Ukraine Announces Joint Exercises with EU to Fend Off Russian Cyber Threats
Ukraine will organize a number of joint exercises in the near future with the European Union (EU) to develop appropriate response models to possible Russian cyber threats designed to interfere in Ukrainian presidential elections that will be held on March 31 [...]
https://www.bleepingcomputer.com/news/security/ukraine-announces-joint-exercises-with-eu-to-fend-off-russian-cyber-threats/
Ukraine will organize a number of joint exercises in the near future with the European Union (EU) to develop appropriate response models to possible Russian cyber threats designed to interfere in Ukrainian presidential elections that will be held on March 31 [...]
https://www.bleepingcomputer.com/news/security/ukraine-announces-joint-exercises-with-eu-to-fend-off-russian-cyber-threats/
BleepingComputer
Ukraine Announces Joint Exercises with EU to Fend Off Russian Cyber Threats
Ukraine will organize a number of joint exercises in the near future with the European Union (EU) to develop appropriate response models to possible Russian cyber threats designed to interfere in Ukrainian presidential elections that will be held on Marchβ¦
GitHub Updates Bug Bounty Program with Expanded Scope, Higher Rewards
To mark the fifth year of its Security Bug Bounty program, GitHub announced a number of updates, including an expanded scope with more GitHub products covered, increased reward amounts, and new Legal Safe Harbor terms for full legal protection for researchers. [...]
https://www.bleepingcomputer.com/news/security/github-updates-bug-bounty-program-with-expanded-scope-higher-rewards/
To mark the fifth year of its Security Bug Bounty program, GitHub announced a number of updates, including an expanded scope with more GitHub products covered, increased reward amounts, and new Legal Safe Harbor terms for full legal protection for researchers. [...]
https://www.bleepingcomputer.com/news/security/github-updates-bug-bounty-program-with-expanded-scope-higher-rewards/
BleepingComputer
GitHub Updates Bug Bounty Program with Expanded Scope, Higher Rewards
To mark the fifth year of its Security Bug Bounty program, GitHub announced a number of updates, including an expanded scope with more GitHub products covered, increased reward amounts, and new Legal Safe Harbor terms for full legal protection for researchers.
Cards Used at 137 Restaurants Exposed by Point-of-Sale Breach
North Country Business Products point-of-sale and security solutions provider with roughly 6500 customers around the Midwest has disclosed a data breach which led to the exposure of payment information for clients who used their credit and debit cards at 137 restaurants. [...]
https://www.bleepingcomputer.com/news/security/cards-used-at-137-restaurants-exposed-by-point-of-sale-breach/
North Country Business Products point-of-sale and security solutions provider with roughly 6500 customers around the Midwest has disclosed a data breach which led to the exposure of payment information for clients who used their credit and debit cards at 137 restaurants. [...]
https://www.bleepingcomputer.com/news/security/cards-used-at-137-restaurants-exposed-by-point-of-sale-breach/
BleepingComputer
Cards Used at 137 Restaurants Exposed by Point-of-Sale Breach
North Country Business Products point-of-sale and security solutions provider with roughly 6500 customers around the Midwest has disclosed a data breach which led to the exposure of payment information for clients who used their credit and debit cards atβ¦
Flaw in mIRC App Allows Attackers to Execute Commands Remotely
A vulnerability was discovered in the mIRC application that could allow attackers to execute commands, such as the downloading and installation of malware, on a vulnerable computer. [...]
https://www.bleepingcomputer.com/news/security/flaw-in-mirc-app-allows-attackers-to-execute-commands-remotely/
A vulnerability was discovered in the mIRC application that could allow attackers to execute commands, such as the downloading and installation of malware, on a vulnerable computer. [...]
https://www.bleepingcomputer.com/news/security/flaw-in-mirc-app-allows-attackers-to-execute-commands-remotely/
BleepingComputer
Flaw in mIRC App Allows Attackers to Execute Commands Remotely
A vulnerability was discovered in the mIRC application that could allow attackers to execute commands, such as the downloading and installation of malware, on a vulnerable computer.
Windows 10 Cumulative Update Build 17134.619 Released With Fixes
Windows 10 April 2018 Update Build 17134.619 is now rolling out to the general public with a bunch of new fixes and improvements. Windows 10 KB4487029 (Build 17134.619) includes fixes for Internet Explorer and other core components. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-update-build-17134619-released-with-fixes/
Windows 10 April 2018 Update Build 17134.619 is now rolling out to the general public with a bunch of new fixes and improvements. Windows 10 KB4487029 (Build 17134.619) includes fixes for Internet Explorer and other core components. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-update-build-17134619-released-with-fixes/
BleepingComputer
Windows 10 Cumulative Update Build 17134.619 Released With Fixes
Windows 10 April 2018 Update Build 17134.619 is now rolling out to the general public with a bunch of new fixes and improvements. Windows 10 KB4487029 (Build 17134.619) includes fixes for Internet Explorer and other core components.
Formjacking Surpasses Ransomware and Cryptojacking as Top Threat of 2018
A new year in review report from Symantec shows that formjacking accompanied by supply chain attacks were the fastest growing threats of 2018, while living-off-the-land (LotL) attacks saw a large boost in adoption from threat actors, with PowerShell scripts usage, for example, seeing a formidable 1000% increase. [...]
https://www.bleepingcomputer.com/news/security/formjacking-surpasses-ransomware-and-cryptojacking-as-top-threat-of-2018/
A new year in review report from Symantec shows that formjacking accompanied by supply chain attacks were the fastest growing threats of 2018, while living-off-the-land (LotL) attacks saw a large boost in adoption from threat actors, with PowerShell scripts usage, for example, seeing a formidable 1000% increase. [...]
https://www.bleepingcomputer.com/news/security/formjacking-surpasses-ransomware-and-cryptojacking-as-top-threat-of-2018/
BleepingComputer
Formjacking Surpasses Ransomware and Cryptojacking as Top Threat of 2018
A new year in review report from Symantec shows that formjacking accompanied by supply chain attacks were the fastest growing threats of 2018, while living-off-the-land (LotL) attacks saw a large boost in adoption from threat actors, with PowerShell scriptsβ¦
JD Finance Android App Caught Storing Screenshots With Banking Info
JD Finance apologized to the users of its Android application on Sunday after one customer found out that screenshots taken of his account on the China Merchants Bank app were being added to the cache of the JD Finance app while it was running in the background. [...]
https://www.bleepingcomputer.com/news/security/jd-finance-android-app-caught-storing-screenshots-with-banking-info/
JD Finance apologized to the users of its Android application on Sunday after one customer found out that screenshots taken of his account on the China Merchants Bank app were being added to the cache of the JD Finance app while it was running in the background. [...]
https://www.bleepingcomputer.com/news/security/jd-finance-android-app-caught-storing-screenshots-with-banking-info/
BleepingComputer
JD Finance Android App Caught Storing Screenshots With Banking Info
JD Finance apologized to the users of its Android application on Sunday after one customer found out that screenshots taken of his account on the China Merchants Bank app were being added to the cache of the JD Finance app while it was running in the background.
New AI-Powered Site Generates Horrific Images of Cats
A new web site called thiscatdoesnotexist.com is using artificial intelligence to create images of cats on the fly. Due to the many variations of a cat's position, their surroundings, and the furniture in the background, many of these pictures look like they are coming straight out of a horror movie. [...]
https://www.bleepingcomputer.com/news/technology/new-ai-powered-site-generates-horrific-images-of-cats/
A new web site called thiscatdoesnotexist.com is using artificial intelligence to create images of cats on the fly. Due to the many variations of a cat's position, their surroundings, and the furniture in the background, many of these pictures look like they are coming straight out of a horror movie. [...]
https://www.bleepingcomputer.com/news/technology/new-ai-powered-site-generates-horrific-images-of-cats/
BleepingComputer
New AI-Powered Site Generates Horrific Images of Cats
A new web site called thiscatdoesnotexist.com is using artificial intelligence to create images of cats on the fly. Due to the many variations of a cat's position, their surroundings, and the furniture in the background, many of these pictures look like theyβ¦
Windows 10 Insider Preview Build 18342 Released With Numerous Improvements
Microsoft has released Windows 10 Insider Preview Build 18342 (19H1) to Insiders in the Fast ring. This build adds numerous Windows Sandbox fixes, changes to gaming, and the ability to access WSL files in File Explorer. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-preview-build-18342-released-with-numerous-improvements/
Microsoft has released Windows 10 Insider Preview Build 18342 (19H1) to Insiders in the Fast ring. This build adds numerous Windows Sandbox fixes, changes to gaming, and the ability to access WSL files in File Explorer. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-preview-build-18342-released-with-numerous-improvements/
BleepingComputer
Windows 10 Insider Preview Build 18342 Released With Numerous Improvements
Microsoft has released Windows 10 Insider Preview Build 18342 (19H1) to Insiders in the Fast ring. This build adds numerous Windows Sandbox fixes, changes to gaming, and the ability to access WSL files in File Explorer.
New Attack Kit Combines Trojans and Tools to Spread Miners, Steal Data
A new malware-powered attack kit that stitches up two Trojans and a coinminer to mine for data and Monero was observed while scanning for vulnerable machines from China, Taiwan, Italy, and Hong Kong, and spreading itself over the Internet and on local area networks. [...]
https://www.bleepingcomputer.com/news/security/new-attack-kit-combines-trojans-and-tools-to-spread-miners-steal-data/
A new malware-powered attack kit that stitches up two Trojans and a coinminer to mine for data and Monero was observed while scanning for vulnerable machines from China, Taiwan, Italy, and Hong Kong, and spreading itself over the Internet and on local area networks. [...]
https://www.bleepingcomputer.com/news/security/new-attack-kit-combines-trojans-and-tools-to-spread-miners-steal-data/
BleepingComputer
New Attack Kit Combines Trojans and Tools to Spread Miners, Steal Data
A new malware-powered attack kit that stitches up two Trojans and a coinminer to mine for data and Monero was observed while scanning for vulnerable machines from China, Taiwan, Italy, and Hong Kong, and spreading itself over the Internet and on local areaβ¦
Microsoft Edge Secret Whitelist Allows Facebook to Autorun Flash
Microsoft's Edge web browser comes with a hidden whitelist file designed to allow Facebook to circumvent the built-in click-to-play security policy to autorun Flash content without having to ask for user consent. [...]
https://www.bleepingcomputer.com/news/security/microsoft-edge-secret-whitelist-allows-facebook-to-autorun-flash/
Microsoft's Edge web browser comes with a hidden whitelist file designed to allow Facebook to circumvent the built-in click-to-play security policy to autorun Flash content without having to ask for user consent. [...]
https://www.bleepingcomputer.com/news/security/microsoft-edge-secret-whitelist-allows-facebook-to-autorun-flash/
BleepingComputer
Microsoft Edge Secret Whitelist Allows Facebook to Autorun Flash
Microsoft's Edge web browser comes with a hidden whitelist file designed to allow Facebook to circumvent the built-in click-to-play security policy to autorun Flash content without having to ask for user consent.
Mozilla Firefox 67 to Warn About Breached Sites Using New Add-On
Firefox Monitor is a Mozilla service that has partnered with Have I been Pwned to alert users when their email address has been discovered in a data breach. In the past, Firefox Monitor was a standalone service, but starting in Firefox 67 it will now be included as an extension. [...]
https://www.bleepingcomputer.com/news/software/mozilla-firefox-67-to-warn-about-breached-sites-using-new-add-on/
Firefox Monitor is a Mozilla service that has partnered with Have I been Pwned to alert users when their email address has been discovered in a data breach. In the past, Firefox Monitor was a standalone service, but starting in Firefox 67 it will now be included as an extension. [...]
https://www.bleepingcomputer.com/news/software/mozilla-firefox-67-to-warn-about-breached-sites-using-new-add-on/
BleepingComputer
Mozilla Firefox 67 to Warn About Breached Sites Using New Add-On
Firefox Monitor is a Mozilla service that has partnered with Have I been Pwned to alert users when their email address has been discovered in a data breach. In the past, Firefox Monitor was a standalone service, but starting in Firefox 67 it will now be includedβ¦
GandCrab Ransomware Affiliates Continue to Push Decryptable Versions
GandCrab Ransomware affiliates are doing their victims a favor by screwing up and distributing a version of the ransomware that can be decrypted for free. [...]
https://www.bleepingcomputer.com/news/security/gandcrab-ransomware-affiliates-continue-to-push-decryptable-versions/
GandCrab Ransomware affiliates are doing their victims a favor by screwing up and distributing a version of the ransomware that can be decrypted for free. [...]
https://www.bleepingcomputer.com/news/security/gandcrab-ransomware-affiliates-continue-to-push-decryptable-versions/
BleepingComputer
GandCrab Ransomware Affiliates Continue to Push Decryptable Versions
GandCrab Ransomware affiliates are doing their victims a favor by screwing up and distributing a version of the ransomware that can be decrypted for free.
Drupal Fixes Highly Critical Vulnerability
Administrators of websites running the Drupal content management software (CMS) are urged to take immediate action to mitigate a newly discovered a vulnerability that can lead to remote execution of PHP code under specific circumstances. [...]
https://www.bleepingcomputer.com/news/security/drupal-fixes-highly-critical-vulnerability/
Administrators of websites running the Drupal content management software (CMS) are urged to take immediate action to mitigate a newly discovered a vulnerability that can lead to remote execution of PHP code under specific circumstances. [...]
https://www.bleepingcomputer.com/news/security/drupal-fixes-highly-critical-vulnerability/
BleepingComputer
Drupal Fixes βHighly Criticalβ Vulnerability
Administrators of websites running the Drupal content management software (CMS) are urged to take immediate action to mitigate a newly discovered a vulnerability that can lead to remote execution of PHP code under specific circumstances.
Windows Servers Vulnerable to IIS Resource Exhaustion DoS Attacks
Microsoft published a security advisory on its Security Response Center which discloses that Windows Server and Windows 10 servers running Internet Information Services (IIS) are vulnerable to denial of service (DOS) attacks. [...]
https://www.bleepingcomputer.com/news/security/windows-servers-vulnerable-to-iis-resource-exhaustion-dos-attacks/
Microsoft published a security advisory on its Security Response Center which discloses that Windows Server and Windows 10 servers running Internet Information Services (IIS) are vulnerable to denial of service (DOS) attacks. [...]
https://www.bleepingcomputer.com/news/security/windows-servers-vulnerable-to-iis-resource-exhaustion-dos-attacks/
BleepingComputer
Windows Servers Vulnerable to IIS Resource Exhaustion DoS Attacks
Microsoft published a security advisory on its Security Response Center which discloses that Windows Server and Windows 10 servers running Internet Information Services (IIS) are vulnerable to denial of service (DOS) attacks.
Adobe Patches Critical Information Disclosure Flaw in Reader, Again
Adobe issued a security update to address a bypass for the CVE-2019-7089 zero-day patch issued on February 12, which would lead to sensitive information disclosure in the context of the current user in vulnerable Adobe Acrobat and Reader for Windows and macOS [...]
https://www.bleepingcomputer.com/news/security/adobe-patches-critical-information-disclosure-flaw-in-reader-again/
Adobe issued a security update to address a bypass for the CVE-2019-7089 zero-day patch issued on February 12, which would lead to sensitive information disclosure in the context of the current user in vulnerable Adobe Acrobat and Reader for Windows and macOS [...]
https://www.bleepingcomputer.com/news/security/adobe-patches-critical-information-disclosure-flaw-in-reader-again/
BleepingComputer
Adobe Patches Critical Information Disclosure Flaw in Reader, Again
Adobe issued a security update to address a bypass for the CVE-2019-7089 zero-day patch issued on February 12, which would lead to sensitive information disclosure in the context of the current user in vulnerable Adobe Acrobat and Reader for Windows and macOS
Malware Campaigns Target Users of Pornhub, XVideos, Other Adult Websites
People who visit adult websites are being exposed on a daily basis to malware, phishing, and malicious spam campaigns, with premium accounts used on these websites that get stolen ending up on dark web markets. [...]
https://www.bleepingcomputer.com/news/security/malware-campaigns-target-users-of-pornhub-xvideos-other-adult-websites/
People who visit adult websites are being exposed on a daily basis to malware, phishing, and malicious spam campaigns, with premium accounts used on these websites that get stolen ending up on dark web markets. [...]
https://www.bleepingcomputer.com/news/security/malware-campaigns-target-users-of-pornhub-xvideos-other-adult-websites/
BleepingComputer
Malware Campaigns Target Users of PornHub, XVideos, Other Adult Websites
People who visit adult websites are being exposed on a daily basis to malware, phishing, and malicious spam campaigns, with premium accounts used on these websites that get stolen ending up on dark web markets.
Apple Adds Better Cross-Site Tracking Prevention in iOS 12.2 Beta and Safari 12.1
The beta releases of iOS 12.2 and Safari 12.1 on macOS High Sierra and Mojave include an updated version of the WebKit Intelligent Tracking Prevention (ITP) feature that will further decrease trackers' ability to trace user identities across websites. [...]
https://www.bleepingcomputer.com/news/security/apple-adds-better-cross-site-tracking-prevention-in-ios-122-beta-and-safari-121/
The beta releases of iOS 12.2 and Safari 12.1 on macOS High Sierra and Mojave include an updated version of the WebKit Intelligent Tracking Prevention (ITP) feature that will further decrease trackers' ability to trace user identities across websites. [...]
https://www.bleepingcomputer.com/news/security/apple-adds-better-cross-site-tracking-prevention-in-ios-122-beta-and-safari-121/
BleepingComputer
Apple Adds Better Cross-Site Tracking Prevention in iOS 12.2 Beta and Safari 12.1
The beta releases of iOS 12.2 and Safari 12.1 on macOS High Sierra and Mojave include an updated version of the WebKit Intelligent Tracking Prevention (ITP) feature that will further decrease trackers' ability to trace user identities across websites.
Cr1ptT0r Ransomware Targets Embedded Systems, Infects D-Link NAS Gear
A new ransomware called Cr1ptT0r built for embedded systems targets network attached storage (NAS) equipment exposed to the internet to encrypt data available on it. [...]
https://www.bleepingcomputer.com/news/security/cr1ptt0r-ransomware-targets-embedded-systems-infects-d-link-nas-gear/
A new ransomware called Cr1ptT0r built for embedded systems targets network attached storage (NAS) equipment exposed to the internet to encrypt data available on it. [...]
https://www.bleepingcomputer.com/news/security/cr1ptt0r-ransomware-targets-embedded-systems-infects-d-link-nas-gear/
BleepingComputer
Cr1ptT0r Ransomware Targets Embedded Systems, Infects D-Link NAS Gear
A new ransomware called Cr1ptT0r built for embedded systems targets network attached storage (NAS) equipment exposed to the internet to encrypt data available on it.
19-Year Old WinRAR RCE Vulnerability Gets Micropatch Which Keeps ACE Support
A micropatch was released to fix a 19-year old arbitrary code execution vulnerability impacting 500 million users of the WinRAR compression tool and to keep ACE support after the app's devs removed it when they patched the security issue. [...]
https://www.bleepingcomputer.com/news/security/19-year-old-winrar-rce-vulnerability-gets-micropatch-which-keeps-ace-support/
A micropatch was released to fix a 19-year old arbitrary code execution vulnerability impacting 500 million users of the WinRAR compression tool and to keep ACE support after the app's devs removed it when they patched the security issue. [...]
https://www.bleepingcomputer.com/news/security/19-year-old-winrar-rce-vulnerability-gets-micropatch-which-keeps-ace-support/
BleepingComputer
19-Year Old WinRAR RCE Vulnerability Gets Micropatch Which Keeps ACE Support
A micropatch was released to fix a 19-year old arbitrary code execution vulnerability impacting 500 million users of the WinRAR compression tool and to keep ACE support after the app's devs removed it when they patched the security issue.