Former Major Player Neutrino Exploit Kit Has Gone Dark

The Neutrino exploit kit, a former leader of the exploit kit market, appears to have shut down, with the last activity recorded at the start of April, well over two months ago. [...]

https://www.bleepingcomputer.com/news/security/former-major-player-neutrino-exploit-kit-has-gone-dark/

Google Will Be Able to Backup Your Entire Computer

Google pre-announced today a new tool named "Backup and Sync," built on top of Google Drive, which will be able to back up files stored anywhere on the user's computer, not just in the Drive folder. The search giant says it will launch Backup and Sync in two weeks, on June 28. [...]

https://www.bleepingcomputer.com/news/google/google-will-be-able-to-backup-your-entire-computer/

Nearly One Million Systems Provide "Guest" SMB Access, Most Are Linux

There are 2,306,820 devices connected to the Internet at the moment that feature open ports for SMB services, the same protocol that was used to infect hundreds of thousands of computers with the WannaCry ransomworm a month ago. [...]

https://www.bleepingcomputer.com/news/security/nearly-one-million-systems-provide-guest-smb-access-most-are-linux/

UK University Blames Ransomware Infection on Zero-Day Vulnerability

University College London admitted in a status report published yesterday afternoon that it had succumbed to a ransomware infection that affected computers on its network. The infection appears to have taken place yesterday afternoon after an employee or student opened an email attachment. [...]

https://www.bleepingcomputer.com/news/security/uk-university-blames-ransomware-infection-on-zero-day-vulnerability/

Botnet Fodder: 10 Million Devices With Open Telnet Ports Still Available Online

A yearly scan of exposed ports has revealed that there are nearly 10 million devices with open Telnet ports connected to the Internet as we speak, opening themselves to brute-force attacks from IoT botnets, and MitM interception from local attackers. [...]

https://www.bleepingcomputer.com/news/security/botnet-fodder-10-million-devices-with-open-telnet-ports-still-available-online/

VirusTotal Is Getting a New UI

VirusTotal, the go-to source for most of today's infosec intelligence, will get a new user interface (UI) in the coming months. [...]

https://www.bleepingcomputer.com/news/security/virustotal-is-getting-a-new-ui/

CIA Created Toolkit for Hacking Hundreds of Routers Models

After a two-week hiatus, WikiLeaks dumped new files as part of the Vault 7 series that supposedly contains CIA-made hacking tools the organization claims it received from hackers and agency insiders. [...]

https://www.bleepingcomputer.com/news/security/cia-created-toolkit-for-hacking-hundreds-of-routers-models/

PayPal Phishing Site Asks Victims to Submit a Selfie Holding Their ID Card

A PayPal phishing campaign is luring victims to a hacked site where a clone of the PayPal login page is trying to trick users into giving away their PayPal credentials, payment card details, and ... a selfie of the user holding his ID card. [...]

https://www.bleepingcomputer.com/news/security/paypal-phishing-site-asks-victims-to-submit-a-selfie-holding-their-id-card/

British Hacker Used Home Internet Connection to Hack the DoD in 2014

http://www.nationalcrimeagency.gov.uk/news/1111-hacker-stole-satellite-data-from-us-department-of-defense [...]

https://www.bleepingcomputer.com/news/security/british-hacker-used-home-internet-connection-to-hack-the-dod-in-2014/

Author of Executioner Ransomware Bungles Encryption Routine

The author of a new ransomware strain named Executioner has bungled the tool's encryption routine, which means security researchers will be able to decrypt victims' files. The good news is that this ransomware is not the subject of a massive distribution campaign, so the number of affected victims is low if any even exist. [...]

https://www.bleepingcomputer.com/news/security/author-of-executioner-ransomware-bungles-encryption-routine/

Developer Creates Rootkit That Hides in PHP Server Modules

A Dutch web developer has created a rootkit that hides inside a PHP module and can be used to take over web servers via a rarely used attack vector: Apache modules. [...]

https://www.bleepingcomputer.com/news/security/developer-creates-rootkit-that-hides-in-php-server-modules/

Hacker "His Royal Gingerness" Jailed for Cyber-Attack on UK Hospital, Airport

Daniel Devereux, 30, a British man calling himself "His Royal Gingerness" has been sentenced to 32 weeks in prison for hacking the websites of the Norfolk and Norwich University Hospital, and the website of the Norwich International Airport. [...]

https://www.bleepingcomputer.com/news/security/hacker-his-royal-gingerness-jailed-for-cyber-attack-on-uk-hospital-airport/

FBI Arrests Vicious Criminal Who Uploaded "Deadpool" Movie on Facebook

The Department of Justice (DOJ) announced this week that the FBI had arrested a Fresno man for uploading a pirated copy of the Deadpool movie on Facebook. [...]

https://www.bleepingcomputer.com/news/technology/fbi-arrests-vicious-criminal-who-uploaded-deadpool-movie-on-facebook/

The Week in Ransomware - June 16th 2017 - Jaff Decrypted & Mostly Crapware

For the most part, mostly in-development ransomware released this week. No really major ransomware variants released that are much of a threat.  The big news, though, is that Kaspersky was able to figure out how to crack the decryption for the Jaff Ransomware and release a free decryptor. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-16th-2017-jaff-decrypted-and-mostly-crapware/

The Nigerian Spammers From the 90s Have Moved on to Keyloggers and RATs

Each day, countless of security researchers are fighting the good fight in an effort to help companies remove malware from infected computers and servers. [...]

https://www.bleepingcomputer.com/news/security/the-nigerian-spammers-from-the-90s-have-moved-on-to-keyloggers-and-rats/

New Phishing Tactic Targeting Facebook Users Relies on Padding URLs with Hyphens

Security researchers from PhishLabs have come across a new phishing trend that's targeting mobile device owners exclusively, with "the highest proportion of attacks" aimed at Facebook users. [...]

https://www.bleepingcomputer.com/news/security/new-phishing-tactic-targeting-facebook-users-relies-on-padding-urls-with-hyphens/

You Can Blame This Guy for the Recent Surge in Android Malware on the Play Store

A recent surge in Android banking malware can be traced back to December 2016, when a malware coder under the name of Maza-in uploaded a tutorial on how to build Android malware on an underground hacking forum named Exploit.in. [...]

https://www.bleepingcomputer.com/news/security/you-can-blame-this-guy-for-the-recent-surge-in-android-malware-on-the-play-store/

New Vulnerability Could Give Mirai the Ability to Survive Device Reboots

Security researchers from Pen Test Partners have discovered a new vulnerability that could allow the Mirai IoT worm to survive between device reboots, allowing the creation of a permanent IoT botnet. [...]

https://www.bleepingcomputer.com/news/security/new-vulnerability-could-give-mirai-the-ability-to-survive-device-reboots/

Rhode Island Schools Can Access Student School Laptops Without Reason or Notification

Low-income families from Rhode Island are giving up their privacy for the sake of receiving a school-issued laptop to aid children in their studies, according to a report released by the American Civil Liberties Union (ACLU) last week. [...]

https://www.bleepingcomputer.com/news/government/rhode-island-schools-can-access-student-school-laptops-without-reason-or-notification/

15% of All IoT Device Owners Don't Change Default Passwords

Simple statistics can tell you a lot about the state of security in a market niche. For example, if we'd said that just five passwords would grant you access to 10% of all the IoT devices available online, you'd be right to feel concerned. [...]

https://www.bleepingcomputer.com/news/security/15-percent-of-all-iot-device-owners-dont-change-default-passwords/