Windows 10 Overtakes Windows 7 to Become Most Popular Windows Version

Windows 10 has surpassed Windows 7 for the first time, according to analytics firm StatCounter. In a presser released today, the company says that according to data gathered in January 2018, Windows 10 reached 42.78% in terms of worldwide internet usage, compared to 41.86% for Windows 7, and 8.72% for Windows 8.1,. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-overtakes-windows-7-to-become-most-popular-windows-version/

PSA: Beware of Sites Pretending to be Manual Firefox Updates

A family of malicious Firefox addons have been discovered being pushed by sites pretending to be a manual update for Firefox.  These sites utilize a combination of javascript alerts, user authentication prompts, and full screen views to try and coerce the user into installing the unwanted addons. [...]

https://www.bleepingcomputer.com/news/security/psa-beware-of-sites-pretending-to-be-manual-firefox-updates/

First Malicious Chrome Extensions Detected Using Session Replay Scripts

Just three months after Princeton researchers were warning users of the dangers of "session replay" attacks, developers of malicious Chrome extensions have incorporated this "trick" into their latest "releases." [...]

https://www.bleepingcomputer.com/news/security/first-malicious-chrome-extensions-detected-using-session-replay-scripts/

Mining Botnet Targeting Redis and OrientDB Servers Made Almost $1 Million

A Monero-mining botnet targeting Redis and OrientDB servers has infected nearly 4,400 servers and has mined over $925,000 worth of Monero since March 2017. [...]

https://www.bleepingcomputer.com/news/security/mining-botnet-targeting-redis-and-orientdb-servers-made-almost-1-million/

Microsoft Office 2019 Will Work on Windows 10 Exclusively

Microsoft announced yesterday that future versions of the standalone Office 2019 app will work on Windows 10 versions exclusively. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-office-2019-will-work-on-windows-10-exclusively/

Teen Arrested for Creating Malware That Steals Cryptocurrency Wallet Passwords

Japanese police have arrested a 17-year-old boy on suspicion of creating malware that steals private keys (passwords) that are used to access cryptocurrency wallets. He's also under investigation for using these passwords to steal funds from victims, albeit no charges have been filed. [...]

https://www.bleepingcomputer.com/news/cryptocurrency/teen-arrested-for-creating-malware-that-steals-cryptocurrency-wallet-passwords/

Scarabey Ransomware - A Scarab Version Targeting Enterprises

A new version of the Scarab ransomware has been spotted in the wild, but instead of being distributed via email spam campaigns, crooks are brute-forcing computers with weakly-secured RDP connections and are installing the ransomware manually on each system. [...]

https://www.bleepingcomputer.com/news/security/scarabey-ransomware-a-scarab-version-targeting-enterprises/

System Cryptomix Ransomware Variant Released

Michael Gillespie discovered a new Cryptomix variant uploaded to ID-Ransomware this week. Today, I was able to find a sample so we can see what has changed. For the most part, it is the same as previous variants except it now appends the .SERVER extension to encrypted files and changes the contact emails used by the ransomware.  [...]

https://www.bleepingcomputer.com/news/security/system-cryptomix-ransomware-variant-released/

The Week in Ransomware - February 2nd 2018 - TOR Sites Stealing Ransom Payments & GandCrab

This has been an interesting week in ransomware news. We had the GandCrab ransomware being released and distributed by exploit kits, TOR gateways stealing ransom payments from ransomware devs, and a bunch of towns getting hit with ransomware.  [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-2nd-2018-tor-sites-stealing-ransom-payments-and-gandcrab/

New JenX IoT DDoS Botnet Offered Part of Gaming Server Rental Scheme

The operators of a gaming server rental business are believed to have built an IoT DDoS botnet, which they are now offering as part of the server rental scheme. [...]

https://www.bleepingcomputer.com/news/security/new-jenx-iot-ddos-botnet-offered-part-of-gaming-server-rental-scheme/

Firefox 59 Will Add a New Privacy Feature That Strips Sensitive Data From URLs

Firefox 59 will strip referrer information from URLs while the user is in Private Browsing mode. The measure is meant to safeguard users from accidental data leaks of sensitive information. [...]

https://www.bleepingcomputer.com/news/software/firefox-59-will-add-a-new-privacy-feature-that-strips-sensitive-data-from-urls/

Scammers Steal Over $1 Million Worth of Ethereum From Bee Token ICO Participants

Hundreds of users fell victims to email scams over the past week, sending over $1 million worth of Ethereum to a scammer who sent fake emails posing as the Bee Token ICO (Initial Coin Offering). [...]

https://www.bleepingcomputer.com/news/cryptocurrency/scammers-steal-over-1-million-worth-of-ethereum-from-bee-token-ico-participants/

LKRG: Linux to Get a Loadable Kernel Module for Runtime Integrity Checking

Members of the open source community are working on a new security-focused project for the Linux kernel. Named Linux Kernel Runtime Guard (LKRG), this is a loadable kernel module that will perform runtime integrity checking of the Linux kernel. [...]

https://www.bleepingcomputer.com/news/linux/lkrg-linux-to-get-a-loadable-kernel-module-for-runtime-integrity-checking/

Android Devices Targeted by New Monero-Mining Botnet

A new botnet appeared over the weekend, and it's targeting Android devices by scanning for open debug ports so it can infect victims with malware that mines the Monero cryptocurrency. [...]

https://www.bleepingcomputer.com/news/security/android-devices-targeted-by-new-monero-mining-botnet/

NSA Exploits Ported to Work on All Windows Versions Released Since Windows 2000

A security researcher has ported three leaked NSA exploits to work on all Windows versions released in the past 18 years, starting with Windows 2000. [...]

https://www.bleepingcomputer.com/news/security/nsa-exploits-ported-to-work-on-all-windows-versions-released-since-windows-2000/

UK Court Rules Not to Extradite Hacker Lauri Love to the US

The UK will not extradite Lauri Love to face hacking charges in the US, according to a court ruling announced today. [...]

https://www.bleepingcomputer.com/news/security/uk-court-rules-not-to-extradite-hacker-lauri-love-to-the-us/

UK Cops Shut Down LuminosityLink RAT Operation

UK police revealed today they were behind the abrupt shutdown of a popular website that peddled a commercial remote access trojan (RAT) known as LuminosityLink. [...]

https://www.bleepingcomputer.com/news/security/uk-cops-shut-down-luminositylink-rat-operation/

Fake Adobe Flash Update Sites Pushing CPU Miners

Sites telling you that Flash Player is out dated and then offering an update are installing CPU Miners are unsuspecting visitors. [...]

https://www.bleepingcomputer.com/news/security/fake-adobe-flash-update-sites-pushing-cpu-miners/

More UK Teens Involved in Hacking Than Gangs

UK teens aged 11 to 14 are more likely to be hacking than smoking, shoplifting, being part of a neighborhood gang, or even having sexual intercourse. [...]

https://www.bleepingcomputer.com/news/security/more-uk-teens-involved-in-hacking-than-gangs/

Analytics Firm Admits It Collected Password Data by Accident

Mixpanel, a web and mobile analytics provider, has notified customers last week via email that it accidentally collected data entered in password fields due to a bug introduced in its SDK. [...]

https://www.bleepingcomputer.com/news/security/analytics-firm-admits-it-collected-password-data-by-accident/