Keylogger Campaign Hits Over 2,000 WordPress Sites

Security researchers have discovered over 2,000 WordPress sites —possibly more— infected with a keylogger that's being loaded on the WordPress backend login page and a cryptojacking script (in-browser cryptocurrency miner) on their frontends. [...]

https://www.bleepingcomputer.com/news/security/keylogger-campaign-hits-over-2-000-wordpress-sites/

Crooks Created 28 Fake Ad Agencies to Disguise Massive Malvertising Campaign

A group of cyber-criminals created 28 fake ad agencies and bought over 1 billion ad views in 2017, which they used to deliver malicious ads that redirected unsuspecting users to tech support scams or sneaky pages peddling malware-laden software updates or software installers. [...]

https://www.bleepingcomputer.com/news/security/crooks-created-28-fake-ad-agencies-to-disguise-massive-malvertising-campaign/

The Velso Ransomware Being Manually Installed by Attackers

A new ransomware is actively infecting victims called the Velso Ransomware. This ransomware appends the .velso extension to encrypted files and then drops a ransom note that contains an email address that a victim can use to contact the developer. [...]

https://www.bleepingcomputer.com/news/security/the-velso-ransomware-being-manually-installed-by-attackers/

Dridex Group Created BitPaymer (FriedEx) Ransomware

The authors of the infamous Dridex banking trojan and the Necurs spam botnet appear to have also created the FriedEx ransomware, according to an ESET report released earlier today. [...]

https://www.bleepingcomputer.com/news/security/dridex-group-created-bitpaymer-friedex-ransomware/

Coincheck Loses $500 Million in Biggest Cryptocoin Hack Ever

Japanese cryptocurrency exchange Coincheck announced today that it lost over 500 million NEM tokens, worth over $500 million at the time of the incident. [...]

https://www.bleepingcomputer.com/news/cryptocurrency/coincheck-loses-500-million-in-biggest-cryptocoin-hack-ever/

The Week in Ransomware - January 26th 2018 - SamSam & Hack Attacks

While we are continuing to see less ransomware developed and more attackers focusing on a few large-impact strains, Ransomware is unfortunately not dead. This was particularly apparent this week with plenty of news to go around. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-26th-2018-samsam-and-hack-attacks/

Coinhive Cryptojacker Deployed on YouTube via Google Ads

Some smart crooks found a way to insert and deliver the Coinhive in-browser miner inside ads delivered via the Google DoubleClick ad delivery platform. Ads delivered this way made their way on countless sites, and even on Google's own property —YouTube. [...]

https://www.bleepingcomputer.com/news/security/coinhive-cryptojacker-deployed-on-youtube-via-google-ads/

Hacker Compromised Official phpBB Download Links

An unknown attacker has compromised download links for the phpBB forum software, according to a statement released today by the phpBB development team. [...]

https://www.bleepingcomputer.com/news/security/hacker-compromised-official-phpbb-download-links/

Malwarebytes Update Released to Fix High CPU & Memory Usage in Mbamservice.exe

An update pushed by Malwarebytes today for their Malwarebytes Anti-Malware product has caused a lot of problems for those who use their program. This new protection update caused mbamservice.exe to consume a lot of memory and upwards to 90% of the computer's CPU. A new update has been pushed that resolves these issues. [...]

https://www.bleepingcomputer.com/news/security/malwarebytes-update-released-to-fix-high-cpu-and-memory-usage-in-mbamservice-exe/

Hacker Steals Over $150,000 Worth of Ethereum From Experty ICO Participants

A hacker has tricked Experty ICO participants into sending Ethereum funds to the wrong wallet address. He was able to do this by sending emails with a fake pre-ICO sale announcement to Experty users who signed up for notifications. [...]

https://www.bleepingcomputer.com/news/security/hacker-steals-over-150-000-worth-of-ethereum-from-experty-ico-participants/

Microsoft Issues Windows Out-of-Band Update That Disables Spectre Mitigations

Microsoft has issued on Saturday an emergency out-of-band Windows update that disables patches for the Spectre Variant 2 bug (CVE-2017-5715). [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-issues-windows-out-of-band-update-that-disables-spectre-mitigations/

Fitness Tracking App Accidentally Exposed Military Bases

Strava, a fitness tracking application that logs users' movements as they cycle, surf, or jog, has accidentally exposed or confirmed the location of various military bases and facilities all over the world. [...]

https://www.bleepingcomputer.com/news/technology/fitness-tracking-app-accidentally-exposed-military-bases/

ATM Jackpotting Attacks Hit the US for the First Time

Two of the world's largest ATM manufacturers have issued security alerts regarding ATM jackpotting attacks being detected in the US for the first time. [...]

https://www.bleepingcomputer.com/news/security/atm-jackpotting-attacks-hit-the-us-for-the-first-time/

Lenovo's Fingerprint Scanner Can Be Bypassed via a Hardcoded Password

Lenovo has issued security updates for a fingerprint scanner app it shipped with ThinkPad, ThinkCentre, and ThinkStation machines. [...]

https://www.bleepingcomputer.com/news/security/lenovos-fingerprint-scanner-can-be-bypassed-via-a-hardcoded-password/

IOTA Cryptocurrency Users Lose $4 Million in Clever Phishing Attack

A clever hacker made off with nearly $4 million worth of IOTA cryptocurrency after patiently setting up an elaborate phishing site for almost half a year. [...]

https://www.bleepingcomputer.com/news/security/iota-cryptocurrency-users-lose-4-million-in-clever-phishing-attack/

Tor-to-Web Proxy Caught Replacing Bitcoin Addresses on Ransomware Payment Sites

The operators of at least one Tor proxy service was recently caught replacing Bitcoin addresses on ransomware ransom payment sites, diverting funds meant to pay for ransomware decrypters to the site's operators. [...]

https://www.bleepingcomputer.com/news/security/tor-to-web-proxy-caught-replacing-bitcoin-addresses-on-ransomware-payment-sites/

GandCrab Ransomware Distributed by Exploit Kits, Appends GDCB Extension

A new ransomware called GandCrab was released towards the end of last week that is currently being distributed via exploit kits. GandCrab has some interesting features not seen before in a ransomware, such as being the first to accept the DASH currency and the first to utilize the Namecoin powered .BIT tld.  [...]

https://www.bleepingcomputer.com/news/security/gandcrab-ransomware-distributed-by-exploit-kits-appends-gdcb-extension/

Cisco Fixes Remote Code Execution Bug Rated 10 Out of 10 on Severity Scale

Cisco has released software patches that fix a major vulnerability affecting Cisco devices running Adaptive Security Appliance (ASA) Software. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-remote-code-execution-bug-rated-10-out-of-10-on-severity-scale/

Scientists Warn of Transduction Attacks on Sensors

Professors from universities in China and the US are warning about the impending danger of "transduction attacks" on sensors deployed with everyday devices. [...]

https://www.bleepingcomputer.com/news/security/scientists-warn-of-transduction-attacks-on-sensors/

Dutch Banks, Tax Agency Under DDoS Attacks a Week After Big Russian Hack Reveal

At least three Dutch banks and the Dutch tax office reported on Monday suffering coordinated DDoS attacks against their respective infrastructures. [...]

https://www.bleepingcomputer.com/news/security/dutch-banks-tax-agency-under-ddos-attacks-a-week-after-big-russian-hack-reveal/