Microsoft Quietly Kills Another Gaping Hole in Windows Defender
On Friday, Microsoft rolled out an out-of-band security update that patched a major security flaw in the Microsoft Malware Protection Engine (MsMpEng), a core security service part of the Microsoft ecosystem. [...]
https://www.bleepingcomputer.com/news/security/microsoft-quietly-kills-another-gaping-hole-in-windows-defender/
On Friday, Microsoft rolled out an out-of-band security update that patched a major security flaw in the Microsoft Malware Protection Engine (MsMpEng), a core security service part of the Microsoft ecosystem. [...]
https://www.bleepingcomputer.com/news/security/microsoft-quietly-kills-another-gaping-hole-in-windows-defender/
BleepingComputer
Microsoft Quietly Kills Another Gaping Hole in Windows Defender
On Friday, Microsoft rolled out an out-of-band security update that patched a major security flaw in the Microsoft Malware Protection Engine (MsMpEng), a core security service part of the Microsoft ecosystem.
52% of All JavaScript npm Packages Could Have Been Hacked via Weak Credentials
Tens of thousands of developers using weak credentials to secure their npm accounts inadvertently put more than half of the npm packages (JavaScript libraries and tools) at risk of getting hijacked and used to deploy malicious code to legitimate applications that use them in their build process. [...]
https://www.bleepingcomputer.com/news/security/52-percent-of-all-javascript-npm-packages-could-have-been-hacked-via-weak-credentials/
Tens of thousands of developers using weak credentials to secure their npm accounts inadvertently put more than half of the npm packages (JavaScript libraries and tools) at risk of getting hijacked and used to deploy malicious code to legitimate applications that use them in their build process. [...]
https://www.bleepingcomputer.com/news/security/52-percent-of-all-javascript-npm-packages-could-have-been-hacked-via-weak-credentials/
BleepingComputer
52% of All JavaScript npm Packages Could Have Been Hacked via Weak Credentials
Tens of thousands of developers using weak credentials to secure their npm accounts inadvertently put more than half of the npm packages (JavaScript libraries and tools) at risk of getting hijacked and used to deploy malicious code to legitimate applicationsβ¦
There are early signs of a new ransomware outbreak, currently affecting a large number of countries across the globe, such as the UK, Ukraine, India, the Netherlands, Spain, Denmark, and others. [...]
https://www.bleepingcomputer.com/news/security/wannacry-d-j-vu-petya-ransomware-outbreak-wreaking-havoc-across-the-globe/
https://www.bleepingcomputer.com/news/security/wannacry-d-j-vu-petya-ransomware-outbreak-wreaking-havoc-across-the-globe/
BleepingComputer
WannaCry DΓ©jΓ Vu: Petya Ransomware Outbreak Wreaking Havoc Across the Globe
There are early signs of a new ransomware outbreak, currently affecting a large number of countries across the globe, such as the UK, Ukraine, India, the Netherlands, Spain, Denmark, and others.
Email Provider Shuts Down Petya Inbox Preventing Victims From Recovering Files
Posteo, the email provider where the Petya author is hosting an inbox to handle victims from today's massive ransomware outbreak, has announced that it shut down the crook's email account: wowsmith123456@posteo.net. [...]
https://www.bleepingcomputer.com/news/security/email-provider-shuts-down-petya-inbox-preventing-victims-from-recovering-files/
Posteo, the email provider where the Petya author is hosting an inbox to handle victims from today's massive ransomware outbreak, has announced that it shut down the crook's email account: wowsmith123456@posteo.net. [...]
https://www.bleepingcomputer.com/news/security/email-provider-shuts-down-petya-inbox-preventing-victims-from-recovering-files/
BleepingComputer
Email Provider Shuts Down Petya Inbox Preventing Victims From Recovering Files
Posteo, the email provider where the Petya author is hosting an inbox to handle victims from today's massive ransomware outbreak, has announced that it shut down the crook's email account: wowsmith123456@posteo.net.
Petya Ransomware Outbreak Originated in Ukraine via Tainted Accounting Software
Today's massive ransomware outbreak was caused by a malicious software update for M.E.Doc, a popular accounting software used by Ukrainian companies. [...]
https://www.bleepingcomputer.com/news/security/petya-ransomware-outbreak-originated-in-ukraine-via-tainted-accounting-software/
Today's massive ransomware outbreak was caused by a malicious software update for M.E.Doc, a popular accounting software used by Ukrainian companies. [...]
https://www.bleepingcomputer.com/news/security/petya-ransomware-outbreak-originated-in-ukraine-via-tainted-accounting-software/
BleepingComputer
Petya Ransomware Outbreak Originated in Ukraine via Tainted Accounting Software
Today's massive ransomware outbreak was caused by a malicious software update for M.E.Doc, a popular accounting software used by Ukrainian companies.
Vaccine, not Killswitch, Found for Petya (NotPetya) Ransomware Outbreak
Cybereason security researcher Amit Serper has found a way to prevent the Petya (NotPetya) ransomware from infecting computers. [...]
https://www.bleepingcomputer.com/news/security/vaccine-not-killswitch-found-for-petya-notpetya-ransomware-outbreak/
Cybereason security researcher Amit Serper has found a way to prevent the Petya (NotPetya) ransomware from infecting computers. [...]
https://www.bleepingcomputer.com/news/security/vaccine-not-killswitch-found-for-petya-notpetya-ransomware-outbreak/
BleepingComputer
Vaccine, not Killswitch, Found for Petya (NotPetya) Ransomware Outbreak
Cybereason security researcher Amit Serper has found a way to prevent the Petya (NotPetya) ransomware from infecting computers.
Google Fined $2.7 Billion for Tweaking Search Results
The European Commission has hit Google with a record fine of β¬2.42 billion ($2.72 billion) for abusing its dominant market position and tweaking search results to favor its Google Shopping service to the detriment of its direct competitors. [...]
https://www.bleepingcomputer.com/news/google/google-fined-2-7-billion-for-tweaking-search-results/
The European Commission has hit Google with a record fine of β¬2.42 billion ($2.72 billion) for abusing its dominant market position and tweaking search results to favor its Google Shopping service to the detriment of its direct competitors. [...]
https://www.bleepingcomputer.com/news/google/google-fined-2-7-billion-for-tweaking-search-results/
BleepingComputer
Google Fined $2.7 Billion for Tweaking Search Results
The European Commission has hit Google with a record fine of β¬2.42 billion ($2.72 billion) for abusing its dominant market position and tweaking search results to favor its Google Shopping service to the detriment of its direct competitors.
Before NotPetya, There Was Another Ransomware That Targeted Ukraine Last Week
Last week, long before the Petya / NotPetya ransomware broke out, there was another ransomware campaign that targeted Ukrainian users with a vengeance. [...]
https://www.bleepingcomputer.com/news/security/before-notpetya-there-was-another-ransomware-that-targeted-ukraine-last-week/
Last week, long before the Petya / NotPetya ransomware broke out, there was another ransomware campaign that targeted Ukrainian users with a vengeance. [...]
https://www.bleepingcomputer.com/news/security/before-notpetya-there-was-another-ransomware-that-targeted-ukraine-last-week/
BleepingComputer
Before NotPetya, There Was Another Ransomware That Targeted Ukraine Last Week
Last week, long before the Petya / NotPetya ransomware broke out, there was another ransomware campaign that targeted Ukrainian users with a vengeance.
Vault 7: CIA Malware for Tracking Windows Devices via WiFi Networks
Today, WikiLeaks has published the documentation manual for an alleged CIA tool that can track users of WiFi-capable Windows devices based on the ESS (Extended Service Set) data of nearby WiFi networks. [...]
https://www.bleepingcomputer.com/news/security/vault-7-cia-malware-for-tracking-windows-devices-via-wifi-networks/
Today, WikiLeaks has published the documentation manual for an alleged CIA tool that can track users of WiFi-capable Windows devices based on the ESS (Extended Service Set) data of nearby WiFi networks. [...]
https://www.bleepingcomputer.com/news/security/vault-7-cia-malware-for-tracking-windows-devices-via-wifi-networks/
BleepingComputer
Vault 7: CIA Malware for Tracking Windows Devices via WiFi Networks
Today, WikiLeaks has published the documentation manual for an alleged CIA tool that can track users of WiFi-capable Windows devices based on the ESS (Extended Service Set) data of nearby WiFi networks.
Shadow Brokers Threaten to Expose Identity of Former NSA Hacker
The Shadow Brokers have published a new message today, gloating about the damage caused by the NotPetya ransomware, and threatening to expose the real-life identity of an alleged NSA employee, who they say has been mocking the group on Twitter. [...]
https://www.bleepingcomputer.com/news/security/shadow-brokers-threaten-to-expose-identity-of-former-nsa-hacker/
The Shadow Brokers have published a new message today, gloating about the damage caused by the NotPetya ransomware, and threatening to expose the real-life identity of an alleged NSA employee, who they say has been mocking the group on Twitter. [...]
https://www.bleepingcomputer.com/news/security/shadow-brokers-threaten-to-expose-identity-of-former-nsa-hacker/
BleepingComputer
Shadow Brokers Threaten to Expose Identity of Former NSA Hacker
The Shadow Brokers have published a new message today, gloating about the damage caused by the NotPetya ransomware, and threatening to expose the real-life identity of an alleged NSA employee, who they say has been mocking the group on Twitter.
Microsoft Will Embed EMET Into Windows 10 Starting This Fall
After previously stating it was dropping support for EMET in July 2018, Microsoft announced yesterday plans to embed its vaunted EMET security toolkit in the Windows 10 kernel during the operating system's major update, scheduled for October-November 2017. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-will-embed-emet-into-windows-10-starting-this-fall/
After previously stating it was dropping support for EMET in July 2018, Microsoft announced yesterday plans to embed its vaunted EMET security toolkit in the Windows 10 kernel during the operating system's major update, scheduled for October-November 2017. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-will-embed-emet-into-windows-10-starting-this-fall/
BleepingComputer
Microsoft Will Embed EMET Into Windows 10 Starting This Fall
After previously stating it was dropping support for EMET in July 2018, Microsoft announced yesterday plans to embed its vaunted EMET security toolkit in the Windows 10 kernel during the operating system's major update, scheduled for October-November 2017.
Surprise! NotPetya Is a Cyber-Weapon. It's Not Ransomware
The NotPetya ransomware that encrypted and locked thousands of computers across the globe yesterday and today is, in reality, a disk wiper meant to sabotage and destroy computers, and not ransomware. This is the conclusion of two separate reports coming from Comae Technologies and Kaspersky Lab experts. [...]
https://www.bleepingcomputer.com/news/security/surprise-notpetya-is-a-cyber-weapon-its-not-ransomware/
The NotPetya ransomware that encrypted and locked thousands of computers across the globe yesterday and today is, in reality, a disk wiper meant to sabotage and destroy computers, and not ransomware. This is the conclusion of two separate reports coming from Comae Technologies and Kaspersky Lab experts. [...]
https://www.bleepingcomputer.com/news/security/surprise-notpetya-is-a-cyber-weapon-its-not-ransomware/
BleepingComputer
Surprise! NotPetya Is a Cyber-Weapon. It's Not Ransomware
The NotPetya ransomware that encrypted and locked thousands of computers across the globe yesterday and today is, in reality, a disk wiper meant to sabotage and destroy computers, and not ransomware. This is the conclusion of two separate reports coming fromβ¦
Senate Gets Ready to Ban Kaspersky Products as FBI Interviews Company's US Employees
A draft of the "National Defense Authorization Act for Fiscal Year 2018" β which approves the budget and policies for US defensive projects β outlines a ban on the usage of Kaspersky Lab software products at DOD facilities under the explanation that the Russian antivirus vendor "might be vulnerable to Russian government influence." [...]
https://www.bleepingcomputer.com/news/government/senate-gets-ready-to-ban-kaspersky-products-as-fbi-interviews-companys-us-employees/
A draft of the "National Defense Authorization Act for Fiscal Year 2018" β which approves the budget and policies for US defensive projects β outlines a ban on the usage of Kaspersky Lab software products at DOD facilities under the explanation that the Russian antivirus vendor "might be vulnerable to Russian government influence." [...]
https://www.bleepingcomputer.com/news/government/senate-gets-ready-to-ban-kaspersky-products-as-fbi-interviews-companys-us-employees/
BleepingComputer
Senate Gets Ready to Ban Kaspersky Products as FBI Interviews Company's US Employees
A draft of the "National Defense Authorization Act for Fiscal Year 2018" β which approves the budget and policies for US defensive projects β outlines a ban on the usage of Kaspersky Lab software products at DOD facilities under the explanation that the Russianβ¦
Microsoft-Led Investigation Results in Arrest of Four Tech Support Scammers
City of London Police announced they arrested four suspects, two men, and two women, on accusations of running tech support scams. [...]
https://www.bleepingcomputer.com/news/security/microsoft-led-investigation-results-in-arrest-of-four-tech-support-scammers/
City of London Police announced they arrested four suspects, two men, and two women, on accusations of running tech support scams. [...]
https://www.bleepingcomputer.com/news/security/microsoft-led-investigation-results-in-arrest-of-four-tech-support-scammers/
BleepingComputer
Microsoft-Led Investigation Results in Arrest of Four Tech Support Scammers
City of London Police announced they arrested four suspects, two men, and two women, on accusations of running tech support scams.
Systemd Bug Lets Attackers Hack Linux Boxes via Malicious DNS Packets
A bug in systemd β an init system used in many Linux distributions to start and manage processes β allows an attacker to crash or take over machines via malicious DNS packets. [...]
https://www.bleepingcomputer.com/news/security/systemd-bug-lets-attackers-hack-linux-boxes-via-malicious-dns-packets/
A bug in systemd β an init system used in many Linux distributions to start and manage processes β allows an attacker to crash or take over machines via malicious DNS packets. [...]
https://www.bleepingcomputer.com/news/security/systemd-bug-lets-attackers-hack-linux-boxes-via-malicious-dns-packets/
BleepingComputer
Systemd Bug Lets Attackers Hack Linux Boxes via Malicious DNS Packets
A bug in systemd β an init system used in many Linux distributions to start and manage processes β allows an attacker to crash or take over machines via malicious DNS packets.
Microsoft Announces "Controlled Folder Access" to Fend Off Crypto-Ransomware
This fall, Microsoft plans to release a new Windows Defender feature called Controlled Folder Access, which blocks and blacklists unauthorized apps from making changes to files located inside specially-designated folders. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-controlled-folder-access-to-fend-off-crypto-ransomware/
This fall, Microsoft plans to release a new Windows Defender feature called Controlled Folder Access, which blocks and blacklists unauthorized apps from making changes to files located inside specially-designated folders. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-controlled-folder-access-to-fend-off-crypto-ransomware/
BleepingComputer
Microsoft Announces "Controlled Folder Access" to Fend Off Crypto-Ransomware
This fall, Microsoft plans to release a new Windows Defender feature called Controlled Folder Access, which blocks and blacklists unauthorized apps from making changes to files located inside specially-designated folders.
Cerber Renames Itself as CRBR ENCRYPTOR to Be a PITA
Ransomware developers are really trying to screw with us this week. This is shown with the CERBER Ransomware suddenly deciding to change its name to CRBR Encryptor. It's bad enough what they do with victims, now they just want to be a PITA? [...]
https://www.bleepingcomputer.com/news/security/cerber-renames-itself-as-crbr-encryptor-to-be-a-pita/
Ransomware developers are really trying to screw with us this week. This is shown with the CERBER Ransomware suddenly deciding to change its name to CRBR Encryptor. It's bad enough what they do with victims, now they just want to be a PITA? [...]
https://www.bleepingcomputer.com/news/security/cerber-renames-itself-as-crbr-encryptor-to-be-a-pita/
BleepingComputer
Cerber Renames Itself as CRBR ENCRYPTOR to Be a PITA
Ransomware developers are really trying to screw with us this week. This is shown with the CERBER Ransomware suddenly deciding to change its name to CRBR Encryptor. It's bad enough what they do with victims, now they just want to be a PITA?
Ransomware Attacks Continue in Ukraine with Mysterious WannaCry Clone
A fourth ransomware campaign focused on Ukraine has surfaced today, following some of the patterns seen in past ransomware campaigns that have been aimed at the country, such as XData, PScrypt, and the infamous NotPetya. [...]
https://www.bleepingcomputer.com/news/security/ransomware-attacks-continue-in-ukraine-with-mysterious-wannacry-clone/
A fourth ransomware campaign focused on Ukraine has surfaced today, following some of the patterns seen in past ransomware campaigns that have been aimed at the country, such as XData, PScrypt, and the infamous NotPetya. [...]
https://www.bleepingcomputer.com/news/security/ransomware-attacks-continue-in-ukraine-with-mysterious-wannacry-clone/
BleepingComputer
Ransomware Attacks Continue in Ukraine with Mysterious WannaCry Clone
A fourth ransomware campaign focused on Ukraine has surfaced today, following the same patterns seen in past ransomware campaigns that have been aimed at the country, such as XData, PScrypt, and the infamous NotPetya.
More Security Firms Confirm NotPetya Shoddy Code Is Making Recovery Impossible
The bandwagon of cyber-security firms claiming that NotPetya was meant for destructive purposes is getting more crowded by the day, with three new additions from Cisco Talos, F-Secure, and Malwarebytes. [...]
https://www.bleepingcomputer.com/news/security/more-security-firms-confirm-notpetya-shoddy-code-is-making-recovery-impossible/
The bandwagon of cyber-security firms claiming that NotPetya was meant for destructive purposes is getting more crowded by the day, with three new additions from Cisco Talos, F-Secure, and Malwarebytes. [...]
https://www.bleepingcomputer.com/news/security/more-security-firms-confirm-notpetya-shoddy-code-is-making-recovery-impossible/
BleepingComputer
More Security Firms Confirm NotPetya Shoddy Code Is Making Recovery Impossible
The bandwagon of cyber-security firms claiming that NotPetya was meant for destructive purposes is getting more crowded by the day, with three new additions from Cisco Talos, F-Secure, and Malwarebytes.
"Eternal Blues" Tool Tests Computers Against NSA's ETERNALBLUE Exploit
Security researcher Elad Erez has created a tool named Eternal Blues that system administrators can use to test if computers on their network are vulnerable to exploitation via NSA's ETERNALBLUE exploit. [...]
https://www.bleepingcomputer.com/news/software/-eternal-blues-tool-tests-computers-against-nsas-eternalblue-exploit/
Security researcher Elad Erez has created a tool named Eternal Blues that system administrators can use to test if computers on their network are vulnerable to exploitation via NSA's ETERNALBLUE exploit. [...]
https://www.bleepingcomputer.com/news/software/-eternal-blues-tool-tests-computers-against-nsas-eternalblue-exploit/
BleepingComputer
"Eternal Blues" Tool Tests Computers Against NSA's ETERNALBLUE Exploit
Security researcher Elad Erez has created a tool named Eternal Blues that system administrators can use to test if computers on their network are vulnerable to exploitation via NSA's ETERNALBLUE exploit.