Maersk Reinstalled 45,000 PCs and 4,000 Servers to Recover From NotPetya Attack

The world's largest container shipping company —A.P. Møller-Maersk— said it recovered from the NotPetya ransomware incident by reinstalling over 4,000 servers, 45,000 PCs, and 2500 applications over the course of ten days in late June and early July 2017. [...]

https://www.bleepingcomputer.com/news/security/maersk-reinstalled-45-000-pcs-and-4-000-servers-to-recover-from-notpetya-attack/

Reddit Brings Two-factor Authentication To All Users. Here's How to Enable It

As of today, you can now secure your Reddit account using two-factor authentication . This feature was previously in beta, but has now been rolled out to all Reddit users. [...]

https://www.bleepingcomputer.com/news/security/reddit-brings-two-factor-authentication-to-all-users-heres-how-to-enable-it/

Malware Epidemic: Monero Mining Campaigns Are Becoming a Real Problem

Malware that secretly mines Monero is becoming a real problem in the real world, with the number of different incidents growing with each week. For example, only this past week, three new attacks came to light. [...]

https://www.bleepingcomputer.com/news/security/malware-epidemic-monero-mining-campaigns-are-becoming-a-real-problem/

BlackMailware Found On Porn Site Threatens to Report Users are Spreading Child Porn

A new infection is being distributed by porn sites that tries to blackmail a victim into paying a ransom by stating they will tell law enforcement that the victim is spreading child porn. [...]

https://www.bleepingcomputer.com/news/security/blackmailware-found-on-porn-site-threatens-to-report-users-are-spreading-child-porn/

Malwarebytes: Ransomware Was Bigger Than Ever in 2017

An end-of-the-year report from US cyber-security firm Malwarebytes reveals that ransomware, adware, and cryptojacking were extremely popular with cyber-criminals in 2017. [...]

https://www.bleepingcomputer.com/news/security/malwarebytes-ransomware-was-bigger-than-ever-in-2017/

Suspect Arrested in Massive Theft of Dell Computer Components Worth $7 Million

A trio of Secret Service agents, DHS investigators, and West Hartford (Connecticut) police officers have arrested a man who they believe is at the center of a massive fraud operation through which he stole Dell computer parts worth more than $7 million. [...]

https://www.bleepingcomputer.com/news/legal/suspect-arrested-in-massive-theft-of-dell-computer-components-worth-7-million/

Keylogger Campaign Hits Over 2,000 WordPress Sites

Security researchers have discovered over 2,000 WordPress sites —possibly more— infected with a keylogger that's being loaded on the WordPress backend login page and a cryptojacking script (in-browser cryptocurrency miner) on their frontends. [...]

https://www.bleepingcomputer.com/news/security/keylogger-campaign-hits-over-2-000-wordpress-sites/

Crooks Created 28 Fake Ad Agencies to Disguise Massive Malvertising Campaign

A group of cyber-criminals created 28 fake ad agencies and bought over 1 billion ad views in 2017, which they used to deliver malicious ads that redirected unsuspecting users to tech support scams or sneaky pages peddling malware-laden software updates or software installers. [...]

https://www.bleepingcomputer.com/news/security/crooks-created-28-fake-ad-agencies-to-disguise-massive-malvertising-campaign/

The Velso Ransomware Being Manually Installed by Attackers

A new ransomware is actively infecting victims called the Velso Ransomware. This ransomware appends the .velso extension to encrypted files and then drops a ransom note that contains an email address that a victim can use to contact the developer. [...]

https://www.bleepingcomputer.com/news/security/the-velso-ransomware-being-manually-installed-by-attackers/

Dridex Group Created BitPaymer (FriedEx) Ransomware

The authors of the infamous Dridex banking trojan and the Necurs spam botnet appear to have also created the FriedEx ransomware, according to an ESET report released earlier today. [...]

https://www.bleepingcomputer.com/news/security/dridex-group-created-bitpaymer-friedex-ransomware/

Coincheck Loses $500 Million in Biggest Cryptocoin Hack Ever

Japanese cryptocurrency exchange Coincheck announced today that it lost over 500 million NEM tokens, worth over $500 million at the time of the incident. [...]

https://www.bleepingcomputer.com/news/cryptocurrency/coincheck-loses-500-million-in-biggest-cryptocoin-hack-ever/

The Week in Ransomware - January 26th 2018 - SamSam & Hack Attacks

While we are continuing to see less ransomware developed and more attackers focusing on a few large-impact strains, Ransomware is unfortunately not dead. This was particularly apparent this week with plenty of news to go around. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-26th-2018-samsam-and-hack-attacks/

Coinhive Cryptojacker Deployed on YouTube via Google Ads

Some smart crooks found a way to insert and deliver the Coinhive in-browser miner inside ads delivered via the Google DoubleClick ad delivery platform. Ads delivered this way made their way on countless sites, and even on Google's own property —YouTube. [...]

https://www.bleepingcomputer.com/news/security/coinhive-cryptojacker-deployed-on-youtube-via-google-ads/

Hacker Compromised Official phpBB Download Links

An unknown attacker has compromised download links for the phpBB forum software, according to a statement released today by the phpBB development team. [...]

https://www.bleepingcomputer.com/news/security/hacker-compromised-official-phpbb-download-links/

Malwarebytes Update Released to Fix High CPU & Memory Usage in Mbamservice.exe

An update pushed by Malwarebytes today for their Malwarebytes Anti-Malware product has caused a lot of problems for those who use their program. This new protection update caused mbamservice.exe to consume a lot of memory and upwards to 90% of the computer's CPU. A new update has been pushed that resolves these issues. [...]

https://www.bleepingcomputer.com/news/security/malwarebytes-update-released-to-fix-high-cpu-and-memory-usage-in-mbamservice-exe/

Hacker Steals Over $150,000 Worth of Ethereum From Experty ICO Participants

A hacker has tricked Experty ICO participants into sending Ethereum funds to the wrong wallet address. He was able to do this by sending emails with a fake pre-ICO sale announcement to Experty users who signed up for notifications. [...]

https://www.bleepingcomputer.com/news/security/hacker-steals-over-150-000-worth-of-ethereum-from-experty-ico-participants/

Microsoft Issues Windows Out-of-Band Update That Disables Spectre Mitigations

Microsoft has issued on Saturday an emergency out-of-band Windows update that disables patches for the Spectre Variant 2 bug (CVE-2017-5715). [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-issues-windows-out-of-band-update-that-disables-spectre-mitigations/

Fitness Tracking App Accidentally Exposed Military Bases

Strava, a fitness tracking application that logs users' movements as they cycle, surf, or jog, has accidentally exposed or confirmed the location of various military bases and facilities all over the world. [...]

https://www.bleepingcomputer.com/news/technology/fitness-tracking-app-accidentally-exposed-military-bases/

ATM Jackpotting Attacks Hit the US for the First Time

Two of the world's largest ATM manufacturers have issued security alerts regarding ATM jackpotting attacks being detected in the US for the first time. [...]

https://www.bleepingcomputer.com/news/security/atm-jackpotting-attacks-hit-the-us-for-the-first-time/

Lenovo's Fingerprint Scanner Can Be Bypassed via a Hardcoded Password

Lenovo has issued security updates for a fingerprint scanner app it shipped with ThinkPad, ThinkCentre, and ThinkStation machines. [...]

https://www.bleepingcomputer.com/news/security/lenovos-fingerprint-scanner-can-be-bypassed-via-a-hardcoded-password/