GIBON Ransomware Being Sold on Underground Criminal Forums

Last week we posted an analysis of the GIBON Rasnsomware that was discovered being spread via malspam campaigns. Today, an anonymous source told BleepingComputer that this ransomware has been marketed on underground criminal forums since as early as May 2017. [...]

https://www.bleepingcomputer.com/news/security/gibon-ransomware-being-sold-on-underground-criminal-forums/

Popular Firefox Bookmark Syncing Add-On Starts Losing... Bookmarks

Users of the Firefox Xmarks bookmark syncing add-on are reporting various problems with the plugin, some of which include corrupted bookmarks, failed sync operations, or popup spamming. [...]

https://www.bleepingcomputer.com/news/software/popular-firefox-bookmark-syncing-add-on-starts-losing-bookmarks/

Get Watch_Dogs on PC for Free Starting Tomorrow

Starting tomorrow at 11am EST and ending on November 13th, Ubisoft is giving away free licenses of Watch_Dogs for PC. For those who are unfamiliar with Watch_Dogs, the game revolves around a hacker who seeks revenge on those who hurt his family. [...]

https://www.bleepingcomputer.com/news/gaming/get-watch-dogs-on-pc-for-free-starting-tomorrow/

Comcast Xfinity Internet Service Down Across Large Parts the US

Comcast Xfinity Internet service is down in large areas of the US due to unknown reasons, according to multiple online reports. [...]

https://www.bleepingcomputer.com/news/technology/comcast-xfinity-internet-service-down-across-large-parts-the-us/

Microsoft Releases Standards for Highly Secure Windows 10 Devices

Yesterday, Microsoft released new standards that consumers should follow in order to have a highly secure Windows 10 device. These standards include the type of hardware that should be included in the system and the firmware features. [...]

https://www.bleepingcomputer.com/news/security/microsoft-releases-standards-for-highly-secure-windows-10-devices/

Misconfigured Amazon S3 Buckets Expose Users, Companies to Stealthy MitM Attacks

Hackers can exploit exposed Amazon S3 buckets to carry out silent Man-in-the-Middle attacks or other hacks on a company's customers or internal staff. [...]

https://www.bleepingcomputer.com/news/security/misconfigured-amazon-s3-buckets-expose-users-companies-to-stealthy-mitm-attacks/

Facebook to Fight Revenge Porn by Letting Potential Victims Upload Nudes in Advance

Facebook is testing new technology that is designed to help victims of revenge porn acts. This new tool is currently under testing in Australia, and the company says it plans to expand it to other countries if everything goes well. [...]

https://www.bleepingcomputer.com/news/technology/facebook-to-fight-revenge-porn-by-letting-potential-victims-upload-nudes-in-advance/

Researcher Details New Windows Code Injection Technique Named PROPagate

A security researcher has discovered a new code injection technique that works on all recent Windows versions and allows miscreants to inject malicious code into other applications undetected. [...]

https://www.bleepingcomputer.com/news/security/researcher-details-new-windows-code-injection-technique-named-propagate/

Google Patches KRACK WPA2 Vulnerability in Android

Google has published this month's Android security bulletin, and the company provided a fix for the KRACK vulnerability that came to light last month. [...]

https://www.bleepingcomputer.com/news/security/google-patches-krack-wpa2-vulnerability-in-android/

Unknown User Triggers Bug That Freezes $285Mil Inside Ethereum Wallets

On Monday, November 6, an unknown user triggered a bug in the source code of the Parity Ethereum wallet that has permanently locked funds inside users' accounts. [...]

https://www.bleepingcomputer.com/news/security/unknown-user-triggers-bug-that-freezes-285mil-inside-ethereum-wallets/

Dnstwist Helps you Find Phishing Domains Based on your Domain

Dnstwist that allows you to detect phishing, typo squatters, and attack domains that are based on an inputted domain. If you are a site owner or in charge of your company's domain management and brand safety, this tool can be of great use in seeing sites that are trying to harm others by pretending to be your brand. [...]

https://www.bleepingcomputer.com/news/security/dnstwist-helps-you-find-phishing-domains-based-on-your-domain/

Firefox 57 to Feature Option for Always-On Tracking Protection

Firefox 57, scheduled for release next week, will add a new option to allows users to turn on the browser's Tracking Protection feature all the time, not just in Private Browsing mode. [...]

https://www.bleepingcomputer.com/news/software/firefox-57-to-feature-option-for-always-on-tracking-protection/

Linux Has a USB Driver Security Problem

USB drivers included in the Linux kernel are rife with security flaws that in some cases can be exploited to run untrusted code and take over users' computers. [...]

https://www.bleepingcomputer.com/news/security/linux-has-a-usb-driver-security-problem/

Amazon Updates AWS Dashboard to Warn Admins When They're Exposing S3 Buckets

Following a long string of data leaks caused by misconfigured S3 servers, Amazon has decided to add a visible warning to the AWS backend dashboard panel that will let server admins know if one of their buckets (storage environments) is publicly accessible and exposing potentially sensitive data on the Internet. [...]

https://www.bleepingcomputer.com/news/security/amazon-updates-aws-dashboard-to-warn-admins-when-theyre-exposing-s3-buckets/

Intel's Secret CPU-On-Chip Management Engine (ME) Runs on MINIX OS

One of the world's lesser-known operating systems may actually be the most used OS in the world, according to new revelations made by Google's Linux experts. [...]

https://www.bleepingcomputer.com/news/hardware/intels-secret-cpu-on-chip-management-engine-me-runs-on-minix-os/

Here's What You Need to Know About Mozilla's New Firefox Browser Coming Next Week

In less than a week, Mozilla will flip the switch on a completely new browser with the release of Firefox 57, a version that's been rebuilt with a new browser engine core, a new user interface, revamped settings panel, and with a new add-ons API. [...]

https://www.bleepingcomputer.com/news/software/heres-what-you-need-to-know-about-mozillas-new-firefox-browser-coming-next-week/

Logitech Will Intentionally Brick All Harmony Link Devices Next Year

Logitech will intentionally brick all Harmony Link universal hubs next year, on March 16, 2018. The company has emailed all Harmony Link customers with the bad news. [...]

https://www.bleepingcomputer.com/news/hardware/logitech-will-intentionally-brick-all-harmony-link-devices-next-year/

Hacker Wannabes Fooled by Backdoored IP Scanner

Wannabe hackers looking to create their very own Reaper botnet might have gotten more than they asked when they downloaded an IP scanner over the past few weeks. [...]

https://www.bleepingcomputer.com/news/security/hacker-wannabes-fooled-by-backdoored-ip-scanner/

Cryptojacking Craze: Malwarebytes Says It Blocks 8 Million Requests per Day

The in-browser cryptojacking craze that has taken over the Internet is getting worse by the day and more and more sites are implementing such systems, intentionally or after getting hacked. [...]

https://www.bleepingcomputer.com/news/security/cryptojacking-craze-malwarebytes-says-it-blocks-8-million-requests-per-day/

Windows 10 Insider Build 17035 for PC Introduces the Near Share Sharing Feature

Today Microsoft released Insider Preview Build 17035 for PC to insiders on the fast ring and to those who opted to Skip Ahead. This build will not be made available to computers that have an AMD processor due to a known bug that causes these computers to bugcheck during an upgrade.  [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-17035-for-pc-introduces-the-near-share-sharing-feature/