The Satori Botnet Is Mass-Scanning for Exposed Ethereum Mining Rigs

The operators of the Satori botnet are mass-scanning the Internet for exposed Ethereum mining rigs, according to three sources in the infosec community who've observed the malicious behavior —SANS ISC, Qihoo 360 Netlab, and GreyNoise Intelligence. [...]

https://www.bleepingcomputer.com/news/security/the-satori-botnet-is-mass-scanning-for-exposed-ethereum-mining-rigs/

The Facebook Android App Is Asking for Superuser Privileges and Users Are Freaking Out

The Facebook Android app is asking for superuser permissions, and a bunch of users are freaking out about granting the Facebook app full access to their device, an understandable reaction following the fallout from the Cambridge Analytica privacy scandal. [...]

https://www.bleepingcomputer.com/news/security/the-facebook-android-app-is-asking-for-superuser-privileges-and-users-are-freaking-out/

Owners of Mugshots.com Arrested on Extortion Charges

Three of the four owners of the Mugshots.com website have been arrested on charges of extortion, filed by the state of California. [...]

https://www.bleepingcomputer.com/news/legal/owners-of-mugshotscom-arrested-on-extortion-charges/

DrayTek Router Zero-Day Under Attack

DrayTek, a Taiwan-based manufacturer of broadband CPE (Customer Premises Equipment) such as routers, switches, firewalls, and VPN devices, announced today that hackers are exploiting a zero-day vulnerability to change DNS settings on some of its routers. [...]

https://www.bleepingcomputer.com/news/security/draytek-router-zero-day-under-attack/

Google To Pay $11 Million Settlement for Not Paying Suspended Publishers

Google has agreed to create a fund of 11 million dollars as part of a a class action settlement for terminating or disabling a publisher's Adsense accounts, but not paying out any balances that the publisher had at the time. [...]

https://www.bleepingcomputer.com/news/google/google-to-pay-11-million-settlement-for-not-paying-suspended-publishers/

New Spectre Attack Recovers Data From a CPU's Protected SMM Mode

Security researchers from Eclypsium have detailed yesterday a new variation of the Spectre attack that can recover data stored inside a secure CPU area named the System Management Mode (SMM). [...]

https://www.bleepingcomputer.com/news/security/new-spectre-attack-recovers-data-from-a-cpus-protected-smm-mode/

The Week in Ransomware - May 18th 2018 - Mostly Small Variants

It has been mostly small variants released this week, with a few Scarab variants released and various U.S. government agencies being hit with ransomware. Otherwise, it's mostly ransomware that will not make it into the actual wild. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-18th-2018-mostly-small-variants/

Students Hack High School to Change Grades, Get Lunch Refunds

Two students from Bloomfield Hills High School are the main suspects of a recent hack discovered at the school this week. [...]

https://www.bleepingcomputer.com/news/security/students-hack-high-school-to-change-grades-get-lunch-refunds/

Data of Over 200 Million Japanese Sold on Underground Hacking Forum

A hacker suspected to be operating out of China has been seen peddling the data of around 200 million Japanese users on an underground cybercrime forum, according to a FireEye iSIGHT Intelligence report shared with Bleeping Computer. [...]

https://www.bleepingcomputer.com/news/security/data-of-over-200-million-japanese-sold-on-underground-hacking-forum/

Phishing Roundup: Caracal, Stealth Mango, Tangelo, Apple, DHL, eFax & More

Phishing threats are currently targeting your credentials for Apple, Facebook, Gmail, and more. In this roundup we detail some of the current Phishing threats active on the Internet. [...]

https://www.bleepingcomputer.com/news/security/phishing-roundup-caracal-stealth-mango-tangelo-apple-dhl-efax-and-more/

Using chrome://settings/cleanup to Scan for Unwanted Software Using Chrome

If you find that your installation of the Chrome Browser is starting to act strange, slow, or you are seeing ads where they should not normally be, then you can also perform an on-demand manual scan using the Chrome Cleanup Tool. This tool will scan your computer for unwanted software and remove any that are detected. [...]

https://www.bleepingcomputer.com/tips/web-browsers/using-chrome-settings-cleanup-to-scan-for-unwanted-software-using-chrome/

58% of Botnet Malware Infections Last Under a Day

The vast majority of botnet malware infections last under a day, according to a Fortinet report released last week —the Q1 2018 Threat Landscape Report. [...]

https://www.bleepingcomputer.com/news/security/58-percent-of-botnet-malware-infections-last-under-a-day/

Advocacy Groups Call for the FTC to Break Up Facebook

Several advocacy groups have banded together for a campaign that calls upon the US Federal Trade Commission to intervene and break up Facebook into smaller companies —and more specifically to split off the Messenger, Instagram, and WhatsApp services from the mother company. [...]

https://www.bleepingcomputer.com/news/technology/advocacy-groups-call-for-the-ftc-to-break-up-facebook/

GPON Routers Attacked With New Zero-Day

Attacks on Dasan GPON routers are continuing to happen using two vulnerabilities disclosed last month, but today, researchers from Qihoo 360 Netlab have revealed that one botnet operator appears to have deployed a new zero-day affecting the same router types. [...]

https://www.bleepingcomputer.com/news/security/gpon-routers-attacked-with-new-zero-day/

Nvidia Creates AI for Training Robots to Learn From Watching Humans

Nvidia scientists have created what they call a "first of its kind" AI system that can learn by observing the actions of a human, and then complete tasks based on the observed patterns. [...]

https://www.bleepingcomputer.com/news/technology/nvidia-creates-ai-for-training-robots-to-learn-from-watching-humans/

Phishing Email Ironically Provides a List of Scammers You Should Avoid

There really is no honor among thieves. I recently found a phishing scheme that contains a list of names that are associated with other scams that the recipient should avoid. [...]

https://www.bleepingcomputer.com/news/security/phishing-email-ironically-provides-a-list-of-scammers-you-should-avoid/

Google and Microsoft Reveal New Spectre Attack

Security researchers from Google and Microsoft have found a new variant of the Spectre attack that affects processors made by AMD, ARM, IBM, and Intel. [...]

https://www.bleepingcomputer.com/news/security/google-and-microsoft-reveal-new-spectre-attack/

Adobe to Acquire Magento E-Commerce Platform for $1.68 Billion

Adobe announced yesterday plans to buy the Magento e-commerce platform for $1.68 billion. While the Magento brand is mostly known for the open source online store CMS of the same name, Adobe was mostly interested in Magento Commerce, an online-store-as-a-service platform. [...]

https://www.bleepingcomputer.com/news/business/adobe-to-acquire-magento-e-commerce-platform-for-168-billion/

Microsoft to Block Flash in Office 365

Microsoft announced plans last week to block Flash, Shockwave, and Silverlight content from activating in Office 365. The block will only apply to Office 365 subscription clients, but not to Office 2016, Office 2013, or Office 2010 distributions, the company said. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-block-flash-in-office-365/

BMW Fixes Security Flaws in Several Well-Known Car Models

BMW is working on firmware updates for some of its cars after researchers from the Tencent Keen Security Lab have discovered 14 flaws affecting high-profile car models such as BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series. [...]

https://www.bleepingcomputer.com/news/security/bmw-fixes-security-flaws-in-several-well-known-car-models/