The Week in Ransomware - March 23th 2017 - Decline of Locky & Spora Stats

Lots and lots of little crappy ransomware released this week with nothing new or innovative. We do have some interesting Spora stats, a story on the decline of Locky, and of course an updated decryptor by Fabian Wosar who continues to kick ransomware in the buttocks. Other than that, not really any of significance. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-23th-2017-decline-of-locky-andamp-spora-stats/

14,766 Let's Encrypt SSL Certificates Issued to PayPal Phishing Sites

During the past year, Let's Encrypt has issued a total of 15,270 SSL certificates that contained the word "PayPal" in the domain name or the certificate identity. Of these, approximately 14,766 (96.7%) were issued for domains that hosted phishing sites. [...]

https://www.bleepingcomputer.com/news/security/14-766-lets-encrypt-ssl-certificates-issued-to-paypal-phishing-sites/

Google Talk to Be Shut Down on June 26

Yesterday, Google announced plans to completely shut down the Google Talk service after June 26, 2017. [...]

https://www.bleepingcomputer.com/news/google/google-talk-to-be-shut-down-on-june-26/

Users File Class Action Lawsuit Against Microsoft over Botched Windows 10 Upgrades

Three angry Windows 10 users have filed a lawsuit against Microsoft over botched Windows 10 upgrades, which plaintiffs claim destroyed their data, damaged computers, and incurred lost time and money. [...]

https://www.bleepingcomputer.com/news/microsoft/users-file-class-action-lawsuit-against-microsoft-over-botched-windows-10-upgrades/

Reminder: Microsoft Will Pull the Plug on Windows Vista in Two Weeks

We're almost two weeks away from Windows Vista's official End of Life (EoL) date, April 11, 2017, more than ten years after Microsoft officially launched Windows, back in January 2007. [...]

https://www.bleepingcomputer.com/news/microsoft/reminder-microsoft-will-pull-the-plug-on-windows-vista-in-two-weeks/

W3C Pushes Past Critics as DRM Gets Closer to Becoming an Official Web Standard

The World Wide Web Consortium (W3C) has elevated the Encrypted Media Extensions (EME) to the status of "Proposed Recommendation," the last step before becoming an official W3C standard, pending a vote from its members. [...]

https://www.bleepingcomputer.com/news/software/w3c-pushes-past-critics-as-drm-gets-closer-to-becoming-an-official-web-standard/

Hackers Breached Department of Labor Job Seekers Portal

Hackers have breached America's Job Link Alliance (AJLA), a job portal offered by the Department of Labor (DOL), and stolen personal details from an undisclosed number of job seekers. [...]

https://www.bleepingcomputer.com/news/security/hackers-breached-department-of-labor-job-seekers-portal/

Microsoft Patches Third Zero-Day Used in Massive Malvertising Campaign

Microsoft has patched a zero-day vulnerability that was used in the massive AdGholas malvertising campaign and later integrated into the Neutrino exploit kit. [...]

https://www.bleepingcomputer.com/news/security/microsoft-patches-third-zero-day-used-in-massive-malvertising-campaign/

Adware Replaces Phone Numbers for Security Firms Returned in Search Results

A new adware family named Crusader will rewrite tech support phone numbers returned in Google search results, display ads, and show popups pushing tech support scams. [...]

https://www.bleepingcomputer.com/news/security/adware-replaces-phone-numbers-for-security-firms-returned-in-search-results/

Researcher Says API Flaw Exposed Symantec Certificates, Including Private Keys

Flaws in the API used by Symantec partners would have allowed an attacker to retrieve certificates, including private keys, security researcher Chris Byrne said in a Facebook post published over the weekend. [...]

https://www.bleepingcomputer.com/news/security/researcher-says-api-flaw-exposed-symantec-certificates-including-private-keys/

Microsoft Quietly Patched Windows Zero-Day Used in Attacks by Zirconium Group

Without making too much fuss about it, Microsoft patched a zero-day vulnerability used in live attacks by a cyber-espionage group named Zirconium. The zero-day, tracked as CVE-2017-0005, affects the Windows Win32k component in the Windows GDI (Graphics Device Interface), included in all Windows OS versions. [...]

https://www.bleepingcomputer.com/news/security/microsoft-quietly-patched-windows-zero-day-used-in-attacks-by-zirconium-group/

FBI Alert Urges Companies to Secure FTP Servers

In an alert sent to medical and dental healthcare entities, the FBI is asking organizations to mind and secure their FTP servers in the face of hackers trying to get protected health information (PHI) and personally identifiable information (PII). [...]

https://www.bleepingcomputer.com/news/security/fbi-alert-urges-companies-to-secure-ftp-servers/

Unskilled Group Behind Many Junk Ransomware Strains

A person or group of malware authors calling themselves "Mafia Malware Indonesia" claimed responsibility for writing a collection of ransomware families that includes threats such as KimcilWare, MireWare, MafiaWare, CryPy, and the recent SADStory and the eponymous Mafia Malware Indonesia ransomware. [...]

https://www.bleepingcomputer.com/news/security/unskilled-group-behind-many-junk-ransomware-strains/

Yesterday's iOS 10.3 Update Bring Safari Ransomware Campaign to an End

iOS 10.3, released yesterday, has thwarted a screen-locking ransomware campaign that used a bug in mobile Safari to lock users' browsers and demand a ransom paid in iTunes pre-paid gift cards. [...]

https://www.bleepingcomputer.com/news/security/yesterdays-ios-10-3-update-bring-safari-ransomware-campaign-to-an-end/

PyCL Ransomware Delivered via RIG EK in Distribution Test

Security researchers discover a new ransomware being distributed through the RIG exploit kit on Saturday. This ransomware has a strong resemblance to CTB-Locker, but does not appear to be related as it is programmed in Python. [...]

https://www.bleepingcomputer.com/news/security/pycl-ransomware-delivered-via-rig-ek-in-distribution-test/

Apple Releases New APFS File System, Critical Security Updates

Yesterday, Apple unleashed a wave of security updates for several of its products, including the new and highly anticipated APFS file system, currently only available with iOS 10.3. [...]

https://www.bleepingcomputer.com/news/apple/apple-releases-new-apfs-file-system-critical-security-updates/

Humbled Malware Author Leaks His Own Source Code to Regain Community's Trust

The author of the Nuclear Bot banking trojan has leaked the source code of his own malware in a desperate attempt to regain trust and credibility in underground cybercrime forums. [...]

https://www.bleepingcomputer.com/news/security/humbled-malware-author-leaks-his-own-source-code-to-regain-communitys-trust/

Russian Hacker Pleads Guilty for Role in Infamous Linux Ebury Malware

The US Department of Justice announced yesterday that Maxim Senakh, 41, of Velikii Novgorod, Russia, pleaded guilty for his role in the creation of the Ebury malware and for maintaining its infamous botnet. [...]

https://www.bleepingcomputer.com/news/security/russian-hacker-pleads-guilty-for-role-in-infamous-linux-ebury-malware/

Vivaldi 1.8 Released with One-of-a-Kind Browsing History Panel

Once more, Vivaldi broke the classic browser model with the release of Vivaldi 1.8, its latest version, which now features a one-of-a-kind History panel, unlike anything you've seen in other browsers. [...]

https://www.bleepingcomputer.com/news/software/vivaldi-1-8-released-with-one-of-a-kind-browsing-history-panel/

New IIS 6.0 Zero-Day Exploited in Live Attacks Since July 2016

Since July 2016, attackers have been using a zero-day in IIS 6.0 to compromise and take over Windows servers. The vulnerability only affects IIS 6.0, which was released in November 2010, and shipped with Windows Server 2003 and Windows XP Professional x64 Edition. [...]

https://www.bleepingcomputer.com/news/security/new-iis-6-0-zero-day-exploited-in-live-attacks-since-july-2016/