Former FireEye Intern, Author of Dendroid RAT, Gets No Prison Time
A judge has sentenced Morgan C. Culbertson, 21, of Pittsburgh to three years probation, with 300 hours of community service and computer monitoring, for his role in creating and selling the Dendroid RAT (Remote Access Trojan). [...]
https://www.bleepingcomputer.com/news/security/former-fireeye-intern-author-of-dendroid-rat-gets-no-prison-time/
A judge has sentenced Morgan C. Culbertson, 21, of Pittsburgh to three years probation, with 300 hours of community service and computer monitoring, for his role in creating and selling the Dendroid RAT (Remote Access Trojan). [...]
https://www.bleepingcomputer.com/news/security/former-fireeye-intern-author-of-dendroid-rat-gets-no-prison-time/
BleepingComputer
Former FireEye Intern, Author of Dendroid RAT, Gets No Prison Time
A judge has sentenced Morgan C. Culbertson, 21, of Pittsburgh to three years probation, with 300 hours of community service and computer monitoring, for his role in creating and selling the Dendroid RAT (Remote Access Trojan).
76 Popular iOS Apps Vulnerable to Silent Interception of TLS-Encrypted Data
Experts from Sudo Security Group have discovered that at least 76 of the most popular iOS apps available through Apple's App Store have failed to properly implement TLS encryption and expose their users to silent MitM (Man-in-the-Middle) attacks. [...]
https://www.bleepingcomputer.com/news/security/76-popular-ios-apps-vulnerable-to-silent-interception-of-tls-encrypted-data/
Experts from Sudo Security Group have discovered that at least 76 of the most popular iOS apps available through Apple's App Store have failed to properly implement TLS encryption and expose their users to silent MitM (Man-in-the-Middle) attacks. [...]
https://www.bleepingcomputer.com/news/security/76-popular-ios-apps-vulnerable-to-silent-interception-of-tls-encrypted-data/
BleepingComputer
76 Popular iOS Apps Vulnerable to Silent Interception of TLS-Encrypted Data
Experts from Sudo Security Group have discovered that at least 76 of the most popular iOS apps available through Apple's App Store have failed to properly implement TLS encryption and expose their users to silent MitM (Man-in-the-Middle) attacks.
Erebus Ransomware Utilizes a UAC Bypass and Request a $90 Ransom Payment
A ransomware called Erebus has been discovered that utilizes a UAC bypass, encrypts file name extensions using ROT-23, and has a low ransom amount of ~$90USD. [...]
https://www.bleepingcomputer.com/news/security/erebus-ransomware-utilizes-a-uac-bypass-and-request-a-90-ransom-payment/
A ransomware called Erebus has been discovered that utilizes a UAC bypass, encrypts file name extensions using ROT-23, and has a low ransom amount of ~$90USD. [...]
https://www.bleepingcomputer.com/news/security/erebus-ransomware-utilizes-a-uac-bypass-and-request-a-90-ransom-payment/
BleepingComputer
Erebus Ransomware Utilizes a UAC Bypass and Request a $90 Ransom Payment
A ransomware called Erebus has been discovered that utilizes a UAC bypass, encrypts file name extensions using ROT-23, and has a low ransom amount of ~$90USD.
High-End Phishing Kit Automates Attacks on PayPal Accounts
Security researchers from Proofpoint have come across a sophisticated phishing kit that automates the process of building and deploying high-end phishing pages, and which is extremely efficient at collecting login credentials and user details from PayPal users. [...]
https://www.bleepingcomputer.com/news/security/high-end-phishing-kit-automates-attacks-on-paypal-accounts/
Security researchers from Proofpoint have come across a sophisticated phishing kit that automates the process of building and deploying high-end phishing pages, and which is extremely efficient at collecting login credentials and user details from PayPal users. [...]
https://www.bleepingcomputer.com/news/security/high-end-phishing-kit-automates-attacks-on-paypal-accounts/
BleepingComputer
High-End Phishing Kit Automates Attacks on PayPal Accounts
Security researchers from Proofpoint have come across a sophisticated phishing kit that automates the process of building and deploying high-end phishing pages, and which is extremely efficient at collecting login credentials and user details from PayPalβ¦
Bill Reforming Email Privacy Gets One Step Closer to Reality
The Email Privacy Act (EPA) is for the second year in a row in front of the US Senate after the US House of Representatives approved the bill on Monday. [...]
https://www.bleepingcomputer.com/news/government/bill-reforming-email-privacy-gets-one-step-closer-to-reality/
The Email Privacy Act (EPA) is for the second year in a row in front of the US Senate after the US House of Representatives approved the bill on Monday. [...]
https://www.bleepingcomputer.com/news/government/bill-reforming-email-privacy-gets-one-step-closer-to-reality/
BleepingComputer
Bill Reforming Email Privacy Gets One Step Closer to Reality
The Email Privacy Act (EPA) is for the second year in a row in front of the US Senate after the US House of Representatives approved the bill on Monday.
Russia Arrests Nine More Involved with the Lurk Malware
Russian authorities arrested nine hackers they suspect of being involved in the distribution of the Lurk malware. This is the second wave of arrests after authorities apprehended 50 suspects in May 2016. [...]
https://www.bleepingcomputer.com/news/security/russia-arrests-nine-more-involved-with-the-lurk-malware/
Russian authorities arrested nine hackers they suspect of being involved in the distribution of the Lurk malware. This is the second wave of arrests after authorities apprehended 50 suspects in May 2016. [...]
https://www.bleepingcomputer.com/news/security/russia-arrests-nine-more-involved-with-the-lurk-malware/
BleepingComputer
Russia Arrests Nine More Involved with the Lurk Malware
Russian authorities arrested nine hackers they suspect of being involved in the distribution of the Lurk malware. This is the second wave of arrests after authorities apprehended 50 suspects in May 2016.
Mirai Gets a Windows Version to Boost Distribution Efforts
Security researchers have stumbled upon a Windows trojan that hackers are using to help with the distribution of the infamous Mirai Linux malware, used to infect IoT devices and carry out massive DDoS attacks. [...]
https://www.bleepingcomputer.com/news/security/mirai-gets-a-windows-version-to-boost-distribution-efforts/
Security researchers have stumbled upon a Windows trojan that hackers are using to help with the distribution of the infamous Mirai Linux malware, used to infect IoT devices and carry out massive DDoS attacks. [...]
https://www.bleepingcomputer.com/news/security/mirai-gets-a-windows-version-to-boost-distribution-efforts/
BleepingComputer
Mirai Gets a Windows Version to Boost Distribution Efforts
Security researchers have stumbled upon a Windows trojan that hackers are using to help with the distribution of the infamous Mirai Linux malware, used to infect IoT devices and carry out massive DDoS attacks.
Vivaldi 1.7 Released with Built-In Page Screenshot Utility
Vivaldi Software released today version 1.7 of the Vivaldi browser, which now includes a built-in screen capturing utility that allows users to take snapshots of the entire page or just small sections. [...]
https://www.bleepingcomputer.com/news/software/vivaldi-1-7-released-with-built-in-page-screenshot-utility/
Vivaldi Software released today version 1.7 of the Vivaldi browser, which now includes a built-in screen capturing utility that allows users to take snapshots of the entire page or just small sections. [...]
https://www.bleepingcomputer.com/news/software/vivaldi-1-7-released-with-built-in-page-screenshot-utility/
BleepingComputer
Vivaldi 1.7 Released with Built-In Page Screenshot Utility
Vivaldi Software released today version 1.7 of the Vivaldi browser, which now includes a built-in screen capturing utility that allows users to take snapshots of the entire page or just small sections.
US Embassies Could Ask Visa Applicants for Social Media Passwords
The US is considering a measure that would ask visa applications to give up passwords for social media accounts if they want to receive passage to the United States, according to statements made by Department of Homeland Security Secretary John Kelly at a DHS committee meeting on Tuesday. [...]
https://www.bleepingcomputer.com/news/government/us-embassies-could-ask-visa-applicants-for-social-media-passwords/
The US is considering a measure that would ask visa applications to give up passwords for social media accounts if they want to receive passage to the United States, according to statements made by Department of Homeland Security Secretary John Kelly at a DHS committee meeting on Tuesday. [...]
https://www.bleepingcomputer.com/news/government/us-embassies-could-ask-visa-applicants-for-social-media-passwords/
BleepingComputer
US Embassies Could Ask Visa Applicants for Social Media Passwords
The US is considering a measure that would ask visa applications to give up passwords for social media accounts if they want to receive passage to the United States, according to statements made by Department of Homeland Security Secretary John Kelly at aβ¦
Google Will Purge the Play Store of Android Apps Without a Valid Privacy Policy
Google plans to clean up the Play Store by limiting the visibility and even removing Android apps that don't have a listed privacy policy. [...]
https://www.bleepingcomputer.com/news/mobile/google-will-purge-the-play-store-of-android-apps-without-a-valid-privacy-policy/
Google plans to clean up the Play Store by limiting the visibility and even removing Android apps that don't have a listed privacy policy. [...]
https://www.bleepingcomputer.com/news/mobile/google-will-purge-the-play-store-of-android-apps-without-a-valid-privacy-policy/
BleepingComputer
Google Will Purge the Play Store of Android Apps Without a Valid Privacy Policy
Google plans to clean up the Play Store by limiting the visibility and even removing Android apps that don't have a listed privacy policy.
Hackers Used Legitimate Apps to Attack Banks and Governments in 40 Countries
Hackers attacking banks and government institutions have used legitimate and reputable applications to infect computers and steal data, all while leaving minimal traces behind. [...]
https://www.bleepingcomputer.com/news/security/hackers-used-legitimate-apps-to-attack-banks-and-governments-in-40-countries/
Hackers attacking banks and government institutions have used legitimate and reputable applications to infect computers and steal data, all while leaving minimal traces behind. [...]
https://www.bleepingcomputer.com/news/security/hackers-used-legitimate-apps-to-attack-banks-and-governments-in-40-countries/
BleepingComputer
Hackers Used Legitimate Apps to Attack Banks and Governments in 40 Countries
Hackers attacking banks and government institutions have used legitimate and reputable applications to infect computers and steal data, all while leaving minimal traces behind.
Former NSA Contractor Indicted for Stealing Secret Files for 20 Years
The US Department of Justice (DoJ) filed official charges today against Harold Thomas Martin III, 52, of Glen Burnie, Maryland, for stealing over 50TB of documents from several US government agencies, including documents labeled as Top Secret. [...]
https://www.bleepingcomputer.com/news/security/former-nsa-contractor-indicted-for-stealing-secret-files-for-20-years/
The US Department of Justice (DoJ) filed official charges today against Harold Thomas Martin III, 52, of Glen Burnie, Maryland, for stealing over 50TB of documents from several US government agencies, including documents labeled as Top Secret. [...]
https://www.bleepingcomputer.com/news/security/former-nsa-contractor-indicted-for-stealing-secret-files-for-20-years/
BleepingComputer
Former NSA Contractor Indicted for Stealing Secret Files for 20 Years
The US Department of Justice (DoJ) filed official charges today against Harold Thomas Martin III, 52, of Glen Burnie, Maryland, for stealing over 50TB of documents from several US government agencies, including documents labeled as Top Secret.
AthenaGo RAT Uses Tor2Web Proxy System to Hide C&C Server
Security researchers have discovered a never-before-seen remote access trojan (RAT) that utilizes Tor proxies to redirect traffic from infected hosts to servers hidden on the Tor network. [...]
https://www.bleepingcomputer.com/news/security/athenago-rat-uses-tor2web-proxy-system-to-hide-candc-server/
Security researchers have discovered a never-before-seen remote access trojan (RAT) that utilizes Tor proxies to redirect traffic from infected hosts to servers hidden on the Tor network. [...]
https://www.bleepingcomputer.com/news/security/athenago-rat-uses-tor2web-proxy-system-to-hide-candc-server/
BleepingComputer
AthenaGo RAT Uses Tor2Web Proxy System to Hide C&C Server
Security researchers have discovered a never-before-seen remote access trojan (RAT) that utilizes Tor proxies to redirect traffic from infected hosts to servers hidden on the Tor network.
Windows Insider Build 15031 for PC Adds Dynamic Lock and Compact Overlay Windows
Yesterday Microsoft released Insider Preview Build 15031 for PC to insiders in the fast ring, This release introduces two new features called Dynamic Lock and Compact Overlay Windows. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-insider-build-15031-for-pc-adds-dynamic-lock-and-compact-overlay-windows/
Yesterday Microsoft released Insider Preview Build 15031 for PC to insiders in the fast ring, This release introduces two new features called Dynamic Lock and Compact Overlay Windows. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-insider-build-15031-for-pc-adds-dynamic-lock-and-compact-overlay-windows/
BleepingComputer
Windows Insider Build 15031 for PC Adds Dynamic Lock and Compact Overlay Windows
Yesterday Microsoft released Insider Preview Build 15031 for PC to insiders in the fast ring, This release introduces two new features called Dynamic Lock and Compact Overlay Windows.
Serpent Ransoware Wants to Sink Its Fangs Into Your Data
A new ransomware called Serpent Ransomware has been discovered that appears to be a new variant of the Hades Locker and Wildfire infections. This article provides a brief summary of how the ransomware is distributed and detailed description of how it encrypts a computer. [...]
https://www.bleepingcomputer.com/news/security/serpent-ransoware-wants-to-sink-its-fangs-into-your-data/
A new ransomware called Serpent Ransomware has been discovered that appears to be a new variant of the Hades Locker and Wildfire infections. This article provides a brief summary of how the ransomware is distributed and detailed description of how it encrypts a computer. [...]
https://www.bleepingcomputer.com/news/security/serpent-ransoware-wants-to-sink-its-fangs-into-your-data/
BleepingComputer
Serpent Ransoware Wants to Sink Its Fangs Into Your Data
A new ransomware called Serpent Ransomware has been discovered that appears to be a new variant of the Hades Locker and Wildfire infections. This article provides a brief summary of how the ransomware is distributed and detailed description of how it encryptsβ¦
Google Makes WordPress Site Owners Nervous Due to Confusing Security Alerts
For the past few days, Google has been making a lot of webmasters very nervous, as its Google Search Console service, formerly known as Google Webmaster, has been sending out security alerts to people it shouldn't. [...]
https://www.bleepingcomputer.com/news/security/google-makes-wordpress-site-owners-nervous-due-to-confusing-security-alerts/
For the past few days, Google has been making a lot of webmasters very nervous, as its Google Search Console service, formerly known as Google Webmaster, has been sending out security alerts to people it shouldn't. [...]
https://www.bleepingcomputer.com/news/security/google-makes-wordpress-site-owners-nervous-due-to-confusing-security-alerts/
BleepingComputer
Google Makes WordPress Site Owners Nervous Due to Confusing Security Alerts
For the past few days, Google has been making a lot of webmasters very nervous, as its Google Search Console service, formerly known as Google Webmaster, has been sending out security alerts to people it shouldn't.
Attacks on WordPress Sites Intensify as Hackers Deface Over 1.5 Million Pages
Attacks on WordPress sites using a vulnerability in the REST API, patched in WordPress version 4.7.2, have intensified over the past two days, as attackers have now defaced over 1.5 million pages, spread across 39,000 unique domains. [...]
https://www.bleepingcomputer.com/news/security/attacks-on-wordpress-sites-intensify-as-hackers-deface-over-1-5-million-pages/
Attacks on WordPress sites using a vulnerability in the REST API, patched in WordPress version 4.7.2, have intensified over the past two days, as attackers have now defaced over 1.5 million pages, spread across 39,000 unique domains. [...]
https://www.bleepingcomputer.com/news/security/attacks-on-wordpress-sites-intensify-as-hackers-deface-over-1-5-million-pages/
BleepingComputer
Attacks on WordPress Sites Intensify as Hackers Deface Over 1.5 Million Pages
Attacks on WordPress sites using a vulnerability in the REST API, patched in WordPress version 4.7.2, have intensified over the past two days, as attackers have now defaced over 1.5 million pages, spread across 39,000 unique domains.
DynA-Crypt not only Encrypts Your Files, but Also Steals Your Info
A new ransomware called DynA-Crypt was discovered by GData malware analyst Karsten Hahn that not only encrypts your data, but also tries to steal a ton of information from a victim's computer. Ransomware & information stealing infections have become all-to-common, but when you combine the two into the complete mess called DynA-Crypt. [...]
https://www.bleepingcomputer.com/news/security/dyna-crypt-not-only-encrypts-your-files-but-also-steals-your-info/
A new ransomware called DynA-Crypt was discovered by GData malware analyst Karsten Hahn that not only encrypts your data, but also tries to steal a ton of information from a victim's computer. Ransomware & information stealing infections have become all-to-common, but when you combine the two into the complete mess called DynA-Crypt. [...]
https://www.bleepingcomputer.com/news/security/dyna-crypt-not-only-encrypts-your-files-but-also-steals-your-info/
BleepingComputer
DynA-Crypt not only Encrypts Your Files, but Also Steals Your Info
A new ransomware called DynA-Crypt was discovered by GData malware analyst Karsten Hahn that not only encrypts your data, but also tries to steal a ton of information from a victim's computer. Ransomware & information stealing infections have become all-toβ¦
Apple iCloud Kept Deleted Browser History Around for Over a Year
Apple appears to have been keeping deleted browser history in users' iCloud accounts, for as long as a year, according to Vladimir Katalov, CEO of ElcomSoft, a company that makes forensics and data recovery tools for Apple products. [...]
https://www.bleepingcomputer.com/news/apple/apple-icloud-kept-deleted-browser-history-around-for-over-a-year/
Apple appears to have been keeping deleted browser history in users' iCloud accounts, for as long as a year, according to Vladimir Katalov, CEO of ElcomSoft, a company that makes forensics and data recovery tools for Apple products. [...]
https://www.bleepingcomputer.com/news/apple/apple-icloud-kept-deleted-browser-history-around-for-over-a-year/
BleepingComputer
Apple iCloud Kept Deleted Browser History Around for Over a Year
Apple appears to have been keeping deleted browser history in users' iCloud accounts, for as long as a year, according to Vladimir Katalov, CEO of ElcomSoft, a company that makes forensics and data recovery tools for Apple products.
Quickly Add an .onion URL to Your Site with the Enterprise Onion Toolkit (EOTK)
Security researcher Alec Muffett has created a new project called the Enterprise Onion Toolkit (EOTK), which can help website owners add a .onion URL for their site's domain in a matter of minutes. [...]
https://www.bleepingcomputer.com/news/security/quickly-add-an-onion-url-to-your-site-with-the-enterprise-onion-toolkit-eotk-/
Security researcher Alec Muffett has created a new project called the Enterprise Onion Toolkit (EOTK), which can help website owners add a .onion URL for their site's domain in a matter of minutes. [...]
https://www.bleepingcomputer.com/news/security/quickly-add-an-onion-url-to-your-site-with-the-enterprise-onion-toolkit-eotk-/
BleepingComputer
Quickly Add an .onion URL to Your Site with the Enterprise Onion Toolkit (EOTK)
Security researcher Alec Muffett has created a new project called the Enterprise Onion Toolkit (EOTK), which can help website owners add a .onion URL for their site's domain in a matter of minutes.