CIA Created Toolkit for Hacking Hundreds of Routers Models
After a two-week hiatus, WikiLeaks dumped new files as part of the Vault 7 series that supposedly contains CIA-made hacking tools the organization claims it received from hackers and agency insiders. [...]
https://www.bleepingcomputer.com/news/security/cia-created-toolkit-for-hacking-hundreds-of-routers-models/
After a two-week hiatus, WikiLeaks dumped new files as part of the Vault 7 series that supposedly contains CIA-made hacking tools the organization claims it received from hackers and agency insiders. [...]
https://www.bleepingcomputer.com/news/security/cia-created-toolkit-for-hacking-hundreds-of-routers-models/
BleepingComputer
CIA Created Toolkit for Hacking Hundreds of Routers Models
After a two-week hiatus, WikiLeaks dumped new files as part of the Vault 7 series that supposedly contains CIA-made hacking tools the organization claims it received from hackers and agency insiders.
PayPal Phishing Site Asks Victims to Submit a Selfie Holding Their ID Card
A PayPal phishing campaign is luring victims to a hacked site where a clone of the PayPal login page is trying to trick users into giving away their PayPal credentials, payment card details, and ... a selfie of the user holding his ID card. [...]
https://www.bleepingcomputer.com/news/security/paypal-phishing-site-asks-victims-to-submit-a-selfie-holding-their-id-card/
A PayPal phishing campaign is luring victims to a hacked site where a clone of the PayPal login page is trying to trick users into giving away their PayPal credentials, payment card details, and ... a selfie of the user holding his ID card. [...]
https://www.bleepingcomputer.com/news/security/paypal-phishing-site-asks-victims-to-submit-a-selfie-holding-their-id-card/
BleepingComputer
PayPal Phishing Site Asks Victims to Submit a Selfie Holding Their ID Card
A PayPal phishing campaign is luring victims to a hacked site where a clone of the PayPal login page is trying to trick users into giving away their PayPal credentials, payment card details, and ... a selfie of the user holding his ID card.
British Hacker Used Home Internet Connection to Hack the DoD in 2014
http://www.nationalcrimeagency.gov.uk/news/1111-hacker-stole-satellite-data-from-us-department-of-defense [...]
https://www.bleepingcomputer.com/news/security/british-hacker-used-home-internet-connection-to-hack-the-dod-in-2014/
http://www.nationalcrimeagency.gov.uk/news/1111-hacker-stole-satellite-data-from-us-department-of-defense [...]
https://www.bleepingcomputer.com/news/security/british-hacker-used-home-internet-connection-to-hack-the-dod-in-2014/
www.nationalcrimeagency.gov.uk
National Crime Agency - Hacker sentenced for US Department of Defense data theft
The NCA's mission is to lead the UK's fight to cut serious and organised crime.
Author of Executioner Ransomware Bungles Encryption Routine
The author of a new ransomware strain named Executioner has bungled the tool's encryption routine, which means security researchers will be able to decrypt victims' files. The good news is that this ransomware is not the subject of a massive distribution campaign, so the number of affected victims is low if any even exist. [...]
https://www.bleepingcomputer.com/news/security/author-of-executioner-ransomware-bungles-encryption-routine/
The author of a new ransomware strain named Executioner has bungled the tool's encryption routine, which means security researchers will be able to decrypt victims' files. The good news is that this ransomware is not the subject of a massive distribution campaign, so the number of affected victims is low if any even exist. [...]
https://www.bleepingcomputer.com/news/security/author-of-executioner-ransomware-bungles-encryption-routine/
BleepingComputer
Author of Executioner Ransomware Bungles Encryption Routine
The author of a new ransomware strain named Executioner has bungled the tool's encryption routine, which means security researchers will be able to decrypt victims' files. The good news is that this ransomware is not the subject of a massive distributionβ¦
Developer Creates Rootkit That Hides in PHP Server Modules
A Dutch web developer has created a rootkit that hides inside a PHP module and can be used to take over web servers via a rarely used attack vector: Apache modules. [...]
https://www.bleepingcomputer.com/news/security/developer-creates-rootkit-that-hides-in-php-server-modules/
A Dutch web developer has created a rootkit that hides inside a PHP module and can be used to take over web servers via a rarely used attack vector: Apache modules. [...]
https://www.bleepingcomputer.com/news/security/developer-creates-rootkit-that-hides-in-php-server-modules/
BleepingComputer
Developer Creates Rootkit That Hides in PHP Server Modules
A Dutch web developer has created a rootkit that hides inside a PHP module and can be used to take over web servers via a rarely used attack vector: Apache modules.
Hacker "His Royal Gingerness" Jailed for Cyber-Attack on UK Hospital, Airport
Daniel Devereux, 30, a British man calling himself "His Royal Gingerness" has been sentenced to 32 weeks in prison for hacking the websites of the Norfolk and Norwich University Hospital, and the website of the Norwich International Airport. [...]
https://www.bleepingcomputer.com/news/security/hacker-his-royal-gingerness-jailed-for-cyber-attack-on-uk-hospital-airport/
Daniel Devereux, 30, a British man calling himself "His Royal Gingerness" has been sentenced to 32 weeks in prison for hacking the websites of the Norfolk and Norwich University Hospital, and the website of the Norwich International Airport. [...]
https://www.bleepingcomputer.com/news/security/hacker-his-royal-gingerness-jailed-for-cyber-attack-on-uk-hospital-airport/
BleepingComputer
Hacker "His Royal Gingerness" Jailed for Cyber-Attack on UK Hospital, Airport
Daniel Devereux, 30, a British man calling himself "His Royal Gingerness" has been sentenced to 32 weeks in prison for hacking the websites of the Norfolk and Norwich University Hospital, and the website of the Norwich International Airport.
FBI Arrests Vicious Criminal Who Uploaded "Deadpool" Movie on Facebook
The Department of Justice (DOJ) announced this week that the FBI had arrested a Fresno man for uploading a pirated copy of the Deadpool movie on Facebook. [...]
https://www.bleepingcomputer.com/news/technology/fbi-arrests-vicious-criminal-who-uploaded-deadpool-movie-on-facebook/
The Department of Justice (DOJ) announced this week that the FBI had arrested a Fresno man for uploading a pirated copy of the Deadpool movie on Facebook. [...]
https://www.bleepingcomputer.com/news/technology/fbi-arrests-vicious-criminal-who-uploaded-deadpool-movie-on-facebook/
BleepingComputer
FBI Arrests Vicious Criminal Who Uploaded "Deadpool" Movie on Facebook
The Department of Justice (DOJ) announced this week that the FBI had arrested a Fresno man for uploading a pirated copy of the Deadpool movie on Facebook.
The Week in Ransomware - June 16th 2017 - Jaff Decrypted & Mostly Crapware
For the most part, mostly in-development ransomware released this week. No really major ransomware variants released that are much of a threat. The big news, though, is that Kaspersky was able to figure out how to crack the decryption for the Jaff Ransomware and release a free decryptor. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-16th-2017-jaff-decrypted-and-mostly-crapware/
For the most part, mostly in-development ransomware released this week. No really major ransomware variants released that are much of a threat. The big news, though, is that Kaspersky was able to figure out how to crack the decryption for the Jaff Ransomware and release a free decryptor. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-16th-2017-jaff-decrypted-and-mostly-crapware/
BleepingComputer
The Week in Ransomware - June 16th 2017 - Jaff Decrypted & Mostly Crapware
For the most part, mostly in-development ransomware released this week. No really major ransomware variants released that are much of a threat. The big news, though, is that Kaspersky was able to figure out how to crack the decryption for the Jaff Ransomwareβ¦
The Nigerian Spammers From the 90s Have Moved on to Keyloggers and RATs
Each day, countless of security researchers are fighting the good fight in an effort to help companies remove malware from infected computers and servers. [...]
https://www.bleepingcomputer.com/news/security/the-nigerian-spammers-from-the-90s-have-moved-on-to-keyloggers-and-rats/
Each day, countless of security researchers are fighting the good fight in an effort to help companies remove malware from infected computers and servers. [...]
https://www.bleepingcomputer.com/news/security/the-nigerian-spammers-from-the-90s-have-moved-on-to-keyloggers-and-rats/
BleepingComputer
The Nigerian Spammers From the 90s Have Moved on to Keyloggers and RATs
Each day, countless of security researchers are fighting the good fight in an effort to help companies remove malware from infected computers and servers.
New Phishing Tactic Targeting Facebook Users Relies on Padding URLs with Hyphens
Security researchers from PhishLabs have come across a new phishing trend that's targeting mobile device owners exclusively, with "the highest proportion of attacks" aimed at Facebook users. [...]
https://www.bleepingcomputer.com/news/security/new-phishing-tactic-targeting-facebook-users-relies-on-padding-urls-with-hyphens/
Security researchers from PhishLabs have come across a new phishing trend that's targeting mobile device owners exclusively, with "the highest proportion of attacks" aimed at Facebook users. [...]
https://www.bleepingcomputer.com/news/security/new-phishing-tactic-targeting-facebook-users-relies-on-padding-urls-with-hyphens/
BleepingComputer
New Phishing Tactic Targeting Facebook Users Relies on Padding URLs with Hyphens
Security researchers from PhishLabs have come across a new phishing trend that's targeting mobile device owners exclusively, with "the highest proportion of attacks" aimed at Facebook users.
You Can Blame This Guy for the Recent Surge in Android Malware on the Play Store
A recent surge in Android banking malware can be traced back to December 2016, when a malware coder under the name of Maza-in uploaded a tutorial on how to build Android malware on an underground hacking forum named Exploit.in. [...]
https://www.bleepingcomputer.com/news/security/you-can-blame-this-guy-for-the-recent-surge-in-android-malware-on-the-play-store/
A recent surge in Android banking malware can be traced back to December 2016, when a malware coder under the name of Maza-in uploaded a tutorial on how to build Android malware on an underground hacking forum named Exploit.in. [...]
https://www.bleepingcomputer.com/news/security/you-can-blame-this-guy-for-the-recent-surge-in-android-malware-on-the-play-store/
BleepingComputer
You Can Blame This Guy for the Recent Surge in Android Malware on the Play Store
A recent surge in Android banking malware can be traced back to December 2016, when a malware coder under the name of Maza-in uploaded a tutorial on how to build Android malware on an underground hacking forum named Exploit.in.
New Vulnerability Could Give Mirai the Ability to Survive Device Reboots
Security researchers from Pen Test Partners have discovered a new vulnerability that could allow the Mirai IoT worm to survive between device reboots, allowing the creation of a permanent IoT botnet. [...]
https://www.bleepingcomputer.com/news/security/new-vulnerability-could-give-mirai-the-ability-to-survive-device-reboots/
Security researchers from Pen Test Partners have discovered a new vulnerability that could allow the Mirai IoT worm to survive between device reboots, allowing the creation of a permanent IoT botnet. [...]
https://www.bleepingcomputer.com/news/security/new-vulnerability-could-give-mirai-the-ability-to-survive-device-reboots/
BleepingComputer
New Vulnerability Could Give Mirai the Ability to Survive Device Reboots
Security researchers from Pen Test Partners have discovered a new vulnerability that could allow the Mirai IoT worm to survive between device reboots, allowing the creation of a permanent IoT botnet.
Rhode Island Schools Can Access Student School Laptops Without Reason or Notification
Low-income families from Rhode Island are giving up their privacy for the sake of receiving a school-issued laptop to aid children in their studies, according to a report released by the American Civil Liberties Union (ACLU) last week. [...]
https://www.bleepingcomputer.com/news/government/rhode-island-schools-can-access-student-school-laptops-without-reason-or-notification/
Low-income families from Rhode Island are giving up their privacy for the sake of receiving a school-issued laptop to aid children in their studies, according to a report released by the American Civil Liberties Union (ACLU) last week. [...]
https://www.bleepingcomputer.com/news/government/rhode-island-schools-can-access-student-school-laptops-without-reason-or-notification/
BleepingComputer
Rhode Island Schools Can Access Student School Laptops Without Reason or Notification
15% of All IoT Device Owners Don't Change Default Passwords
Simple statistics can tell you a lot about the state of security in a market niche. For example, if we'd said that just five passwords would grant you access to 10% of all the IoT devices available online, you'd be right to feel concerned. [...]
https://www.bleepingcomputer.com/news/security/15-percent-of-all-iot-device-owners-dont-change-default-passwords/
Simple statistics can tell you a lot about the state of security in a market niche. For example, if we'd said that just five passwords would grant you access to 10% of all the IoT devices available online, you'd be right to feel concerned. [...]
https://www.bleepingcomputer.com/news/security/15-percent-of-all-iot-device-owners-dont-change-default-passwords/
BleepingComputer
15% of All IoT Device Owners Don't Change Default Passwords
Simple statistics can tell you a lot about the state of security in a market niche. For example, if we'd said that just five passwords would grant you access to 10% of all the IoT devices available online, you'd be right to feel concerned.
Stack Clash Vulnerability Grants Root Access on Linux and Other UNIX OSes
A vulnerability nicknamed "Stack Clash" allows an attacker to gain root privileges on a UNIX system and take over vulnerable machines. [...]
https://www.bleepingcomputer.com/news/security/stack-clash-vulnerability-grants-root-access-on-linux-and-other-unix-oses/
A vulnerability nicknamed "Stack Clash" allows an attacker to gain root privileges on a UNIX system and take over vulnerable machines. [...]
https://www.bleepingcomputer.com/news/security/stack-clash-vulnerability-grants-root-access-on-linux-and-other-unix-oses/
BleepingComputer
Stack Clash Vulnerability Grants Root Access on Linux and Other UNIX OSes
A vulnerability nicknamed "Stack Clash" allows an attacker to gain root privileges on a UNIX system and take over vulnerable machines.
Unprotected Database Exposes Details of 198 Million US Voters
An Amazon S3 bucket containing the personal details of over 198 million Americans was left exposed online with no protection, according to UpGuard, a cyber-security whose researchers came across the database last week. [...]
https://www.bleepingcomputer.com/news/government/unprotected-database-exposes-details-of-198-million-us-voters/
An Amazon S3 bucket containing the personal details of over 198 million Americans was left exposed online with no protection, according to UpGuard, a cyber-security whose researchers came across the database last week. [...]
https://www.bleepingcomputer.com/news/government/unprotected-database-exposes-details-of-198-million-us-voters/
BleepingComputer
Unprotected Database Exposes Details of 198 Million US Voters
An Amazon S3 bucket containing the personal details of over 198 million Americans was left exposed online with no protection, according to UpGuard, a cyber-security whose researchers came across the database last week.
South Korean Web Hosting Provider Pays $1 Million in Ransomware Demand
Nayana, a web hosting provider based in South Korea, announced it is in the process of paying a three-tier ransom demand of nearly $1 million worth of Bitcoin, following a ransomware infection that encrypted data on customer' servers. [...]
https://www.bleepingcomputer.com/news/security/south-korean-web-hosting-provider-pays-1-million-in-ransomware-demand/
Nayana, a web hosting provider based in South Korea, announced it is in the process of paying a three-tier ransom demand of nearly $1 million worth of Bitcoin, following a ransomware infection that encrypted data on customer' servers. [...]
https://www.bleepingcomputer.com/news/security/south-korean-web-hosting-provider-pays-1-million-in-ransomware-demand/
BleepingComputer
South Korean Web Hosting Provider Pays $1 Million in Ransomware Demand
Nayana, a web hosting provider based in South Korea, announced it is in the process of paying a three-tier ransom demand of nearly $1 million worth of Bitcoin, following a ransomware infection that encrypted data on customer' servers.
McAfee Releases Free Tool That Removes Pinkslipbot Leftovers That Use Your PC as Proxy
Last week, McAfee released a tool named AmIPinkC2, a Windows command-line application that removes remnant files of Pinkslipbot infections that allow the malware to continue to use previously infected computers as proxy relays, even if the original malware's binary has been cleaned and removed from infected hosts. [...]
https://www.bleepingcomputer.com/news/security/mcafee-releases-free-tool-that-removes-pinkslipbot-leftovers-that-use-your-pc-as-proxy/
Last week, McAfee released a tool named AmIPinkC2, a Windows command-line application that removes remnant files of Pinkslipbot infections that allow the malware to continue to use previously infected computers as proxy relays, even if the original malware's binary has been cleaned and removed from infected hosts. [...]
https://www.bleepingcomputer.com/news/security/mcafee-releases-free-tool-that-removes-pinkslipbot-leftovers-that-use-your-pc-as-proxy/
BleepingComputer
McAfee Releases Free Tool That Removes Pinkslipbot Leftovers That Use Your PC as Proxy
Last week, McAfee released a tool named AmIPinkC2, a Windows command-line application that removes remnant files of Pinkslipbot infections that allow the malware to continue to use previously infected computers as proxy relays, even if the original malware'sβ¦
TrickBot Activity Ramps up, Now Targeting CRMs and PayPal Users
Several security researchers have spotted an increase in malware campaigns distributing the TrickBot banking trojan, going after a host of targets ranging from regular e-banking applications to PayPal accounts and business CRMs. [...]
https://www.bleepingcomputer.com/news/security/trickbot-activity-ramps-up-now-targeting-crms-and-paypal-users/
Several security researchers have spotted an increase in malware campaigns distributing the TrickBot banking trojan, going after a host of targets ranging from regular e-banking applications to PayPal accounts and business CRMs. [...]
https://www.bleepingcomputer.com/news/security/trickbot-activity-ramps-up-now-targeting-crms-and-paypal-users/
BleepingComputer
TrickBot Activity Ramps up, Now Targeting CRMs and PayPal Users
Several security researchers have spotted an increase in malware campaigns distributing the TrickBot banking trojan, going after a host of targets ranging from regular e-banking applications to PayPal accounts and business CRMs.
Britain's Internet regulator, the Information Commissioner's Office (ICO), has fined the city council of Gloucester with Β£100,000 ($125,000) after local authorities failed to apply a security update for almost three months. [...]
https://www.bleepingcomputer.com/news/security/uk-city-council-slapped-with-100k-fine-after-failure-to-update-server-leads-to-hack/
https://www.bleepingcomputer.com/news/security/uk-city-council-slapped-with-100k-fine-after-failure-to-update-server-leads-to-hack/
BleepingComputer
UK City Council Slapped with Β£100k Fine After Failure to Update Server Leads to Hack
Britain's Internet regulator, the Information Commissioner's Office (ICO), has fined the city council of Gloucester with Β£100,000 ($125,000) after local authorities failed to apply a security update for almost three months.