Polish Banks Infected with Malware Hosted on Their Own Government's Site

Several Polish banks said they suffered malware infections after their employees visited the site of the Polish Financial Supervision Authority (KNF), which had been previously infected to host a malicious JavaScript file. [...]

https://www.bleepingcomputer.com/news/security/polish-banks-infected-with-malware-hosted-on-their-own-governments-site/

Watch Your Computer Go Bonkers with Cancer Trollware

Security researcher MalwareHunter discovered today a new malware that he initially believed to be ransomware but ended up being just another annoying piece of junk that falls in the category of trollware, also known as crapware. [...]

https://www.bleepingcomputer.com/news/security/watch-your-computer-go-bonkers-with-cancer-trollware/

Android Ransomware Borrows One More Trick from Desktop Counterparts

The infamous Lockdroid ransomware has gained a new feature, a banality among desktop malware, but a never-before-seen trick for Android ransomware. [...]

https://www.bleepingcomputer.com/news/security/android-ransomware-borrows-one-more-trick-from-desktop-counterparts/

Over 67,000 Websites Defaced via Recently Patched WordPress Bug

WordPress sites that haven't been updated to the most recent version, v4.7.2, released last week, are under attack as four hacking groups are conducting mass defacement campaigns. [...]

https://www.bleepingcomputer.com/news/security/over-67-000-websites-defaced-via-recently-patched-wordpress-bug/

Vizio Fined for Spying on Users via Smart TVs, Selling User Data Without Consent

Vizio agreed on Monday to pay a fine of $2.2 million after it was caught secretly collecting user data and then selling personal user details to third-parties without the user's explicit consent. [...]

https://www.bleepingcomputer.com/news/hardware/vizio-fined-for-spying-on-users-via-smart-tvs-selling-user-data-without-consent/

Former FireEye Intern, Author of Dendroid RAT, Gets No Prison Time

A judge has sentenced Morgan C. Culbertson, 21, of Pittsburgh to three years probation, with 300 hours of community service and computer monitoring, for his role in creating and selling the Dendroid RAT (Remote Access Trojan). [...]

https://www.bleepingcomputer.com/news/security/former-fireeye-intern-author-of-dendroid-rat-gets-no-prison-time/

76 Popular iOS Apps Vulnerable to Silent Interception of TLS-Encrypted Data

Experts from Sudo Security Group have discovered that at least 76 of the most popular iOS apps available through Apple's App Store have failed to properly implement TLS encryption and expose their users to silent MitM (Man-in-the-Middle) attacks. [...]

https://www.bleepingcomputer.com/news/security/76-popular-ios-apps-vulnerable-to-silent-interception-of-tls-encrypted-data/

Erebus Ransomware Utilizes a UAC Bypass and Request a $90 Ransom Payment

A ransomware called Erebus has been discovered that utilizes a UAC bypass, encrypts file name extensions using ROT-23, and has a low ransom amount of ~$90USD. [...]

https://www.bleepingcomputer.com/news/security/erebus-ransomware-utilizes-a-uac-bypass-and-request-a-90-ransom-payment/

High-End Phishing Kit Automates Attacks on PayPal Accounts

Security researchers from Proofpoint have come across a sophisticated phishing kit that automates the process of building and deploying high-end phishing pages, and which is extremely efficient at collecting login credentials and user details from PayPal users. [...]

https://www.bleepingcomputer.com/news/security/high-end-phishing-kit-automates-attacks-on-paypal-accounts/

Bill Reforming Email Privacy Gets One Step Closer to Reality

The Email Privacy Act (EPA) is for the second year in a row in front of the US Senate after the US House of Representatives approved the bill on Monday. [...]

https://www.bleepingcomputer.com/news/government/bill-reforming-email-privacy-gets-one-step-closer-to-reality/

Russia Arrests Nine More Involved with the Lurk Malware

Russian authorities arrested nine hackers they suspect of being involved in the distribution of the Lurk malware. This is the second wave of arrests after authorities apprehended 50 suspects in May 2016. [...]

https://www.bleepingcomputer.com/news/security/russia-arrests-nine-more-involved-with-the-lurk-malware/

Mirai Gets a Windows Version to Boost Distribution Efforts

Security researchers have stumbled upon a Windows trojan that hackers are using to help with the distribution of the infamous Mirai Linux malware, used to infect IoT devices and carry out massive DDoS attacks. [...]

https://www.bleepingcomputer.com/news/security/mirai-gets-a-windows-version-to-boost-distribution-efforts/

Vivaldi 1.7 Released with Built-In Page Screenshot Utility

Vivaldi Software released today version 1.7 of the Vivaldi browser, which now includes a built-in screen capturing utility that allows users to take snapshots of the entire page or just small sections. [...]

https://www.bleepingcomputer.com/news/software/vivaldi-1-7-released-with-built-in-page-screenshot-utility/

US Embassies Could Ask Visa Applicants for Social Media Passwords

The US is considering a measure that would ask visa applications to give up passwords for social media accounts if they want to receive passage to the United States, according to statements made by Department of Homeland Security Secretary John Kelly at a DHS committee meeting on Tuesday. [...]

https://www.bleepingcomputer.com/news/government/us-embassies-could-ask-visa-applicants-for-social-media-passwords/

Google Will Purge the Play Store of Android Apps Without a Valid Privacy Policy

Google plans to clean up the Play Store by limiting the visibility and even removing Android apps that don't have a listed privacy policy. [...]

https://www.bleepingcomputer.com/news/mobile/google-will-purge-the-play-store-of-android-apps-without-a-valid-privacy-policy/

Hackers Used Legitimate Apps to Attack Banks and Governments in 40 Countries

Hackers attacking banks and government institutions have used legitimate and reputable applications to infect computers and steal data, all while leaving minimal traces behind. [...]

https://www.bleepingcomputer.com/news/security/hackers-used-legitimate-apps-to-attack-banks-and-governments-in-40-countries/

Former NSA Contractor Indicted for Stealing Secret Files for 20 Years

The US Department of Justice (DoJ) filed official charges today against Harold Thomas Martin III, 52, of Glen Burnie, Maryland, for stealing over 50TB of documents from several US government agencies, including documents labeled as Top Secret. [...]

https://www.bleepingcomputer.com/news/security/former-nsa-contractor-indicted-for-stealing-secret-files-for-20-years/

AthenaGo RAT Uses Tor2Web Proxy System to Hide C&C Server

Security researchers have discovered a never-before-seen remote access trojan (RAT) that utilizes Tor proxies to redirect traffic from infected hosts to servers hidden on the Tor network. [...]

https://www.bleepingcomputer.com/news/security/athenago-rat-uses-tor2web-proxy-system-to-hide-candc-server/

Windows Insider Build 15031 for PC Adds Dynamic Lock and Compact Overlay Windows

Yesterday Microsoft released Insider Preview Build 15031 for PC to insiders in the fast ring, This release introduces two new features called Dynamic Lock and Compact Overlay Windows. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-insider-build-15031-for-pc-adds-dynamic-lock-and-compact-overlay-windows/

Serpent Ransoware Wants to Sink Its Fangs Into Your Data

A new ransomware called Serpent Ransomware has been discovered that appears to be a new variant of the Hades Locker and Wildfire infections. This article provides a brief summary of how the ransomware is distributed and detailed description of how it encrypts a computer. [...]

https://www.bleepingcomputer.com/news/security/serpent-ransoware-wants-to-sink-its-fangs-into-your-data/