Flaw in mIRC App Allows Attackers to Execute Commands Remotely
Security - Posted On:2019-02-20 06:14:57 Source: bleepingcomputer
A vulnerability was discovered in the mIRC application that could allow attackers to execute commands, such as the downloading and installation of malware, on a vulnerable computer. [...]
Windows 10 Cumulative Update Build 17134.619 Released With Fixes
Security - Posted On:2019-02-20 06:14:57 Source: bleepingcomputer
Windows 10 April 2018 Update Build 17134.619 is now rolling out to the general public with a bunch of new fixes and improvements. Windows 10 KB4487029 (Build 17134.619) includes fixes for Internet Explorer and other core components. [...]
Cards Used at 137 Restaurants Exposed by Point-of-Sale Breach
Security - Posted On:2019-02-19 18:14:59 Source: bleepingcomputer
North Country Business Products point-of-sale and security solutions provider with roughly 6500 customers around the Midwest has disclosed a data breach which led to the exposure of payment information for clients who used their credit and debit cards at 137 restaurants. [...]
GitHub Updates Bug Bounty Program with Expanded Scope, Higher Rewards
Security - Posted On:2019-02-19 16:30:00 Source: bleepingcomputer
To mark the fifth year of its Security Bug Bounty program, GitHub announced a number of updates, including an expanded scope with more GitHub products covered, increased reward amounts, and new Legal Safe Harbor terms for full legal protection for researchers. [...]
Ukraine Announces Joint Exercises with EU to Fend Off Russian Cyber Threats
Security - Posted On:2019-02-19 15:15:00 Source: bleepingcomputer
Ukraine will organize a number of joint exercises in the near future with the European Union (EU) to develop appropriate response models to possible Russian cyber threats designed to interfere in Ukrainian presidential elections that will be held on March 31 [...]
North Korean APT Lazarus Targets Russian Entities with KEYMARBLE Backdoor
Security - Posted On:2019-02-19 13:45:00 Source: bleepingcomputer
Bluenoroff, a subdivision of the North Korean sponsored APT group Lazarus, recently switched its sights to Russian entities as unveiled by a newly discovered campaign which uses malicious Office documents specifically crafted to target Russian organizations. [...]
GandCrab Decrypter Available for v5.1, New 5.2 Variant Already Out
Security - Posted On:2019-02-19 13:30:01 Source: bleepingcomputer
A free file decryption tool is available for users whose computers got infected with the latest confirmed versions of GandCrab. It can unlock data encrypted by versions 4 through 5.1 of the malware, and some earlier releases of the threat. [...]
GandCrab Decrypter Available for v5.1, New Variant Already Out
Security - Posted On:2019-02-19 11:30:00 Source: bleepingcomputer
A free file decryption tool is available for users whose computers got infected with the latest confirmed versions of GandCrab. It can unlock data encrypted by versions 4 through 5.1 of the malware, and some earlier releases of the threat. [...]
Hackers Use Compromised Banks as Starting Points for Phishing Attacks
Security - Posted On:2019-02-19 05:29:58 Source: bleepingcomputer
Cybercriminals attacking banks and financial organizations use their foothold in a compromised infrastructure to gain access to similar targets in other regions or countries. [...]
Linux Subsystem Files Accessible via Explorer in Future Windows 10 Releases
Security - Posted On:2019-02-19 05:29:58 Source: bleepingcomputer
The just-released Windows 10 20H1 Build to the Skip Ahead ring comes with a new feature designed to allow Insiders to access the Windows Subsystem for Linux (WSL) filesystem using the Windows Explorer. [...]
Windows 7 and Server 2008 Updates to Require SHA-2 Support Starting July
Security - Posted On:2019-02-18 18:44:59 Source: bleepingcomputer
Microsoft announced on its support website that future Windows 7 and Windows Server 2008 updates will require SHA-2 code signing support to be installed starting with July 16, 2019. [...]
Multi-Stage Rietspoof Malware Drops Multiple Malicious Payloads
Security - Posted On:2019-02-18 16:00:00 Source: bleepingcomputer
Rietspoof is a new malware family which uses a multi-stage delivery system, is designed to drop multiple payloads on the systems it infects, and that offers very little to no information on what audience it targets. [...]
State Actor Behind Parliament Breach Says Australian Prime Minister
Security - Posted On:2019-02-18 13:30:01 Source: bleepingcomputer
The computer network of Australia's Federal Parliament has been breached in a cyber attack which targeted the country's major political parties and carried out by a "sophisticated state actor" according to Prime Minister Scott Morrison. [...]
Mozilla Adding a Picture-in-Picture Mode to Firefox
Security - Posted On:2019-02-18 10:44:57 Source: bleepingcomputer
Like Chrome, Mozilla Firefox is adding a Picture-in-Picture Mode that allows users to pop the video out of the web page in a stay on top video that they can watch while using other applications. [...]
2.7 Million Health-Related Calls, Sensitive Info Exposed for Six Years
Security - Posted On:2019-02-18 10:44:57 Source: bleepingcomputer
A server used to store real-time recordings of phone calls made to the 1177 Swedish Healthcare Guide service for health care information was found completely exposed to the Internet, with no user or password to protect it. [...]
The Week in Ransomware - February 15th 2019 - Attack on MSPs
Security - Posted On:2019-02-16 18:29:59 Source: bleepingcomputer
It has been a really dead week with ransomware, which we are always happy to see. Not much new variants released, other than the standard ones such as Matrix and Dharma. The biggest news this week has been GandCrab affiliates targeting vulnerabilities in MSP software that allows them to infect all the clients they manage. [...]
Google to Let you Link Directly to a Word or Phrase in Chrome
Security - Posted On:2019-02-16 18:29:59 Source: bleepingcomputer
Chrome is adding a new feature to Chrome that lets you link directly to a word or phrase without the need of special markup on the web page. This will make it much easier to share a section of a page that is relevant to the person you are sending it to, rather than having them read the entire page. [...]
Apple Requiring 2-Factor Authentication on Developer Account Holders
Security - Posted On:2019-02-15 19:00:00 Source: bleepingcomputer
Users who are part of the Apple Developer program have started receiving emails that state they need to add 2-factor authentication to their accounts by February 27th, 2019. Otherwise, they will be locked out of their Developer accounts and be unable to access their Certificates, Identifiers, and Profiles. [...]
Google Fixing Chrome API to Prevent Incognito Mode Detection
Security - Posted On:2019-02-15 18:14:59 Source: bleepingcomputer
When browsing the web with Google Chrome, some sites are using a method to determine if a visitor is in a regular browsing session or in incognito mode. As this can be considered a breach in privacy, Google will be changing how a particular API works so that web sites can no longer utilize this technique. [...]
Brokerage Firms Warned by FINRA Regulator of New Phishing Attack
Security - Posted On:2019-02-15 17:45:00 Source: bleepingcomputer
The Financial Industry Regulatory Authority (FINRA) has issued an information notice to brokerage firms regarding an ongoing phishing attack which currently targets member firms with malicious spam e-mails. [...]