Researchers Break MAC Address Randomization and Track 100% of Test Devices

For many years, MAC Address Randomization was slated as the next big thing for protecting user privacy on the modern Internet. [...]

https://www.bleepingcomputer.com/news/security/researchers-break-mac-address-randomization-and-track-100-percent-of-test-devices/

ISP Blocks TeamViewer Because of Tech Support Scammers

TalkTalk, a UK-based Internet service provider, has temporarily banned TeamViewer and other similar remote control software programs, citing security issues related to increased scam operations. [...]

https://www.bleepingcomputer.com/news/security/isp-blocks-teamviewer-because-of-tech-support-scammers/

Windows Insider Build 15055 Released for PC and Mobile

Today Microsoft released Insider Preview Build 15055 to PC and Mobile insiders on the fast ring, Like the previous release, this release focuses on fixing bugs and does not provide any new features. Of particular note, are the resolution of installation issues that people were experiencing in previous builds. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-insider-build-15055-released-for-pc-and-mobile/

Credit Card Stealer Disguises as Google Chrome Browser

A new malicious application tries to disguise itself as the Google Chrome browser to fool victims into entering their payment card details. The app is still active at the time of writing and sends collected user details to an AOL email address. [...]

https://www.bleepingcomputer.com/news/security/credit-card-stealer-disguises-as-google-chrome-browser/

Android Patched to Protect Users from Getting Hacked via Headphones Connector

The Android Security Bulletin for March 2017 contains a unique bugfix for a security flaw exploitable via the headphones audio connector that could be leveraged to leak data from the device, break ASLR, reset phones to factory settings, or even access the Android HBOOT bootloader. [...]

https://www.bleepingcomputer.com/news/security/android-patched-to-protect-users-from-getting-hacked-via-headphones-connector/

The Week in Ransomware - March 10th 2017 - Spora, Cerber, and Technical Writeups

Another week and a lot more crappy ransomware released. Of particular interest is that Cerber no longer encrypts filenames, Emsisoft released a CryptON decryptor, and lots of really good technical writeups about ransomware. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-10th-2017-spora-cerber-and-technical-writeups/

Android Adware and Ransomware Found Preinstalled on High-End Smartphones

Two companies have discovered that someone had covertly installed malware on 38 devices used by their employees. According to security firm Check Point, the installation of the malicious apps took place somewhere along the supply chain, after phones left the manufacturer's factory and before they arrived at the two companies. [...]

https://www.bleepingcomputer.com/news/security/android-adware-and-ransomware-found-preinstalled-on-high-end-smartphones/

Intel Security (McAfee) Releases Rootkit Scanner Following Vault 7 CIA Leak

Intel Security, soon to be rebranded as McAfee again, released on Wednesday a scanner that can identify hidden EFI firmware rootkits. [...]

https://www.bleepingcomputer.com/news/security/intel-security-mcafee-releases-rootkit-scanner-following-vault-7-cia-leak/

This Device Works as a Firewall for Your USB Ports

The USG is an USB attachment that allows users to connect USB flash drives and other USB devices to their computer without any of the risks. [...]

https://www.bleepingcomputer.com/news/hardware/this-device-works-as-a-firewall-for-your-usb-ports/

Millions of Smart Meters May Over-Inflate Readings by up to 600%

Lab tests carried out by Dutch scientists have shown that some of today's "smart" electrical meters may give out false readings that in some cases can be 582% higher than actual energy consumption. [...]

https://www.bleepingcomputer.com/news/hardware/millions-of-smart-meters-may-over-inflate-readings-by-up-to-600-percent/

"Super Malware" Steals Encryption Keys from Intel SGX Enclaves

In a research paper published at the end of February, a team of five scientists from the Graz University of Technology has described a novel method of leaking data from SGX enclaves, a secure environment created by Intel CPUs for storing sensitive information for each process, such as encryption keys, passwords, and other. [...]

https://www.bleepingcomputer.com/news/hardware/-super-malware-steals-encryption-keys-from-intel-sgx-enclaves/

University Expels Student After Hacking Professors' Emails

A young student at the Technion Institute of Technology in Haifa, Israel was expelled this past week after the University discovered he hacked into the email inboxes of several of his professors. [...]

https://www.bleepingcomputer.com/news/security/university-expels-student-after-hacking-professors-emails/

New macOS Proton RAT Available for Sale on Russian Hacking Forum

A new remote access tool (RAT) targeting macOS users is currently being advertised on Russian underground hacking forums, a custom website, and through YouTube videos, security researchers from Sixgill have discovered. [...]

https://www.bleepingcomputer.com/news/security/new-macos-proton-rat-available-for-sale-on-russian-hacking-forum/

13 Google Play Store Apps Caught Stealing Instagram Credentials

Instagram users are once again the targets of malicious Android apps hosted on the Play Store, apps which steal their credentials on false claims of boosting their account's follower numbers. [...]

https://www.bleepingcomputer.com/news/security/13-google-play-store-apps-caught-stealing-instagram-credentials/

Embittered Enjey Ransomware Developer Launches DDoS Attack on ID Ransomware

Over the last two days, the ID Ransomware service was hit by two DDoS attacks launched by the author of the Enjey ransomware, embittered after ID Ransomware's creator, Michael Gillespie, had found a way to decrypt his ransomware. [...]

https://www.bleepingcomputer.com/news/security/embittered-enjey-ransomware-developer-launches-ddos-attack-on-id-ransomware/

Google Launches Invisible reCAPTCHA with No User Interaction Required

Google has launched the latest version of the reCAPTCHA service, which won't ask users to click a checkbox, as it did until now. [...]

https://www.bleepingcomputer.com/news/google/google-launches-invisible-recaptcha-with-no-user-interaction-required/

Google Kicks Chamois Android Adware off the Play Store

Following an internal audit, Google engineers say they'd discovered a new massive ad-fraud botnet that was infecting users via Android apps hosted on the official Play Store. [...]

https://www.bleepingcomputer.com/news/security/google-kicks-chamois-android-adware-off-the-play-store/

New Imeij IoT Malware Targets AVTech Equipment

A new malware strain named Imeij has been detected in the wild targeting equipment made by Taiwanese manufacturer AVTech. According to Trend Micro researchers, the malware is exploiting a security flaw which AVTech engineers failed to patch in October 2016. [...]

https://www.bleepingcomputer.com/news/security/new-imeij-iot-malware-targets-avtech-equipment/

PetrWrap Ransomware Is a Petya Offspring Used in Targeted Attacks

A heavily modified, but "unauthorized" version of the Petya ransomware has been seen by Kaspersky researchers used in targeted attacks on a small number of organizations. [...]

https://www.bleepingcomputer.com/news/security/petrwrap-ransomware-is-a-petya-offspring-used-in-targeted-attacks/

Malwarebytes Researchers Hack into Soon-to-be-Launched RaaS Portal

A ransomware author's plans to launch a RaaS portal were foiled last week after security researchers from Malwarebytes managed to infiltrate the crook's command and control server, hosted on a common shared hosting provider. [...]

https://www.bleepingcomputer.com/news/security/malwarebytes-researchers-hack-into-soon-to-be-launched-raas-portal/