New Site Resurrects CrackMe Challenges From the Old Crackmes.de

If you are learning how to reverse engineer or already know how, but want to test your skills, a common tool to use is a CrackMe. CrackMes are small programs that can be used to learn how to crack, or break the copy protection,  of software without using legitimate copyrighted applications. [...]

https://www.bleepingcomputer.com/news/security/new-site-resurrects-crackme-challenges-from-the-old-crackmesde/

Google G Suite Admins Can Now Customize Session Durations

In the past Google would automatically log out users G Suite users from Google web services such as Gmail or Drive after two weeks so that they would be forced to reauthenticate themselves.  As of today, Google is rolling out a new feature for Google G Suite Business, Enterprise, and Education admins that allow them to specify a cust [...]

https://www.bleepingcomputer.com/news/google/google-g-suite-admins-can-now-customize-session-durations/

macOS High Sierra Logs Encryption Passwords in Plaintext for APFS External Drives

macOS High Sierra users are once again impacted by a major APFS bug after two other major vulnerabilities affected Apple's new filesystem format in the last five months. [...]

https://www.bleepingcomputer.com/news/apple/macos-high-sierra-logs-encryption-passwords-in-plaintext-for-apfs-external-drives/

Meltdown Patch Opened Bigger Security Hole on Windows 7

Microsoft's Meltdown patch has opened an even bigger security hole on Windows 7, allowing any user-level application to read content from the operating system's kernel, and even write data to kernel memory. [...]

https://www.bleepingcomputer.com/news/microsoft/meltdown-patch-opened-bigger-security-hole-on-windows-7/

Facebook Wants Security Researchers to Hunt Down Apps That Misuse User Data

In the wake of the Cambridge Analytica data misuse scandal, Facebook has announced important changes to its app platform, along with improvements to its official bug bounty program that will incentivize and reward security researchers for hunting down third-party Facebook apps that misuse user data. [...]

https://www.bleepingcomputer.com/news/security/facebook-wants-security-researchers-to-hunt-down-apps-that-misuse-user-data/

Hajime Botnet Makes a Comeback With Massive Scan for MikroTik Routers

If you've been following the infosec Twitter community for the last few days, you couldn't ignore the constant talk about the massive scans currently taking place online, carried out by a Hajime IoT botnet looking to mass-infect unpatched MikroTik devices. [...]

https://www.bleepingcomputer.com/news/security/hajime-botnet-makes-a-comeback-with-massive-scan-for-mikrotik-routers/

Microsoft Releases Tool for Running Any Linux OS on Windows 10

Microsoft has released a tool on Monday to help Linux aficionados in porting their favorite Linux distro to run on the Windows Subsystem for Linux (WSL), a Windows 10 component that sideloads Linux distros on modern Windows 10 PCs. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-tool-for-running-any-linux-os-on-windows-10/

Many VPN Providers Leak Customer's IP Address via WebRTC Bug

Around 20% of today's top VPN solutions are leaking the customer's IP address via a WebRTC bug known since January 2015, and which apparently some VPN providers have never heard of. [...]

https://www.bleepingcomputer.com/news/security/many-vpn-providers-leak-customers-ip-address-via-webrtc-bug/

Android Monero-Mining Malware Can Cause Device Failure

Trend Micro security experts have warned users today about a new type of Android malware that infects devices and untetheredly mines Monero in the phone's background until the battery is exhausted or the device gives out. [...]

https://www.bleepingcomputer.com/news/security/android-monero-mining-malware-can-cause-device-failure/

Facebook Reveals the "Access Your Information" Data Tool and New Privacy Shortcuts

In its first step to try and restore confidence in its platform after the Cambridge Analytica fiasco, Facebook has unveiled more organized privacy settings and a new data management tool called "Access Your Information".  [...]

https://www.bleepingcomputer.com/news/security/facebook-reveals-the-access-your-information-data-tool-and-new-privacy-shortcuts/

Angry Users Donate $120K to Cancer Research After Brian Krebs' Coinhive Article

The angry userbase of pr0gramm.com, a German image board similar to Imgur, has donated over €103,000 ($126,000) to local cancer research organizations as a way to protest against an article published by Brian Krebs, an IT security journalist. [...]

https://www.bleepingcomputer.com/news/security/angry-users-donate-120k-to-cancer-research-after-brian-krebs-coinhive-article/

Drupal Fixes Drupalgeddon2 Security Flaw That Allows Hackers to Take Over Sites

The Drupal CMS team has fixed a highly critical security flaw that allows hackers to take over a site just by accessing an URL. [...]

https://www.bleepingcomputer.com/news/security/drupal-fixes-drupalgeddon2-security-flaw-that-allows-hackers-to-take-over-sites/

Microsoft's Cloud Clipboard Feature Spotted in Windows 10 Redstone 5 Build

Windows sleuths found a string that references the Cloud Clipboard feature in the latest skip ahead build for Windows 10 Redstone 5. [...]

https://www.bleepingcomputer.com/news/security/microsofts-cloud-clipboard-feature-spotted-in-windows-10-redstone-5-build/

Boeing Is Dealing With a Suspected WanaCry Ransomware Outbreak

In a baffling turn of events, computers at Boeing have allegedly been infected with the WannaCry Ransomware. According to the Seattle Times, a memo was sent out by a Boeing employee that states that systems have been affected and that their were concerns the ransomware would "spread to airplane software". [...]

https://www.bleepingcomputer.com/news/security/boeing-is-dealing-with-a-suspected-wanacry-ransomware-outbreak/

Cisco Removes Backdoor Account from IOS XE Software

Cisco removed today a backdoor account from its IOS XE operating system that would have allowed a remote attacker to log into Cisco routers and switches with a high-privileged account. [...]

https://www.bleepingcomputer.com/news/security/cisco-removes-backdoor-account-from-ios-xe-software/

QR Code Bug in Apple iOS 11 Can Lead Users to Malicious Sites

Scammers and malware authors can abuse the QR code reading function added the default camera app of iOS 11, and they can use this bug to redirect users to malicious URLs. [...]

https://www.bleepingcomputer.com/news/apple/qr-code-bug-in-apple-ios-11-can-lead-users-to-malicious-sites/

Facebook Pulling "Partner Categories" Ad Targeting Product to Increase Privacy

Facebook has announced that they are shutting down access to the "Partner Categories" targeting feature for Facebook advertisers. Partner Categories is a product that allowed Facebook advertisers to directly target the social site's users based on data provided by third-party providers, rather than data compiled directly by Facebook. [...]

https://www.bleepingcomputer.com/news/technology/facebook-pulling-partner-categories-ad-targeting-product-to-increase-privacy/

81% of Recent ICOs Were Scams, Research Finds

Four out of five initial coin offerings (ICOs) that have taken place in the last year have been classified as scams, according to a recent study by Satis Group, an ICO advisory firm. [...]

https://www.bleepingcomputer.com/news/cryptocurrency/81-percent-of-recent-icos-were-scams-research-finds/

Power Company in India Hacked and Billing Data Ransomed for 10 Million Rupees

Last week hackers gained access to the computer systems of the Uttar Haryana Bijli Vitran Nigam (UHBVN) power company in India and stole the billing data of their customers. In order to get the data back, the attackers are demanding 1 RS Core, or 10 million Rupess, for the stolen data. This is equivalent to approximately $150,000 USD [...]

https://www.bleepingcomputer.com/news/security/power-company-in-india-hacked-and-billing-data-ransomed-for-10-million-rupees/

Apple Releases Security Updates for iOS, watchOS, tvOS, and Xcode

Today Apple has released security updates for iOS, watchOS, tvOS, and Xcode. Many of the resolved vulnerabilities allow for privilege escalation, remote code execution, and information disclosure.  Due to the nature of these vulnerabilities, it is strongly advised that all users update their devices as soon as possible. [...]

https://www.bleepingcomputer.com/news/apple/apple-releases-security-updates-for-ios-watchos-tvos-and-xcode/