Google Will Block Third-Party Software From Injecting Code Into Chrome

Google has laid out a plan for blocking third-party applications from injecting code into the Chrome browser. [...]

https://www.bleepingcomputer.com/news/google/google-will-block-third-party-software-from-injecting-code-into-chrome/

New-But-Old US Bill Introduces Prison Time for Execs Who Conceal Data Breaches

Three US senators have introduced a bill on Thursday that will make it mandatory for companies to report breaches to customers within 30 days, but also carries fines and possible prison time for execs who conceal breaches from users and authorities. [...]

https://www.bleepingcomputer.com/news/security/new-but-old-us-bill-introduces-prison-time-for-execs-who-conceal-data-breaches/

Thousands of Serial-To-Ethernet Devices Leak Telnet Passwords

A security researcher has identified thousands of Serial-to-Ethernet devices connected online that leak Telnet passwords that could be used to attack the equipment that is placed behind them. [...]

https://www.bleepingcomputer.com/news/security/thousands-of-serial-to-ethernet-devices-leak-telnet-passwords/

Test Cryptomix Ransomware Variant Released

A new variant of the CryptoMix ransomware was discovered today that appends the .TEST extension to encrypted files and changes the contact emails used by the ransomware.  This article will provide information what changes were made in this new version. [...]

https://www.bleepingcomputer.com/news/security/test-cryptomix-ransomware-variant-released/

Facebook Tests New CAPTCHA Tool That Asks Users to Upload a Photo of Their Face

Facebook is running tests of a new CAPTCHA system that requires users to upload a clear photo of their face to prove the account is not fake and belongs to a new person. [...]

https://www.bleepingcomputer.com/news/technology/facebook-tests-new-captcha-tool-that-asks-users-to-upload-a-photo-of-their-face/

New Shadow BTCware Ransomware Variant Released

A new variant of the BTCWare ransomware was discovered by Michael Gillespie, that appends the .[email]-id-id.shadow extension to encrypted files. The BTCWare family of ransomware infections targets its victims by hacking into poorly protected remote desktop services and manually installing the ransomware. [...]

https://www.bleepingcomputer.com/news/security/new-shadow-btcware-ransomware-variant-released/

PHP Adds Support for Next-Gen Password Hashing Algorithm Argon2

PHP got a whole lot more secure this week with the release of the 7.2 branch, a version that improves and modernizes the programming language's support for cryptography and password hashing algorithms. [...]

https://www.bleepingcomputer.com/news/security/php-adds-support-for-next-gen-password-hashing-algorithm-argon2/

Halloware Ransomware on Sale on the Dark Web for Only $40

A malware author by the name of Luc1F3R is peddling a new ransomware strain called Halloware for the lowly price of $40. [...]

https://www.bleepingcomputer.com/news/security/halloware-ransomware-on-sale-on-the-dark-web-for-only-40/

The Week in Ransomware - December 1st 2017 - Decryptors, BTCWare, and More

[...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-1st-2017-decryptors-btcware-and-more/

NSA Employee at the Middle of the Kaspersky Saga Admits Taking Files Home

The US Department of Justice (DOJ) has formally charged a former NSA employee for taking classified documents home. The man, Nghia Hoang Pho, 67, of Ellicott City, Maryland, pleaded guilty today, according to court documents released by the DOJ. [...]

https://www.bleepingcomputer.com/news/security/nsa-employee-at-the-middle-of-the-kaspersky-saga-admits-taking-files-home/

UK's NCSC Warns Government Agencies About Russian Antivirus Products

A branch of the UK intelligence forces has sent out a letter to UK government departments and agencies about the use of Russian antivirus software to protect computers that store classified information. [...]

https://www.bleepingcomputer.com/news/government/uks-ncsc-warns-government-agencies-about-russian-antivirus-products/

PayPal Says 1.6 Million Customer Details Stolen in Breach at Canadian Subsidiary

PayPal says that one of the companies it recently acquired suffered a security incident during which an attacker appears to have accessed servers that stored information for 1.6 million customers. [...]

https://www.bleepingcomputer.com/news/security/paypal-says-1-6-million-customer-details-stolen-in-breach-at-canadian-subsidiary/

Former Sysadmin Caught Hacking His Ex-Employer by His Replacement

On Wednesday, November 29, a Kansas City court sentenced a Missouri man to six years in federal prison without parole for hacking his former employer, stealing trade secrets, and for accessing child pornography. [...]

https://www.bleepingcomputer.com/news/security/former-sysadmin-caught-hacking-his-ex-employer-by-his-replacement/

Student Hacks High School, Changes Grades, and Sends College Applications

Tenafly High School has informed parents earlier this month that a student has gained access to its internal IT systems, changed grades to improve his GPA, and sent out college applications immediately after. [...]

https://www.bleepingcomputer.com/news/security/student-hacks-high-school-changes-grades-and-sends-college-applications/

Dell, Other Vendors Start Shipping Laptops With Intel ME Firmware Disabled

Some hardware vendors are reacting to the recent revelation that some of Intel's core CPU technology is riddled with security holes. [...]

https://www.bleepingcomputer.com/news/hardware/dell-other-vendors-start-shipping-laptops-with-intel-me-firmware-disabled/

Leakbase.pw Hacked Password Service Goes Dark

Over the weekend, Leakbase.pw, a web site that sold subscriptions to usernames and passwords leaked in data breaches at other companies, suddenly discontinued their service. [...]

https://www.bleepingcomputer.com/news/security/leakbase-pw-hacked-password-service-goes-dark/

Man Hacks Jail Computer Network to Get Friend Released Early

A Michigan man pleaded guilty last week to hacking the computer network of the Washtenaw County Jail, where he modified inmate records in an attempt to have an inmate released early. [...]

https://www.bleepingcomputer.com/news/security/man-hacks-jail-computer-network-to-get-friend-released-early/

World Police Shut Down Andromeda (Gamarue) Botnet

Law enforcement agencies across the globe and members of the private sector announced today they shut down the Andromeda (Gamarue or Wauchos) botnet. [...]

https://www.bleepingcomputer.com/news/security/world-police-shut-down-andromeda-gamarue-botnet/

Windows 7 Update giving a 80248015 Error? Here's Why and How to Fix It.

If you try to search for new Windows updates on Windows 7, you are most likely getting a 80248015 error. This error is being  reported in our forums, the Microsoft forums, and other sites so it appears to be a problem affecting all Windows 7 users.  [...]

https://www.bleepingcomputer.com/news/microsoft/windows-7-update-giving-a-80248015-error-heres-why-and-how-to-fix-it-/

Google to Crack Down on Android Apps That Collect User Data Without Consent

Google announced plans to crack down on Android applications that fail to warn users when they are collecting personal data. The OS maker is giving app developers 60 days to fix their issues and update apps with notifications of their full practices. In case app developers fail to comply, Google will take it upon itself to warn users [...]

https://www.bleepingcomputer.com/news/security/google-to-crack-down-on-android-apps-that-collect-user-data-without-consent/