Scam iOS Fitness Apps Steal Money Through Apple Touch ID

iOS fitness apps were discovered that ask you to provide a fingerprint to continue or access your data, but instead pop up a subscription screen that automatically charges a saved credit card for over $100 USD. [...]

https://www.bleepingcomputer.com/news/security/scam-ios-fitness-apps-steal-money-through-apple-touch-id/

Mistake causes Popular Site to be Removed from Google Search Results

When your business is a web site and you rely on people finding you through search results, it can be heart attack provoking to find that your site is completely missing from Google. This is exactly what happened to a popular site who discovered their site was suddenly missing from the search results due to a mistake by Google. [...]

https://www.bleepingcomputer.com/news/google/mistake-causes-popular-site-to-be-removed-from-google-search-results/

Printeradvertising.com Spam Service Claims It Can Print Anywhere

In order to prevent this type of mischief, network enabled printers should never be connected to the Internet. Allowing them to do so only allows malicious actors to send any type of print document to your network, including pornography that could land you in trouble. [...]

https://www.bleepingcomputer.com/news/security/printeradvertisingcom-spam-service-claims-it-can-print-anywhere/

Quora Hacked - 100 Million User's Data Exposed

Quora announced tonight that one of their systems was hacked and has led to the exposure of approximately 100 million user's data to an unauthorized third-party. [...]

https://www.bleepingcomputer.com/news/security/quora-hacked-100-million-users-data-exposed/

Microsoft Replacing Edge With New Chromium-based Browser

According to reports, Microsoft is abandoning development of Microsoft Edge and instead focusing on a new Chromium-based browser under the codename Anaheim. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-replacing-edge-with-new-chromium-based-browser/

Kubernetes Updates Patch Critical Privilege Escalation Bug

A critical vulnerability in Kubernetes open-source system for handling containerized applications can enable an attacker to gain full administrator privileges on Kubernetes compute nodes. [...]

https://www.bleepingcomputer.com/news/security/kubernetes-updates-patch-critical-privilege-escalation-bug/

National Republican Congressional Committee Hacked - Emails Exposed

The National Republican Congressional Committee (NRCC) discovered this April 2018 that they were hacked and an unauthorized third-party had access to the email accounts of four senior aides. [...]

https://www.bleepingcomputer.com/news/security/national-republican-congressional-committee-hacked-emails-exposed/

Chrome 71 Released With Abusive Ad Filtering and Audio Blocking

Google has release Chrome 71 to the Stable desktop channel, which means it is now available for everyone to download. This version comes with a bunch of new features, with most of them focusing on protecting users from abusive ads, deceptive billing pages, and unwanted autoplay audio. [...]

https://www.bleepingcomputer.com/news/google/chrome-71-released-with-abusive-ad-filtering-and-audio-blocking/

Windows Lite Is Microsoft’s Answer to Google Chrome OS

Windows Lite is a stripped down version of the operating system and it will reportedly take Microsoft's concept of Store-restricted operating system one step further. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-lite-is-microsoft-s-answer-to-google-chrome-os/

Ransomware Infects 100K PCs in China, Demands WeChat Payment

Over 100,000 thousand computers in China have been infected in just a few days with poorly-written ransomware that encrypts local files and steals credentials for multiple Chinese online services. [...]

https://www.bleepingcomputer.com/news/security/ransomware-infects-100k-pcs-in-china-demands-wechat-payment/

Adobe Fixes Zero-Day Flash Player Vulnerability Used in APT Attack on Russia

Adobe has released an update for Flash Player that fixes a zero-day user after free vulnerability that was used as part of an APT attack against Russia. This attack is being named "Operation Poison Needle" and targeted the Russian FSBI "Polyclinic #2" medical clinic. [...]

https://www.bleepingcomputer.com/news/security/adobe-fixes-zero-day-flash-player-vulnerability-used-in-apt-attack-on-russia/

Company Pretends to Decrypt Ransomware But Just Pays Ransom

Ransomware is a serious threat but also a lucrative business for crooks and scammers posing as IT professionals promising successful decryption services for the right price. [...]

https://www.bleepingcomputer.com/news/security/company-pretends-to-decrypt-ransomware-but-just-pays-ransom/

SNDBOX - an AI Powered Malware Analysis Site is Launched

Today at Blackhat Europe, a new malware analysis service was unveiled called SNDBOX that utilizes artificial intelligence and a hardened virtual environment to perform static and dynamic analysis of malware samples. [...]

https://www.bleepingcomputer.com/news/security/sndbox-an-ai-powered-malware-analysis-site-is-launched/

Android Users are Receiving Maps Notification Spam and No One Knows Why

Users are receiving spam notifications through the Google Maps app that asks them to share their location in order to get something for free and no one knows why. [...]

https://www.bleepingcomputer.com/news/security/android-users-are-receiving-maps-notification-spam-and-no-one-knows-why/

Apple Fixes Passcode Bypass, RCE Vulnerabilities, and More in Today's Updates.

Today Apple released updates for their core products that includes iCloud, Safari, iTunes, macOS Mojave, High Sierra, Sierra, Shortcuts for iOS 2.1.2, tvOS 12.1.1, and of course iOS 12.1.1. [...]

https://www.bleepingcomputer.com/news/apple/apple-fixes-passcode-bypass-rce-vulnerabilities-and-more-in-todays-updates/

HackerOne Offers Free Sandboxes To Replicate Real-World Security Bugs

HackerOne has announced that it makes available to hackers that want to test and hone their skills a set of five sandbox environments modeled after popular security bugs reported through its platform. [...]

https://www.bleepingcomputer.com/news/security/hackerone-offers-free-sandboxes-to-replicate-real-world-security-bugs/

Windows 10 Version 1809 Cumulative Update Build 17763.168 Released

Microsoft has rolled out a new cumulative update for Windows 10 October 2018 Update (version 1809). Windows 10 KB4469342 has been in testing for quite a while now and today it's rolling out to the general public. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-version-1809-cumulative-update-build-17763168-released/

Unprotected MongoDB Exposes Scraped Profile Data of 66 Million

Information belonging to more than 66 million individuals was discovered in an unprotected database, within anyone's reach, if they knew where to look on the web. The records look like scraped data from LinkedIn profiles. [...]

https://www.bleepingcomputer.com/news/security/unprotected-mongodb-exposes-scraped-profile-data-of-66-million/

Microsoft is Rebuilding Edge Browser using Chromium for Windows & macOS

Microsoft has officially confirmed that they are going to be gutting Edge and converting it into a Chromium based browser. While the engine will change, Microsoft has stated that they will continue utilizing the Microsoft Edge name and will now bring the browser to all supported Windows platforms. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-is-rebuilding-edge-browser-using-chromium-for-windows-and-macos/

Chinese Police Arrest Dev Behind UNNAMED1989 WeChat Ransomware

Chinese law enforcement have arrested the developer of the UNNAMED1989 / WeChat Ransomware that recently took China by storm and infected over 100K users in a few days. [...]

https://www.bleepingcomputer.com/news/security/chinese-police-arrest-dev-behind-unnamed1989-wechat-ransomware/