Hackers Can Spoof Phone Numbers, Track Users via 4G VoLTE Mobile Technology

A team of researchers from French company P1 Security has detailed a long list of issues with the 4G VoLTE telephony, a protocol that has become quite popular all over the world in recent years and is currently in use in the US, Asia, and most European countries. [...]

https://www.bleepingcomputer.com/news/security/hackers-can-spoof-phone-numbers-track-users-via-4g-volte-mobile-technology/

New "Industroyer" Malware Targets Power Grids

Security researchers from ESET and Dragos have discovered a brand new malware strain that was specifically built to target equipment installed in power grids, and which has already been deployed in live attacks in Ukraine. [...]

https://www.bleepingcomputer.com/news/security/new-industroyer-malware-targets-power-grids/

GPAA Ransomware Shows the Depravity of Some Ransomware Developers

I have been playing with ransomware for quite some time, but a new ransomware note really brings it to a new level of scumbaggery and disgust. [...]

https://www.bleepingcomputer.com/news/security/gpaa-ransomware-shows-the-depravity-of-some-ransomware-developers/

You Can Hack Some Mazda Cars with a USB Flash Drive

Mazda cars with next-gen Mazda MZD Connect infotainment systems can be hacked just by plugging in a USB flash drive into their dashboard, thanks to a series of bugs that have been known for at least three years. [...]

https://www.bleepingcomputer.com/news/security/you-can-hack-some-mazda-cars-with-a-usb-flash-drive/

Hacker "Sagade" Extradited to the US for Role in Scareware Scheme

Peteris Sahurovs, a Latvian hacker known as "Sagade," was extradited to the US and appeared in Minneapolis court today in regards to accusations of running a scareware operation that pocketed the crook and his partners over $2 million. [...]

https://www.bleepingcomputer.com/news/security/hacker-sagade-extradited-to-the-us-for-role-in-scareware-scheme/

75 Android Apps Remove Info-Stealing Adware From Their Code

Seventy-five apps available for download from the official Google Play Store had to remove a malicious advertising library that was secretly an adware called AdDown, which Trend Micro researchers have been tracking for the last two years. [...]

https://www.bleepingcomputer.com/news/security/75-android-apps-remove-info-stealing-adware-from-their-code/

A 12-Month Campaign of Fake News to Influence Elections Costs $400,000

A 77-page report released today by cyber-security firm Trend Micro explores the underground landscape of fake news, where anyone can buy influence and create artificial trends to serve personal interests. [...]

https://www.bleepingcomputer.com/news/security/a-12-month-campaign-of-fake-news-to-influence-elections-costs-400-000/

Adobe Patches Nine Security Flaws in Flash Player

Adobe released today four security bulletins announcing patches for products such as Flash Player, Shockwave Player, Captivate, and Digital Editions. [...]

https://www.bleepingcomputer.com/news/security/adobe-patches-nine-security-flaws-in-flash-player/

Microsoft to Disable SMBv1 in Windows Starting This Fall

Starting this fall, with the public launch of the next major Windows 10 update — codenamed Redstone 3 — Microsoft plans to disable SMBv1 in most versions of the Windows operating systems. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-disable-smbv1-in-windows-starting-this-fall/

Microsoft Issues Windows XP Security Updates for Previously Ignored NSA Hacking Tools

In two blog posts today, Microsoft announced it issued new security patches for Windows XP users to protect them against "potential nation-state activity" that could cause "destructive cyber attacks" similar to the WannaCry outbreak that hit users last month. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-issues-windows-xp-security-updates-for-previously-ignored-nsa-hacking-tools/

Microsoft's June Patch Tuesday Fixes Two Vulnerabilities Used in Live Attacks

Microsoft published today the June 2017 Patch Tuesday, which patches over 90 security flaws, including two vulnerabilities used in live attacks. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-june-patch-tuesday-fixes-two-vulnerabilities-used-in-live-attacks/

DHS and FBI Publish Details on DeltaCharlie, North Korea's DDoS Botnet

In a US-CERT report released yesterday afternoon, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have published IOCs about a malware family known as DeltaCharlie, used by North Korea to create its private DDoS botnet. [...]

https://www.bleepingcomputer.com/news/security/dhs-and-fbi-publish-details-on-deltacharlie-north-koreas-ddos-botnet/

Firefox 54 Released With Improved Multi-Process Support

Mozilla released yesterday version 54 of the Firefox browser, which has expanded the multi-process feature from two to five processes (one for the UI, four for browser content). [...]

https://www.bleepingcomputer.com/news/software/firefox-54-released-with-improved-multi-process-support/

Decrypted: Kaspersky Releases Decryptor for the Jaff Ransomware

Fedor Sinitsyn, a senior malware analyst at Kaspersky Labs, has discovered a weakness in the Jaff ransomware and was able to release a decryptor for all current variants For those who were infected with Jaff and had their files encrypted with the .jaff, .wlu, or .sVn extensions, this decryptor can recover your files for free. [...]

https://www.bleepingcomputer.com/news/security/decrypted-kaspersky-releases-decryptor-for-the-jaff-ransomware/

Police Arrest Owner and Six Customers of Malware Crypter Service

Europol announced today that police across Europe arrested six users who were customers of a malware crypter service and a counter anti-virus platform developed by a 22-year-old German man. [...]

https://www.bleepingcomputer.com/news/security/police-arrest-owner-and-six-customers-of-malware-crypter-service/

Former Major Player Neutrino Exploit Kit Has Gone Dark

The Neutrino exploit kit, a former leader of the exploit kit market, appears to have shut down, with the last activity recorded at the start of April, well over two months ago. [...]

https://www.bleepingcomputer.com/news/security/former-major-player-neutrino-exploit-kit-has-gone-dark/

Google Will Be Able to Backup Your Entire Computer

Google pre-announced today a new tool named "Backup and Sync," built on top of Google Drive, which will be able to back up files stored anywhere on the user's computer, not just in the Drive folder. The search giant says it will launch Backup and Sync in two weeks, on June 28. [...]

https://www.bleepingcomputer.com/news/google/google-will-be-able-to-backup-your-entire-computer/

Nearly One Million Systems Provide "Guest" SMB Access, Most Are Linux

There are 2,306,820 devices connected to the Internet at the moment that feature open ports for SMB services, the same protocol that was used to infect hundreds of thousands of computers with the WannaCry ransomworm a month ago. [...]

https://www.bleepingcomputer.com/news/security/nearly-one-million-systems-provide-guest-smb-access-most-are-linux/

UK University Blames Ransomware Infection on Zero-Day Vulnerability

University College London admitted in a status report published yesterday afternoon that it had succumbed to a ransomware infection that affected computers on its network. The infection appears to have taken place yesterday afternoon after an employee or student opened an email attachment. [...]

https://www.bleepingcomputer.com/news/security/uk-university-blames-ransomware-infection-on-zero-day-vulnerability/

Botnet Fodder: 10 Million Devices With Open Telnet Ports Still Available Online

A yearly scan of exposed ports has revealed that there are nearly 10 million devices with open Telnet ports connected to the Internet as we speak, opening themselves to brute-force attacks from IoT botnets, and MitM interception from local attackers. [...]

https://www.bleepingcomputer.com/news/security/botnet-fodder-10-million-devices-with-open-telnet-ports-still-available-online/