Bank Employee Gets Prison Time for Helping Dridex Malware Gang

Security - Posted On:2017-12-16 09:29:57 Source: bleepingcomputer

A UK court has sentenced a Barclays bank employee to six years and four months in prison for helping members of the Dridex cyber-criminal network launder over £2.5 million, which is approximately $3.33 million at today's exchange rate. [...]

Read More

Mozilla Angers Firefox Users After Force-Installing Mr. Robot Promo Add-On

Security - Posted On:2017-12-16 09:29:57 Source: bleepingcomputer

Mozilla took a bit of heat this week after the organization force-installed a Mr. Robot promotional add-on in some Firefox browsers. [...]

Read More

Synaptics Denies HP Driver Contains a Keylogger and Says It's a Debug Tool

Security - Posted On:2017-12-15 17:30:00 Source: bleepingcomputer

Synaptics issued a security brief regarding the reports of a HP Synaptics Keyboard Driver that contained keylogging functionality. In their security brief, Synaptic states that their driver is being mischaracterized as a keylogger and it's simply a debug tool that was purposely added to the driver to help OEMs manufacturers. [...]

Read More

The Week in Ransomware - December 15th 2017 - File Spider, California Voters Database, and More

Security - Posted On:2017-12-15 16:15:00 Source: bleepingcomputer

This week was mostly about in-dev ransomware or new variants of older ransomware being released. The biggest news was the File Spider Ransomware campaign that was targeting countries in the Balkans. The other big news is the entire California voters database being leaked on the Internet and held for ransom. [...]

Read More

Windows 10 Bundles a Password Manager. Password Manager Bundles a Security Flaw

Security - Posted On:2017-12-15 16:15:00 Source: bleepingcomputer

A Google security researcher has found and helped patch a severe vulnerability in Keeper, a password manager application that Microsoft has been bundling with some Windows 10 distributions this year. [...]

Read More

California Voter Database Compromised in MongoDB Incident

Security - Posted On:2017-12-15 10:59:56 Source: bleepingcomputer

The details of over 19 million California voters were left exposed online in an unsecured MongoDB database and were later held for ransom, according to researchers from the Kromtech Security Center. [...]

Read More

Vigilante Removes Malware from Netgear Site After Company Fails to Do So for 2 Years

Security - Posted On:2017-12-15 09:14:58 Source: bleepingcomputer

An anonymous vigilante has taken matters into his own hands and removed malware from a Netgear site after the company failed to clean up a two-year-old malware infection. [...]

Read More

Microsoft Considers Adding Python as an Official Scripting Language to Excel

Security - Posted On:2017-12-15 05:29:58 Source: bleepingcomputer

Microsoft is considering adding Python as one of the official Excel scripting languages, according to a topic on Excel's feedback hub opened last month. [...]

Read More

Microsoft Disables DDE Feature in Word to Prevent Further Malware Attacks

Security - Posted On:2017-12-15 04:14:58 Source: bleepingcomputer

As part of the December 2017 Patch Tuesday, Microsoft has shipped an Office update that disables the DDE feature in Word applications, after several malware campaigns have abused this feature to install malware. [...]

Read More

GlassWire 2.0 Released With VirusTotal Scanning, Evil Twin Detection, and More

Security - Posted On:2017-12-14 22:44:59 Source: bleepingcomputer

GlassWire 2.0 has been released that comes with some new features such as VirusTotal scanning, Windows Firewall rules synchronization, WiFi evil twin discovery, multi-monitor support, and hi-res monitor support. [...]

Read More

FCC Kills Net Neutrality. What Does That Mean for You?

Security - Posted On:2017-12-14 18:30:00 Source: bleepingcomputer

In a 3-2 vote along party lines, FCC chairman Ajit Pai and his two fellow Republican commissioners have voted to repeal Obama's Net Neutrality regulations. According to Pai, the repeal of Net Neutrality will only help consumers and promote competition among businesses that are currently being stifled by these regulations. [...]

Read More

Top Security Firm Admits to MitM Security Incident

Security - Posted On:2017-12-14 17:29:59 Source: bleepingcomputer

Netherlands-based Fox-IT, one of the world's leading IT security providers, disclosed today a security breach during which an unknown attacker carried out a Man-in-the-Middle (MitM) attack and spied on a small number of Fox-IT customers. [...]

Read More

How to Install the Built-In Windows 10 OpenSSH Server

Security - Posted On:2017-12-14 16:00:00 Source: bleepingcomputer

For those who would like remote console access to their Windows 10 computers, the built-in Windows 10 OpenSSH Server may be what you are looking for. Even better, for those who are familiar with OpenSSH from using it in Linux, the Windows 10 version operates pretty much the same. [...]

Read More

TRITON Malware Used in Attacks Against Industrial Safety Equipment

Security - Posted On:2017-12-14 10:44:57 Source: bleepingcomputer

Security researchers from FireEye's Mandiant investigative division have spotted a new form of malware that's capable of targeting industrial equipment. FireEye named this malware TRITON and said they've spotted a threat actor deploying it in live attacks. [...]

Read More

Fortinet VPN Client Exposes VPN Creds, Palo Alto Firewalls Allow Remote Attacks

Security - Posted On:2017-12-14 08:59:57 Source: bleepingcomputer

It's been a bad week for two of the world's biggest vendors of enterprise hardware and software — Fortinet and Palo Alto Networks. Both companies fixed security issues this week affecting some of their most popular products, with some bugs being quite intrusive and dangerous. [...]

Read More

Most Android-Based TV Set-Top Boxes Run Old and Insecure OS Versions

Security - Posted On:2017-12-14 07:14:57 Source: bleepingcomputer

Android-based TV set-top boxes sold online are most likely running outdated operating systems that have not received security updates for at least a year, according to research published today by US cyber-security firm Tripwire. [...]

Read More

Data Breach at Website with 45 Million Users Discovered During Academic Research

Security - Posted On:2017-12-14 07:14:57 Source: bleepingcomputer

A team of three researchers from the University of California, San Diego (UCSD) has created a tool that can detect when user-registration-based websites suffer a data breach. [...]

Read More

Adware Maker Tries to Intimidate Security Firm with Cease and Desist Letters

Security - Posted On:2017-12-13 18:45:00 Source: bleepingcomputer

Cyber-security firm Cybereason says it received multiple cease and desist letters from an Israeli company they suspect of being behind the OSX/Pirrit adware strain. [...]

Read More

US Charges Three Men with Creating and Running First-Ever Mirai Botnet

Security - Posted On:2017-12-13 14:15:01 Source: bleepingcomputer

Three men have pleaded guilty for their role in the creation of the Mirai malware and the use of the subsequent Mirai botnet to launch DDoS attacks on multiple targets across the Internet, according to documents unsealed today by the US Department of Justice (DOJ). [...]

Read More

WORK Cryptomix Ransomware Variant Released

Security - Posted On:2017-12-13 12:00:01 Source: bleepingcomputer

Today, BleepingComputer discovered a new variant of the CryptoMix ransomware that appends the .WORK extension to encrypted files and changes the contact emails used by the ransomware.  [...]

Read More