MongoDB Databases Held Up for Ransom by Mysterious Attacker

An attacker going by the name of Harak1r1 is hijacking unprotected MongoDB databases, stealing their content, and asking for a Bitcoin ransom to return the data. [...]

https://www.bleepingcomputer.com/news/security/mongodb-databases-held-up-for-ransom-by-mysterious-attacker/

Attacks on Phones of Bitcoin Moguls Continue with Recent KeepKey Security Breach

On the last day of 2016, KeepKey, a vendor of Bitcoin hardware wallets, has notified users of a security breach that inadvertently exposed some of its customers' details. [...]

https://www.bleepingcomputer.com/news/security/attacks-on-phones-of-bitcoin-moguls-continue-with-recent-keepkey-security-breach/

Ultrasound Tracking Could Be Used to Deanonymize Tor Users

Ultrasounds emitted by ads or JavaScript code hidden on a page accessed through the Tor Browser can deanonymize Tor users by making nearby phones or computers send identity beacons back to advertisers, data which contains sensitive information that state-sponsored actors can easily obtain via a subpoena. [...]

https://www.bleepingcomputer.com/news/security/ultrasound-tracking-could-be-used-to-deanonymize-tor-users/

Real World FSociety Malware Is Giving Mr. Robot a Bad Name

In the past few weeks, more or less talented malware authors have resorted to naming their newly launched threats using the "FSociety" brand, made famous by the Mr. Robot TV series. [...]

https://www.bleepingcomputer.com/news/security/real-world-fsociety-malware-is-giving-mr-robot-a-bad-name/

Microsoft to Add Bitcoin Support to Excel Later This Year

With Bitcoin popularity soaring like never before, Microsoft plans to add support for the cryptocurrency in Excel for both mobile and desktop versions. [...]

https://www.bleepingcomputer.com/news/software/microsoft-to-add-bitcoin-support-to-excel-later-this-year/

Scientists Turn Memory Chips (RAM) Into Processor (CPU)

A team of researchers from universities in Singapore and Germany have found a way to turn the latest models of RAM memory chips into data processing units and effectively eliminate the need for a CPU. [...]

https://www.bleepingcomputer.com/news/hardware/scientists-turn-memory-chips-ram-into-processor-cpu-/

2 Million Users Impacted by New Data Collection Policy in Stylish Browser Add-On

Stylish, an add-on for browsers such as Chrome, Firefox, Opera, and Safari, announced this week through the voice of its new owner a new data collection partnership with SimilarWeb, a digital market intelligence company. [...]

https://www.bleepingcomputer.com/news/software/2-million-users-impacted-by-new-data-collection-policy-in-stylish-browser-add-on/

Google Dev Finds Serious Flaws in Kaspersky's HTTPS Traffic Inspection System

Tavis Ormandy, one of Google Project Zero's most proficient security researchers, has identified two issues in the way Kaspersky security products inspect HTTPS traffic for web threats. [...]

https://www.bleepingcomputer.com/news/security/google-dev-finds-serious-flaws-in-kasperskys-https-traffic-inspection-system/

Merry Christmas Ransomware and its dev, ComodoSecurity, not bringing Holiday Cheer

The Merry X-Mas Ransomware is here and it's not bringing you any presents. Victims who become infected with this ransomware will have their files encrypted and then be shown a ransom note that wishes them a Merry Christmas while demanding they pay a ransom to get their files back. [...]

https://www.bleepingcomputer.com/news/security/merry-christmas-ransomware-and-its-dev-comodosecurity-not-bringing-holiday-cheer/

Pseudo-Darkleech Actors Behind a Large Chunk of Ransomware Attacks in 2016

A cyber-crime infrastructure known in infosec circles as pseudo-Darkleech has been the source of many ransomware infections during the past year, either by malicious spam attachments or via automated attacks carried out via exploit kits. [...]

https://www.bleepingcomputer.com/news/security/pseudo-darkleech-actors-behind-a-large-chunk-of-ransomware-attacks-in-2016/

FireCrypt Ransomware Comes With a DDoS Component

A new ransomware family named FireCrypt will encrypt the user's files, but also attempt to launch a very feeble DDoS attack on a URL hardcoded in its source code. [...]

https://www.bleepingcomputer.com/news/security/firecrypt-ransomware-comes-with-a-ddos-component/

Emsisoft releases a decryptor for version 3 of the Globe Ransomware

Fabian Wosar of Emisoft has released a decrypter for version 3 of the Globe Ransomware. This decryptor will decrypt the Globe Ransomware variants that commonly append the .decrypt2017 and .hnumkhotep extensions to encrypted files. [...]

https://www.bleepingcomputer.com/news/security/emsisoft-releases-a-decryptor-for-version-3-of-the-globe-ransomware/

Smart Meters Are Laughably Insecure, Are a Real Danger to Smart Homes

Most smart meters that are installed, or are soon to be installed, in hundreds of millions of homes around the world are woefully insecure and can be easily hacked by a remote attacker to alter energy consumption levels, hack other smart devices in the user's home, or even cause the meter to explode. [...]

https://www.bleepingcomputer.com/news/security/smart-meters-are-laughably-insecure-are-a-real-danger-to-smart-homes/

New California Law Makes Ransomware a Standalone Crime

On January 1, 2017, a new law went into effect in California that makes ransomware use a standalone crime. [...]

https://www.bleepingcomputer.com/news/government/new-california-law-makes-ransomware-a-standalone-crime/

Google and Samsung Release Touchscreen-Enabled Chromebook That Runs Android Apps

Today at the Consumer Electronics Show (CES) 2017, held in Las Vegas, USA, Google together with Samsung will be unveiling the next line of Chromebook laptops that also double as a tablet thanks to its new touchscreen and built-in support for running Android apps. [...]

https://www.bleepingcomputer.com/news/hardware/google-and-samsung-release-touchscreen-enabled-chromebook-that-runs-android-apps/

KillDisk Ransomware Now Targets Linux, Prevents Boot-Up, Has Faulty Encryption

Researchers have discovered a Linux variant of the KillDisk ransomware, which itself is a new addition to the KillDisk disk wiper malware family, previously used only to sabotage companies by randomly deleting data and altering files. [...]

https://www.bleepingcomputer.com/news/security/killdisk-ransomware-now-targets-linux-prevents-boot-up-has-faulty-encryption/

Number of Hijacked MongoDB Databases Is Going Up as More Hackers Are Flocking In

MongoDB administrators are about to be tought a hard lesson in database management practices, as the number of hackers that are now involved with DB hijacking attempts has gone from one to three, and more are expected to join in the upcoming days. [...]

https://www.bleepingcomputer.com/news/security/number-of-hijacked-mongodb-databases-is-going-up-as-more-hackers-are-flocking-in/

Plone Developers Call "Hoax" on Alleged FBI Hack

The Plone security team has debunked claims made by a hacker, who said he sued a zero-day in the Plone CMS to hack into the FBI's website, which uses the aforementioned CMS. [...]

https://www.bleepingcomputer.com/news/security/plone-developers-call-hoax-on-alleged-fbi-hack/

Tech Support Scam Causes Macs to Freeze

A new type of tech support scam tactic observed against Mac users relies on opening a large number of email drafts, an action which eventually causes the user's machine to become unresponsive. [...]

https://www.bleepingcomputer.com/news/security/tech-support-scam-causes-macs-to-freeze/

Google Bans AdNauseam from Chrome, the Ad Blocker That Clicks on All Ads

Google has banned the AdNauseam Chrome extension from the Chrome Web Store, an add-on that became very popular with users because it automatically clicked on all ads on a page. [...]

https://www.bleepingcomputer.com/news/google/google-bans-adnauseam-from-chrome-the-ad-blocker-that-clicks-on-all-ads/