Honda India Left Details of 50,000 Customers Exposed on an AWS S3 Server

Honda Car India has left the personal details of over 50,000 users exposed on two public Amazon S3 buckets, according to a report published today Kromtech Security. [...]

https://www.bleepingcomputer.com/news/security/honda-india-left-details-of-50-000-customers-exposed-on-an-aws-s3-server/

New Backup Cryptomix Ransomware Variant Actively Infecting Users

A new variant of the Cryptomix Ransomware has been discovered that appends the .BACKUP extension to encrypted files, changes the contact email, and provides a different ransom note message. [...]

https://www.bleepingcomputer.com/news/security/new-backup-cryptomix-ransomware-variant-actively-infecting-users/

Contractor Exposes Credentials for Universal Music Group's IT Infrastructure

Keys to the Universal Music Group's IT kingdom were made available online this month due to a forgetful IT contractor, Bleeping Computer has learned. [...]

https://www.bleepingcomputer.com/news/security/contractor-exposes-credentials-for-universal-music-groups-it-infrastructure/

Bethesda Announces Fallout 76 With a Trailer Full of Clues

After almost a day long tease showing a humourous Twitch stream of a Vault Boy bobble head and various developer cameos, Bethesda has finally revealed the next Fallout game called "Fallout 76". What little we know about the game is based on the Fallout 76 trailer. [...]

https://www.bleepingcomputer.com/news/gaming/bethesda-announces-fallout-76-with-a-trailer-full-of-clues/

Hackers Increasingly Targeting Gas Stations & Credit Cards at the Pump

Three years ago it was revealed that Automatic tank gauges at approximately 5,000 US gas stations were exposed on the Internet, without password protection.  Currently, according to a recent scan, 5,635 gas stations with the same vulnerability have been found. [...]

https://www.bleepingcomputer.com/news/security/hackers-increasingly-targeting-gas-stations-and-credit-cards-at-the-pump/

Remote Code Execution Vulnerability Disclosed in Windows JScript Component

A vulnerability exists in the Windows operating system's JScript component that can allow an attacker to execute malicious code on a user's computer. [...]

https://www.bleepingcomputer.com/news/security/remote-code-execution-vulnerability-disclosed-in-windows-jscript-component/

ProtonMail Launches Free ProtonVPN VPN Service For Macs

The creators of the encrypted email service, ProtonMail, have released a free version of their ProtonVPN VPN software for macOS. Even though the free version does not contain the full features that you would come to expect from a paid VPN service it is more than capable of obfuscating IP addresses and your location. [...]

https://www.bleepingcomputer.com/news/security/protonmail-launches-free-protonvpn-vpn-service-for-macs/

ActiveX Zero-Day Discovered in Recent North Korean Hacks

A North Korean cyber-espionage group has exploited an ActiveX zero-day to infect South Korean targets with malware or steal data from compromised systems, local media and security researchers have reported. [...]

https://www.bleepingcomputer.com/news/security/activex-zero-day-discovered-in-recent-north-korean-hacks/

Valve Patches Security Bug That Existed in Steam Client for the Past Ten Years

Valve developers have recently patched a severe security flaw that affected all versions of the Steam gaming client released in the past ten years.The vulnerability would have allowed an attacker to execute malicious code on any of Steam's 15 million gaming clients. [...]

https://www.bleepingcomputer.com/news/security/valve-patches-security-bug-that-existed-in-steam-client-for-the-past-ten-years/

CSS Is So Overpowered It Can Deanonymize Facebook Users

Some of the recent additions to the Cascading Style Sheets (CSS) web standard are so powerful that a security researcher has abused them to deanonymize visitors to a demo site and reveal their Facebook usernames, avatars, and if they liked a particular web page of Facebook. [...]

https://www.bleepingcomputer.com/news/security/css-is-so-overpowered-it-can-deanonymize-facebook-users/

Intel Core i7-8086K 5Ghz Anniversary Edition CPUs Leaked Online

For the past few months there have been rumors that Intel would be releasing a special edition Core i7-8086K processor to celebrate the 40th anniversary of the 8086 processor. Yesterday, retailers were found online that were advertising the special processor with a speeds of 4Ghz and 5Ghz. [...]

https://www.bleepingcomputer.com/news/hardware/intel-core-i7-8086k-5ghz-anniversary-edition-cpus-leaked-online/

Microsoft Inches Past Google to Become the Third Most Valuable Company

Microsoft has now officially become the third most valuable company in the world as it pushes Google's parent company Alphabet into fourth place. With Microsoft's current market cap at 766 billion compared to Alphabet's 766.5 billion, Microsoft is able to retain the third place spot at today's market prices. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-inches-past-google-to-become-the-third-most-valuable-company/

Amazon Blocks Australian Shoppers From US Site Because of New Tax

Amazon announced plans to block Australian users from ordering from its main US store (Amazon.com) and will redirect customers to its local Australian site (Amazon.com.au) instead. [...]

https://www.bleepingcomputer.com/news/technology/amazon-blocks-australian-shoppers-from-us-site-because-of-new-tax/

Ticketfly Temporarily Shuts Down to Investigate Hack

Eventbrite-owned Ticket distribution service Ticketfly has taken its website offline today after a hacker defaced its frontpage and stole a part of its customer database. [...]

https://www.bleepingcomputer.com/news/security/ticketfly-temporarily-shuts-down-to-investigate-hack/

Windows 10 Insider Build 17682 Released. Here's whats new

Today Microsoft released Windows 10 Insider Preview Build 17682 (Redstone 5) to insiders in the fast and skip ahead rings. This build introduces improvements to Sets, updates to the wireless projection experience, Microsoft Edge improvements, adds RSAT to the optional features, and displays a new post-upgrade screen. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-17682-released-heres-whats-new/

Google Adds New Firmware Integrity Protection System to Pixel Smartphones

Google has announced today a new security mechanism for Pixel 2 smartphones, for which, in the near future, it would be impossible to update or replace the phone's firmware without entering the user's password. [...]

https://www.bleepingcomputer.com/news/security/google-adds-new-firmware-integrity-protection-system-to-pixel-smartphones/

Sigrun Ransomware Author Decrypting Russian Victims for Free

The author of the Sigrun Ransomware is providing decryption for Russian victims for free, while asking for a ransom payment of $2,500 in Bitcoin or Dash for everyone else. [...]

https://www.bleepingcomputer.com/news/security/sigrun-ransomware-author-decrypting-russian-victims-for-free/

Around 75% of Open Redis Servers Are Infected With Malware

The vast majority of Redis servers left open on the Internet without any authentication system in place are most likely harboring malware, an Imperva spokesperson said. [...]

https://www.bleepingcomputer.com/news/security/around-75-percent-of-open-redis-servers-are-infected-with-malware/

IE Zero-Day Adopted by RIG Exploit Kits After Publication of PoC Code

An Internet Explorer zero-day vulnerability that came to light last month has now been incorporated in the RIG exploit kit, a web-based toolkit that malware authors use to infect a site's visitors with malware. [...]

https://www.bleepingcomputer.com/news/security/ie-zero-day-adopted-by-rig-exploit-kits-after-publication-of-poc-code/

Users Discover One of the Weirdest Android Glitches Ever

For the past week, Android users have been having fun with one of the weirdest bugs ever seen on an Android device, one that exposes their personal SMS text messages when searching for various terms. [...]

https://www.bleepingcomputer.com/news/mobile/users-discover-one-of-the-weirdest-android-glitches-ever/