After Microsoft Delayed Patch Tuesday, Google Discloses Windows Bug

For the second time in three months, Google engineers have disclosed a bug in the Windows OS without Microsoft having released a fix before Google's announcement. [...]

https://www.bleepingcomputer.com/news/microsoft/after-microsoft-delayed-patch-tuesday-google-discloses-windows-bug/

Germany Bans "My Friend Cayla" Toys Over Hacking Fears and Data Collection

Germany's telecommunications regulator has issued a ban against a line of smart toys called "My Friend Cayla," calling the toy an espionage device, and recommending that parents destroy all toy instances at once. [...]

https://www.bleepingcomputer.com/news/security/germany-bans-my-friend-cayla-toys-over-hacking-fears-and-data-collection/

Malware Operator Who Tried to Send Heroin to Brian Krebs Gets 41 Months in Prison

A malware operator and administrator of two online hacking forums was sentenced last week to 41 months in prison for his role in the distribution of the Zeus malware and for selling online the personal data he stole from infected victims. [...]

https://www.bleepingcomputer.com/news/security/malware-operator-who-tried-to-send-heroin-to-brian-krebs-gets-41-months-in-prison/

UGNazi Hacker Who Doxed Trump, Clinton, Obama, and Others Gets No Prison Time

Eric Taylor, known online under the nickname of Cosmo the God, was sentenced on Friday last week to three years probation for a series of hacks the teenager committed in 2011 and 2012. [...]

https://www.bleepingcomputer.com/news/security/ugnazi-hacker-who-doxed-trump-clinton-obama-and-others-gets-no-prison-time/

Mongoaudit Helps You Secure MongoDB Databases

A new tool developed by engineers at Stampery can help database administrators audit the security features of their current MongoDB installations, and take precautionary measures to prevent future exploitation. [...]

https://www.bleepingcomputer.com/news/security/mongoaudit-helps-you-secure-mongodb-databases/

Ramnit Botnet Comeback Continues in 2017

Ramnit, a banking trojan whose botnet survived a takedown attempt in 2015, is continuing its comeback in 2017, after coming back to life at the end of 2015 and regaining its strength over the course of 2016. [...]

https://www.bleepingcomputer.com/news/security/ramnit-botnet-comeback-continues-in-2017/

Malware Used to Attack Polish Banks Contained False Flags Blaming Russian Hackers

Malware samples used in the recent attacks against several Polish banks contained planted evidence that attempted to blame the attacks on Russian-speaking hackers. [...]

https://www.bleepingcomputer.com/news/security/malware-used-to-attack-polish-banks-contained-false-flags-blaming-russian-hackers/

PHP Becomes First Programming Language to Add Modern Cryptography Library in Its Core

The PHP team has unanimously voted to integrate the Libsodium library in the PHP core, and by doing so, becoming the first programming language to support a modern cryptography library by default. [...]

https://www.bleepingcomputer.com/news/security/php-becomes-first-programming-language-to-add-modern-cryptography-library-in-its-core/

Google, Bing Sign Anti-Piracy Deal That Will Demote Torrents in Search Results

Under the coordination of the UK government, rights holders and today's top two search engines have reached and signed an agreement that will demote piracy-related links in search results. [...]

https://www.bleepingcomputer.com/news/legal/google-bing-sign-anti-piracy-deal-that-will-demote-torrents-in-search-results/

Java and Python Contain Security Flaws That Allow Attackers to Bypass Firewalls

Both Java and Python contain similar security flaws that allow an attacker to bypass firewalls by injecting malicious commands inside FTP URLs. [...]

https://www.bleepingcomputer.com/news/security/java-and-python-contain-security-flaws-that-allow-attackers-to-bypass-firewalls/

8 Trends in Android Ransomware, According to ESET

Not everyone has the time of day to read an 18-page report on the state of Android ransomware, so that's why we read it for you and summarized its main findings below. [...]

https://www.bleepingcomputer.com/news/security/8-trends-in-android-ransomware-according-to-eset/

Unstoppable JavaScript Attack Helps Ad Fraud, Tech Support Scams, 0-Day Attacks

Argentinian security expert Manuel Caballero has published new research that shows how a website owner could show a constant stream of popups, even after the user has left his site, or even worse, execute his very own persistent JavaScript code while the user is on other domains. [...]

https://www.bleepingcomputer.com/news/security/unstoppable-javascript-attack-helps-ad-fraud-tech-support-scams-0-day-attacks/

Firefox Users Fingerprinted via Cached Intermediate HTTPS Certificates

The way in which Firefox caches intermediate CA certificates allows a third-party to deduce various details about website visitors and also link advertising profiles to private browsing sessions. [...]

https://www.bleepingcomputer.com/news/security/firefox-users-fingerprinted-via-cached-intermediate-https-certificates/

Avast Releases a Decryptor for Offline Versions of the CryptoMix Ransomware

Today, Avast released a decryptor for CryptoMix victim's that were encrypted while in offline mode. Offline mode is when the ransomware runs and encrypts a victim's computer while there is no Internet connection or the computer cannot connect to the ransomware's Command & Control server. [...]

https://www.bleepingcomputer.com/news/security/avast-releases-a-decryptor-for-offline-versions-of-the-cryptomix-ransomware/

Microsoft Patches Remote Code Execution Vulnerability in Adobe Flash Player

Today Microsoft released the MS17-005 Security Update for Adobe Flash Player (4010250), which patches a remote code execution vulnerability in Adobe Flash Player. This update resolves the same vulnerabilities patched by Adobe on February 14th in their APSB17-04 update. [...]

https://www.bleepingcomputer.com/news/security/microsoft-patches-remote-code-execution-vulnerability-in-adobe-flash-player/

Blizzard Ending Support for Windows XP and Vista

Blizzard announced over the weekend that it intends to end support for gamers on Windows XP and Vista operating systems by the end of 2017. [...]

https://www.bleepingcomputer.com/news/gaming/blizzard-ending-support-for-windows-xp-and-vista/

Google Shutting Down 'Site Search' Service, Moving Customers to CSE

Google confirmed yesterday it was shutting down its Site Search service, which is the commercial version of the free service Google Custom Search, also known as Custom Search Engine (CSE). [...]

https://www.bleepingcomputer.com/news/google/google-shutting-down-site-search-service-moving-customers-to-cse/

Website Uses "Add Extension to Leave" Popups to Infect Chrome Users

A malvertising campaign has specifically targeted and redirected Chrome users to a website they couldn't leave unless they agreed to install a rogue Chrome extension. [...]

https://www.bleepingcomputer.com/news/security/website-uses-add-extension-to-leave-popups-to-infect-chrome-users/

Cyber-Espionage Group Uses Microphones and Dropbox to Spy on Ukrainian Targets

A well-organized cyber-espionage group is infecting computers at selected targets in the Ukraine, turning on their microphone to record nearby audio, stealing documents, and storing exfiltrated data inside Dropbox accounts, according to security firm CyberX, who recently came across the malware used in these attacks. [...]

https://www.bleepingcomputer.com/news/security/cyber-espionage-group-uses-microphones-and-dropbox-to-spy-on-ukrainian-targets/

Bitcoin Trader Hit By "Severe DDoS Attack" as Bitcoin Price Nears All-Time High

Top Bitcoin trading platform Bitfinex was hit yesterday late night by what its experts categorized as a "severe DDoS attack." [...]

https://www.bleepingcomputer.com/news/security/bitcoin-trader-hit-by-severe-ddos-attack-as-bitcoin-price-nears-all-time-high/