vxCrypter Is the First Ransomware to Delete Duplicate Files

The vxCrypter Ransomware could be the first ransomware infection that not only encrypts a victim's data, but also tidy's up their computer by deleting duplicate files. [...]

https://www.bleepingcomputer.com/news/security/vxcrypter-is-the-first-ransomware-to-delete-duplicate-files/

Torrent Malware Goes Down as Pirated Streaming Usage Increases

Both the number of users who downloaded malware infected pirated copies of TV show episodes to their computers and the number of such attacks dropped down during 2018 by 33% and 22% respectively as reported by Kaspersky Lab. [...]

https://www.bleepingcomputer.com/news/security/torrent-malware-goes-down-as-pirated-streaming-usage-increases/

New York Albany Capital Hit by Ransomware Attack

The City of Albany, the capital of the U.S. state of New York, was hit by a ransomware attack on March 30, with city officials working over the weekend to respond to the incident. [...]

https://www.bleepingcomputer.com/news/security/new-york-albany-capital-hit-by-ransomware-attack/

Notepad++ Adds GPG Signature to Verify Authenticity

Notepad++ 7.6.5 has been released and is now being signed with a GPG signature so that users who download the program can verify its authenticity. [...]

https://www.bleepingcomputer.com/news/software/notepad-adds-gpg-signature-to-verify-authenticity/

U.S. Airlines Cancel, Delay Flights Because of Aerodata Outage

Multiple U.S. airlines including United, Delta, Jetblue, and Southwest experienced system-wide computing outages because of a third-party contractor leading to numerous flight cancellations and delays throughout the day. [...]

https://www.bleepingcomputer.com/news/technology/us-airlines-cancel-delay-flights-because-of-aerodata-outage/

Google Fixes Two Critical Android Code Execution Vulnerabilities

Two critical remote code execution and nine high severity elevation of privileges and information disclosure vulnerabilities were fixed by Google in the Android Open Source Project (AOSP) as part of security patch level 2019-04-01. [...]

https://www.bleepingcomputer.com/news/security/google-fixes-two-critical-android-code-execution-vulnerabilities/

Chromium-Based Microsoft Edge Added to Windows 10 Sandbox

With Windows enthusiasts awaiting the public release of the Chromium-based Microsoft Edge browser, Microsoft reportedly made it available in an unlikely place. According to reports, some users of Windows 10 Insider build 18865 have found that Microsoft is testing the Edge Insider build withing the Windows Sandbox feature. [...]

https://www.bleepingcomputer.com/news/microsoft/chromium-based-microsoft-edge-added-to-windows-10-sandbox/

Apache Bug Lets Normal Users Gain Root Access Via Scripts

A privilege escalation vulnerability of important severity in the Apache HTTP server allowing users with the right to write and run scripts to gain root on Unix systems was fixed in Apache httpd 2.4.39. [...]

https://www.bleepingcomputer.com/news/security/apache-bug-lets-normal-users-gain-root-access-via-scripts/

Mozilla Aims to Reduce Web Site Notification Spam in Firefox

Mozilla is performing a study on how to reduce the increasing usage of displaying web site browser subscription prompts that users find annoying and are abused to send browser notification spam appearing on a user's desktop. [...]

https://www.bleepingcomputer.com/news/security/mozilla-aims-to-reduce-web-site-notification-spam-in-firefox/

OceanLotus APT Uses Steganography to Load Backdoors

The OceanLotus advanced persistent threat group (also known as APT32 or Cobalt Kitty) is using steganography-based loaders to drop backdoors on compromised systems. [...]

https://www.bleepingcomputer.com/news/security/oceanlotus-apt-uses-steganography-to-load-backdoors/

Chromium Microsoft Edge Can Play 4K Netflix Video, Unlike Chrome

To give Google more cause for concern, the new Microsoft Edge is the first Chromium browser to support both the WideVine and PlayReady DRM technologies. By including Microsoft's PlayReady DRM, the Chromium-based Edge will be able to to play Netflix videos at both 1080p HD and 4K UHD resolutions. [...]

https://www.bleepingcomputer.com/news/microsoft/chromium-microsoft-edge-can-play-4k-netflix-video-unlike-chrome/

Cryptojacking Still a Foreign Concept for Many Security Pros

For over 57% of the 150 cybersecurity professionals surveyed by Exabeam the concept of cryptojacking is not something they are acquainted with, while roughly 65% said that they are also unfamiliar with shadow mining. [...]

https://www.bleepingcomputer.com/news/security/cryptojacking-still-a-foreign-concept-for-many-security-pros/

Azure AD Password Protection Available, Lowers Spray Attack Risks

The Azure AD Password Protection feature which blocks commonly used and compromised passwords to dramatically reduce the risks raised by password spray attacks is now generally available. [...]

https://www.bleepingcomputer.com/news/security/azure-ad-password-protection-available-lowers-spray-attack-risks/

Verizon Customers Targets in Mobile-Focused Phishing Campaigns

Phishing campaigns, some launched as recently as March, aimed at stealing credentials from Verizon mobile customers by spoofing the company's support service. [...]

https://www.bleepingcomputer.com/news/security/verizon-customers-targets-in-mobile-focused-phishing-campaigns/

CIA Porn Extortion Scams Now Use Password Protected PDFs

A new variant of the CIA porn investigation emails are now putting the extortion payment instructions in password protected PDF attachments. [...]

https://www.bleepingcomputer.com/news/security/cia-porn-extortion-scams-now-use-password-protected-pdfs/

Dozens of Credit Card Info Skimming Scripts Infect Thousands of Sites

Malicious web code that Magecart groups use to steal payment card data from online stores is bustling business on underground forums. There are at least 38 unique families of such scripts, some more advanced than others, but each with multiple custom variants under their belt. [...]

https://www.bleepingcomputer.com/news/security/dozens-of-credit-card-info-skimming-scripts-infect-thousands-of-sites/

Georgia Tech Data Breach Exposes Info for 1.3 Million People

Georgia Tech announced yesterday that a vulnerability in a web application allowed an attacker to gain access to the personal information of up to 1.3 million students, college applications, staff, and faculty members. [...]

https://www.bleepingcomputer.com/news/security/georgia-tech-data-breach-exposes-info-for-13-million-people/

Insider Attacks More Common, Harder to Detect After Cloud Migration

Insider attacks are becoming more and more prevalent each year as 73% of information of IT professionals told Bitglass, while 59% also stated that their companies have also gone through at least one such incident during the past year. [...]

https://www.bleepingcomputer.com/news/security/insider-attacks-more-common-harder-to-detect-after-cloud-migration/

NVIDIA Fixes Flaws in Linux4Tegra Driver for Jetson AI Supercomputers

NVIDIA released a security update for the Jetson TX1 and TX2 to patch vulnerabilities discovered in the Linux for Tegra driver package that could enable local attackers with basic user privileges to elevate privileges and to perform privilege escalation, denial-of-service (DoS) or information disclosure attacks. [...]

https://www.bleepingcomputer.com/news/security/nvidia-fixes-flaws-in-linux4tegra-driver-for-jetson-ai-supercomputers/

Realistic Phishing Attacks Take Advantage of U.S. Tax Season

With the United States tax season in full swing, attackers are utilizing a variety of realistic methods to lure victims into opening malicious documents or submit sensitive information. [...]

https://www.bleepingcomputer.com/news/security/realistic-phishing-attacks-take-advantage-of-us-tax-season/