The Week in Ransomware - January 4th 2019 - IPMI, FilesLocker, and More

For the past two weeks, we have seen a lot of new variants, decryptors, and Ryuk ransomware outbreaks. Of particular interest is the JungleSec ransomware, which has been hacking into servers via IPMI in order to install the ransomware. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-4th-2019-ipmi-fileslocker-and-more/

NSA Releasing the GHIDRA Reverse Engineering Tool at RSAConference

At the RSAConference in March, a free reverse engineering framework called GHIDRA is being released that was developed by the U.S. National Security Agency. [...]

https://www.bleepingcomputer.com/news/security/nsa-releasing-the-ghidra-reverse-engineering-tool-at-rsaconference/

New ReiKey app for macOS can Detect Mac Keyloggers

macOS users have a new open source tool to help them identify generic keyloggers on their system. Called ReiKey, the app can scan and monitor for software that installs keyboard event taps to intercept keystrokes. [...]

https://www.bleepingcomputer.com/news/security/new-reikey-app-for-macos-can-detect-mac-keyloggers/

27% of Passwords From Town of Salem Breach Already Cracked

Over the holiday, the popular browser-based game Town of Salem had a data breach that exposed the hashed passwords for approximately 7.6 million unique accounts. At the time of this writing, over 27% of the passwords have already been cracked. [...]

https://www.bleepingcomputer.com/news/security/27-percent-of-passwords-from-town-of-salem-breach-already-cracked/

Opera Blacklists Tampermonkey Extension Being Installed by Malware

Opera blacklisted the version of Tampermonkey that is currently offered on the Chrome Web Store as it is being installed by Windows malware. This prevents the extension from working in the Opera browser. [...]

https://www.bleepingcomputer.com/news/software/opera-blacklists-tampermonkey-extension-being-installed-by-malware/

Hacker Uses Australian Early Warning Network to Send Spam Alerts

Over the weekend, a hacker gained unauthorized access to the Queensland EWN, or Early Warning Network, and used it to send a spam alert via SMS, landline, and email to the company's subscribers. [...]

https://www.bleepingcomputer.com/news/security/hacker-uses-australian-early-warning-network-to-send-spam-alerts/

Acer Unveils RTX2080-Powered Predator Triton Gaming Notebooks

The Predator Triton 900 and the Predator Triton 500 both come with NVIDIA's GeForce RTX2080 GPU and Intel's Core i7-8750H CPU [...]

https://www.bleepingcomputer.com/news/hardware/acer-unveils-rtx2080-powered-predator-triton-gaming-notebooks/

Apple Taunts Competitors on Lack of Privacy With CES 2019 Ad

This year Apple came to CES in the form of a giant ad near the CES 2019 conference center that takes a swing at its competitors, such as Google and Amazon, by taunting them about their privacy concerns. [...]

https://www.bleepingcomputer.com/news/apple/apple-taunts-competitors-on-lack-of-privacy-with-ces-2019-ad/

App Store Games Found Communicating with Golduck Malware C&C servers

Researchers found 14 retro games in Apple's App Store that communicated with command-and-control servers previously used by the Android Golduck Loader [...]

https://www.bleepingcomputer.com/news/security/app-store-games-found-communicating-with-golduck-malware-candc-servers/

GandCrab Operators Use Vidar Infostealer as a Forerunner

Cybercriminals behind GandCrab have mixed the infostealer Vidar in the distribution process of the ransomware piece, which helps increase their profits by pilfering sensitive information before encrypting the computer files. [...]

https://www.bleepingcomputer.com/news/security/gandcrab-operators-use-vidar-infostealer-as-a-forerunner/

Google Emails Users About Private Data Exposed by Google+ API Bug

Google has started sending out notifications to those who were affected by their Google+ API bug that was disclosed in December 2018. This notification provides details regarding what profile data was exposed and the apps that had access to it. [...]

https://www.bleepingcomputer.com/news/google/google-emails-users-about-private-data-exposed-by-google-api-bug/

Microsoft Pulls Office 2010 January 2019 Updates After Excel Blunder

After releasing the first Microsoft Office updates of 2019 designed to fix non-security issues in Office 2010, Office 2013, and Office 2016 on January 2, Microsoft pulled the Office 2010 updates from the server following multiple reports of Excel not being able to start. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-pulls-office-2010-january-2019-updates-after-excel-blunder/

Microsoft Announces Unlimited Private Repos for GitHub Free

GitHub Free users can now create private repositories which can have up to three collaborators per repo [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-unlimited-private-repos-for-github-free/

OXO Discloses MageCart Attack That Targeted Customer Data on Oxo.com

United States based kitchen utensil manufacturer OXO International disclosed a data breach that spans numerous periods over two years. This breach notification states that customer and payment information may have been exposed and further research by BleepingComputer indicates this was most likely a MageCart attack. [...]

https://www.bleepingcomputer.com/news/security/oxo-discloses-magecart-attack-that-targeted-customer-data-on-oxocom/

NCSC Starts Campaign to Help Industry Fight Foreign State Threats

The U.S. National Counterintelligence and Security Center (NCSC) started distributing informative materials ranging from brochures to videos to privately held companies around the country advertising increased awareness of rising cybersecurity threats from nation-state actors. [...]

https://www.bleepingcomputer.com/news/security/ncsc-starts-campaign-to-help-industry-fight-foreign-state-threats/

New Side-Channel Attack Steals Data from Windows, Linux Page Cache

Details have emerged about a new side-channel attack that targets an operating system's page cache, where sensitive data that has been accessed for use, like program binaries, libraries, and files and info sensitive in nature, is stored. [...]

https://www.bleepingcomputer.com/news/security/new-side-channel-attack-steals-data-from-windows-linux-page-cache/

Microsoft told to Pay €1100 After Forced Windows 10 Upgrade Breaks PC

Microsoft has now been asked to pay more than €1,100 ($1,258) to a Finnish man for the unwanted upgrade from Windows 8.1 and allegedly breaking his computer with an upgrade to Windows 10. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-told-to-pay-1100-after-forced-windows-10-upgrade-breaks-pc/

Microsoft Adding Office 365 Threat Auto-Investigation to GCC Offering

The auto-Investigation with threat playbooks feature was included in the roadmap in October and was now also added to Microsoft's future Office 365 Government GCC offering [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-adding-office-365-threat-auto-investigation-to-gcc-offering/

Windows 10 January 2019 Cumulative Updates Released With Fixes

Microsoft has just released new cumulative updates for Windows 10 version 1809, version 1803 and version 1709 as part of the monthly Patch Tuesday cycle. These latest cumulative updates come with general fixes and security improvements. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-january-2019-cumulative-updates-released-with-fixes/

Microsoft Releases Servicing Stack Updates for Windows 10 Version 1703

Microsoft advises users to first install this servicing stack update before installing the latest cumulative update [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-servicing-stack-updates-for-windows-10-version-1703/