Linux Systemd Flaw Gives Attackers Root Access

Security researcher Sebastian Krahmer has recently discovered that a previously known security flaw in the systemd project can be used for more than crashing a Linux distro but also to grant local attackers root access to the device. [...]

https://www.bleepingcomputer.com/news/security/linux-systemd-flaw-gives-attackers-root-access/

A Benevolent Hacker Is Warning Owners of Unsecured Cassandra Databases

An unknown hacker is accessing public and unsecured Apache Cassandra databases and adding an extra table through which it warns server owners that their DB was left exposed to online attacks. [...]

https://www.bleepingcomputer.com/news/security/a-benevolent-hacker-is-warning-owners-of-unsecured-cassandra-databases/

Meet TorWorld, an Upcoming Tor-as-a-Service Portal

TorWorld project wants to teach you about Tor and become a hosting provider for Tor nodes. [...]

https://www.bleepingcomputer.com/news/security/meet-torworld-an-upcoming-tor-as-a-service-portal/

Trojan Transforms Linux Devices into Proxies for Malicious Traffic

Security researchers have uncovered a new trojan that targets Linux devices that is capable of transforming infected machines into proxy servers and relay malicious traffic, hiding the true origin of attacks or other nefarious activities. [...]

https://www.bleepingcomputer.com/news/security/trojan-transforms-linux-devices-into-proxies-for-malicious-traffic/

Charger Android Ransomware Reaches Google Play Store

Google has removed an app from the Play Store that contained a new Android ransomware family named Charger. [...]

https://www.bleepingcomputer.com/news/security/charger-android-ransomware-reaches-google-play-store/

Russia Arrests Top Kaspersky Lab Security Researcher on Charges of Treason

Russian authorities arrested Ruslan Stoyanov, one of Kaspersky Lab's top-ranked security researchers, under article 275 of the Russian criminal code, which refers to treason. [...]

https://www.bleepingcomputer.com/news/security/russia-arrests-top-kaspersky-lab-security-researcher-on-charges-of-treason/

HP Recalls 101,000 Laptop Batteries Due to Fire Hazard

HP issued a recall today for 101,000 Panasonic batteries that the company used in various laptop and notebook models, sold between March 2013 and October 2016. [...]

https://www.bleepingcomputer.com/news/hardware/hp-recalls-101-000-laptop-batteries-due-to-fire-hazard/

Ripper.cc Helps Cyber Criminals Avoid Getting Scammed

Crooks lurking around the Internet's underbelly have created a service called Ripper.cc, a database of known and proven fraudsters. [...]

https://www.bleepingcomputer.com/news/security/ripper-cc-helps-cyber-criminals-avoid-getting-scammed/

Gmail will Block JS Attachments for Security Reasons Starting February 13

To increase security for its users, starting on February 13th Google will begin block JS attachments in Gmail. Though this move This move definitely brings greater security to Gmail users, but will only cause malware distributors to switch to [...]

https://www.bleepingcomputer.com/news/google/gmail-will-block-js-attachments-for-security-reasons-starting-february-13/

Google Chrome 56 Rolls out with HTML5 by Default, Sticky Elements, and the Web Bluetooth Api

Chrome 56 is being rolled out to Windows, Linux, and Mac users and should be available to everyone over the next few days. Along with 56 security updates, this new version comes with quite a few goodies such as HTML5 by default, support for the Sticky position attribute, and the Web Bluetooth API. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-56-rolls-out-with-html5-by-default-sticky-elements-and-the-web-bluetooth-api/

Android VPN Apps Caught Intercepting Traffic, Failing to Encrypt

New research released this week reveals that a large chunk of today Android VPN clients are a serious security and privacy risk, with some clients failing to encrypt traffic, and some even injecting ads in a customer's browsing experience. [...]

https://www.bleepingcomputer.com/news/security/android-vpn-apps-caught-intercepting-traffic-failing-to-encrypt/

Former Mozilla Engineer: Disable Your Antivirus Software, Except Microsoft's

"Antivirus software vendors are terrible; don't buy antivirus software, and uninstall it if you already have it (except for Microsoft's)." This is how Robert "Roc" O'Callahan, a former Mozilla bigwig engineer started a blog post today, in which he details a long list of issues that antivirus software have caused to browser vendors. [...]

https://www.bleepingcomputer.com/news/security/former-mozilla-engineer-disable-your-antivirus-software-except-microsofts/

Chrome Plans to Limit the Activity of Background Tabs to Improve Performance

Google Chrome engineers are working on a throttling system that would impose a limitation on the number of JavaScript (timers) operations that unfocused background tabs can perform. [...]

https://www.bleepingcomputer.com/news/software/chrome-plans-to-limit-the-activity-of-background-tabs-to-improve-performance/

Police Department Loses Years Worth of Evidence in Ransomware Incident

Police in Cockrell Hill, Texas admitted yesterday in a press release that they lost years worth of evidence after the department's server was infected with ransomware. [...]

https://www.bleepingcomputer.com/news/security/police-department-loses-years-worth-of-evidence-in-ransomware-incident/

Android Pattern Locks Can Be Cracked Using Video Recordings

Scientists from universities in China and the UK have published research that details a novel method that breaks Android's pattern lock system based on videos of people entering their patterns from distances of up to nine meters away. [...]

https://www.bleepingcomputer.com/news/security/android-pattern-locks-can-be-cracked-using-video-recordings/

VirLocker Ransomware Returns Just as Virulent as Ever

The VirLocker ransomware made a comeback this past week with a new and very virulent version, but the Malwarebytes security team says there's a way for victims to recover files by entering a special code in the payment field. [...]

https://www.bleepingcomputer.com/news/security/virlocker-ransomware-returns-just-as-virulent-as-ever/

SMS-Exploitable Bug in Samsung Galaxy Phones Can Be Used for Ransomware Attacks

Samsung has patched a combo of four security flaws that affected Galaxy handsets that an attacker could have combined and used to put devices in endless reboot loops or hijack handsets for ransomware. [...]

https://www.bleepingcomputer.com/news/security/sms-exploitable-bug-in-samsung-galaxy-phones-can-be-used-for-ransomware-attacks/

Events Behind July 2016 Taiwan ATM Heists Are Coming to Light

Taiwanese authorities sentenced three crooks they arrested last summer to five years in prison for their role in a massive ATM heist operation that involved a total of 22 individuals. [...]

https://www.bleepingcomputer.com/news/security/events-behind-july-2016-taiwan-atm-heists-are-coming-to-light/

Fed up with Intermediaries, Google Becomes Root Certificate Authority

Google announced yesterday plans to become a self-standing, certified, and independent Root Certificate Authority, meaning the company would be able to issue its own TLS/SSL certificates for securing its web traffic via HTTPS, and not rely on intermediaries, as it does now. [...]

https://www.bleepingcomputer.com/news/security/fed-up-with-intermediaries-google-becomes-root-certificate-authority/

The Week in Ransomware - January 27th 2017 - Potato, Spora goes Global, and Sage 2.0

This week we continue to see lots of little ransomware being developed and new variants of existing ones. The big news is Spora and Sage 2.0 now being distributed by actors that normally distribute Locky and Cerber. This has caused a greater distribution of both of these ransomware infections.   [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-27th-2017-potato-spora-goes-global-and-sage-2-0/