It Took Mozilla 22 Hours to Patch a Firefox Vulnerability Discovered at Pwn2Own

Mozilla engineers released Firefox 52.0.1 to patch a security flaw that came to light last Friday, in the Pwn2Own 2017 hacking contest. [...]

https://www.bleepingcomputer.com/news/security/it-took-mozilla-22-hours-to-patch-a-firefox-vulnerability-discovered-at-pwn2own/

Big Surprise: Chinese PUPs Deliver Backdoored Drivers

Drivers secretly installed via PUPs packages for Chinese software contain backdoors enabling a third-party to load unsigned drivers or to execute code with higher privileges on a Windows machine. [...]

https://www.bleepingcomputer.com/news/security/big-surprise-chinese-pups-deliver-backdoored-drivers/

Developer Complains Firefox Labels His Site as Insecure, Hilarity Ensues

The developer of Oil and Gas International (OGI), a Texas-based website for petroleum industry news, has filed a complaint on the Mozilla bug tracker, accusing Firefox of wrongly labeling his website as insecure. [...]

https://www.bleepingcomputer.com/news/security/developer-complains-firefox-labels-his-site-as-insecure-hilarity-ensues/

Google to Remove Chrome "Close Other Tabs" & "Close Tabs to the Right" Options

Chrome engineers are planning to remove two options from Chrome that allow users to quickly close a large number of tabs with just a few clicks. [...]

https://www.bleepingcomputer.com/news/google/google-to-remove-chrome-close-other-tabs-andamp-close-tabs-to-the-right-options/

The Polski-Vortex-Flotera Ransomware Connection

A malware author that loves Polish hip hop music appears to be behind the Polski, Vortex, and Flotera (spelled ?l?t???) ransomware families that have made a small number of victims between January and March this year [...]

https://www.bleepingcomputer.com/news/security/the-polski-vortex-flotera-ransomware-connection/

Spam Sent by Necurs Botnet Is Trying & Succeeding in Altering Stock Market Prices

The Necurs botnet is back and active again, but instead of spreading the Locky ransomware or the Dridex banking trojan, its operators are engaged in a spam scheme that tries to boost a company's stock market price artificially. [...]

https://www.bleepingcomputer.com/news/security/spam-sent-by-necurs-botnet-is-trying-andamp-succeeding-in-altering-stock-market-prices/

New Attack Uses Microsoft's Application Verifier to Hijack Antivirus Software

A new technique named DoubleAgent, discovered by security researchers from Cybellum, allows an attacker to hijack security products and make them take malicious actions. [...]

https://www.bleepingcomputer.com/news/security/new-attack-uses-microsofts-application-verifier-to-hijack-antivirus-software/

Chinese Crooks Use Fake Cellular Telephony Towers to Spread Android Malware

Malware authors in China are using fake base transceiver stations (BTSs), which is equipment usually installed on cellular telephone towers, to send spoofed SMS messages that contain links to Android malware. [...]

https://www.bleepingcomputer.com/news/security/chinese-crooks-use-fake-cellular-telephony-towers-to-spread-android-malware/

New LLTP Ransomware Appears to be a Rewritten Venus Locker

A new ransomware was discovered today by MalwareHunterTeam called LLTP Ransomware or LLTP Locker that is targeting Spanish speaking victims. On a closer look, this ransomware appears to be a rewritten version of the VenusLocker ransomware. [...]

https://www.bleepingcomputer.com/news/security/new-lltp-ransomware-appears-to-be-a-rewritten-venus-locker/

LastPass Bugs Allow Malicious Websites to Steal Passwords

LastPass says it patched one of two separate bugs that affected its Chrome and Firefox browser extensions, which if exploited, would have allowed a third-party to extract passwords from users visiting a malicious website. [...]

https://www.bleepingcomputer.com/news/security/lastpass-bugs-allow-malicious-websites-to-steal-passwords/

Opera 44 Released with Support for Apple's Touch Bar

Opera Software released today version 44 of the Opera web browser. This release's main feature is support for Apple's new Touch Bar display, which the company added for recent MacBook models. [...]

https://www.bleepingcomputer.com/news/software/opera-44-released-with-support-for-apples-touch-bar/

Malvertising Campaign on Adult Sites Spreads Ramnit Trojan

Security researchers from Malwarebytes have discovered a new malvertising campaign targeting visitors of several adult websites, spreading the Ramnit trojan and focusing on users from Canada and the UK. [...]

https://www.bleepingcomputer.com/news/security/malvertising-campaign-on-adult-sites-spreads-ramnit-trojan/

Sneaky Lithuanian Crook Stole $100 Million from Two US Tech Companies

A Lithuanian man swindled two US tech companies out of over $100 million after he tricked employees into wiring money to his own company's bank accounts. [...]

https://www.bleepingcomputer.com/news/business/sneaky-lithuanian-crook-stole-100-million-from-two-us-tech-companies/

Most Industrial Control Systems Get Infected with Malware by Accident

The vast majority of malware incidents that take place at industrial facilities around the world are just accidental infections, albeit a very small number of targeted attacks have also been detected. [...]

https://www.bleepingcomputer.com/news/security/most-industrial-control-systems-get-infected-with-malware-by-accident/

The Next Big Thing for Android Malware Is "Plugin Frameworks"

Android malware is evolving, and a clear trend has become visible in the past six months, with several malware strains implementing their malicious behavior via plugin frameworks. [...]

https://www.bleepingcomputer.com/news/security/the-next-big-thing-for-android-malware-is-plugin-frameworks-/

Word Document Spreads Macro Malware Targeting Both Windows and macOS

After last month security researchers discovered the first-ever Word document spreading macro malware on macOS, last week, researchers from Fortinet spotted a Word document that contained macro scripts that distributed both Windows and macOS malware at the same time, depending on the OS it managed to infect. [...]

https://www.bleepingcomputer.com/news/security/word-document-spreads-macro-malware-targeting-both-windows-and-macos/

SAP Infrastructure Could Be Used to Deploy Ransomware on Enterprise Networks

A remote code execution flaw in the SAP Windows client opens the door for ransomware attacks targeting enterprises that rely on various SAP products to manage and keep track of their business operations. [...]

https://www.bleepingcomputer.com/news/security/sap-infrastructure-could-be-used-to-deploy-ransomware-on-enterprise-networks/

Bluetooth Bug Lets Burglars Disable Google Nest Cams

Burglars can use a recently disclosed security flaw affecting several Google Nest cams to make vulnerable cameras go offline for approximately 60 to 90 seconds. The flaw can be exploited via the cameras' Bluetooth connection and can provide thieves with the time window they need to get close and break into a home unseen. [...]

https://www.bleepingcomputer.com/news/security/bluetooth-bug-lets-burglars-disable-google-nest-cams/

This Security Expert Wants to Turn Defunct Online Stores into Malware Honeypots

Willem de Groot, a Dutch security expert, is asking owners of defunct or soon-to-be-dead online stores to donate their domains so he can set up honeypots and track credit card stealing malware and other types of cyber-attacks on e-commerce targets. [...]

https://www.bleepingcomputer.com/news/security/this-security-expert-wants-to-turn-defunct-online-stores-into-malware-honeypots/

New WikiLeaks Dump Provides Details on CIA's Mac and iPhone Hacking Tools

WikiLeaks dumped 12 new documents today that provide a more in-depth look at the hacking techniques the CIA allegedly used to hack Apple devices, such as Macs and iPhones. [...]

https://www.bleepingcomputer.com/news/government/new-wikileaks-dump-provides-details-on-cias-mac-and-iphone-hacking-tools/