Ask.com Toolbar Network Compromised Twice in Two Months

The Ask Partner Network (APN) was compromised for the second time in two months, as crooks found a way to deliver malware to computers running the Ask.com Toolbar. [...]

https://www.bleepingcomputer.com/news/security/ask-com-toolbar-network-compromised-twice-in-two-months/

Some Firefox 52 Users on Linux Left Without Sound

Many Firefox users on Linux were left without the ability to play sound in their browser after updating to Firefox 52, released last week. [...]

https://www.bleepingcomputer.com/news/software/some-firefox-52-users-on-linux-left-without-sound/

Former IT Admin Accused of Leaving Backdoor Account, Accessing It 700+ Times

An Oregon sportswear company is suing its former IT administrator, alleging he left backdoor accounts on their network and used them more than 700 times to search for information for the benefit of its new employer. [...]

https://www.bleepingcomputer.com/news/legal/former-it-admin-accused-of-leaving-backdoor-account-accessing-it-700-times/

Polish Authorities Confirm Hack of Bitcurex Bitcoin Exchange, Launch Investigation

Polish authorities in the town of Lodz have launched an official investigation into the closure of Bitcurex, a Bitcoin trading platform that launched in 2012, and closed earlier this year. [...]

https://www.bleepingcomputer.com/news/security/polish-authorities-confirm-hack-of-bitcurex-bitcoin-exchange-launch-investigation/

The Week in Ransomware - March 17th 2017 - Revenge, PetrWrap, and Captain Kirk

Lots of news this week when it comes to ransomware. We have a Star Trek themed ransomware, new decryptors, lots of new crap ransomware, people modifying Petya for their own ends, and a new CryptoMix variant called Revenge. If your interested in ransomware, this week has a lot of news. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-17th-2017-revenge-petrwrap-and-captain-kirk/

Apple's Swift Becomes Top 10 Programming Language for the First Time

Swift, the programming language Apple launched in the summer of 2014 to replace the aging Objective-C, has entered the TIOBE index of programming languages top 10 for the first time in its short life. [...]

https://www.bleepingcomputer.com/news/software/apples-swift-becomes-top-10-programming-language-for-the-first-time/

New (but Old) Technique Hijacks User Sessions on All Windows Versions

A security researcher has detailed a way to log into any account on the same computer, even without knowing its password. The trick works on all Windows versions, doesn't require special privileges, and the researcher can't figure out if it's a Windows feature or security flaw. [...]

https://www.bleepingcomputer.com/news/security/new-but-old-technique-hijacks-user-sessions-on-all-windows-versions/

AlphaBay Adds Support for Ethereum as Currency Surpasses Bitcoin for First Time

The Internet's largest Dark Web marketplace AlphaBay announced upcoming support for Ethereum, the cryptocurrency that recently is giving Bitcoin a running for today's most popular digital currency. [...]

https://www.bleepingcomputer.com/news/security/alphabay-adds-support-for-ethereum-as-currency-surpasses-bitcoin-for-first-time/

Cisco's Investigation into Vault 7 Leak Uncovers 0-Day Affecting 318 Products

Over 300 Cisco products are affected by a zero-day vulnerability Cisco discovered last week, and for which no patch is available at the time of writing. [...]

https://www.bleepingcomputer.com/news/security/ciscos-investigation-into-vault-7-leak-uncovers-0-day-affecting-318-products/

Numbers Show Locky Ransomware Is Slowly Fading Away

Over the past six months, the number of Locky ransomware infections has gone down and is expected to reach an all-time low this month, in March. [...]

https://www.bleepingcomputer.com/news/security/numbers-show-locky-ransomware-is-slowly-fading-away/

Indiana Ransomware Bill Would Send Crooks to Prison for up to 6 Years

A new Indiana bill plans to make ransomware attacks a crime on its own punishable with a sentence from one to six years in prison, and a maximum fine of up to $10,000. [...]

https://www.bleepingcomputer.com/news/security/indiana-ransomware-bill-would-send-crooks-to-prison-for-up-to-6-years/

New Technology Combines Lip Motion and Passwords to Authenticate Users

Scientists from the Hong Kong Baptist University (HKBU) have developed a new user authentication system that relies on reading lip motions while the user speaks a password out loud. [...]

https://www.bleepingcomputer.com/news/security/new-technology-combines-lip-motion-and-passwords-to-authenticate-users/

It Took Mozilla 22 Hours to Patch a Firefox Vulnerability Discovered at Pwn2Own

Mozilla engineers released Firefox 52.0.1 to patch a security flaw that came to light last Friday, in the Pwn2Own 2017 hacking contest. [...]

https://www.bleepingcomputer.com/news/security/it-took-mozilla-22-hours-to-patch-a-firefox-vulnerability-discovered-at-pwn2own/

Big Surprise: Chinese PUPs Deliver Backdoored Drivers

Drivers secretly installed via PUPs packages for Chinese software contain backdoors enabling a third-party to load unsigned drivers or to execute code with higher privileges on a Windows machine. [...]

https://www.bleepingcomputer.com/news/security/big-surprise-chinese-pups-deliver-backdoored-drivers/

Developer Complains Firefox Labels His Site as Insecure, Hilarity Ensues

The developer of Oil and Gas International (OGI), a Texas-based website for petroleum industry news, has filed a complaint on the Mozilla bug tracker, accusing Firefox of wrongly labeling his website as insecure. [...]

https://www.bleepingcomputer.com/news/security/developer-complains-firefox-labels-his-site-as-insecure-hilarity-ensues/

Google to Remove Chrome "Close Other Tabs" & "Close Tabs to the Right" Options

Chrome engineers are planning to remove two options from Chrome that allow users to quickly close a large number of tabs with just a few clicks. [...]

https://www.bleepingcomputer.com/news/google/google-to-remove-chrome-close-other-tabs-andamp-close-tabs-to-the-right-options/

The Polski-Vortex-Flotera Ransomware Connection

A malware author that loves Polish hip hop music appears to be behind the Polski, Vortex, and Flotera (spelled ?l?t???) ransomware families that have made a small number of victims between January and March this year [...]

https://www.bleepingcomputer.com/news/security/the-polski-vortex-flotera-ransomware-connection/

Spam Sent by Necurs Botnet Is Trying & Succeeding in Altering Stock Market Prices

The Necurs botnet is back and active again, but instead of spreading the Locky ransomware or the Dridex banking trojan, its operators are engaged in a spam scheme that tries to boost a company's stock market price artificially. [...]

https://www.bleepingcomputer.com/news/security/spam-sent-by-necurs-botnet-is-trying-andamp-succeeding-in-altering-stock-market-prices/

New Attack Uses Microsoft's Application Verifier to Hijack Antivirus Software

A new technique named DoubleAgent, discovered by security researchers from Cybellum, allows an attacker to hijack security products and make them take malicious actions. [...]

https://www.bleepingcomputer.com/news/security/new-attack-uses-microsofts-application-verifier-to-hijack-antivirus-software/

Chinese Crooks Use Fake Cellular Telephony Towers to Spread Android Malware

Malware authors in China are using fake base transceiver stations (BTSs), which is equipment usually installed on cellular telephone towers, to send spoofed SMS messages that contain links to Android malware. [...]

https://www.bleepingcomputer.com/news/security/chinese-crooks-use-fake-cellular-telephony-towers-to-spread-android-malware/