Today's Most Installed Software: Google Chrome, Adobe Reader, Flash Player
As everyone kind of expected, Google Chrome, the world's leading browser with a comfortable market share of above 50%, is also the most installed software package. [...]
https://www.bleepingcomputer.com/news/software/todays-most-installed-software-google-chrome-adobe-reader-flash-player/
As everyone kind of expected, Google Chrome, the world's leading browser with a comfortable market share of above 50%, is also the most installed software package. [...]
https://www.bleepingcomputer.com/news/software/todays-most-installed-software-google-chrome-adobe-reader-flash-player/
BleepingComputer
Today's Most Installed Software: Google Chrome, Adobe Reader, Flash Player
As everyone kind of expected, Google Chrome, the world's leading browser with a comfortable market share of above 50%, is also the most installed software package.
New Attack "XSSJacking" Combines Clickjacking, Pastejacking, and Self-XSS
Security researcher Dylan Ayrey detailed last week a new web-based attack named XSSJacking that combines three other techniques β Clickjacking, Pastejacking, and Self-XSS β to steal data from careless users. [...]
https://www.bleepingcomputer.com/news/security/new-attack-xssjacking-combines-clickjacking-pastejacking-and-self-xss/
Security researcher Dylan Ayrey detailed last week a new web-based attack named XSSJacking that combines three other techniques β Clickjacking, Pastejacking, and Self-XSS β to steal data from careless users. [...]
https://www.bleepingcomputer.com/news/security/new-attack-xssjacking-combines-clickjacking-pastejacking-and-self-xss/
BleepingComputer
New Attack "XSSJacking" Combines Clickjacking, Pastejacking, and Self-XSS
Security researcher Dylan Ayrey detailed last week a new web-based attack named XSSJacking that combines three other techniques β Clickjacking, Pastejacking, and Self-XSS β to steal data from careless users.
Almost 1,000 Online Stores Under Attack from GiftGhostBot Botnet
A botnet specialized in gift card fraud is using the infrastructure of nearly 1,000 websites to check the balance of several types of electronic gift cards in order to defraud legitimate card owners. [...]
https://www.bleepingcomputer.com/news/security/almost-1-000-online-stores-under-attack-from-giftghostbot-botnet/
A botnet specialized in gift card fraud is using the infrastructure of nearly 1,000 websites to check the balance of several types of electronic gift cards in order to defraud legitimate card owners. [...]
https://www.bleepingcomputer.com/news/security/almost-1-000-online-stores-under-attack-from-giftghostbot-botnet/
BleepingComputer
Almost 1,000 Online Stores Under Attack from GiftGhostBot Botnet
A botnet specialized in gift card fraud is using the infrastructure of nearly 1,000 websites to check the balance of several types of electronic gift cards in order to defraud legitimate card owners.
The Week in Ransomware - March 23th 2017 - Decline of Locky & Spora Stats
Lots and lots of little crappy ransomware released this week with nothing new or innovative. We do have some interesting Spora stats, a story on the decline of Locky, and of course an updated decryptor by Fabian Wosar who continues to kick ransomware in the buttocks. Other than that, not really any of significance. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-23th-2017-decline-of-locky-andamp-spora-stats/
Lots and lots of little crappy ransomware released this week with nothing new or innovative. We do have some interesting Spora stats, a story on the decline of Locky, and of course an updated decryptor by Fabian Wosar who continues to kick ransomware in the buttocks. Other than that, not really any of significance. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-23th-2017-decline-of-locky-andamp-spora-stats/
BleepingComputer
The Week in Ransomware - March 23th 2017 - Decline of Locky & Spora Stats
Lots and lots of little crappy ransomware released this week with nothing new or innovative. We do have some interesting Spora stats, a story on the decline of Locky, and of course an updated decryptor by Fabian Wosar who continues to kick ransomware in theβ¦
14,766 Let's Encrypt SSL Certificates Issued to PayPal Phishing Sites
During the past year, Let's Encrypt has issued a total of 15,270 SSL certificates that contained the word "PayPal" in the domain name or the certificate identity. Of these, approximately 14,766 (96.7%) were issued for domains that hosted phishing sites. [...]
https://www.bleepingcomputer.com/news/security/14-766-lets-encrypt-ssl-certificates-issued-to-paypal-phishing-sites/
During the past year, Let's Encrypt has issued a total of 15,270 SSL certificates that contained the word "PayPal" in the domain name or the certificate identity. Of these, approximately 14,766 (96.7%) were issued for domains that hosted phishing sites. [...]
https://www.bleepingcomputer.com/news/security/14-766-lets-encrypt-ssl-certificates-issued-to-paypal-phishing-sites/
BleepingComputer
14,766 Let's Encrypt SSL Certificates Issued to PayPal Phishing Sites
During the past year, Let's Encrypt has issued a total of 15,270 SSL certificates that contained the word "PayPal" in the domain name or the certificate identity. Of these, approximately 14,766 (96.7%) were issued for domains that hosted phishing sites.
Google Talk to Be Shut Down on June 26
Yesterday, Google announced plans to completely shut down the Google Talk service after June 26, 2017. [...]
https://www.bleepingcomputer.com/news/google/google-talk-to-be-shut-down-on-june-26/
Yesterday, Google announced plans to completely shut down the Google Talk service after June 26, 2017. [...]
https://www.bleepingcomputer.com/news/google/google-talk-to-be-shut-down-on-june-26/
BleepingComputer
Google Talk to Be Shut Down on June 26
Yesterday, Google announced plans to completely shut down the Google Talk service after June 26, 2017.
Users File Class Action Lawsuit Against Microsoft over Botched Windows 10 Upgrades
Three angry Windows 10 users have filed a lawsuit against Microsoft over botched Windows 10 upgrades, which plaintiffs claim destroyed their data, damaged computers, and incurred lost time and money. [...]
https://www.bleepingcomputer.com/news/microsoft/users-file-class-action-lawsuit-against-microsoft-over-botched-windows-10-upgrades/
Three angry Windows 10 users have filed a lawsuit against Microsoft over botched Windows 10 upgrades, which plaintiffs claim destroyed their data, damaged computers, and incurred lost time and money. [...]
https://www.bleepingcomputer.com/news/microsoft/users-file-class-action-lawsuit-against-microsoft-over-botched-windows-10-upgrades/
BleepingComputer
Users File Class Action Lawsuit Against Microsoft over Botched Windows 10 Upgrades
Three angry Windows 10 users have filed a lawsuit against Microsoft over botched Windows 10 upgrades, which plaintiffs claim destroyed their data, damaged computers, and incurred lost time and money.
Reminder: Microsoft Will Pull the Plug on Windows Vista in Two Weeks
We're almost two weeks away from Windows Vista's official End of Life (EoL) date, April 11, 2017, more than ten years after Microsoft officially launched Windows, back in January 2007. [...]
https://www.bleepingcomputer.com/news/microsoft/reminder-microsoft-will-pull-the-plug-on-windows-vista-in-two-weeks/
We're almost two weeks away from Windows Vista's official End of Life (EoL) date, April 11, 2017, more than ten years after Microsoft officially launched Windows, back in January 2007. [...]
https://www.bleepingcomputer.com/news/microsoft/reminder-microsoft-will-pull-the-plug-on-windows-vista-in-two-weeks/
BleepingComputer
Reminder: Microsoft Will Pull the Plug on Windows Vista in Two Weeks
We're almost two weeks away from Windows Vista's official End of Life (EoL) date, April 11, 2017, more than ten years after Microsoft officially launched Windows, back in January 2007.
W3C Pushes Past Critics as DRM Gets Closer to Becoming an Official Web Standard
The World Wide Web Consortium (W3C) has elevated the Encrypted Media Extensions (EME) to the status of "Proposed Recommendation," the last step before becoming an official W3C standard, pending a vote from its members. [...]
https://www.bleepingcomputer.com/news/software/w3c-pushes-past-critics-as-drm-gets-closer-to-becoming-an-official-web-standard/
The World Wide Web Consortium (W3C) has elevated the Encrypted Media Extensions (EME) to the status of "Proposed Recommendation," the last step before becoming an official W3C standard, pending a vote from its members. [...]
https://www.bleepingcomputer.com/news/software/w3c-pushes-past-critics-as-drm-gets-closer-to-becoming-an-official-web-standard/
BleepingComputer
W3C Pushes Past Critics as DRM Gets Closer to Becoming an Official Web Standard
The World Wide Web Consortium (W3C) has elevated the Encrypted Media Extensions (EME) to the status of "Proposed Recommendation," the last step before becoming an official W3C standard, pending a vote from its members.
Hackers Breached Department of Labor Job Seekers Portal
Hackers have breached America's Job Link Alliance (AJLA), a job portal offered by the Department of Labor (DOL), and stolen personal details from an undisclosed number of job seekers. [...]
https://www.bleepingcomputer.com/news/security/hackers-breached-department-of-labor-job-seekers-portal/
Hackers have breached America's Job Link Alliance (AJLA), a job portal offered by the Department of Labor (DOL), and stolen personal details from an undisclosed number of job seekers. [...]
https://www.bleepingcomputer.com/news/security/hackers-breached-department-of-labor-job-seekers-portal/
BleepingComputer
Hackers Breached Department of Labor Job Seekers Portal
Hackers have breached America's Job Link Alliance (AJLA), a job portal offered by the Department of Labor (DOL), and stolen personal details from an undisclosed number of job seekers.
Microsoft Patches Third Zero-Day Used in Massive Malvertising Campaign
Microsoft has patched a zero-day vulnerability that was used in the massive AdGholas malvertising campaign and later integrated into the Neutrino exploit kit. [...]
https://www.bleepingcomputer.com/news/security/microsoft-patches-third-zero-day-used-in-massive-malvertising-campaign/
Microsoft has patched a zero-day vulnerability that was used in the massive AdGholas malvertising campaign and later integrated into the Neutrino exploit kit. [...]
https://www.bleepingcomputer.com/news/security/microsoft-patches-third-zero-day-used-in-massive-malvertising-campaign/
BleepingComputer
Microsoft Patches Third Zero-Day Used in Massive Malvertising Campaign
Microsoft has patched a zero-day vulnerability that was used in the massive AdGholas malvertising campaign and later integrated into the Neutrino exploit kit.
Adware Replaces Phone Numbers for Security Firms Returned in Search Results
A new adware family named Crusader will rewrite tech support phone numbers returned in Google search results, display ads, and show popups pushing tech support scams. [...]
https://www.bleepingcomputer.com/news/security/adware-replaces-phone-numbers-for-security-firms-returned-in-search-results/
A new adware family named Crusader will rewrite tech support phone numbers returned in Google search results, display ads, and show popups pushing tech support scams. [...]
https://www.bleepingcomputer.com/news/security/adware-replaces-phone-numbers-for-security-firms-returned-in-search-results/
BleepingComputer
Adware Replaces Phone Numbers for Security Firms Returned in Search Results
A new adware family named Crusader will rewrite tech support phone numbers returned in Google search results, display ads, and show popups pushing tech support scams.
Researcher Says API Flaw Exposed Symantec Certificates, Including Private Keys
Flaws in the API used by Symantec partners would have allowed an attacker to retrieve certificates, including private keys, security researcher Chris Byrne said in a Facebook post published over the weekend. [...]
https://www.bleepingcomputer.com/news/security/researcher-says-api-flaw-exposed-symantec-certificates-including-private-keys/
Flaws in the API used by Symantec partners would have allowed an attacker to retrieve certificates, including private keys, security researcher Chris Byrne said in a Facebook post published over the weekend. [...]
https://www.bleepingcomputer.com/news/security/researcher-says-api-flaw-exposed-symantec-certificates-including-private-keys/
BleepingComputer
Researcher Says API Flaw Exposed Symantec Certificates, Including Private Keys
Flaws in the API used by Symantec partners would have allowed an attacker to retrieve certificates, including private keys, security researcher Chris Byrne said in a Facebook post published over the weekend.
Microsoft Quietly Patched Windows Zero-Day Used in Attacks by Zirconium Group
Without making too much fuss about it, Microsoft patched a zero-day vulnerability used in live attacks by a cyber-espionage group named Zirconium. The zero-day, tracked as CVE-2017-0005, affects the Windows Win32k component in the Windows GDI (Graphics Device Interface), included in all Windows OS versions. [...]
https://www.bleepingcomputer.com/news/security/microsoft-quietly-patched-windows-zero-day-used-in-attacks-by-zirconium-group/
Without making too much fuss about it, Microsoft patched a zero-day vulnerability used in live attacks by a cyber-espionage group named Zirconium. The zero-day, tracked as CVE-2017-0005, affects the Windows Win32k component in the Windows GDI (Graphics Device Interface), included in all Windows OS versions. [...]
https://www.bleepingcomputer.com/news/security/microsoft-quietly-patched-windows-zero-day-used-in-attacks-by-zirconium-group/
BleepingComputer
Microsoft Quietly Patched Windows Zero-Day Used in Attacks by Zirconium Group
Without making too much fuss about it, Microsoft patched a zero-day vulnerability used in live attacks by a cyber-espionage group named Zirconium. The zero-day, tracked as CVE-2017-0005, affects the Windows Win32k component in the Windows GDI (Graphics Deviceβ¦
FBI Alert Urges Companies to Secure FTP Servers
In an alert sent to medical and dental healthcare entities, the FBI is asking organizations to mind and secure their FTP servers in the face of hackers trying to get protected health information (PHI) and personally identifiable information (PII). [...]
https://www.bleepingcomputer.com/news/security/fbi-alert-urges-companies-to-secure-ftp-servers/
In an alert sent to medical and dental healthcare entities, the FBI is asking organizations to mind and secure their FTP servers in the face of hackers trying to get protected health information (PHI) and personally identifiable information (PII). [...]
https://www.bleepingcomputer.com/news/security/fbi-alert-urges-companies-to-secure-ftp-servers/
BleepingComputer
FBI Alert Urges Companies to Secure FTP Servers
In an alert sent to medical and dental healthcare entities, the FBI is asking organizations to mind and secure their FTP servers in the face of hackers trying to get protected health information (PHI) and personally identifiable information (PII).
Unskilled Group Behind Many Junk Ransomware Strains
A person or group of malware authors calling themselves "Mafia Malware Indonesia" claimed responsibility for writing a collection of ransomware families that includes threats such as KimcilWare, MireWare, MafiaWare, CryPy, and the recent SADStory and the eponymous Mafia Malware Indonesia ransomware. [...]
https://www.bleepingcomputer.com/news/security/unskilled-group-behind-many-junk-ransomware-strains/
A person or group of malware authors calling themselves "Mafia Malware Indonesia" claimed responsibility for writing a collection of ransomware families that includes threats such as KimcilWare, MireWare, MafiaWare, CryPy, and the recent SADStory and the eponymous Mafia Malware Indonesia ransomware. [...]
https://www.bleepingcomputer.com/news/security/unskilled-group-behind-many-junk-ransomware-strains/
BleepingComputer
Unskilled Group Behind Many Junk Ransomware Strains
A person or group of malware authors calling themselves "Mafia Malware Indonesia" claimed responsibility for writing a collection of ransomware families that includes threats such as KimcilWare, MireWare, MafiaWare, CryPy, and the recent SADStory and theβ¦
Yesterday's iOS 10.3 Update Bring Safari Ransomware Campaign to an End
iOS 10.3, released yesterday, has thwarted a screen-locking ransomware campaign that used a bug in mobile Safari to lock users' browsers and demand a ransom paid in iTunes pre-paid gift cards. [...]
https://www.bleepingcomputer.com/news/security/yesterdays-ios-10-3-update-bring-safari-ransomware-campaign-to-an-end/
iOS 10.3, released yesterday, has thwarted a screen-locking ransomware campaign that used a bug in mobile Safari to lock users' browsers and demand a ransom paid in iTunes pre-paid gift cards. [...]
https://www.bleepingcomputer.com/news/security/yesterdays-ios-10-3-update-bring-safari-ransomware-campaign-to-an-end/
BleepingComputer
Yesterday's iOS 10.3 Update Bring Safari Ransomware Campaign to an End
iOS 10.3, released yesterday, has thwarted a screen-locking ransomware campaign that used a bug in mobile Safari to lock users' browsers and demand a ransom paid in iTunes pre-paid gift cards.
PyCL Ransomware Delivered via RIG EK in Distribution Test
Security researchers discover a new ransomware being distributed through the RIG exploit kit on Saturday. This ransomware has a strong resemblance to CTB-Locker, but does not appear to be related as it is programmed in Python. [...]
https://www.bleepingcomputer.com/news/security/pycl-ransomware-delivered-via-rig-ek-in-distribution-test/
Security researchers discover a new ransomware being distributed through the RIG exploit kit on Saturday. This ransomware has a strong resemblance to CTB-Locker, but does not appear to be related as it is programmed in Python. [...]
https://www.bleepingcomputer.com/news/security/pycl-ransomware-delivered-via-rig-ek-in-distribution-test/
BleepingComputer
PyCL Ransomware Delivered via RIG EK in Distribution Test
Security researchers discover a new ransomware being distributed through the RIG exploit kit on Saturday. This ransomware has a strong resemblance to CTB-Locker, but does not appear to be related as it is programmed in Python.
Apple Releases New APFS File System, Critical Security Updates
Yesterday, Apple unleashed a wave of security updates for several of its products, including the new and highly anticipated APFS file system, currently only available with iOS 10.3. [...]
https://www.bleepingcomputer.com/news/apple/apple-releases-new-apfs-file-system-critical-security-updates/
Yesterday, Apple unleashed a wave of security updates for several of its products, including the new and highly anticipated APFS file system, currently only available with iOS 10.3. [...]
https://www.bleepingcomputer.com/news/apple/apple-releases-new-apfs-file-system-critical-security-updates/
BleepingComputer
Apple Releases New APFS File System, Critical Security Updates
Yesterday, Apple unleashed a wave of security updates for several of its products, including the new and highly anticipated APFS file system, currently only available with iOS 10.3.
Humbled Malware Author Leaks His Own Source Code to Regain Community's Trust
The author of the Nuclear Bot banking trojan has leaked the source code of his own malware in a desperate attempt to regain trust and credibility in underground cybercrime forums. [...]
https://www.bleepingcomputer.com/news/security/humbled-malware-author-leaks-his-own-source-code-to-regain-communitys-trust/
The author of the Nuclear Bot banking trojan has leaked the source code of his own malware in a desperate attempt to regain trust and credibility in underground cybercrime forums. [...]
https://www.bleepingcomputer.com/news/security/humbled-malware-author-leaks-his-own-source-code-to-regain-communitys-trust/
BleepingComputer
Humbled Malware Author Leaks His Own Source Code to Regain Community's Trust
The author of the Nuclear Bot banking trojan has leaked the source code of his own malware in a desperate attempt to regain trust and credibility in underground cybercrime forums.