Instagram Only Showing a Blank White Screen for Many Users

Since yesterday, users have been reporting that they are greeted with a blank or white screen when they open the Instagram app or try to log into their account. [...]

https://www.bleepingcomputer.com/news/software/instagram-only-showing-a-blank-white-screen-for-many-users/

Broadcom WiFi Driver Flaws Expose Computers, Phones, IoT to RCE Attacks

Broadcom WiFi chipset drivers have been found to contain vulnerabilities impacting multiple operating systems and allowing potential attackers to remotely execute arbitrary code and to trigger denial-of-service according to a DHS/CISA alert and a CERT/CC vulnerability note. [...]

https://www.bleepingcomputer.com/news/security/broadcom-wifi-driver-flaws-expose-computers-phones-iot-to-rce-attacks/

'Sea Turtle' Campaign Focuses on DNS Hijacking to Compromise Targets

For at least two years, a highly capable threat actor has been running a campaign that relied on DNS hijacking to reach their targets. In the operation, at least 40 public and private organizations in 13 countries have been compromised. [...]

https://www.bleepingcomputer.com/news/security/sea-turtle-campaign-focuses-on-dns-hijacking-to-compromise-targets/

DLL Cryptomix Ransomware Variant Installed Via Remote Desktop

The CryptoMix ransomware is still alive and kicking as a new variant has been spotted being spread in the wild. This new version appends the .DLL extension to encrypted files and is said to be installed through hacked remote desktop services. [...]

https://www.bleepingcomputer.com/news/security/dll-cryptomix-ransomware-variant-installed-via-remote-desktop/

Hacker Group Exposes Iranian APT Operations and Members

Hackers have revealed details about the inner workings of a cyber-espionage group mostly known in the security community as OilRig, APT34, and HelixKitten, linked to the Iranian government. [...]

https://www.bleepingcomputer.com/news/security/hacker-group-exposes-iranian-apt-operations-and-members/

RevengeRAT Distributed via Bit.ly, BlogSpot, and Pastebin C2 Infrastructure

A malicious campaign targeting entities from North America, Europe, Asia, and the Middle East during March used a combination of pages hosted on Bit.ly, BlogSpot, and Pastebin to create a command-and-control (C2) infrastructure designed to avoid getting blocked by security solutions. [...]

https://www.bleepingcomputer.com/news/security/revengerat-distributed-via-bitly-blogspot-and-pastebin-c2-infrastructure/

Windows 10 Application Guard Added to the New Microsoft Edge

Microsoft's Windows Defender Application Guard has been added to the upcoming Chromium-based Microsoft Edge.  This security feature allows you to securely browse the web without fear of becoming infected by malicious sites. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-application-guard-added-to-the-new-microsoft-edge/

Ride-Hailing Company Exposes Sensitive Info of Iranian Drivers

A ride-hailing company operating in Iran left open and publicly available a database containing sensitive information about its drivers. In total, the MongoDB instance stored over 6.7 million records. [...]

https://www.bleepingcomputer.com/news/security/ride-hailing-company-exposes-sensitive-info-of-iranian-drivers/

Unsecured Databases Leak 60 Million Records of Scraped LinkedIn Data

Eight unsecured databases were found leaking approximately 60 million records of LinkedIn user information. While most of the information is publicly available, the databases contain the email addresses of the LinkedIn users. [...]

https://www.bleepingcomputer.com/news/security/unsecured-databases-leak-60-million-records-of-scraped-linkedin-data/

Get Assassin's Creed: Unity for Free in Honor of Notre-Dame

French video game developer Ubisoft is giving away Assassins Creed: Unity for free in honor of the Notre-Dame, which was recently damaged due to a fire. [...]

https://www.bleepingcomputer.com/news/gaming/get-assassins-creed-unity-for-free-in-honor-of-notre-dame/

Cyber Attack Forces The Weather Channel Off the Air

The Weather Channel stopped its live broadcasting this morning due to a security incident that lasted for at least 90 minutes. [...]

https://www.bleepingcomputer.com/news/security/cyber-attack-forces-the-weather-channel-off-the-air/

The HotList is The Latest Instagram Phishing Scam Attack

A phishing scam called The HotList is the latest scam currently making its way through Instagram. This scam pretends to be a list of pictures ranked on how "Hot" they are, but just leads to a fake Instagram login page that is used to steal account logins and passwords. [...]

https://www.bleepingcomputer.com/news/security/the-hotlist-is-the-latest-instagram-phishing-scam-attack/

Google to Block Logins from Embedded Browser Frameworks

To increase protection against man-in-the-middle (MitM) attacks, Google in June will block sign-ins from embedded browser frameworks, which are used with some forms of phishing. [...]

https://www.bleepingcomputer.com/news/security/google-to-block-logins-from-embedded-browser-frameworks/

The New Microsoft Edge Sometimes Impersonates Other Browsers

The new Chromium-based Microsoft Edge will impersonate other browsers depending on the site being visited. This is may be done for compatibility reasons, like properly rendering pages or how video will be streamed and played back. [...]

https://www.bleepingcomputer.com/news/microsoft/the-new-microsoft-edge-sometimes-impersonates-other-browsers/

The Week in Ransomware - April 19th 2019 - RobbinHood, Samba, and More

This week introduced a new ransomware player that is targeting companies called RobbinHood. This ransomware recently took down the City of Greenville's computer systems and offers two different ransom payments; a price per computer or one for the entire network. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-19th-2019-robbinhood-samba-and-more/

Mozilla Firefox to Enable Hyperlink Ping Tracking By Default

Mozilla has told BleepingComputer that they will be enabling the tracking feature called hyperlink auditing, or Pings, by default in Firefox.  There is no timeline for when this feature will be enabled, but it will be done when their implementation is complete. [...]

https://www.bleepingcomputer.com/news/software/mozilla-firefox-to-enable-hyperlink-ping-tracking-by-default/

New INPIVX Service May Change the Ransomware Game

A new service called Inpivx pushes ransomware business to a new evolution stage, making it easy to set up shop for those that lack the technical skills to develop the malware from scratch and build a management panel. [...]

https://www.bleepingcomputer.com/news/security/new-inpivx-service-may-change-the-ransomware-game/

Nintendo Super Mario Bros. Now Playable on Commodore 64

After seven years of development, Super Mario Bros. has been ported from the Nintendo Entertainment System (NES) to the Commodore 64. [...]

https://www.bleepingcomputer.com/news/gaming/nintendo-super-mario-bros-now-playable-on-commodore-64/

Windows 10 Start Menu Gets Its Own Process in Build 1903

Next month Microsoft will be releasing the Windows 10 May 2019 Update, also known as build 1903, and with it the Windows Start Menu will now be running under its own process called "Start". This is being done to increase performance and to make it easier to recover from hangs in the Start Menu. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-start-menu-gets-its-own-process-in-build-1903/

Security Researcher Pleads Guilty To Malware Writing Charges

Security researcher Marcus Hutchins pled guilty on Wednesday to writing malware and aiding with its distribution with the help of a partner. [...]

https://www.bleepingcomputer.com/news/security/security-researcher-pleads-guilty-to-malware-writing-charges/