Popular Meitu App Caught Collecting User Data and Sending It to Servers in China

Security researchers have discovered that a very popular photo retouching iOS and Android application is collecting user data and sending it for storage to servers in China. [...]

https://www.bleepingcomputer.com/news/mobile/popular-meitu-app-caught-collecting-user-data-and-sending-it-to-servers-in-china/

The Week in Ransomware - January 20th 2017 - Satan RaaS, Spora, Locky, and More

This week we continue to see more ransomware being released as well as changes in the distribution of the larger ransomware infections. For example, Locky has had a very low distribution lately since the holidays, but according to the Cisco Talos Group, it is starting to pick up again. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-20th-2017-satan-raas-spora-locky-and-more/

Lavabit Reopens, Snowden's Former Email Provider

Lavabit, the encrypted email service provider once used by Snowden, has announced it will reopen its doors after a three-year hiatus during which it developed new email technology. [...]

https://www.bleepingcomputer.com/news/security/lavabit-reopens-snowdens-former-email-provider/

Firefox 51 to Show Better Warnings When Logging in via Insecure HTTP Pages

Mozilla's security team previewed today a new set of indicators that will be added to Firefox 51, set for launch on Monday, January 23, and subsequent Firefox versions. [...]

https://www.bleepingcomputer.com/news/software/firefox-51-to-show-better-warnings-when-logging-in-via-insecure-http-pages/

Film Director Steals from Grocery Store to Prove a Point About Piracy

In one of the most bizarre things you'll see this week, a movie director stole from a grocery store where a friend was working just to prove a point about digital piracy. [...]

https://www.bleepingcomputer.com/news/legal/film-director-steals-from-grocery-store-to-prove-a-point-about-piracy/

Android Banking Trojan Source Code Leaked Online, Leads to New Variation Right Away

The source code of an unnamed Android banking trojan has been recently leaked online via an underground hacking forum, say researchers from security firm Dr.Web. [...]

https://www.bleepingcomputer.com/news/security/android-banking-trojan-source-code-leaked-online-leads-to-new-variation-right-away/

College Successfully Sues IT Admin After Losing Access to Email System

A former IT administrator for the American College of Education (ACE) in Indiana was ordered to pay damages of $248,350 after a court found him responsible after the institution lost access to its email system. [...]

https://www.bleepingcomputer.com/news/legal/college-successfully-sues-it-admin-after-losing-access-to-email-system/

Your Heartbeat as a Password - Smart or Stupid?

Scientists from the Binghamton University in New York have explored with using a person's heartbeat as a password for encrypting and then decrypting personal data. [...]

https://www.bleepingcomputer.com/news/security/your-heartbeat-as-a-password-smart-or-stupid/

Sage 2.0 Ransomware Gearing up for Possible Greater Distribution

The Sage 2.0 Ransomware, which is an updated variant of CryLocker, has been discovered being distributed by one of the same actors who is distributing Locky, Cerber, and Spora. Due to this there is a good chance of wider distribution of this ransomware. This guide provides information on Sage 2.0 and what to expect from it. [...]

https://www.bleepingcomputer.com/news/security/sage-2-0-ransomware-gearing-up-for-possible-greater-distribution/

Apple Releases Critical Security Updates for iOs, macOS, and other Core Products

Today Apple released updates for macOS, iOS, Safari, tvOS, iCloud, and watchOS to fix a variety of security holes as well as to introduce new features. With these releases, Apple fixed 56 vulnerabilities, with many of these vulnerabilities being shared over multiple platforms. [...]

https://www.bleepingcomputer.com/news/security/apple-releases-critical-security-updates-for-ios-macos-and-other-core-products/

Microsoft Reveals Windows Defender Security Center Scheduled for Creators Update

The Windows 10 Creators Update scheduled for launch later this year will include an upgrade of the default Windows Defender antivirus, which will feature a new settings panel named the Windows Defender Security Center. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-reveals-windows-defender-security-center-scheduled-for-creators-update/

Hacker Group Claims Responsibility for Lloyds Bank Outages, Ransom Demand

A group of at least two hackers has tried to extort a ransom payment from the Lloyds Banking Group according to a copy of an email the hackers sent to a high-ranking executive. [...]

https://www.bleepingcomputer.com/news/security/hacker-group-claims-responsibility-for-lloyds-bank-outages-ransom-demand/

And So It Begins: Spora Ransomware Starts Spreading Worldwide

According to data gathered via the ID-Ransomware service, what all of us had predicted is now happening, as the Spora ransomware has started to spread to new territories outside former Soviet states. [...]

https://www.bleepingcomputer.com/news/security/and-so-it-begins-spora-ransomware-starts-spreading-worldwide/

HummingBad Android Malware Found in 20 Google Play Store Apps

HummingBad, an Android malware estimated to have touched over 85 million devices worldwide, was recently found in 46 new applications, 20 of which had even made their way into the official Play Store, passing Google's security checks. [...]

https://www.bleepingcomputer.com/news/security/hummingbad-android-malware-found-in-20-google-play-store-apps/

Firefox 51 Released with Support for FLAC, WebGL 2, and Improved Security

Mozilla will release later today Firefox 51, the latest version of its famous browser, which will include a series of small upgrades, but which will make a difference in the long run. [...]

https://www.bleepingcomputer.com/news/software/firefox-51-released-with-support-for-flac-webgl-2-and-improved-security/

Bug Allowed Access to Over 218K Private Messages on Dark Web Marketplace AlphaBay

AlphaBay admins announced today they've plugged a security hole that allowed an attacker to gain access to around 218,000 private user messages. [...]

https://www.bleepingcomputer.com/news/security/bug-allowed-access-to-over-218k-private-messages-on-dark-web-marketplace-alphabay/

Dropbox Kept Files Around for Years Due to 'Delete' Bug

Dropbox engineers have fixed what appears to be a very ancient bug that during the past two weeks has resurfaced previously deleted folders for several Dropbox users. [...]

https://www.bleepingcomputer.com/news/software/dropbox-kept-files-around-for-years-due-to-delete-bug/

Linux Systemd Flaw Gives Attackers Root Access

Security researcher Sebastian Krahmer has recently discovered that a previously known security flaw in the systemd project can be used for more than crashing a Linux distro but also to grant local attackers root access to the device. [...]

https://www.bleepingcomputer.com/news/security/linux-systemd-flaw-gives-attackers-root-access/

A Benevolent Hacker Is Warning Owners of Unsecured Cassandra Databases

An unknown hacker is accessing public and unsecured Apache Cassandra databases and adding an extra table through which it warns server owners that their DB was left exposed to online attacks. [...]

https://www.bleepingcomputer.com/news/security/a-benevolent-hacker-is-warning-owners-of-unsecured-cassandra-databases/

Meet TorWorld, an Upcoming Tor-as-a-Service Portal

TorWorld project wants to teach you about Tor and become a hosting provider for Tor nodes. [...]

https://www.bleepingcomputer.com/news/security/meet-torworld-an-upcoming-tor-as-a-service-portal/