India's Aadhaar Biometrics Database Is About to Become a Security Nightmare

A report released on Monday by The Centre for Internet and Society reveals that over 135 million records from India's Aadhaar national ID systems have already leaked online. [...]

https://www.bleepingcomputer.com/news/security/indias-aadhaar-biometrics-database-is-about-to-become-a-security-nightmare/

Watch Researchers Hack an Industrial Robot and Sabotage Production

There is an insane amount of industrial robots connected to the Internet, and even worse, thousands are left with no form of user authentication whatsoever, open to attack from anyone skilled enough to know how to sabotage their mode of operation. [...]

https://www.bleepingcomputer.com/news/security/watch-researchers-hack-an-industrial-robot-and-sabotage-production/

Cerber Ransomware Version 6 Gets Anti-Vm and Anti-Sandboxing Features

Security researchers have spotted version 6 of the Cerber ransomware, and this new edition continues to add new features, heightening the overall complexity this ransomware family has been showing. [...]

https://www.bleepingcomputer.com/news/security/cerber-ransomware-version-6-gets-anti-vm-and-anti-sandboxing-features/

Windows 10 S Won't Let You Change the Default Browser, Meaning You're Stuck With Edge

Windows 10 S users won't be able to change their default browser and search provider away from Microsoft Edge and Bing. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-s-wont-let-you-change-the-default-browser-meaning-youre-stuck-with-edge/

It Took Google One Hour to Shut Down Massive Self-Replicating Phishing Campaign

A massive phishing campaign took place today, but Google's security staff was on hand and shut down the attacker's efforts within an hour after users first reported the problem on Reddit. [...]

https://www.bleepingcomputer.com/news/security/it-took-google-one-hour-to-shut-down-massive-self-replicating-phishing-campaign/

HoeflerText SocEng Attack Now Targeting Firefox with a Mozilla Font Pack

HoeflerText Font Pack social engineering attack has expanded to now include the Firefox browser as one of its targets. Not paying attention and installing its payload will lead to the Zeus Panda banking Trojan being installed on a victim's computer. [...]

https://www.bleepingcomputer.com/news/security/hoeflertext-soceng-attack-now-targeting-firefox-with-a-mozilla-font-pack/

234 Android Applications Are Currently Using Ultrasonic Beacons to Track Users

A team of researchers from the Brunswick Technical University in Germany has discovered an alarming number of Android applications that employ ultrasonic tracking beacons to track users and their nearby environment. [...]

https://www.bleepingcomputer.com/news/security/234-android-applications-are-currently-using-ultrasonic-beacons-to-track-users/

Malware Targets North Korea for Once

Security researchers from Cisco Talos have come across a new malware family that was used to target various officials and organizations linked to North Korea. [...]

https://www.bleepingcomputer.com/news/security/malware-targets-north-korea-for-once/

WordPress Zero-Day Could Expose Password Reset Emails

Polish security expert Dawid Golunski has discovered a zero-day in the WordPress password reset mechanism that would allow an attacker to obtain the password reset link, under certain circumstances. [...]

https://www.bleepingcomputer.com/news/security/wordpress-zero-day-could-expose-password-reset-emails/

Some Twitter Dude Is Trying to Take Credit for the Google Docs Phishing Attack

A Twitter user by the name @EugenePupov is trying to take credit for the massive phishing attack that hit Gmail users last night, but currently available evidence isn't lining up with his statements. [...]

https://www.bleepingcomputer.com/news/security/some-twitter-dude-is-trying-to-take-credit-for-the-google-docs-phishing-attack/

15K Botnet Mines for Cryptocurrencies on Vulnerable Windows Servers

A malware developer suspected of operating out of China is in control of a botnet of 15,000 compromised Windows Server machines, which he uses to mine for various crypto-currencies, and primarily Monero. [...]

https://www.bleepingcomputer.com/news/security/15k-botnet-mines-for-cryptocurrencies-on-vulnerable-windows-servers/

Windows 10 Insider Build 16188 For PC Brings Application Guard to the Enterprise

Today Microsoft released Insider Preview Build 16188 for PC and Insider Preview Build 15210 for Mobile to insiders on the fast ring. With build 16188, Microsoft introduces new features in Microsoft Edge's PDF Reader and Application Guard for Microsoft Edge. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-16188-for-pc-brings-application-guard-to-the-enterprise/

Hackers Use Flaws in Telephony Core Protocol to Bypass 2FA on Bank Accounts

Hackers have exploited decades-old flaws in the SS7 mobile telephony protocol to hijack phone numbers and SMS messages, in order to bypass two-factor authentication (2FA) and steal money from bank accounts. [...]

https://www.bleepingcomputer.com/news/security/hackers-use-flaws-in-telephony-core-protocol-to-bypass-2fa-on-bank-accounts/

New Fatboy Ransomware-as-a-Service Advertised on Russian Hacking Forum

A new Ransomware-as-a-Service (RaaS) portal is being advertised on an underground hacking forum, primarily used by Russian-speaking criminals. [...]

https://www.bleepingcomputer.com/news/security/new-fatboy-ransomware-as-a-service-advertised-on-russian-hacking-forum/

Cyber-Espionage Malware Is So Advanced It Has Its Own API

Russian cyberspies have developed a new breed of backdoor trojan that features several novel techniques, including an API that allows attackers to reverse the C&C communications flow when needed. [...]

https://www.bleepingcomputer.com/news/security/cyber-espionage-malware-is-so-advanced-it-has-its-own-api/

Dark Web Marketplace Shut Down in Slovakia

Law enforcement in Slovakia has arrested two individuals for their involvement in drugs and weapons trafficking, among which, one is suspected of operating the Dark Web marketplace known as Bloomsfield. [...]

https://www.bleepingcomputer.com/news/security/dark-web-marketplace-shut-down-in-slovakia/

US Government Leaves Predator Drone Video Feeds Exposed Online

Two servers located at 216.58.228.18 and 98.188.203.187 have been leaking live video feeds from two Predator drones belonging to the US government. [...]

https://www.bleepingcomputer.com/news/government/us-government-leaves-predator-drone-video-feeds-exposed-online/

The Week in Ransomware - May 5th 2017 - Wallet, GlobeImposter, and Cerber

Wow! What a brutal week. This week we have 37 ransomware stories, with 10 of them being on May 1st alone. Most of the new ransomware releases continue to be real crap, but together they add up to a wave of garbage that can do some serious harm. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-5th-2017-wallet-globeimposter-and-cerber/

WikiLeaks Dump Reveals CIA Tool for MitM Attacks

WikiLeaks dumped today the documentation of a new supposed CIA hacking tool called Archimedes, which the Agency had used to perform Man-in-the-Middle attacks on local networks. [...]

https://www.bleepingcomputer.com/news/security/wikileaks-dump-reveals-cia-tool-for-mitm-attacks/

FrozrLock Ransomware Advertised on the Dark Web As "Great Security Tool"

A new Ransomware-as-a-Service has become available on the Dark Web, named FrozrLock, available for only $220, and advertised under the tagline of "great security tool that encrypts most of your files in several minutes." [...]

https://www.bleepingcomputer.com/news/security/frozrlock-ransomware-advertised-on-the-dark-web-as-great-security-tool-/