New SLUB Backdoor Uses Slack, GitHub as Communication Channels

A new backdoor was observed while using the Github Gist service and the Slack messaging system as communication channels with its masters, as well as targeting a very specific type of victim using a watering hole attack. [...]

https://www.bleepingcomputer.com/news/security/new-slub-backdoor-uses-slack-github-as-communication-channels/

Notepad++ No Longer Code Signed, Dev Won't Support Overpriced Cert Industry

The developer of the highly popular open source Notepad++ text and source code editor for Windows announced that the program will drop code signing support starting with the 7.6.4 release. [...]

https://www.bleepingcomputer.com/news/software/notepad-no-longer-code-signed-dev-wont-support-overpriced-cert-industry/

Facebook Removes Campaigns Used to Sow Discord in UK and Romania

Facebook stated that they have discovered and removed content related to two coordinated campaigns used to sow political discord in the UK and Romania. Facebook is categorizing these campaigns as inauthentic behavior as they misrepresented themselves and are being used to mislead visitors. [...]

https://www.bleepingcomputer.com/news/security/facebook-removes-campaigns-used-to-sow-discord-in-uk-and-romania/

Russia Passes Bill That Outlaws Disrespecting Russian Officials Online

The Russian State Duma passed a new and controversial bill which allows the authorities to jail people who disrespect the government and state officials online. [...]

https://www.bleepingcomputer.com/news/security/russia-passes-bill-that-outlaws-disrespecting-russian-officials-online/

What We Know About Microsoft’s Chromium-Based Edge Browser

Screenshots for the Chromium-based Microsoft Edge browser were leaked online this week. With these screenshots, others found more information that was not previously confirmed by Microsoft. [...]

https://www.bleepingcomputer.com/news/microsoft/what-we-know-about-microsoft-s-chromium-based-edge-browser/

Google Advises Upgrade to Windows 10 to Fix Windows 7 Zero-Day Bug

Google recommends users of Windows 7 to give it up and move to Microsoft's latest operating system if they want to keep systems safe from a zero-day vulnerability exploited in the wild. [...]

https://www.bleepingcomputer.com/news/security/google-advises-upgrade-to-windows-10-to-fix-windows-7-zero-day-bug/

Insecure Database Leads to Over 800 Million Records Data Breach

An unprotected 140+ GB MongoDB database led to the discovery of a huge collection of 808,539,939 email records, with many of them also containing detailed personally identifiable information (PII). [...]

https://www.bleepingcomputer.com/news/security/insecure-database-leads-to-over-800-million-records-data-breach/

Windows 10 Insider Preview Build 18353 Released With Sandbox Improvements

Microsoft has released Windows 10 Insider Preview Build 18353 (19H1) to Insiders in the Fast ring. This release is mostly bug fixes, but does include improvements to the Windows Sandbox. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-preview-build-18353-released-with-sandbox-improvements/

1.8 Million Users Attacked by Android Banking Malware, 300% Increase Since 2017

The number of Android users attacked by banking malware saw an alarming 300% increase in 2018, with 1.8 million of them being impacted by at least one such attack during the last year. [...]

https://www.bleepingcomputer.com/news/security/18-million-users-attacked-by-android-banking-malware-300-percent-increase-since-2017/

Citrix Learns About Internal Network Security Breach from FBI

Citrix found out from the FBI on March 6, 2019, about a security breach into its internal network which led to the cybercriminals behind the attack being able to access and steal a set of business documents. No Citrix products or services were impacted by the attack. [...]

https://www.bleepingcomputer.com/news/security/citrix-learns-about-internal-network-security-breach-from-fbi/

The Week in Ransomware - March 8th 2019 - OpJerusalem, Jokeroo, and More

This week we had some interesting stories, with the two biggest being an alleged new Ransomware-as-a-Service called Jokeroo and the #OpJerusalem attack conducted against Israeli sites. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-8th-2019-opjerusalem-jokeroo-and-more/

Smart Car Alarms Ironically Expose Millions of Vehicles to Remote Hijacking

Aftermarket car alarm systems developed by Pandora and Viper have been found to be vulnerable to remote exploitation, enabling potential attackers to hijack the vehicles they're installed on and to spy on their owners. [...]

https://www.bleepingcomputer.com/news/security/smart-car-alarms-ironically-expose-millions-of-vehicles-to-remote-hijacking/

Cookie Walls Do Not Comply with the GDPR According to Dutch Watchdog

Cookie walls used by websites, app, and services to force their visitors to accept tracking cookies before being able to gain access do not comply with EU's GDPR said the Dutch Data Protection Authority in a statement published on Thursday. [...]

https://www.bleepingcomputer.com/news/security/cookie-walls-do-not-comply-with-the-gdpr-according-to-dutch-watchdog/

Ransomware Attack on Jackson County Gets Cybercriminals $400,000

A ransomware attack hit the computers of Jackson County, Georgia, reducing government activity to a crawl until officials decided to pay cybercriminals $400,000 in exchange for the file decryption key. [...]

https://www.bleepingcomputer.com/news/security/ransomware-attack-on-jackson-county-gets-cybercriminals-400-000/

STOP Ransomware Installing Password Stealing Trojans on Victims

In addition to encrypting a victim's files, the STOP ransomware family has also started to install the Azorult password-stealing Trojan on victim's computer to steal account credentials, cryptocurrency wallets, desktop files, and more. [...]

https://www.bleepingcomputer.com/news/security/stop-ransomware-installing-password-stealing-trojans-on-victims/

Microsoft Asks Users to Call Windows 10 Devs About ALT+TAB Feature

Microsoft has started to display notifications in the Windows 10 Action Center asking users to have a phone call with Microsoft developers and provide direct feedback about the ALT+TAB feature in Windows.  [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-asks-users-to-call-windows-10-devs-about-alt-tab-feature/

Game Development Companies Backdoored in Supply-Chain Attacks

Two popular games and a gaming platform developed by Asian companies were compromised following a series of successful supply-chain attacks which allowed the attackers to include a malicious payload designed to provide them with a backdoor. [...]

https://www.bleepingcomputer.com/news/security/game-development-companies-backdoored-in-supply-chain-attacks/

Creepy Database Lists 'BreedReady' Status for 1.8 Million Women

A database left unprotected online reveals a creepy set of details collected on more than 1.8 million women in China. Apart from the regular info one would expect, like name, age, and date of birth, the data set also includes a "BreedReady" status. [...]

https://www.bleepingcomputer.com/news/security/creepy-database-lists-breedready-status-for-18-million-women/

Samsung Galaxy S10 Face Recognition Can Easily Be Bypassed

The face recognition-based screen lock feature in the Samsung Galaxy S10 can be easily fooled using a photo or a video of the owner as shown by multiple reports coming from customers, experts and tech reviewers. [...]

https://www.bleepingcomputer.com/news/security/samsung-galaxy-s10-face-recognition-can-easily-be-bypassed/

New "Final Warning" Sextortion Emails State Adult Sites Infected You

A new sextortion email campaign with a subject of "This is a final warning" is underway that states a hacker infected the recipient's computer while they were visiting an adult web site and demand an extortion payment or the video will be released to family and friends. [...]

https://www.bleepingcomputer.com/news/security/new-final-warning-sextortion-emails-state-adult-sites-infected-you/