UK Govt Wants Encryption Backdoors but Can't Even Protect Its Email Servers From a Brute-Force Attack

A "determined" attacker has breached the email system of the UK Parliament over the weekend, according to a statement put out by the UK government on Sunday afternoon. [...]

https://www.bleepingcomputer.com/news/security/uk-govt-wants-encryption-backdoors-but-cant-even-protect-its-email-servers-from-a-brute-force-attack/

Chrome Beats Edge in Independent Battery Life Test Despite Microsoft's Claims

A YouTuber has taken it into his hands to resolve the silent war over battery life benchmarks currently raging between Microsoft, Google, and Opera. [...]

https://www.bleepingcomputer.com/news/technology/chrome-beats-edge-in-independent-battery-life-test-despite-microsofts-claims/

$1 Million Ransomware Payment Has Spurred New DDoS-for-Bitcoin Attacks

The $1 million ransom payment paid last week by South Korean web hosting company Nayana has sparked new extortion attempts on South Korean companies. [...]

https://www.bleepingcomputer.com/news/security/-1-million-ransomware-payment-has-spurred-new-ddos-for-bitcoin-attacks/

New Shifr RaaS Lets Any Dummy Enter the Ransomware Business

Several security researchers have spotted a new Ransomware-as-a-Service (RaaS) portal over the weekend that lets anyone generate their own ransomware executable just by filling in three form fields and pressing a button. [...]

https://www.bleepingcomputer.com/news/security/new-shifr-raas-lets-any-dummy-enter-the-ransomware-business/

No Windows Fix Just yet for the Intel Bug That Crashes CPUs

Some Intel CPU models are affected by a bug that crashes computers when a certain sequence of operations are being processed. [...]

https://www.bleepingcomputer.com/news/hardware/no-windows-fix-just-yet-for-the-intel-bug-that-crashes-cpus/

Microsoft Quietly Kills Another Gaping Hole in Windows Defender

On Friday, Microsoft rolled out an out-of-band security update that patched a major security flaw in the Microsoft Malware Protection Engine (MsMpEng), a core security service part of the Microsoft ecosystem. [...]

https://www.bleepingcomputer.com/news/security/microsoft-quietly-kills-another-gaping-hole-in-windows-defender/

52% of All JavaScript npm Packages Could Have Been Hacked via Weak Credentials

Tens of thousands of developers using weak credentials to secure their npm accounts inadvertently put more than half of the npm packages (JavaScript libraries and tools) at risk of getting hijacked and used to deploy malicious code to legitimate applications that use them in their build process. [...]

https://www.bleepingcomputer.com/news/security/52-percent-of-all-javascript-npm-packages-could-have-been-hacked-via-weak-credentials/

There are early signs of a new ransomware outbreak, currently affecting a large number of countries across the globe, such as the UK, Ukraine, India, the Netherlands, Spain, Denmark, and others. [...]

https://www.bleepingcomputer.com/news/security/wannacry-d-j-vu-petya-ransomware-outbreak-wreaking-havoc-across-the-globe/

Email Provider Shuts Down Petya Inbox Preventing Victims From Recovering Files

Posteo, the email provider where the Petya author is hosting an inbox to handle victims from today's massive ransomware outbreak, has announced that it shut down the crook's email account: wowsmith123456@posteo.net. [...]

https://www.bleepingcomputer.com/news/security/email-provider-shuts-down-petya-inbox-preventing-victims-from-recovering-files/

Petya Ransomware Outbreak Originated in Ukraine via Tainted Accounting Software

Today's massive ransomware outbreak was caused by a malicious software update for M.E.Doc, a popular accounting software used by Ukrainian companies. [...]

https://www.bleepingcomputer.com/news/security/petya-ransomware-outbreak-originated-in-ukraine-via-tainted-accounting-software/

Vaccine, not Killswitch, Found for Petya (NotPetya) Ransomware Outbreak

Cybereason security researcher Amit Serper has found a way to prevent the Petya (NotPetya) ransomware from infecting computers. [...]

https://www.bleepingcomputer.com/news/security/vaccine-not-killswitch-found-for-petya-notpetya-ransomware-outbreak/

Google Fined $2.7 Billion for Tweaking Search Results

The European Commission has hit Google with a record fine of €2.42 billion ($2.72 billion) for abusing its dominant market position and tweaking search results to favor its Google Shopping service to the detriment of its direct competitors. [...]

https://www.bleepingcomputer.com/news/google/google-fined-2-7-billion-for-tweaking-search-results/

Before NotPetya, There Was Another Ransomware That Targeted Ukraine Last Week

Last week, long before the Petya / NotPetya ransomware broke out, there was another ransomware campaign that targeted Ukrainian users with a vengeance. [...]

https://www.bleepingcomputer.com/news/security/before-notpetya-there-was-another-ransomware-that-targeted-ukraine-last-week/

Vault 7: CIA Malware for Tracking Windows Devices via WiFi Networks

Today, WikiLeaks has published the documentation manual for an alleged CIA tool that can track users of WiFi-capable Windows devices based on the ESS (Extended Service Set) data of nearby WiFi networks. [...]

https://www.bleepingcomputer.com/news/security/vault-7-cia-malware-for-tracking-windows-devices-via-wifi-networks/

Shadow Brokers Threaten to Expose Identity of Former NSA Hacker

The Shadow Brokers have published a new message today, gloating about the damage caused by the NotPetya ransomware, and threatening to expose the real-life identity of an alleged NSA employee, who they say has been mocking the group on Twitter. [...]

https://www.bleepingcomputer.com/news/security/shadow-brokers-threaten-to-expose-identity-of-former-nsa-hacker/

Microsoft Will Embed EMET Into Windows 10 Starting This Fall

After previously stating it was dropping support for EMET in July 2018, Microsoft announced yesterday plans to embed its vaunted EMET security toolkit in the Windows 10 kernel during the operating system's major update, scheduled for October-November 2017. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-will-embed-emet-into-windows-10-starting-this-fall/

Surprise! NotPetya Is a Cyber-Weapon. It's Not Ransomware

The NotPetya ransomware that encrypted and locked thousands of computers across the globe yesterday and today is, in reality, a disk wiper meant to sabotage and destroy computers, and not ransomware. This is the conclusion of two separate reports coming from Comae Technologies and Kaspersky Lab experts. [...]

https://www.bleepingcomputer.com/news/security/surprise-notpetya-is-a-cyber-weapon-its-not-ransomware/

Senate Gets Ready to Ban Kaspersky Products as FBI Interviews Company's US Employees

A draft of the "National Defense Authorization Act for Fiscal Year 2018" — which approves the budget and policies for US defensive projects — outlines a ban on the usage of Kaspersky Lab software products at DOD facilities under the explanation that the Russian antivirus vendor "might be vulnerable to Russian government influence." [...]

https://www.bleepingcomputer.com/news/government/senate-gets-ready-to-ban-kaspersky-products-as-fbi-interviews-companys-us-employees/

Microsoft-Led Investigation Results in Arrest of Four Tech Support Scammers

City of London Police announced they arrested four suspects, two men, and two women, on accusations of running tech support scams. [...]

https://www.bleepingcomputer.com/news/security/microsoft-led-investigation-results-in-arrest-of-four-tech-support-scammers/

Systemd Bug Lets Attackers Hack Linux Boxes via Malicious DNS Packets

A bug in systemd — an init system used in many Linux distributions to start and manage processes — allows an attacker to crash or take over machines via malicious DNS packets. [...]

https://www.bleepingcomputer.com/news/security/systemd-bug-lets-attackers-hack-linux-boxes-via-malicious-dns-packets/