Opera Presto Source Code Leaks Online

An unknown third-party has leaked the source code of the old Opera Presto browser engine on GitHub, and later on Bitbucket, two services for hosting and sharing source code online. [...]

https://www.bleepingcomputer.com/news/software/opera-presto-source-code-leaks-online/

New GhostAdmin Malware Used for Data Theft and Exfiltration

Security researcher MalwareHunterTeam discovered today a new malware family that can infect computers and allow crooks to take control of these PCs using commands sent via an IRC channel. [...]

https://www.bleepingcomputer.com/news/security/new-ghostadmin-malware-used-for-data-theft-and-exfiltration/

Locky Ransomware Activity Goes Down by 81%

For more than four weeks, the only source of Locky ransomware infections has been through spam campaigns that distributed the Kovter click-fraud malware, as the primary source of Locky infections, the Necurs botnet, has been offline for the Christmas and New Year holidays. [...]

https://www.bleepingcomputer.com/news/security/locky-ransomware-activity-goes-down-by-81-percent/

Malware Uses Google Services as Command-and-Control Servers

Recent versions of the Carbanak malware are now abusing several Google services to host command-and-control (C&C) infrastructure, which they use to manage infections and exfiltrate stolen data. [...]

https://www.bleepingcomputer.com/news/security/malware-uses-google-services-as-command-and-control-servers/

Indiana Cancer Agency Hit by Aggressive Ransomware Group

A ransomware group has infected the computers of an Indiana-based cancer agency and have asked for a large payment of 50 Bitcoin ($44,800). The victim is Cancer Services of East Central Indiana-Little Red Door, an organization that helps "reduce the financial and emotional burdens of those dealing with a cancer diagnosis." [...]

https://www.bleepingcomputer.com/news/security/indiana-cancer-agency-hit-by-aggressive-ransomware-group/

Chrome Users Targeted with Malware via New "Font Wasn't Found" Technique

Google Chrome users need to be on the lookout for websites trying to trick them into downloading a font update package for their browser, as most chances are that the file is laced with malware. [...]

https://www.bleepingcomputer.com/news/security/chrome-users-targeted-with-malware-via-new-font-wasnt-found-technique/

Intel CPUs Can Be Pwned via USB Port and Debugging Interface

Attackers with access to a device can take control over a target's computer and bypass all local security systems by abusing a hardware debugging interface included with Intel CPUs, which in recent years has become accessible via an external USB 3.0 port. [...]

https://www.bleepingcomputer.com/news/hardware/intel-cpus-can-be-pwned-via-usb-port-and-debugging-interface/

Mozilla Reveals New Logo Following Seven-Month Search

The Mozilla Foundation has launched a new logo and visual identity today to replace the old red dinosaur head that previously stood as its official logo. [...]

https://www.bleepingcomputer.com/news/software/mozilla-reveals-new-logo-following-seven-month-search/

Database Ransom Attacks Hit CouchDB and Hadoop Servers

For the past week, unknown groups of cyber-criminals have taken control of and wiped data from CouchDB and Hadoop databases, in some cases asking for a ransom fee to return the stolen files, but in some cases, destroying data just for fun. [...]

https://www.bleepingcomputer.com/news/security/database-ransom-attacks-hit-couchdb-and-hadoop-servers/

Two Emojis Can Crash Any iPhone and iPad

YouTube star EverythingApplePro has published a video today revealing two new methods through which someone could crash iOS devices. [...]

https://www.bleepingcomputer.com/news/apple/two-emojis-can-crash-any-iphone-and-ipad/

Apple Releases Critical Security Updates for GarageBand and Logic Pro X

Today Apple released the GarageBand 10.1.5.1 and Logic Pro X 10.3 updates to fix a critical vulnerability in both program that could lead to remote code execution. [...]

https://www.bleepingcomputer.com/news/apple/apple-releases-critical-security-updates-for-garageband-and-logic-pro-x/

Oracle Delivers a Whopping 270 Fixes in 2017's First Critical Patch Update

Today, Oracle released their January 2017 Critical Patch Update, or CPU, that resolves a massive 270 vulnerabilities across all of their products. Of these 270 vulnerabilities, over 100 are remotely exploitable without authentication. [...]

https://www.bleepingcomputer.com/news/security/oracle-delivers-a-whopping-270-fixes-in-2017s-first-critical-patch-update/

Labor Department Sues Oracle for Paying White Males More, Favoring Indian Hires

Oracle risks to lose all current and future contracts with the US government after the US Department of Labor (DoL) has filed a lawsuit against the company's US Division, Oracle America., Inc.. [...]

https://www.bleepingcomputer.com/news/business/labor-department-sues-oracle-for-paying-white-males-more-favoring-indian-hires/

Ancient Mac Malware Found Used in Recent Attacks, Can Work on Linux Too

Apple has recently patched macOS against possible attacks from a backdoor trojan discovered by Malwarebytes, which Apple engineers call Fruitfly, and Malwarebytes detects as OSX.Backdoor.Quimitchin. [...]

https://www.bleepingcomputer.com/news/security/ancient-mac-malware-found-used-in-recent-attacks-can-work-on-linux-too/

ProtonMail Is Now Available via a Tor Address to Avoid Global Censorship

ProtonMail, today's largest provider of encrypted email services, has announced today a Tor URL that users can utilize if the service is blocked in their country by ISPs or the central government. [...]

https://www.bleepingcomputer.com/news/security/protonmail-is-now-available-via-a-tor-address-to-avoid-global-censorship/

Android Ransomware Locks Phone and Asks for Credit Card Number

A new ransomware family is targeting Android devices, locking access to the screen, and constantly pestering the user to enter his payment card details. [...]

https://www.bleepingcomputer.com/news/security/android-ransomware-locks-phone-and-asks-for-credit-card-number/

Someone's Assembling Ragebot Botnet Using Self-Propagating Windows Worm

An unknown group/person is building a botnet using a new version of the Ragebot botnet malware, one that includes worm features that allow it to spread on its own to new devices. [...]

https://www.bleepingcomputer.com/news/security/someones-assembling-ragebot-botnet-using-self-propagating-windows-worm/

New Satan Ransomware available through a Ransomware as a Service.

A new Ransomware as a Service, or RaaS, called Satan has been discovered by security researcher Xylitol.  This service allows any wannabe criminal to register an account and create their very own customized version of the Satan Ransomware. [...]

https://www.bleepingcomputer.com/news/security/new-satan-ransomware-available-through-a-ransomware-as-a-service-/

Windows 10 Insider Build 15014 can Auto-Delete Temp and Old Recycle Bin Files

Today Microsoft released the Windows 10 Insider Preview Build 15014 for PC and Mobile to Insiders on the fast ring.  This build has a ton of new fixes as well as new features. By far the best addition is the ability for Windows to automatically delete unused temporary files and files in the Recycle Bin that are older than 30 days [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-insider-build-15014-can-auto-delete-temp-and-old-recycle-bin-files/

Oracle to Block JAR Files Signed With MD5 Starting With April 2017

Oracle says that starting with April 18, 2017, Java (JRE) will treat all JAR files signed with the MD5 algorithm as unsigned, meaning they'll be considered insecure and blocked from running. [...]

https://www.bleepingcomputer.com/news/security/oracle-to-block-jar-files-signed-with-md5-starting-with-april-2017/