Mozilla Will Let Users Disable Firefox Sync Starting with Firefox 60

Mozilla will add an option in Firefox 60 that will let users disable and hide the Firefox Sync option in the Firefox settings panel. [...]

https://www.bleepingcomputer.com/news/software/mozilla-will-let-users-disable-firefox-sync-starting-with-firefox-60/

Google Chrome: Flash Usage Declines from 80% in 2014 to Under 8% Today

The percentage of daily Chrome users who've loaded at least one page containing Flash content per day has gone down from around 80% in 2014 to under 8% in early 2018. [...]

https://www.bleepingcomputer.com/news/security/google-chrome-flash-usage-declines-from-80-percent-in-2014-to-under-8-percent-today/

Facebook Launches a Jobs Section —Because of Course It Would!

Facebook rolled out today a new section on its mammoth site, a section where users can find jobs and businesses can advertise job openings. [...]

https://www.bleepingcomputer.com/news/technology/facebook-launches-a-jobs-section-because-of-course-it-would/

EITest HoeflerText Scam Distributing GandCrab & Netsupport Manager

Even though Bitdefender released a GandCrab decryptor today, it is not stopping the GandCrab developers from continuing to use new methods to distribute their ransomware. Today malware traffic analysis nao_sec discovered that EITest was being used to distribute the GandCrab ransomware as part of the HoeflerText Font Update scam. [...]

https://www.bleepingcomputer.com/news/security/eitest-hoeflertext-scam-distributing-gandcrab-and-netsupport-manager/

23,000 Users Lose SSL Certificates in Trustico-DigiCert Spat

Over 23,000 users will have their SSL certificates revoked by tomorrow morning, March 1, in an incident between two companies —Trustico and DigiCert— that is likely to have a huge impact on the CA (Certificate Authority) industry as a whole in the coming months. [...]

https://www.bleepingcomputer.com/news/security/23-000-users-lose-ssl-certificates-in-trustico-digicert-spat/

Trustico States They Stored Private Keys for Customers' SSL Certificates

Trustico, a reseller of SSL certificates, has admitted to storing the private keys of some of the SSL certificates it issued to its customers over the past years. [...]

https://www.bleepingcomputer.com/news/security/trustico-states-they-stored-private-keys-for-customers-ssl-certificates/

Infamous Russian Cyber-Espionage Group Hacks German Government

APT28, an infamous cyber-espionage unit that many security firms believe is acting at the behest of the Russian government, has hacked various German government agencies for more than a year. [...]

https://www.bleepingcomputer.com/news/government/infamous-russian-cyber-espionage-group-hacks-german-government/

AdBlock Adds Feature to Cache Popular JavaScript Libraries

Popular ad-blocking browser extension AdBlock has added a new feature that will cache popular JavaScript libraries locally on the users' computers. [...]

https://www.bleepingcomputer.com/news/software/adblock-adds-feature-to-cache-popular-javascript-libraries/

New DDoS Record Set at 1.3 Tbps Thanks to Memcached Servers

We have a new record for the largest DDoS attack ever detected. The new high mark is 1.3 Tbps (Terabits-per-second). [...]

https://www.bleepingcomputer.com/news/security/new-ddos-record-set-at-13-tbps-thanks-to-memcached-servers/

Microsoft Partners with Intel to Deliver CPU Microcode Fixes via Windows Updates

Microsoft said today that it would take Intel CPU microcode updates meant to fix the Spectre v2 vulnerability and ship these updates to users via a Windows update package. [...]

https://www.bleepingcomputer.com/news/security/microsoft-partners-with-intel-to-deliver-cpu-microcode-fixes-via-windows-updates/

New Tools Make Checking for Leaked Passwords a Lot Easier

The work that Australian security researcher Troy Hunt has done with the Have I Been Pwned project is yielding useful tools that developers and webmasters can now use to make sure users stop using silly and easy to guess passwords. [...]

https://www.bleepingcomputer.com/news/security/new-tools-make-checking-for-leaked-passwords-a-lot-easier/

"Fakeapp" Android Malware Steals Facebook Credentials, Logs into Accounts

A new Android malware strain can phish Facebook user credentials and then log into accounts to harvest account details, and even search and collect results using the Facebook app's search functionality. [...]

https://www.bleepingcomputer.com/news/security/fakeapp-android-malware-steals-facebook-credentials-logs-into-accounts/

Do I Need a Third-Party Security Audit?

Especially with today's threat landscape, clients want increased assurance that an organization is secure. Pursuing a third-party audit demonstrates your firm's commitment to safeguarding customer data and its assets. When researching security standards and frameworks, it helps to compare your options. [...]

https://www.bleepingcomputer.com/editorial/security/do-i-need-a-third-party-security-audit/

Banking Trojan Found in Over 40 Models of Low-Cost Android Smartphones

Over 40 models of low-cost Android smartphones are sold already infected with the Triada banking trojan, says Dr.Web, a Russia-based antivirus vendor. [...]

https://www.bleepingcomputer.com/news/security/banking-trojan-found-in-over-40-models-of-low-cost-android-smartphones/

The Week in Ransomware - March 2nd 2018 - GandCrab Decrypted, RaaS, and More

This week's article combines the previous week's stories as well.  Lots of small in-dev ransomware over the last two weeks, but also a few RaaS (Ransomware as a Service) implementations were released and decryptor for GandCrab was released. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-2nd-2018-gandcrab-decrypted-raas-and-more/

Eclipse Attack Plugged in Ethereum Network

Maintainers of the Ethereum network have issued an update for the network's underlying codebase that fixes flaws described in a research paper released this week. [...]

https://www.bleepingcomputer.com/news/cryptocurrency/eclipse-attack-plugged-in-ethereum-network/

Using Extensity to Manage Your Extensions and Optimize Chrome

Chrome extensions are very useful pieces of software. Unfortunately, using too many of them increase the memory usage of Chrome, which could lead to problems. This is where the Extensity Chrome extension comes in as it can help you organize your extension so Chrome runs more efficiently. [...]

https://www.bleepingcomputer.com/review/gaming/using-extensity-to-manage-your-extensions-and-optimize-chrome/

Virus Knocks Out Cash Registers at Tim Hortons Franchisees

A computer virus is suspected of crashing cash registers this week at over 1,000 Tim Hortons coffee and donuts fast food restaurants. The problem is not yet fully resolved, and some stores are still experiencing problems. [...]

https://www.bleepingcomputer.com/news/security/virus-knocks-out-cash-registers-at-tim-hortons-franchisees/

Some Memcached DDoS Attackers Are Asking for a Ransom Demand in Monero

DDoS extortionists have already pounced on the Memcached DDoS attack vector in attempts to extract payments from attacked companies. [...]

https://www.bleepingcomputer.com/news/security/some-memcached-ddos-attackers-are-asking-for-a-ransom-demand-in-monero/

SgxSpectre Attack Can Extract Data from Intel SGX Enclaves

A new variation of the Spectre attack has been revealed this week by six scientists from the Ohio State University. Named SgxSpectre, researchers say this attack can extract information from Intel SGX enclaves. [...]

https://www.bleepingcomputer.com/news/security/sgxspectre-attack-can-extract-data-from-intel-sgx-enclaves/