Canadian Police Charge Man Behind LeakedSource Portal

The Royal Canadian Mounted Police (RCMP) announced today they've charged a 27-year-old man named Jordan Evan Bloom for running LeakedSource.com, a website that compiled public data breaches, including cleartext passwords, and sold access to this information for a few dollars. [...]

https://www.bleepingcomputer.com/news/security/canadian-police-charge-man-behind-leakedsource-portal/

Over 500,000 Users Impacted by Four Malicious Chrome Extensions

Security researchers from US cyber-security firm ICEBRG have spotted four Chrome extensions featuring malicious code that were available through the official Chrome Web Store. [...]

https://www.bleepingcomputer.com/news/security/over-500-000-users-impacted-by-four-malicious-chrome-extensions/

KillDisk Fake Ransomware Hits Financial Firms in Latin America

A new version of the KillDisk disk-wiping malware has hit companies in the financial sector in Latin America, Trend Micro reported yesterday. [...]

https://www.bleepingcomputer.com/news/security/killdisk-fake-ransomware-hits-financial-firms-in-latin-america/

Man Admits to Creating Crypting Service Cryptex and reFUD.me Scanner

A 24-year-old man has pleaded guilty yesterday in a UK court for creating and advertising two malware-related services employed by thousands of criminals. [...]

https://www.bleepingcomputer.com/news/security/man-admits-to-creating-crypting-service-cryptex-and-refud-me-scanner/

Italian IT Company Possibly Behind New Skygofree Android Spyware

Security researchers from Kaspersky Lab have discovered a new and powerful strain of Android spyware that they believe was created by an Italian IT company which they suspect is active in the surveillance software market. [...]

https://www.bleepingcomputer.com/news/security/italian-it-company-possibly-behind-new-skygofree-android-spyware/

Hospital Pays $55K Ransomware Demand Despite Having Backups

An Indiana hospital paid a ransom of $55,000 to get rid of ransomware that had infected its systems and was hindering operations last week. [...]

https://www.bleepingcomputer.com/news/security/hospital-pays-55k-ransomware-demand-despite-having-backups/

Cya Windows. You Can Now Run PowerShell on Linux & macOS

An open-source cross-platform version of PowerShell, called PowerShell Core 6.0, has been released by Microsoft that not only runs on Windows, but runs on macOS and Linux as well. Going forward, this version is going to be the actively developed with the original PowerShell only receiving security updates. [...]

https://www.bleepingcomputer.com/news/microsoft/cya-windows-you-can-now-run-powershell-on-linux-and-macos/

Because Ransomware: OneDrive for Business to Get "Files Restore" Option

Microsoft will add a new feature to OneDrive for Business that will let users create backup points and restore to previous versions of their entire OneDrive account. [...]

https://www.bleepingcomputer.com/news/microsoft/because-ransomware-onedrive-for-business-to-get-files-restore-option/

Mozilla Restricts All New Firefox Features to HTTPS Only

In a groundbreaking statement earlier this week, Mozilla announced that all web-based features that will ship with Firefox in the future must be served on over a secure HTTPS connection (a "secure context"). [...]

https://www.bleepingcomputer.com/news/software/mozilla-restricts-all-new-firefox-features-to-https-only/

Satori Botnet Is Now Attacking Ethereum Mining Rigs

A new variant of the Satori botnet has sprung back to life, and this one is hacking into Claymore mining rigs and replacing the device owner's mining credentials with the attacker's own. [...]

https://www.bleepingcomputer.com/news/security/satori-botnet-is-now-attacking-ethereum-mining-rigs/

Google Launches IT Support Training Program And Offers 10,000 Scholarships

As part of its Grow with Google program, Google has created an IT Support certification program based on the same methods that they use train their own employees. Called the Google IT Support Professional Certificate, this certification aims to prepares people for an entry level job in the information technology support field. [...]

https://www.bleepingcomputer.com/news/security/google-launches-it-support-training-program-and-offers-10-000-scholarships/

World's Largest Spam Botnet Is Pumping and Dumping an Obscure Cryptocurrency

Necurs, the world's largest spam botnet, is currently sending millions of spam emails that push an obscure cryptocurrency named Swisscoin. [...]

https://www.bleepingcomputer.com/news/cryptocurrency/worlds-largest-spam-botnet-is-pumping-and-dumping-an-obscure-cryptocurrency/

Exobot Author Calls It Quits and Sells Off Banking Trojan Source Code

Things are about to get a lot worse for Android users after the source code of a highly advanced Android banking trojan has been sold to different parties on a well-known hacking forum. [...]

https://www.bleepingcomputer.com/news/security/exobot-author-calls-it-quits-and-sells-off-banking-trojan-source-code/

Adult VR App Leaked Personal Details for a Week Before a Patch Was Deployed

Details about two vulnerabilities in an adult-themed virtual reality (VR) application were available to the general public for five days before the vendor intervened and patched the security holes. [...]

https://www.bleepingcomputer.com/news/security/adult-vr-app-leaked-personal-details-for-a-week-before-a-patch-was-deployed/

chaiOS "Text Bomb" Crashes iMessage App on macOS and iOS

Reminiscent of the old "Effective Power" bug that has long caused iMessage apps to crash on iOS devices, a new bug nicknamed chaiOS has surfaced this week with similar repercussions. [...]

https://www.bleepingcomputer.com/news/apple/chaios-text-bomb-crashes-imessage-app-on-macos-and-ios/

GhostTeam Android Malware Can Steal Facebook Credentials

Google has removed 53 apps from the official Play Store because they were spreading a new breed of Android malware named GhostTeam that could steal Facebook credentials and push ads to infected phones. [...]

https://www.bleepingcomputer.com/news/security/ghostteam-android-malware-can-steal-facebook-credentials/

Future Apple iOS Update Will Allow Users to Stop Battery Slowdown Feature

In an ABC interview with Apple CEO Tim Cook, Cook apologized once again for the battery slowdowns and stated a future iOS will allow users to disable this "feature". [...]

https://www.bleepingcomputer.com/news/apple/future-apple-ios-update-will-allow-users-to-stop-battery-slowdown-feature/

Microsoft Resumes Meltdown & Spectre Updates for AMD Devices

Microsoft has resumed the rollout of security updates for AMD devices. The updates patch the Meltdown and Spectre vulnerabilities. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-resumes-meltdown-and-spectre-updates-for-amd-devices/

Hacker Might Have Stolen the Healthcare Data for Half of Norway’s Population

A hacker or hacker group might have stolen healthcare data for more than half of Norway's population, according to reports in local press. [...]

https://www.bleepingcomputer.com/news/security/hacker-might-have-stolen-the-healthcare-data-for-half-of-norway-s-population/

Top Bug Hunters Make 2.7 Times More Money Than an Average Software Engineer

A survey of 1,700 bug bounty hunters registered on the HackerOne platform reveals that top white-hat hackers make on average 2.7 times more money than the average salary of a software engineer in the same country. [...]

https://www.bleepingcomputer.com/news/security/top-bug-hunters-make-2-7-times-more-money-than-an-average-software-engineer/