Microsoft to Disable SMBv1 in Windows Starting This Fall

Starting this fall, with the public launch of the next major Windows 10 update — codenamed Redstone 3 — Microsoft plans to disable SMBv1 in most versions of the Windows operating systems. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-disable-smbv1-in-windows-starting-this-fall/

Microsoft Issues Windows XP Security Updates for Previously Ignored NSA Hacking Tools

In two blog posts today, Microsoft announced it issued new security patches for Windows XP users to protect them against "potential nation-state activity" that could cause "destructive cyber attacks" similar to the WannaCry outbreak that hit users last month. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-issues-windows-xp-security-updates-for-previously-ignored-nsa-hacking-tools/

Microsoft's June Patch Tuesday Fixes Two Vulnerabilities Used in Live Attacks

Microsoft published today the June 2017 Patch Tuesday, which patches over 90 security flaws, including two vulnerabilities used in live attacks. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-june-patch-tuesday-fixes-two-vulnerabilities-used-in-live-attacks/

DHS and FBI Publish Details on DeltaCharlie, North Korea's DDoS Botnet

In a US-CERT report released yesterday afternoon, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have published IOCs about a malware family known as DeltaCharlie, used by North Korea to create its private DDoS botnet. [...]

https://www.bleepingcomputer.com/news/security/dhs-and-fbi-publish-details-on-deltacharlie-north-koreas-ddos-botnet/

Firefox 54 Released With Improved Multi-Process Support

Mozilla released yesterday version 54 of the Firefox browser, which has expanded the multi-process feature from two to five processes (one for the UI, four for browser content). [...]

https://www.bleepingcomputer.com/news/software/firefox-54-released-with-improved-multi-process-support/

Decrypted: Kaspersky Releases Decryptor for the Jaff Ransomware

Fedor Sinitsyn, a senior malware analyst at Kaspersky Labs, has discovered a weakness in the Jaff ransomware and was able to release a decryptor for all current variants For those who were infected with Jaff and had their files encrypted with the .jaff, .wlu, or .sVn extensions, this decryptor can recover your files for free. [...]

https://www.bleepingcomputer.com/news/security/decrypted-kaspersky-releases-decryptor-for-the-jaff-ransomware/

Police Arrest Owner and Six Customers of Malware Crypter Service

Europol announced today that police across Europe arrested six users who were customers of a malware crypter service and a counter anti-virus platform developed by a 22-year-old German man. [...]

https://www.bleepingcomputer.com/news/security/police-arrest-owner-and-six-customers-of-malware-crypter-service/

Former Major Player Neutrino Exploit Kit Has Gone Dark

The Neutrino exploit kit, a former leader of the exploit kit market, appears to have shut down, with the last activity recorded at the start of April, well over two months ago. [...]

https://www.bleepingcomputer.com/news/security/former-major-player-neutrino-exploit-kit-has-gone-dark/

Google Will Be Able to Backup Your Entire Computer

Google pre-announced today a new tool named "Backup and Sync," built on top of Google Drive, which will be able to back up files stored anywhere on the user's computer, not just in the Drive folder. The search giant says it will launch Backup and Sync in two weeks, on June 28. [...]

https://www.bleepingcomputer.com/news/google/google-will-be-able-to-backup-your-entire-computer/

Nearly One Million Systems Provide "Guest" SMB Access, Most Are Linux

There are 2,306,820 devices connected to the Internet at the moment that feature open ports for SMB services, the same protocol that was used to infect hundreds of thousands of computers with the WannaCry ransomworm a month ago. [...]

https://www.bleepingcomputer.com/news/security/nearly-one-million-systems-provide-guest-smb-access-most-are-linux/

UK University Blames Ransomware Infection on Zero-Day Vulnerability

University College London admitted in a status report published yesterday afternoon that it had succumbed to a ransomware infection that affected computers on its network. The infection appears to have taken place yesterday afternoon after an employee or student opened an email attachment. [...]

https://www.bleepingcomputer.com/news/security/uk-university-blames-ransomware-infection-on-zero-day-vulnerability/

Botnet Fodder: 10 Million Devices With Open Telnet Ports Still Available Online

A yearly scan of exposed ports has revealed that there are nearly 10 million devices with open Telnet ports connected to the Internet as we speak, opening themselves to brute-force attacks from IoT botnets, and MitM interception from local attackers. [...]

https://www.bleepingcomputer.com/news/security/botnet-fodder-10-million-devices-with-open-telnet-ports-still-available-online/

VirusTotal Is Getting a New UI

VirusTotal, the go-to source for most of today's infosec intelligence, will get a new user interface (UI) in the coming months. [...]

https://www.bleepingcomputer.com/news/security/virustotal-is-getting-a-new-ui/

CIA Created Toolkit for Hacking Hundreds of Routers Models

After a two-week hiatus, WikiLeaks dumped new files as part of the Vault 7 series that supposedly contains CIA-made hacking tools the organization claims it received from hackers and agency insiders. [...]

https://www.bleepingcomputer.com/news/security/cia-created-toolkit-for-hacking-hundreds-of-routers-models/

PayPal Phishing Site Asks Victims to Submit a Selfie Holding Their ID Card

A PayPal phishing campaign is luring victims to a hacked site where a clone of the PayPal login page is trying to trick users into giving away their PayPal credentials, payment card details, and ... a selfie of the user holding his ID card. [...]

https://www.bleepingcomputer.com/news/security/paypal-phishing-site-asks-victims-to-submit-a-selfie-holding-their-id-card/

British Hacker Used Home Internet Connection to Hack the DoD in 2014

http://www.nationalcrimeagency.gov.uk/news/1111-hacker-stole-satellite-data-from-us-department-of-defense [...]

https://www.bleepingcomputer.com/news/security/british-hacker-used-home-internet-connection-to-hack-the-dod-in-2014/

Author of Executioner Ransomware Bungles Encryption Routine

The author of a new ransomware strain named Executioner has bungled the tool's encryption routine, which means security researchers will be able to decrypt victims' files. The good news is that this ransomware is not the subject of a massive distribution campaign, so the number of affected victims is low if any even exist. [...]

https://www.bleepingcomputer.com/news/security/author-of-executioner-ransomware-bungles-encryption-routine/

Developer Creates Rootkit That Hides in PHP Server Modules

A Dutch web developer has created a rootkit that hides inside a PHP module and can be used to take over web servers via a rarely used attack vector: Apache modules. [...]

https://www.bleepingcomputer.com/news/security/developer-creates-rootkit-that-hides-in-php-server-modules/

Hacker "His Royal Gingerness" Jailed for Cyber-Attack on UK Hospital, Airport

Daniel Devereux, 30, a British man calling himself "His Royal Gingerness" has been sentenced to 32 weeks in prison for hacking the websites of the Norfolk and Norwich University Hospital, and the website of the Norwich International Airport. [...]

https://www.bleepingcomputer.com/news/security/hacker-his-royal-gingerness-jailed-for-cyber-attack-on-uk-hospital-airport/

FBI Arrests Vicious Criminal Who Uploaded "Deadpool" Movie on Facebook

The Department of Justice (DOJ) announced this week that the FBI had arrested a Fresno man for uploading a pirated copy of the Deadpool movie on Facebook. [...]

https://www.bleepingcomputer.com/news/technology/fbi-arrests-vicious-criminal-who-uploaded-deadpool-movie-on-facebook/