EU: Kids' GPS Watches Have So Many Security Flaws They Should Not Be in Stores

The European Consumer Organisation (BEUC) has issued a public service announcement on the security and privacy concerns surrounding modern children's smartwatches. [...]

https://www.bleepingcomputer.com/news/government/eu-kids-gps-watches-have-so-many-security-flaws-they-should-not-be-in-stores/

Google Chrome May Add a Permission to Stop In-Browser Cryptocurrency Miners

Google Chrome engineers are considering adding a special browser permission that will thwart the rising trend of in-browser cryptocurrency miners. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-may-add-a-permission-to-stop-in-browser-cryptocurrency-miners/

Google Will Pay Researchers $1,000 to Hack Its Most Popular Play Store Apps

Google has launched a bug bounty program for popular apps available on its Play Store. Dubbed the Play Security Reward Program, the bug bounty will be offered through the HackerOne platform and is not aimed at Google's own Android apps. [...]

https://www.bleepingcomputer.com/news/security/google-will-pay-researchers-1-000-to-hack-its-most-popular-play-store-apps/

Russian Cyberspies Are Rushing to Exploit Recent Flash 0-Day Before It Goes Cold

A cyber-espionage group identified in the cyber-security industry as APT28 and believed to be operating under the supervision of the Russian state has recently dispatched several malware distribution campaigns that try to take advantage of a Flash zero-day vulnerability that Adobe patched earlier this week. [...]

https://www.bleepingcomputer.com/news/security/russian-cyberspies-are-rushing-to-exploit-recent-flash-0-day-before-it-goes-cold/

Eltima Website Hacked to Spread Proton RAT With Popular Video Player App

The website of Eltima, a maker of macOS and Windows apps, has been compromised by an unknown actor to spread a trojanized version of Elmedia Player, a multimedia player for macOS. [...]

https://www.bleepingcomputer.com/news/apple/eltima-website-hacked-to-spread-proton-rat-with-popular-video-player-app/

Student Expelled for Using Hardware Keylogger to Hack School, Change Grades

Kansas University (KU) officials have expelled a student for installing a hardware keylogger and using the data acquired from the device to hack into the school's grading system and chang his grades. [...]

https://www.bleepingcomputer.com/news/security/student-expelled-for-using-hardware-keylogger-to-hack-school-change-grades/

A Gigantic IoT Botnet Has Grown in the Shadows in the Past Month

Since mid-September, a new IoT botnet has grown to massive proportions. Codenamed IoT_reaper (Reaper for this article), researchers estimate its current size at nearly two million infected devices. [...]

https://www.bleepingcomputer.com/news/security/a-gigantic-iot-botnet-has-grown-in-the-shadows-in-the-past-month/

The Week in Ransomware - October 20th 2017 - Magniber and the Hermes Bank Heist

This week we had our fair share of smaller variants being distributed or created, but the big news was by far the release of Magniber and the use of the Hermes ransomware as a cover to steal money from a Taiwan bank.  With the release of Magniber we also see the downward spiral of Cerber,. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-20th-2017-magniber-and-the-hermes-bank-heist/

Teen Sentenced for Prank That Almost Brought Down a County's 911 Service

A US judge sentenced a 19-year-old teenager to three years probation for a prank gone wrong that resulted in the accidental DDoS and near crash of the Mariposa County's 911 emergency service. [...]

https://www.bleepingcomputer.com/news/security/teen-sentenced-for-prank-that-almost-brought-down-a-countys-911-service/

Microsoft Adds Game Anti-Cheat Engine to Windows 10

With the release of the Windows 10 Fall Creators Update earlier this week, Microsoft quietly rolled out a gaming anti-cheat engine, similar to Valve's VAC system. [...]

https://www.bleepingcomputer.com/news/gaming/microsoft-adds-game-anti-cheat-engine-to-windows-10/

Hackers Take Over Funeral Home's Email Account and Run Online Scams

Hackers have taken over the email account of a Louisiana funeral home and are sending email scams to the company's customers, asking for money. [...]

https://www.bleepingcomputer.com/news/security/hackers-take-over-funeral-homes-email-account-and-run-online-scams/

Google Testing Android Feature to Hide DNS Requests

Google has added support in Android for an experimental feature that will encrypt DNS requests and prevent network-level attackers from snooping on user traffic. [...]

https://www.bleepingcomputer.com/news/google/google-testing-android-feature-to-hide-dns-requests/

Microsoft's Windows 10 Anti-Ransomware Feature Is Now Live

With the release of Windows 10 Fall Creators Update last week, the "Controlled Folder Access" that Microsoft touted in June is now live for millions of users. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-windows-10-anti-ransomware-feature-is-now-live/

Kaspersky Opens Code to 3rd-Party Review in Effort to Combat Spying Accusations

In an attempt to dispell rumors that its software is being used as a backdoor into users' computers, Kaspersky Labs said today it would subject its security products to an independent third-party source code review. [...]

https://www.bleepingcomputer.com/news/security/kaspersky-opens-code-to-3rd-party-review-in-effort-to-combat-spying-accusations/

Russian Cyberspies Carry Out the Silliest Cyber-Espionage Campaign of the Year

A Russian cyber-espionage group has tried to infect security researchers with malware via a spear-phishing campaign that can easily receive a Pwnie Awards nomination for one of the year's biggest epic fails. [...]

https://www.bleepingcomputer.com/news/security/russian-cyberspies-carry-out-the-silliest-cyber-espionage-campaign-of-the-year/

Google Open-Sources Some of Chrome's Usage Stats

Google open-sourced today some of Chrome's usage metrics in an attempt to help developers create better websites. [...]

https://www.bleepingcomputer.com/news/google/google-open-sources-some-of-chromes-usage-stats/

LokiBot Android Banking Trojan Turns Into Ransomware When You Try to Remove It

Security researchers have spotted a new Android banking trojan named LokiBot that turns into ransomware and locks users' phones when they try to remove its admin privileges. [...]

https://www.bleepingcomputer.com/news/security/lokibot-android-banking-trojan-turns-into-ransomware-when-you-try-to-remove-it/

APNIC Whois Database Password Hashes Were Available for Download

The Asia-Pacific Network Information Centre (APNIC), the organization that manages domain name information for the Asia-Pacific region, fixed on Monday an error that exposed password hashes needed to access and edit domain ownership details. [...]

https://www.bleepingcomputer.com/news/security/apnic-whois-database-password-hashes-were-available-for-download/

DUHK Crypto Attack Recovers Encryption Keys, Exposes VPN Connections, More

After last week we had the KRACK and ROCA cryptographic attacks, this week has gotten off to a similarly "great" start with the publication of a new crypto attack known as DUHK (Don't Use Hard-coded Keys) [...]

https://www.bleepingcomputer.com/news/security/duhk-crypto-attack-recovers-encryption-keys-exposes-vpn-connections-more/

Banks Sue Computer Parts Site Newegg for Participation in Massive Fraud Scheme

Four major banks from South Korea have filed a lawsuit against Newegg, a US-based computer parts retailer, alleging the company has participated in a massive financial scheme that has defrauded the banks with hundreds of millions of dollars. [...]

https://www.bleepingcomputer.com/news/hardware/banks-sue-computer-parts-site-newegg-for-participation-in-massive-fraud-scheme/