SVG Image Format Set for Wider Adoption in Malware Distribution

SVG has all the makings of a great malware distribution medium, and crooks are bound to migrate to this new file format, now that Google has moved to ban .js email attachments. [...]

https://www.bleepingcomputer.com/news/security/svg-image-format-set-for-wider-adoption-in-malware-distribution/

Are Recent Google Chrome Changes Alienating Hardcore Users?

Google has made a few changes to recent Chrome versions that most users are bound to disagree with since it takes away some of their control over the browser. [...]

https://www.bleepingcomputer.com/news/software/are-recent-google-chrome-changes-alienating-hardcore-users/

Emsisoft Website Hit by DDoS Attack as Company Releases Ransomware Decrypter

In the past week, two security firms, Dr.Web and Emsisoft, suffered DDoS attacks at the hands of cyber-criminals who attempted to bring down their websites as payback for meddling with their illegal activities. [...]

https://www.bleepingcomputer.com/news/security/emsisoft-website-hit-by-ddos-attack-as-company-releases-ransomware-decrypter/

Facebook Designs New Account Recovery System That's Actually Pretty Clever

Today, at the USENIX Enigma conference, Facebook engineers announced a new mechanism for recovering access to lost online accounts, which relies on the cooperation between different online services. [...]

https://www.bleepingcomputer.com/news/security/facebook-designs-new-account-recovery-system-thats-actually-pretty-clever/

Federal Reserve Employee Admits to Installing Bitcoin Miner on Government Server

Nicholas Berthaume, a former employee of the US Federal Reserve in Washington, D.C., has pleaded guilty and was sentenced to 12 months probation for installing Bitcoin mining software on one of the government servers he was supposed to manage. [...]

https://www.bleepingcomputer.com/news/government/federal-reserve-employee-admits-to-installing-bitcoin-miner-on-government-server/

Rogue Netflix App Spreads Netix Ransomware That Targets Windows 7 and 10 Users

A ransomware family named Netix (RANSOM_NETIX.A) is targeting users who use special applications to access hacked Netflix accounts, locking their files and demanding a ransom payment of $100. [...]

https://www.bleepingcomputer.com/news/security/rogue-netflix-app-spreads-netix-ransomware-that-targets-windows-7-and-10-users/

Apple Takes Down iCloud Activation Lock Page After Disclosure of Security Flaw

Following the public disclosure of a security flaw in the iCloud Activation Lock web page that allowed phone thieves to reactivate devices to other Apple user accounts, the company has decided to shut down the page for the time being. [...]

https://www.bleepingcomputer.com/news/apple/apple-takes-down-icloud-activation-lock-page-after-disclosure-of-security-flaw/

Fake Chrome Font Pack Update Alerts Infecting Visitors with Spora Ransomware

Yesterday, Brad Duncan, a Threat Intelligence Analyst for Palo Alto Networks Unit 42, wrote a blog article discussing how the EITest Chrome Font Update campaign, which was previously discovered by Kafeine, is now distributing the Spora Ransomware instead. [...]

https://www.bleepingcomputer.com/news/security/fake-chrome-font-pack-update-alerts-infecting-visitors-with-spora-ransomware/

Spanish Police Claim to Have Arrested Phineas Fisher - Hacking Team Hacker

Spain's National Police Corps have detained a man in the city of Salamanca, who they suspect of being Phineas Fisher, a famous hacker who has breached the Gamma Group and Hacking Team, two companies that sold cyber-surveillance software to oppressive regimes. [...]

https://www.bleepingcomputer.com/news/security/spanish-police-claim-to-have-arrested-phineas-fisher-hacking-team-hacker/

31 Netgear Router Models Affected by Flaw That Exposes Admin Password

Netgear has issued patches that resolve a simple bug in the firmware of 20 different router models that allow an attacker to expose the router's web panel admin password, which they can use to take over the device. [...]

https://www.bleepingcomputer.com/news/hardware/31-netgear-router-models-affected-by-flaw-that-exposes-admin-password/

Epic Fail: Linux Encryption App Cryptkeeper Has Universal Password: 'p'

A data encryption app for Linux users named Cryptkeeper has a bug that allows anyone to decrypt locked content using the password "p". [...]

https://www.bleepingcomputer.com/news/security/epic-fail-linux-encryption-app-cryptkeeper-has-universal-password-p/

CryptoMix variant named CryptoShield 1.0 Ransomware Distributed by Exploit Kits

A new CryptoMix variant called CryptoShield 1.0 Ransomware has been discovered by ProofPoint security researcher Kafeine being distributed via EITest and the RIG exploit kit. [...]

https://www.bleepingcomputer.com/news/security/cryptomix-variant-named-cryptoshield-1-0-ransomware-distributed-by-exploit-kits/

GitLab Goes Down After Employee Deletes the Wrong Folder

GitLab.com, a web service for hosting and syncing source code, similar to GitHub, has gone down last night at around 18:00 ET, January 31, and after 11 hours, at the time of publishing, the website is still down. [...]

https://www.bleepingcomputer.com/news/hardware/gitlab-goes-down-after-employee-deletes-the-wrong-folder/

Mobile Security Firm Wants to Buy Expired Zero-Days

Zimperium, the mobile security company that discovered the Stagefright bug in the summer of 2015, announced yesterday its intention to buy fully-working exploits for former Android and iOS zero-days. [...]

https://www.bleepingcomputer.com/news/security/mobile-security-firm-wants-to-buy-expired-zero-days/

Spam Accounts for Two-Thirds of All Email Volume, and It's Still Going Up

Reports released by different security vendors highlight that spam campaigns grew tremendously in 2016, as exploit kit activity fell after the three major players went down. [...]

https://www.bleepingcomputer.com/news/security/spam-accounts-for-two-thirds-of-all-email-volume-and-its-still-going-up/

EU Announces End of All Roaming Charges Starting June 15

The European Union announced today an agreement between various regulating bodies and mobile carriers that will help eliminate in most part roaming charges across the EU space starting with June 15, 2016. [...]

https://www.bleepingcomputer.com/news/mobile/eu-announces-end-of-all-roaming-charges-starting-june-15/

New Research Shows Sorry State of Printer Security

Knowing that printers are everywhere and they can leak sensitive information, these devices are precious reconnaissance and pivot points for any hacker trying to breach sensitive enterprise networks. [...]

https://www.bleepingcomputer.com/news/security/new-research-shows-sorry-state-of-printer-security/

WordPress Team Fixed a Zero-Day Behind Everyone's Back and Told No One

The WordPress security team revealed yesterday they've secretly fixed a zero-day vulnerability in the WordPress CMS, which wasn't initially included in the official announcement. [...]

https://www.bleepingcomputer.com/news/security/wordpress-team-fixed-a-zero-day-behind-everyones-back-and-told-no-one/

Gmail Drops Support for Windows XP and Vista Users on Chrome

Google says that starting with February 8, Chrome users will have to use version 54 or 55 (current) if they want to access their Gmail accounts. [...]

https://www.bleepingcomputer.com/news/software/gmail-drops-support-for-windows-xp-and-vista-users-on-chrome/

Windows DRM Files Used to Decloak Tor Browser Users

Downloading and trying to open Windows DRM-protected files can deanonymize Tor Browser users and reveal their real IP addresses, security researchers from Hacker House have warned. [...]

https://www.bleepingcomputer.com/news/security/windows-drm-files-used-to-decloak-tor-browser-users/