The Week in Ransomware - February 2nd 2018 - TOR Sites Stealing Ransom Payments & GandCrab

This has been an interesting week in ransomware news. We had the GandCrab ransomware being released and distributed by exploit kits, TOR gateways stealing ransom payments from ransomware devs, and a bunch of towns getting hit with ransomware.  [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-2nd-2018-tor-sites-stealing-ransom-payments-and-gandcrab/

New JenX IoT DDoS Botnet Offered Part of Gaming Server Rental Scheme

The operators of a gaming server rental business are believed to have built an IoT DDoS botnet, which they are now offering as part of the server rental scheme. [...]

https://www.bleepingcomputer.com/news/security/new-jenx-iot-ddos-botnet-offered-part-of-gaming-server-rental-scheme/

Firefox 59 Will Add a New Privacy Feature That Strips Sensitive Data From URLs

Firefox 59 will strip referrer information from URLs while the user is in Private Browsing mode. The measure is meant to safeguard users from accidental data leaks of sensitive information. [...]

https://www.bleepingcomputer.com/news/software/firefox-59-will-add-a-new-privacy-feature-that-strips-sensitive-data-from-urls/

Scammers Steal Over $1 Million Worth of Ethereum From Bee Token ICO Participants

Hundreds of users fell victims to email scams over the past week, sending over $1 million worth of Ethereum to a scammer who sent fake emails posing as the Bee Token ICO (Initial Coin Offering). [...]

https://www.bleepingcomputer.com/news/cryptocurrency/scammers-steal-over-1-million-worth-of-ethereum-from-bee-token-ico-participants/

LKRG: Linux to Get a Loadable Kernel Module for Runtime Integrity Checking

Members of the open source community are working on a new security-focused project for the Linux kernel. Named Linux Kernel Runtime Guard (LKRG), this is a loadable kernel module that will perform runtime integrity checking of the Linux kernel. [...]

https://www.bleepingcomputer.com/news/linux/lkrg-linux-to-get-a-loadable-kernel-module-for-runtime-integrity-checking/

Android Devices Targeted by New Monero-Mining Botnet

A new botnet appeared over the weekend, and it's targeting Android devices by scanning for open debug ports so it can infect victims with malware that mines the Monero cryptocurrency. [...]

https://www.bleepingcomputer.com/news/security/android-devices-targeted-by-new-monero-mining-botnet/

NSA Exploits Ported to Work on All Windows Versions Released Since Windows 2000

A security researcher has ported three leaked NSA exploits to work on all Windows versions released in the past 18 years, starting with Windows 2000. [...]

https://www.bleepingcomputer.com/news/security/nsa-exploits-ported-to-work-on-all-windows-versions-released-since-windows-2000/

UK Court Rules Not to Extradite Hacker Lauri Love to the US

The UK will not extradite Lauri Love to face hacking charges in the US, according to a court ruling announced today. [...]

https://www.bleepingcomputer.com/news/security/uk-court-rules-not-to-extradite-hacker-lauri-love-to-the-us/

UK Cops Shut Down LuminosityLink RAT Operation

UK police revealed today they were behind the abrupt shutdown of a popular website that peddled a commercial remote access trojan (RAT) known as LuminosityLink. [...]

https://www.bleepingcomputer.com/news/security/uk-cops-shut-down-luminositylink-rat-operation/

Fake Adobe Flash Update Sites Pushing CPU Miners

Sites telling you that Flash Player is out dated and then offering an update are installing CPU Miners are unsuspecting visitors. [...]

https://www.bleepingcomputer.com/news/security/fake-adobe-flash-update-sites-pushing-cpu-miners/

More UK Teens Involved in Hacking Than Gangs

UK teens aged 11 to 14 are more likely to be hacking than smoking, shoplifting, being part of a neighborhood gang, or even having sexual intercourse. [...]

https://www.bleepingcomputer.com/news/security/more-uk-teens-involved-in-hacking-than-gangs/

Analytics Firm Admits It Collected Password Data by Accident

Mixpanel, a web and mobile analytics provider, has notified customers last week via email that it accidentally collected data entered in password fields due to a bug introduced in its SDK. [...]

https://www.bleepingcomputer.com/news/security/analytics-firm-admits-it-collected-password-data-by-accident/

Ransomware Victims Hit on Average by Two Attacks per Year

A study of 2,700 IT professionals across the globe has revealed that 54% of organizations suffered a ransomware attack in the last year, and most organizations were hit more than twice, with the average number of ransomware per attacks being two. [...]

https://www.bleepingcomputer.com/news/security/ransomware-victims-hit-on-average-by-two-attacks-per-year/

CSS Code Can Be Abused to Collect Sensitive User Data

With the recent upgrades to the CSS language, CSS code has become a powerful tool that could be abused to track users on websites, extract and steal data from a web page, collect data entered inside form fields (including passwords), and even deanonymize Dark Web users in some scenarios. [...]

https://www.bleepingcomputer.com/news/security/css-code-can-be-abused-to-collect-sensitive-user-data/

Bitdefender Ironically Stopped Working on Safer Internet Day

Ironically on what has become known as Safer Internet Day, users of Bitdefender Antivirus are reporting today that the security software has suddenly stopped working. After installing an update, Bitdefender users are seeing errors that state "The Bitdefender Security Service (vsserv.exe) is unavailable". [...]

https://www.bleepingcomputer.com/news/security/bitdefender-ironically-stopped-working-on-safer-internet-day/

Researcher Bypasses Windows Controlled Folder Access Anti-Ransomware Protection

A security researcher has found a way to bypass the "Controlled Folder Access" feature added in Windows 10 in October 2017, which Microsoft has touted as a reliable anti-ransomware defensive measure. [...]

https://www.bleepingcomputer.com/news/security/researcher-bypasses-windows-controlled-folder-access-anti-ransomware-protection/

Scammers Use Download Bombs to Freeze Chrome Browsers on Shady Sites

The operators of some tech support scam websites have found a new trick to block visitors on their shady sites and scare non-technical users into paying for unneeded software or servicing fees. [...]

https://www.bleepingcomputer.com/news/security/scammers-use-download-bombs-to-freeze-chrome-browsers-on-shady-sites/

X.509 Certificates Can Be Abused for Data Exfiltration

Researchers say that threat actors looking for a covert channel for stealing data from a firewalled network can abuse X.509 certificates to hide and extract data without being detected. [...]

https://www.bleepingcomputer.com/news/security/x-509-certificates-can-be-abused-for-data-exfiltration/

Litecoin, Not Monero, Is the Second Most Dominant Dark Web Currency

A study of 150 of the most prominent Dark Web message boards, marketplaces, and illicit services reveals that Litecoin is currently the second most widespread cryptocurrency among cyber-criminals, and not Monero or Ethereum, as most users would have guessed. [...]

https://www.bleepingcomputer.com/news/cryptocurrency/litecoin-not-monero-is-the-second-most-dominant-dark-web-currency/

Black Ruby Ransomware Skips Victims in Iran and Adds a Miner for Good Measure

A new ransomware was discovered this week by MalwareHunterTeam called Black Ruby. This ransomware will encrypt the files on a computer, scramble the file name, and then append the BlackRuby extension. To make matters worse, Black Ruby will also install a Monero miner on the computer that utilizes as much of the CPU as it scan. [...]

https://www.bleepingcomputer.com/news/security/black-ruby-ransomware-skips-victims-in-iran-and-adds-a-miner-for-good-measure/