Russian Hacker "Kolypto" Who Worked on Citadel Trojan Extradited to the US

Yesterday, a Russian national accused of helping develop the Citadel banking trojan was arraigned in front of a US judge for the first time, after being extradited from Fredrikstad, Norway. [...]

https://www.bleepingcomputer.com/news/security/russian-hacker-kolypto-who-worked-on-citadel-trojan-extradited-to-the-us/

Trend: Ransomware Hidden in NSIS Installers Harder to Detect

Ransomware operators have changed tactics again, making the job of security vendors harder once more, as they switched to a new method of packing their malware inside NSIS installers. [...]

https://www.bleepingcomputer.com/news/security/trend-ransomware-hidden-in-nsis-installers-harder-to-detect/

Windows 10 UAC Bypass Uses Backup and Restore Utility

A new User Access Control (UAC) bypass technique relies on altering Windows registry app paths and using the Backup and Restore utility to load malicious code without any security warning. [...]

https://www.bleepingcomputer.com/news/security/windows-10-uac-bypass-uses-backup-and-restore-utility/

Samsung Leaking Customer Information via Shipper's Website

The website of a company handling the shipment of Samsung products is currently leaking data about Samsung customers in an appalling manner. [...]

https://www.bleepingcomputer.com/news/security/samsung-leaking-customer-information-via-shippers-website/

North Americans Targeted by New MajikPOS Dual Threat Malware

A new POS (Point Of Sale) malware family is targeting payment systems in the US and Canada. Called MajikPOS, this new strain features a modular design and support for many features often found in RAT (Remote Access Trojans), allowing crooks to scout and select which systems they want to infect. [...]

https://www.bleepingcomputer.com/news/security/north-americans-targeted-by-new-majikpos-dual-threat-malware/

Another Years-Old Flaw Fixed in the Linux Kernel

The Linux team has patched a "dangerous" vulnerability in the Linux kernel that allowed attackers to elevate their access rights and crash affected systems. [...]

https://www.bleepingcomputer.com/news/security/another-years-old-flaw-fixed-in-the-linux-kernel/

Tech Support Scam Synchs Alerts with App Crashes in Windows Event Logs

An application named Event Monitor is a tech support scam with a twist, working by monitoring the Windows event logs, and showing a popup with an alarming message every time it detects an app crash. [...]

https://www.bleepingcomputer.com/news/security/tech-support-scam-synchs-alerts-with-app-crashes-in-windows-event-logs/

Microsoft Forces Owners of Recent CPU Architectures to Use Windows 10

Users of new CPU architectures will not receive Windows 7 and 8.1 updates anymore, according to a Microsoft support topic published last week. [...]

https://www.bleepingcomputer.com/news/hardware/microsoft-forces-owners-of-recent-cpu-architectures-to-use-windows-10/

Google Home Devices Start Playing Ads, Forcing Many to Reconsider Their Purchase

Earlier today, several Google Home owners complained online about how their personal assistants started spewing ads out of the blue. [...]

https://www.bleepingcomputer.com/news/google/google-home-devices-start-playing-ads-forcing-many-to-reconsider-their-purchase/

Star Trek Themed Kirk Ransomware Brings us Monero and a Spock Decryptor!

Boldly going where no man has gone before, the Kirk Ransomware brings so much nerdy goodness to the table that it could make anyone in IT interested. We have Star Trek, Low Orbital Ion Cannons, a cryptocurrency payment other than Bitcoin, and a decryptor named Spock! Need I say more? [...]

https://www.bleepingcomputer.com/news/security/star-trek-themed-kirk-ransomware-brings-us-monero-and-a-spock-decryptor/

Ubiquiti Devices Exposed to Hacking via 20-Years-Old PHP Version

Some Ubiquiti network device models can be hacked thanks to an unpatched vulnerability, allowing attackers to gain control over the device, or use it as a pivot point in the victim's network to hack other nearby equipment. [...]

https://www.bleepingcomputer.com/news/security/ubiquiti-devices-exposed-to-hacking-via-20-years-old-php-version/

US-CERT: Security Products That Perform HTTPS Interception Weaken Security

In an advisory sent to enterprises across the US, the Department of Homeland Security's US-CERT group is warning that security products which perform HTTPS interception might weaken a company's overall security. [...]

https://www.bleepingcomputer.com/news/security/us-cert-security-products-that-perform-https-interception-weaken-security/

Ask.com Toolbar Network Compromised Twice in Two Months

The Ask Partner Network (APN) was compromised for the second time in two months, as crooks found a way to deliver malware to computers running the Ask.com Toolbar. [...]

https://www.bleepingcomputer.com/news/security/ask-com-toolbar-network-compromised-twice-in-two-months/

Some Firefox 52 Users on Linux Left Without Sound

Many Firefox users on Linux were left without the ability to play sound in their browser after updating to Firefox 52, released last week. [...]

https://www.bleepingcomputer.com/news/software/some-firefox-52-users-on-linux-left-without-sound/

Former IT Admin Accused of Leaving Backdoor Account, Accessing It 700+ Times

An Oregon sportswear company is suing its former IT administrator, alleging he left backdoor accounts on their network and used them more than 700 times to search for information for the benefit of its new employer. [...]

https://www.bleepingcomputer.com/news/legal/former-it-admin-accused-of-leaving-backdoor-account-accessing-it-700-times/

Polish Authorities Confirm Hack of Bitcurex Bitcoin Exchange, Launch Investigation

Polish authorities in the town of Lodz have launched an official investigation into the closure of Bitcurex, a Bitcoin trading platform that launched in 2012, and closed earlier this year. [...]

https://www.bleepingcomputer.com/news/security/polish-authorities-confirm-hack-of-bitcurex-bitcoin-exchange-launch-investigation/

The Week in Ransomware - March 17th 2017 - Revenge, PetrWrap, and Captain Kirk

Lots of news this week when it comes to ransomware. We have a Star Trek themed ransomware, new decryptors, lots of new crap ransomware, people modifying Petya for their own ends, and a new CryptoMix variant called Revenge. If your interested in ransomware, this week has a lot of news. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-17th-2017-revenge-petrwrap-and-captain-kirk/

Apple's Swift Becomes Top 10 Programming Language for the First Time

Swift, the programming language Apple launched in the summer of 2014 to replace the aging Objective-C, has entered the TIOBE index of programming languages top 10 for the first time in its short life. [...]

https://www.bleepingcomputer.com/news/software/apples-swift-becomes-top-10-programming-language-for-the-first-time/

New (but Old) Technique Hijacks User Sessions on All Windows Versions

A security researcher has detailed a way to log into any account on the same computer, even without knowing its password. The trick works on all Windows versions, doesn't require special privileges, and the researcher can't figure out if it's a Windows feature or security flaw. [...]

https://www.bleepingcomputer.com/news/security/new-but-old-technique-hijacks-user-sessions-on-all-windows-versions/

AlphaBay Adds Support for Ethereum as Currency Surpasses Bitcoin for First Time

The Internet's largest Dark Web marketplace AlphaBay announced upcoming support for Ethereum, the cryptocurrency that recently is giving Bitcoin a running for today's most popular digital currency. [...]

https://www.bleepingcomputer.com/news/security/alphabay-adds-support-for-ethereum-as-currency-surpasses-bitcoin-for-first-time/