Security Flaws Disclosed in LTE (4G) Mobile Telephony Standard

A team of academics has published research yesterday that describes three attacks against the mobile communication standard LTE (Long-Term Evolution), also known as 4G. [...]

https://www.bleepingcomputer.com/news/security/security-flaws-disclosed-in-lte-4g-mobile-telephony-standard/

Typeform Announces Breach After Hacker Grabs Backup File

Barcelona-based online survey and form building service Typeform announced a data breach today after an unknown attacker downloaded a backup file containing sensitive customer information. [...]

https://www.bleepingcomputer.com/news/security/typeform-announces-breach-after-hacker-grabs-backup-file/

The Week in Ransomware - June 29th 2018 - Slow week!

It has been a very slow week for ransomware, which we are always happy about. While ransomware will never go away completely, as time goes on, more people become educated, and better backup strategies are created, we continue to see ransomware slowly diminishing. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-june-29th-2018-slow-week/

Clipboard Hijacker Malware Monitors 2.3 Million Bitcoin Addresses

While we have covered cryptocurrency clipboard hijackers in the past, most of the previous samples monitored for 400-600 thousand cryptocurrency addresses. This week BleepingComputer noticed a sample of this type of malware that monitors for a over 2.3 million cryptocurrency addresses! [...]

https://www.bleepingcomputer.com/news/security/clipboard-hijacker-malware-monitors-23-million-bitcoin-addresses/

Microsoft Won’t Kill the Classic Snipping Tool on Windows 10 With Next Update

Microsoft is looking for feedback from Insiders about Screen Sketch app before removing the old Snipping Tool. In the release notes, Microsoft's Dona Sarkar says the removal is not timed for Redstone 5 and the classic Snipping Tool is here to stay, at least for now. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-won-t-kill-the-classic-snipping-tool-on-windows-10-with-next-update/

DNS Poisoning or BGP Hijacking Suspected Behind Trezor Wallet Phishing Incident

The team behind the Trezor multi-cryptocurrency wallet service has discovered a phishing attack against some of its users that took place over the weekend. [...]

https://www.bleepingcomputer.com/news/security/dns-poisoning-or-bgp-hijacking-suspected-behind-trezor-wallet-phishing-incident/

App Masks Hidden Printer Tracking Dots to Keep Whistleblowers Safe

Four academics from the Technical University in Dresden, Germany (TU Dresden) have created an app that detects and masks the hidden dot patterns that laser color printers secretly hide on all printed documents. [...]

https://www.bleepingcomputer.com/news/security/app-masks-hidden-printer-tracking-dots-to-keep-whistleblowers-safe/

NSA Deletes Hundreds of Millions of Call Records Over "Technical Irregularities"

The US National Security Agency (NSA) announced last week it was mass-deleting hundreds of millions of records of phone calls and text messages dating back to 2015. [...]

https://www.bleepingcomputer.com/news/government/nsa-deletes-hundreds-of-millions-of-call-records-over-technical-irregularities/

Newer Diameter Telephony Protocol Just As Vulnerable As SS7

Security researchers say the Diameter protocol used with today's 4G (LTE) telephony and data transfer standard is vulnerable to the same types of vulnerabilities as the older SS7 standard used with older telephony standards such as 3G, 2G, and earlier. [...]

https://www.bleepingcomputer.com/news/security/newer-diameter-telephony-protocol-just-as-vulnerable-as-ss7/

Nozelesn Ransomware Reportedly Using Spam to Target Poland

A distribution campaign for a new ransomware called Nozelesn is currently underway that is targeting Poland. This campaign started July 2nd and we already have reports from victims in our forums and numerous cases have been spotted on ID Ransomware. [...]

https://www.bleepingcomputer.com/news/security/nozelesn-ransomware-reportedly-using-spam-to-target-poland/

Microsoft Added a Dark Theme in New Windows 10 To-Do Update

Microsoft has lately been making strides in getting a Dark Theme added to their popular apps and into Windows components that do not have one yet, such as File Explorer. Today, Microsoft officially released a new Dark Theme for their popular To-Do app for Windows 10 in the Microsoft Store. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-added-a-dark-theme-in-new-windows-10-to-do-update/

Facebook Acknowledges It Shared User Data With 61 Companies

In a 747-page document provided to the US House of Representatives' Energy and Commerce Committee on Friday, Facebook admitted that it granted special access to users' data to 61 tech companies. [...]

https://www.bleepingcomputer.com/news/technology/facebook-acknowledges-it-shared-user-data-with-61-companies/

Glitch in Samsung Messages App Sends Photos to Random Contacts

A glitch in the latest version of the Samsung Messages texting app that comes pre-installed on all Samsung phones is sending random pictures to users' contacts. [...]

https://www.bleepingcomputer.com/news/mobile/glitch-in-samsung-messages-app-sends-photos-to-random-contacts/

Iranian APT Poses As Israeli Cyber-Security Firm That Exposed Its Operations

An Iranian cyber-espionage group attempted to pose as one of the cyber-security firms that exposed its previous hacking campaigns in an effort to spear-phish people interested in reading reports about it. [...]

https://www.bleepingcomputer.com/news/security/iranian-apt-poses-as-israeli-cyber-security-firm-that-exposed-its-operations/

OSX.Dummy Mac Malware Targets Cryptocurrency Users on Slack and Discord Channels

Security researchers have spotted a new Mac malware family that's currently being advertised on cryptocurrency-focused Slack and Discord channels. [...]

https://www.bleepingcomputer.com/news/security/osxdummy-mac-malware-targets-cryptocurrency-users-on-slack-and-discord-channels/

Download Bomb Trick Returns in Chrome —Also Affects Firefox, Opera, Vivaldi and Brave

The release of Google Chrome 67 has reopened a "download bomb" bug that was exploited by tech support scammers last winter, and which had been fixed with the release of Chrome 65 in March 2018. [...]

https://www.bleepingcomputer.com/news/security/download-bomb-trick-returns-in-chrome-also-affects-firefox-opera-vivaldi-and-brave/

Uber Releases a New Windows 10 App in the Microsoft Store

As of today, Uber is now back in the Microsoft Store as a PWA. The ridesharing firm today replaced the old app with a newer Progressive Web App (PWA). What's more important to note is that Uber PWA is still a UWP app and it's functional on Windows 10 PCs, Phones and even HoloLens headsets. [...]

https://www.bleepingcomputer.com/news/microsoft/uber-releases-a-new-windows-10-app-in-the-microsoft-store/

Microsoft’s $400 Surface Tablet Passes Through FCC

Today, the new Surface tablet has been spotted at the FCC. The FCC documents were first discovered by WinFuture and it reveals that a new Surface-branded device is likely on the way. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-s-400-surface-tablet-passes-through-fcc/

Malware Authors Seem Intent on Weaponizing Windows SettingContent-ms Files

Malware authors are frantically trying to weaponize a new infection vector that was revealed at the start of June. The trick relies on using Windows Settings (.SettingContent-ms) shortcut files in order to achieve code execution on Windows 10 PCs. [...]

https://www.bleepingcomputer.com/news/security/malware-authors-seem-intent-on-weaponizing-windows-settingcontent-ms-files/

GandCrab V4 Released With the New .KRAB Extension for Encrypted Files

Over the weekend, the GandCrab V4 Ransomware was released with numerous changes. These changes include a different encryption algorithms, a new .KRAB extension, a new ransom note name, and a new TOR payment site. [...]

https://www.bleepingcomputer.com/news/security/gandcrab-v4-released-with-the-new-krab-extension-for-encrypted-files/