the Internet. [...]

https://www.bleepingcomputer.com/news/government/its-probably-a-bad-idea-to-run-a-tor-exit-node-in-your-home-in-russia/

Recent Microsoft 0-Day Used for Cyber-Espionage and Mundane Malware Distribution

The saga of CVE-2017-0199, a recently patched zero-day vulnerability affecting Microsoft Office and WordPad, just got a little stranger yesterday after cyber-security firm FireEye revealed the vulnerability was used by both cyber-criminals pushing mundane malware, and also by state-sponsored cyber-espionage groups. [...]

https://www.bleepingcomputer.com/news/security/recent-microsoft-0-day-used-for-cyber-espionage-and-mundane-malware-distribution/

Is a Smart Oven "Smart" If It Can Be Hijacked via SMS?

Security researchers from Pen Test Partners have discovered pretty glaring security flaws in Aga's line of smart ovens. [...]

https://www.bleepingcomputer.com/news/security/is-a-smart-oven-smart-if-it-can-be-hijacked-via-sms/

Copy-Pasting Sundown Exploit Kit Has Been Offline for More Than a Month

King of copy-paste exploits, the Sundown exploit kit, has been offline since March 8, and this also includes most of its variations, according to security researcher Kaffeine and Jérôme Segura of Malwarebytes. [...]

https://www.bleepingcomputer.com/news/security/copy-pasting-sundown-exploit-kit-has-been-offline-for-more-than-a-month/

Former Sysadmin Accused of Planting "Time Bomb" in Company's Database

Allegro MicroSystems LLC is suing a former IT employee for sabotaging its database using a "time bomb" that deleted crucial financial data in the first week of the new fiscal year. [...]

https://www.bleepingcomputer.com/news/security/former-sysadmin-accused-of-planting-time-bomb-in-companys-database/

Microsoft Stops Updates for New CPU Models on Windows 7 and 8.1

Starting this month, Microsoft has stopped delivering updates for Windows 7 and 8.1 operating systems running on modern processor models, such as Intel 7th Generation (Kaby Lake) and AMD 7th Generation (Bristol Ridge). [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-stops-updates-for-new-cpu-models-on-windows-7-and-8-1/

Cerber Dominates Ransomware Landscape After Locky's Demise

The Cerber ransomware family has risen to take Locky's place at the top of the ransomware mountain after new Locky versions stopped coming out last year, and spam operations spreading Locky have slowed down to a trickle in 2017. [...]

https://www.bleepingcomputer.com/news/security/cerber-dominates-ransomware-landscape-after-lockys-demise/

Shadow Brokers Release New Files Revealing Windows Exploits, SWIFT Attacks

On Good Friday and ahead of the Easter holiday, the Shadow Brokers have dumped a new collection of files, containing what appears to be exploits and hacking tools targeting Microsoft's Windows OS and evidence the Equation Group had gained access to servers and targeted the SWIFT banking system of several banks across the world. [...]

https://www.bleepingcomputer.com/news/security/shadow-brokers-release-new-files-revealing-windows-exploits-swift-attacks/