Here's a Video of the Latest ATM Malware Sold on the Dark Web

Security - Posted On:2017-10-17 11:15:01 Source: bleepingcomputer

A hacker or hacker group is selling a strain of ATM malware that can make ATMs spit out cash just by connecting to its USB port and running the malware. [...]

Read More

North Korean Hackers Used Hermes Ransomware to Hide Recent Bank Heist

Security - Posted On:2017-10-17 07:59:57 Source: bleepingcomputer

Evidence suggests the infamous Lazarus Group, a hacking crew believed to be operating out of North Korea, is behind the recent hack on the Far Eastern International Bank (FEIB) in Taiwan. [...]

Read More

Microsoft Suffered Breach of Its Vulnerabilities Database Back in 2013

Security - Posted On:2017-10-17 04:14:58 Source: bleepingcomputer

Five former employees told Reuters that Microsoft quietly dealt with a hack of its vulnerabilities and bug reports database back in 2013 without telling anyone. [...]

Read More

Google Announces Three New Chrome Security Features

Security - Posted On:2017-10-16 19:30:00 Source: bleepingcomputer

Google announced yesterday three new security features for Chrome that will help the company's browser detect and fight intrusive extensions and invasive software. [...]

Read More

Microsoft Quietly Patched the Krack WPA2 Vulnerability Last Week

Security - Posted On:2017-10-16 18:29:59 Source: bleepingcomputer

Pretty sneaky, MS. While some vendors were scrambling to release updates to fix the KRACK Attack vulnerability released today, Microsoft, quietly snuck the fix into last week's Patch Tuesday. [...]

Read More

Russia Fines Telegram $14,000 for Not Giving FSB an Encryption Backdoor

Security - Posted On:2017-10-16 14:30:01 Source: bleepingcomputer

Russia has fined Telegram 800,000 Russian ruble — approximately $14,000 — for failing to comply with a government order that required the company to provide access to encrypted conversations to Russian intelligence agency FSB. [...]

Read More

Adobe Patches Flash Zero-Day Used by BlackOasis APT

Security - Posted On:2017-10-16 11:15:01 Source: bleepingcomputer

Last week, Adobe claimed it wouldn't release security updates for the first time since July 2012 because it had nothing to patch. Less than six days later, the company released a critical update for Flash Player that fixes a zero-day vulnerability exploited in live attacks. [...]

Read More

List of Firmware & Driver Updates for KRACK WPA2 Vulnerability

Security - Posted On:2017-10-16 09:59:57 Source: bleepingcomputer

This article will contain an udpated list of firmware and driver updates that resolve the Krack WPA2 vulnerability. [...]

Read More

Patch Available for Linux Kernel Privilege Escalation

Security - Posted On:2017-10-16 08:14:57 Source: bleepingcomputer

The Linux kernel team has released a patch to fix a security bug that could allow an attacker to execute code with elevated privileges. [...]

Read More

New KRACK Attack Breaks WPA2 WiFi Protocol

Security - Posted On:2017-10-16 06:44:57 Source: bleepingcomputer

Mathy Vanhoef, a researcher from the University of Leuven (KU Leuven), has discovered a severe flaw in the Wi-Fi Protected Access II (WPA2) protocol that secures all modern protected Wi-Fi networks. [...]

Read More

TPM Chipsets Generate Insecure RSA Keys. Multiple Vendors Affected

Security - Posted On:2017-10-16 05:14:58 Source: bleepingcomputer

Infineon TPM chipsets that come with many modern-day motherboards generate insecure RSA encryption keys that put devices at risk of attack. [...]

Read More

Users Report Fraudulent Transactions After Pizza Hut Admits Card Breach

Security - Posted On:2017-10-15 18:45:00 Source: bleepingcomputer

Pizza Hut has suffered a data breach, and a hacker has stolen payment card details for a small number of clients, the company admitted on Saturday in an email sent to affected customers. [...]

Read More

To Nobody's Surprise, Ships Are Just as Easy to Hack as Anything Else

Security - Posted On:2017-10-14 04:44:58 Source: bleepingcomputer

Modern-day ships aren't that hard to hack according to Ken Munro, a security researcher at Pen Test Partners, a UK cyber-security company. Speaking at a conference in Athens, Greece, Munro detailed some of the most appalling security lapses he found while investigating naval ships that had equipment exposed online. [...]

Read More

Kotlin Expected to Surpass Java as Android Default Programming Language for Apps

Security - Posted On:2017-10-14 04:44:58 Source: bleepingcomputer

A new report released earlier this week estimates that Kotlin will surpass Java as the primary programming language used for Android apps by December 2018. [...]

Read More

The Week in Ransomware - October 13th 2017 - DoubleLocker, Locky, and More

Security - Posted On:2017-10-13 18:15:00 Source: bleepingcomputer

Like usual, this week has been dominated mostly by small variants that most likely will never make it into distribute. We did, though, see a new CryptoMix and Locky variant released, that are actively distributed. The biggest news was the discovery of a new Android ransomware called DoubleLocker. [...]

Read More

New Anubi Ransomware In the Wild

Security - Posted On:2017-10-13 16:30:00 Source: bleepingcomputer

[...]

Read More

IT Admin Trashes Railroad Company's Network Before He Leaves

Security - Posted On:2017-10-13 14:00:00 Source: bleepingcomputer

A federal jury in Minneapolis, Minnesota found a local man guilty of intentionally damaging his former employer's network before leaving the company. [...]

Read More

New x1881 CryptoMix Ransomware Variant Released

Security - Posted On:2017-10-13 10:59:56 Source: bleepingcomputer

A new variant of the CryptoMix ransomware that is appending the .x1881 extension to encrypted file names. It's has been about three weeks since a new CryptoMix variant was released, which is quite long for this family of ransomware. [...]

Read More

Equifax Website Redirected Users to Adware, Scam Sites

Security - Posted On:2017-10-13 10:14:57 Source: bleepingcomputer

On Wednesday, and probably the previous days, Equifax's credit report assistance website (aa.econsumer.equifax.com) was caught redirecting users to all sort of nasty websites that were peddling fake Flash Player update files laced with adware, fake Android and iOS updates, and scam sites offering products at cheap prices. [...]

Read More

Chrome Extension Uses Your Gmail to Register Domains Names & Injects Coinhive

Security - Posted On:2017-10-13 09:29:57 Source: bleepingcomputer

A malicious Chrome extension is being used to inject the CoinHive browser miner, while registering domains for the extension developer using the victim's Gmail address. [...]

Read More