The Week in Ransomware - September 7th 2018 - Obama, Matrix, and More
It has been a quiet week with just small variants and new variants of existing ones such as Matrix. As much as we would like to see ransomware die off altogether, it is hear to stay. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-7th-2018-obama-matrix-and-more/
It has been a quiet week with just small variants and new variants of existing ones such as Matrix. As much as we would like to see ransomware die off altogether, it is hear to stay. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-7th-2018-obama-matrix-and-more/
BleepingComputer
The Week in Ransomware - September 7th 2018 - Obama, Matrix, and More
It has been a quiet week with just small variants and new variants of existing ones such as Matrix. As much as we would like to see ransomware die off altogether, it is hear to stay.
Keybase Browser Extension Does Not Encrypt Messages
The browser extension for the Keybase app fails to keep the end-to-end encryption promised by its desktop variant. [...]
https://www.bleepingcomputer.com/news/security/keybase-browser-extension-does-not-encrypt-messages/
The browser extension for the Keybase app fails to keep the end-to-end encryption promised by its desktop variant. [...]
https://www.bleepingcomputer.com/news/security/keybase-browser-extension-does-not-encrypt-messages/
BleepingComputer
Keybase Browser Extension Does Not Encrypt Messages
The browser extension for the Keybase app fails to keep the end-to-end encryption promised by its desktop variant.
Chrome 69 Removing WWW and M subdomains From the Browser's Address Bar
With the release of Chrome 69, Google has decided to strip the "www" and "m" subdomains from the URL displayed in Chrome's address bar. For example, when a user visits www.bleepingcomputer.com, the www would be stripped and displayed as bleepingcomputer.com in the address bar. [...]
https://www.bleepingcomputer.com/news/google/chrome-69-removing-www-and-m-subdomains-from-the-browsers-address-bar/
With the release of Chrome 69, Google has decided to strip the "www" and "m" subdomains from the URL displayed in Chrome's address bar. For example, when a user visits www.bleepingcomputer.com, the www would be stripped and displayed as bleepingcomputer.com in the address bar. [...]
https://www.bleepingcomputer.com/news/google/chrome-69-removing-www-and-m-subdomains-from-the-browsers-address-bar/
BleepingComputer
Chrome 69 Removing WWW and M subdomains From the Browser's Address Bar
With the release of Chrome 69, Google has decided to strip the "www" and "m" subdomains from the URL displayed in Chrome's address bar. For example, when a user visits www.bleepingcomputer.com, the www would be stripped and displayed as bleepingcomputer.comβ¦
Trend Micro Apps Leak User Data, Removed from Mac App Store
Multiple apps developed by Trend Micro are no longer available in the Mac App Store after researchers showed they were collecting browser history and information about users' computers. [...]
https://www.bleepingcomputer.com/news/security/trend-micro-apps-leak-user-data-removed-from-mac-app-store/
Multiple apps developed by Trend Micro are no longer available in the Mac App Store after researchers showed they were collecting browser history and information about users' computers. [...]
https://www.bleepingcomputer.com/news/security/trend-micro-apps-leak-user-data-removed-from-mac-app-store/
BleepingComputer
Trend Micro Apps Leak User Data, Removed from Mac App Store
Multiple apps developed by Trend Micro are no longer available in the Mac App Store after researchers showed they were collecting browser history and information about users' computers.
Over 3,700 MikroTik Routers Abused In CryptoJacking Campaigns
Ever since exploit code for CVE-2018-14847 became publicly available, miscreants have launched attacks against MikroTik routers. Thousands of unpatched devices are mining for cryptocurrency at the moment. [...]
https://www.bleepingcomputer.com/news/security/over-3-700-mikrotik-routers-abused-in-cryptojacking-campaigns/
Ever since exploit code for CVE-2018-14847 became publicly available, miscreants have launched attacks against MikroTik routers. Thousands of unpatched devices are mining for cryptocurrency at the moment. [...]
https://www.bleepingcomputer.com/news/security/over-3-700-mikrotik-routers-abused-in-cryptojacking-campaigns/
BleepingComputer
Over 3,700 MikroTik Routers Abused In CryptoJacking Campaigns
Ever since exploit code for CVE-2018-14847 became publicly available, miscreants have launched attacks against MikroTik routers. Thousands of unpatched devices are mining for cryptocurrency at the moment.
Exploit Affecting Tor Browser Burned In A Tweet
[...]
https://www.bleepingcomputer.com/news/security/exploit-affecting-tor-browser-burned-in-a-tweet/
[...]
https://www.bleepingcomputer.com/news/security/exploit-affecting-tor-browser-burned-in-a-tweet/
BleepingComputer
Exploit Affecting Tor Browser Burned In A Tweet
An exploit for a vulnerability in Tor Browser was delivered today in a tweet that left sufficient room for comments. A security vulnerabilities broker disclosed the details because it no longer served its purpose.
British Airways Fell Victim To Card Scraping Attack
[...]
https://www.bleepingcomputer.com/news/security/british-airways-fell-victim-to-card-scraping-attack/
[...]
https://www.bleepingcomputer.com/news/security/british-airways-fell-victim-to-card-scraping-attack/
BleepingComputer
British Airways Fell Victim To Card Scraping Attack
The recent British Airways data breach affecting 380,000 individuals appears to be the work of a known adversary that infects websites with a script designed to collect payment card data.
Apple's Safari Falls For New Address Bar Spoofing Trick
An unpatched vulnerability in the Safari web browser allows an attacker to control the content displayed in the address bar, a security researcher discovered. The method enables well-crafted phishing attacks that are difficult to spot by the average consumer. [...]
https://www.bleepingcomputer.com/news/security/apples-safari-falls-for-new-address-bar-spoofing-trick/
An unpatched vulnerability in the Safari web browser allows an attacker to control the content displayed in the address bar, a security researcher discovered. The method enables well-crafted phishing attacks that are difficult to spot by the average consumer. [...]
https://www.bleepingcomputer.com/news/security/apples-safari-falls-for-new-address-bar-spoofing-trick/
BleepingComputer
Apple's Safari Falls For New Address Bar Spoofing Trick
An unpatched vulnerability in the Safari web browser allows an attacker to control the content displayed in the address bar, a security researcher discovered. The method enables well-crafted phishing attacks that are difficult to spot by the average consumer.
Mongo Lock Attack Ransoming Deleted MongoDB Databases
An attack called Mongo Lock is targeting remotely accessible and unprotected MongoDB databases, wiping them, and then demanding a ransom in order to get the contents back. [...]
https://www.bleepingcomputer.com/news/security/mongo-lock-attack-ransoming-deleted-mongodb-databases/
An attack called Mongo Lock is targeting remotely accessible and unprotected MongoDB databases, wiping them, and then demanding a ransom in order to get the contents back. [...]
https://www.bleepingcomputer.com/news/security/mongo-lock-attack-ransoming-deleted-mongodb-databases/
BleepingComputer
Mongo Lock Attack Ransoming Deleted MongoDB Databases
An attack called Mongo Lock is targeting remotely accessible and unprotected MongoDB databases, wiping them, and then demanding a ransom in order to get the contents back.
Adobe September 2018 Security Updates Fix 6 Critical Vulnerabilities
Today Adobe released security updates for Flash Player and ColdFusion as part of their September 2018 monthly patch Tuesday. These updates fix numerous information disclosure vulnerabilities and critical vulnerabilities in ColdFusion that could allow attackers to remotely execute commands on a vulnerable server. [...]
https://www.bleepingcomputer.com/news/security/adobe-september-2018-security-updates-fix-6-critical-vulnerabilities/
Today Adobe released security updates for Flash Player and ColdFusion as part of their September 2018 monthly patch Tuesday. These updates fix numerous information disclosure vulnerabilities and critical vulnerabilities in ColdFusion that could allow attackers to remotely execute commands on a vulnerable server. [...]
https://www.bleepingcomputer.com/news/security/adobe-september-2018-security-updates-fix-6-critical-vulnerabilities/
BleepingComputer
Adobe September 2018 Security Updates Fix 6 Critical Vulnerabilities
Today Adobe released security updates for Flash Player and ColdFusion as part of their September 2018 monthly patch Tuesday. These updates fix numerous information disclosure vulnerabilities and critical vulnerabilities in ColdFusion that could allow attackersβ¦
Microsoft Releases Windows 10 Cumulative Updates KB4457128 and KB4457142
It's Patch Tuesday and Microsoft is rolling out a new cumulative update for Windows 10 April 2018 Update (version 1803) and Fall Creators Update (version 1709). The latest patch for Windows 10 comes with a small list of fixes and improvements. Most of the changes are aimed at enterprises and businesses. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-cumulative-updates-kb4457128-and-kb4457142/
It's Patch Tuesday and Microsoft is rolling out a new cumulative update for Windows 10 April 2018 Update (version 1803) and Fall Creators Update (version 1709). The latest patch for Windows 10 comes with a small list of fixes and improvements. Most of the changes are aimed at enterprises and businesses. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-cumulative-updates-kb4457128-and-kb4457142/
BleepingComputer
Microsoft Releases Windows 10 Cumulative Updates KB4457128 and KB4457142
It's Patch Tuesday and Microsoft is rolling out a new cumulative update for Windows 10 April 2018 Update (version 1803) and Fall Creators Update (version 1709). The latest patch for Windows 10 comes with a small list of fixes and improvements. Most of theβ¦
Chrome 69 for iOS Moved Navigation Bar to Bottom of Screen & Users are Unhappy
With the release of Chrome 69 for iOS, Google has moved the browser's navigation bar to the bottom of the user interface and people are not happy about it. [...]
https://www.bleepingcomputer.com/news/google/chrome-69-for-ios-moved-navigation-bar-to-bottom-of-screen-and-users-are-unhappy/
With the release of Chrome 69 for iOS, Google has moved the browser's navigation bar to the bottom of the user interface and people are not happy about it. [...]
https://www.bleepingcomputer.com/news/google/chrome-69-for-ios-moved-navigation-bar-to-bottom-of-screen-and-users-are-unhappy/
BleepingComputer
Chrome 69 for iOS Moved Navigation Bar to Bottom of Screen & Users are Unhappy
With the release of Chrome 69 for iOS, Google has moved the browser's navigation bar to the bottom of the user interface and people are not happy about it.
Windows 10 Build 17758 Is Now Available With Storage Sense Improvements
Microsoft is rolling out Windows 10 Build 17758 for Insiders in the Fast Ring. Windows 10 Build 17758 doesn't come with any major changes as the focus is now being entirely on refining performance ahead of the public launch of the Windows 10 October 2018 Update next month. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-build-17758-is-now-available-with-storage-sense-improvements/
Microsoft is rolling out Windows 10 Build 17758 for Insiders in the Fast Ring. Windows 10 Build 17758 doesn't come with any major changes as the focus is now being entirely on refining performance ahead of the public launch of the Windows 10 October 2018 Update next month. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-build-17758-is-now-available-with-storage-sense-improvements/
BleepingComputer
Windows 10 Build 17758 Is Now Available With Storage Sense Improvements
Microsoft is rolling out Windows 10 Build 17758 for Insiders in the Fast Ring. Windows 10 Build 17758 doesn't come with any major changes as the focus is now being entirely on refining performance ahead of the public launch of the Windows 10 October 2018β¦
Data Management Firm Exposes 445 Million Records
A database with over 200GB of data was found on a server left defenseless and open to public query, to anyone knowing where to find it. [...]
https://www.bleepingcomputer.com/news/security/data-management-firm-exposes-445-million-records/
A database with over 200GB of data was found on a server left defenseless and open to public query, to anyone knowing where to find it. [...]
https://www.bleepingcomputer.com/news/security/data-management-firm-exposes-445-million-records/
BleepingComputer
Data Management Firm Exposes 445 Million Records
A database with over 200GB of data was found on a server left defenseless and open to public query, to anyone knowing where to find it.
Microsoft Releases Windows 7 & 8.1 Cumulative Updates KB4457144 & KB4457129
After releasing new cumulative updates for Windows 10, Microsoft is also rolling out a new patch for both Windows 7 and Windows 8.1. Earlier today, the software maker pushed out these updates for Windows 7 and 8.1 devices to address some security issues. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-7-and-81-cumulative-updates-kb4457144-and-kb4457129/
After releasing new cumulative updates for Windows 10, Microsoft is also rolling out a new patch for both Windows 7 and Windows 8.1. Earlier today, the software maker pushed out these updates for Windows 7 and 8.1 devices to address some security issues. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-7-and-81-cumulative-updates-kb4457144-and-kb4457129/
BleepingComputer
Microsoft Releases Windows 7 & 8.1 Cumulative Updates KB4457144 & KB4457129
After releasing new cumulative updates for Windows 10, Microsoft is also rolling out a new patch for both Windows 7 and Windows 8.1. Earlier today, the software maker pushed out these updates for Windows 7 and 8.1 devices to address some security issues.
Microsoft September 2018 Patch Tuesday Fixes 17 Critical Vulnerabilities
Microsoft's September 2018 Patch Tuesday security updates resolve 62 known vulnerabilities in Microsoft products as well as an update for Adobe Flash Player. Of these 62 vulnerabilities, 17 are critical and could allow an attacker to remotely take control of a computer. [...]
https://www.bleepingcomputer.com/news/security/microsoft-september-2018-patch-tuesday-fixes-17-critical-vulnerabilities/
Microsoft's September 2018 Patch Tuesday security updates resolve 62 known vulnerabilities in Microsoft products as well as an update for Adobe Flash Player. Of these 62 vulnerabilities, 17 are critical and could allow an attacker to remotely take control of a computer. [...]
https://www.bleepingcomputer.com/news/security/microsoft-september-2018-patch-tuesday-fixes-17-critical-vulnerabilities/
BleepingComputer
Microsoft September 2018 Patch Tuesday Fixes 16 Critical Vulnerabilities
Microsoft's September 2018 Patch Tuesday security updates resolve 62 known vulnerabilities in Microsoft products as well as an update for Adobe Flash Player. Of these 62 vulnerabilities, 17 are critical and could allow an attacker to remotely take controlβ¦
Mirai, Gafgyt IoT Botnets Reach To the Enterprise Sector
Mirai and Gafgyt, two of the best known IoT botnets, have forked once again, but the new variants peek at the corporate sector for creating or replenishing their denial-of-service resources for distributed attacks. [...]
https://www.bleepingcomputer.com/news/security/mirai-gafgyt-iot-botnets-reach-to-the-enterprise-sector/
Mirai and Gafgyt, two of the best known IoT botnets, have forked once again, but the new variants peek at the corporate sector for creating or replenishing their denial-of-service resources for distributed attacks. [...]
https://www.bleepingcomputer.com/news/security/mirai-gafgyt-iot-botnets-reach-to-the-enterprise-sector/
BleepingComputer
Mirai, Gafgyt IoT Botnets Reach To the Enterprise Sector
Mirai and Gafgyt, two of the best known IoT botnets, have forked once again, but the new variants peek at the corporate sector for creating or replenishing their denial-of-service resources for distributed attacks.
Crooks Combine Phishing and Impersonation For Higher Success Rate
While phishing continues to be the prevalent threat in malware-less email-based attacks, cybercriminals refine their methods by adding an impersonation component to increase the success rate against company employees. [...]
https://www.bleepingcomputer.com/news/security/crooks-combine-phishing-and-impersonation-for-higher-success-rate/
While phishing continues to be the prevalent threat in malware-less email-based attacks, cybercriminals refine their methods by adding an impersonation component to increase the success rate against company employees. [...]
https://www.bleepingcomputer.com/news/security/crooks-combine-phishing-and-impersonation-for-higher-success-rate/
BleepingComputer
Crooks Combine Phishing and Impersonation For Higher Success Rate
While phishing continues to be the prevalent threat in malware-less email-based attacks, cybercriminals refine their methods by adding an impersonation component to increase the success rate against company employees.
Dramatic Increase of DDoS Attack Sizes Attributed to IoT Devices
A new report released today shows that distributed denial of service (DDoS) attacks have increased dramatically in the first two quarters of 2018 compared to 2017. The increase in attacks is being attributed to large scale botnets being created by attackers using insecure IoT devices. [...]
https://www.bleepingcomputer.com/news/security/dramatic-increase-of-ddos-attack-sizes-attributed-to-iot-devices/
A new report released today shows that distributed denial of service (DDoS) attacks have increased dramatically in the first two quarters of 2018 compared to 2017. The increase in attacks is being attributed to large scale botnets being created by attackers using insecure IoT devices. [...]
https://www.bleepingcomputer.com/news/security/dramatic-increase-of-ddos-attack-sizes-attributed-to-iot-devices/
BleepingComputer
Dramatic Increase of DDoS Attack Sizes Attributed to IoT Devices
A new report released today shows that distributed denial of service (DDoS) attacks have increased dramatically in the first two quarters of 2018 compared to 2017. The increase in attacks is being attributed to large scale botnets being created by attackersβ¦
Cybercriminals Go Phishing For Jaxx Wallet Users
For at least a week, the Jaxx cryptocurrency wallet website had a fraudulent version that served malicious links to trick users into revealing the backup phrase that protected the virtual funds. [...]
https://www.bleepingcomputer.com/news/security/cybercriminals-go-phishing-for-jaxx-wallet-users/
For at least a week, the Jaxx cryptocurrency wallet website had a fraudulent version that served malicious links to trick users into revealing the backup phrase that protected the virtual funds. [...]
https://www.bleepingcomputer.com/news/security/cybercriminals-go-phishing-for-jaxx-wallet-users/
BleepingComputer
Cybercriminals Go Phishing For Jaxx Wallet Users
For at least a week, the Jaxx cryptocurrency wallet website had a fraudulent version that served malicious links to trick users into revealing the backup phrase that protected the virtual funds.