Yahoo CEO Gives Annual Bonus to Employees After Company Confirms New Hacks

Yahoo CEO Marissa Mayer announced she'll forgo her annual bonus and equity grant, which she'll be redistributing to Yahoo employees instead. [...]

https://www.bleepingcomputer.com/news/security/yahoo-ceo-gives-annual-bonus-to-employees-after-company-confirms-new-hacks/

50 Google Engineers Volunteered to Patch Thousands of Java Open Source Projects

A year ago, several Google engineers got together and lay the foundation of Operation Rosehub, a project during which Google employees used some of their official work time to patch thousands of open source projects against a severe and widespread Java vulnerability. [...]

https://www.bleepingcomputer.com/news/security/50-google-engineers-volunteered-to-patch-thousands-of-java-open-source-projects/

Kaspersky Releases Decryptor for the Dharma Ransomware

Kaspersky has tested a set of Dharma master decryption keys posted to BleepingComputer and has confirmed they are legitimate. These keys have been included in their RakhniDecryptor, which I have tested against a Dharma infection. The decryptor worked flawlessly! [...]

https://www.bleepingcomputer.com/news/security/kaspersky-releases-decryptor-for-the-dharma-ransomware/

Cerber Ransom Note Found in Two Android Apps on Google Play Store

Ransom notes from Cerber ransomware infections have been found inside the source code of two Android applications available on the official Google Play Store. [...]

https://www.bleepingcomputer.com/news/security/cerber-ransom-note-found-in-two-android-apps-on-google-play-store/

Hidden Backdoor Found in Chinese-Made Equipment. Nothing New! Move Along!

Security researchers have discovered a hidden backdoor in the firmware of DblTek GoIP GSM gateways that allows Telnet access to affected devices. [...]

https://www.bleepingcomputer.com/news/security/hidden-backdoor-found-in-chinese-made-equipment-nothing-new-move-along/

HackerOne Offers Free Bug Bounty Programs for Open Source Projects

HackerOne, a platform that is offering hosting for bug bounty programs, announced today that open-source projects can now sign up for a free bug bounty program if they meet a few simple conditions. [...]

https://www.bleepingcomputer.com/news/security/hackerone-offers-free-bug-bounty-programs-for-open-source-projects/

Command Input Typo Caused Massive AWS S3 Outage

In a postmortem status report, Amazon blamed a command input typo for the massive AWS S3 outage that took out a large chunk of the Internet three days ago. [...]

https://www.bleepingcomputer.com/news/hardware/command-input-typo-caused-massive-aws-s3-outage/

Researchers Find 26 Security Flaws in 9 Popular Android Password Managers

A team of German security professionals has discovered 26 security flaws in nine of the world's most popular Android password managers. [...]

https://www.bleepingcomputer.com/news/security/researchers-find-26-security-flaws-in-9-popular-android-password-managers/

1 Bitcoin More Valuable Than an Ounce of Gold for the First Time

For the first time, yesterday, March 2, the price of 1 Bitcoin surpassed the trading value of an ounce of gold, with Bitcoin valued at $1,265 and an ounce of gold at $1,237. Today, Bitcoin continue to grow and outrun gold price, being currently valued at $1,289. [...]

https://www.bleepingcomputer.com/news/government/1-bitcoin-more-valuable-than-an-ounce-of-gold-for-the-first-time/

Malware Retrieves PowerShell Scripts from DNS Records

Malware researchers have come across a new Remote Access Trojan (RAT) that uses a novel technique to evade detection on corporate networks by fetching malicious PowerShell commands stored inside a domain's DNS TXT records. [...]

https://www.bleepingcomputer.com/news/security/malware-retrieves-powershell-scripts-from-dns-records/

The Week in Ransomware - March 3rd 2017 - Dharma Decrypted and TorrentLocker is Back

Typical week in ransomware with a lot of small little variants released and resurgence of activity from Crypt0L0cker. The biggest news this week is that someone posted the master decryption keys for the Dharma Ransomware in the BleepingComputer.com forums, which were used to create working decryptors. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-3rd-2017-dharma-decrypted-and-torrentlocker-is-back/

New Dark Web Service Helps Crooks Trick You in Revealing Your Payment Card PIN

A new service launched on the Dark Web this week simplifies the process of tricking victims whose card details have been exposed into revealing their card's PIN. [...]

https://www.bleepingcomputer.com/news/security/new-dark-web-service-helps-crooks-trick-you-in-revealing-your-payment-card-pin/

Windows Insider Build 15048 Released as a Bug Fix with No New Features

Today Microsoft released Insider Preview Build 15048 for PC to insiders in the fast ring, This release is almost entirely bug fixes and improvements, with no new features added. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-insider-build-15048-released-as-a-bug-fix-with-no-new-features/

Mozilla Testing Three Firefox Experimental Features

Mozilla engineers are testing three new features called Containers, SnoozeTabs, and Pulse, which, if users react positively, might find their way inside Firefox, in upcoming versions. [...]

https://www.bleepingcomputer.com/news/software/mozilla-testing-three-firefox-experimental-features/

Third-Party Vendor Issues Temporary Patch for Windows GDI Vulnerability

A vulnerability discovered by Google Project Zero security researchers and left without a patch by Microsoft received a temporary fix from third-party security vendor ACROS Security. [...]

https://www.bleepingcomputer.com/news/microsoft/third-party-vendor-issues-temporary-patch-for-windows-gdi-vulnerability/

Researchers Store Movie, Malware, and Computer OS Inside DNA Molecules

Scientists from the Data Science Institute at Columbia University and the New York Genome Center (NYGC) published new research this week detailing a new data storage technique that leverages DNA molecules to store digital information. [...]

https://www.bleepingcomputer.com/news/hardware/researchers-store-movie-malware-and-computer-os-inside-dna-molecules/

LeakedSource Clone Pops Up on Russian Domain

A website surfaced online today, posing to be the infamous LeakedSource data hoarding service, which went down shrouded in mystery at the end of January 2017. [...]

https://www.bleepingcomputer.com/news/security/leakedsource-clone-pops-up-on-russian-domain/

Ransomware Hits Pennsylvania Senate Democrats

A ransomware infection shut down the computer network of the Pennsylvania Senate Democratic Caucus on Friday morning, officials said in a statement issued to the local press. [...]

https://www.bleepingcomputer.com/news/government/ransomware-hits-pennsylvania-senate-democrats/

SHA1 Collision Attack Can Serve Backdoored Torrents to Track Down Pirates

A theoretical scenario that leverages the SHA1 collision attack disclosed recently by Google can serve backdoored BitTorrent files that execute code on the victim's machine, deliver malware, or alert copyright owners when their software has been pirated. [...]

https://www.bleepingcomputer.com/news/security/sha1-collision-attack-can-serve-backdoored-torrents-to-track-down-pirates/

Proposed Bill Will Allow Victims to Hack Their Attackers to Stop Cyber-Attacks

The US is discussing new legislation that will allow victims of ongoing cyber-attacks to fight back against hackers by granting more powers to entities under attack in regards to the defensive measures they can take. [...]

https://www.bleepingcomputer.com/news/government/proposed-bill-will-allow-victims-to-hack-their-attackers-to-stop-cyber-attacks/