Variation of 19-Year-Old Cryptographic Attack Affects Facebook, PayPal, Others

Security - Posted On:2017-12-12 18:14:59 Source: bleepingcomputer

Three security researchers have discovered a variation to an old cryptographic attack that can be exploited to obtain the private encryption key necessary to decrypt sensitive HTTPS traffic under certain conditions. [...]

Read More

Here's How to Enable the Built-In Windows 10 OpenSSH Client

Security - Posted On:2017-12-12 16:15:00 Source: bleepingcomputer

With each new release of Windows 10, we see more and more useful tools being ported from Linux. First, we had the Windows Subsystem for Linux, which is awesome, and now we have a built-in OpenSSH client and server, which uses version 7.5p1 of OpenSSH. [...]

Read More

Microsoft December Patch Tuesday Fixes 34 Security Issues

Security - Posted On:2017-12-12 14:15:01 Source: bleepingcomputer

Microsoft has released security updates as part of its monthly Patch Tuesday release train, and this month, the company has patched 34 issues affecting eight products. [...]

Read More

Extended Validation (EV) Certificates Abused to Create Insanely Believable Phishing Sites

Security - Posted On:2017-12-12 12:45:00 Source: bleepingcomputer

New research published yesterday reveals that putting your trust in Extended Validation ("EV") SSL certificates will not safeguard you from phishing sites and online fraud. [...]

Read More

MoneyTaker Hacker Group Steals Millions from US and Russian Banks

Security - Posted On:2017-12-12 08:29:57 Source: bleepingcomputer

A cyber-criminal group believed to be operating out of Russian-speaking territories has hit at least 20 banks and financial companies and stolen millions of US dollars in the process. [...]

Read More

Google Security Expert Releases Proof-Of-Concept Code for iOS Jailbreak

Security - Posted On:2017-12-12 03:44:58 Source: bleepingcomputer

Google security researcher Ian Beer has published proof-of-concept code for a rooting exploit that works both iOS and macOS devices. [...]

Read More

File Spider Ransomware Targeting the Balkans With Malspam

Security - Posted On:2017-12-11 21:59:59 Source: bleepingcomputer

A new ransomware called File Spider is being distributed through spam that targets victims in Bosnia and Herzegovina, Serbia, and Croatia.  These spam emails contains malicious Word documents that will download and install the File Spider ransomware onto a victims computer. [...]

Read More

BrickerBot Author Retires Claiming to Have Bricked over 10 Million IoT Devices

Security - Posted On:2017-12-11 19:44:59 Source: bleepingcomputer

The author of the BrickerBot malware has announced his retirement in an email to Bleeping Computer, also claiming to have bricked over 10 million devices since he started the "Internet Chemotherapy" project in November 2016. [...]

Read More

How to Check Your HP Laptop for the Synaptic Keylogger and Remove It

Security - Posted On:2017-12-11 18:14:59 Source: bleepingcomputer

With that said, if you have an HP laptop, you may be wondering if your laptop has the driver installed that contains this debug trace, or keylogging, feature. This article will tell you how to check if you have the affected driver installed on your laptop and how to update it to the latest version. [...]

Read More

Tech Support Scammers Invade Spotify Forums to Rank in Search Engines

Security - Posted On:2017-12-11 16:44:59 Source: bleepingcomputer

Over the past few months, Tech Support scammers have been using the Spotify forums to inject their phone numbers into the first page of the Google & Bing search results. They do this by submitting a constant stream of spam posts to the Spotify forums, whose pages tend to rank well in Google.  [...]

Read More

Day 6 of Microsoft's 12 Days of Deals: - Up to $70 off Xbox One + 2 free games

Security - Posted On:2017-12-11 16:44:59 Source: bleepingcomputer

Today is Day 6 of Microsoft's 12 Days of Deals and the current deal is up to $70 off an Xbox One + 2 free games. For the full $70 off,  you would need to purchase the Xbox One S 1TB Console - Minecraft Limited Edition Bundle, while the rest of the bundles will give you $50 off. [...]

Read More

ProxyM Botnet Used as Relay Point for SQLi, XSS, LFI Attacks

Security - Posted On:2017-12-11 14:15:00 Source: bleepingcomputer

A botnet made up of IoT devices is helping hackers mask attacks on web applications, acting as a relay point for SQL injection (SQLi), cross-site scripting (XSS), and local file inclusion (LFI) attempts. [...]

Read More

Phishing Attacks on Bitcoin Wallets Intensify as Price Goes Higher and Higher

Security - Posted On:2017-12-11 08:29:58 Source: bleepingcomputer

It was only natural that the Internet's cyber-criminal element would turn its gaze towards the Bitcoin ecosystem after the cryptocurrency's price has surged from $11,000 on Monday to almost $17,500 earlier today. [...]

Read More

Script Recovers Event Logs Doctored by NSA Hacking Tool

Security - Posted On:2017-12-11 08:29:58 Source: bleepingcomputer

Security researchers have found a way to reverse the effects of an NSA hacking utility that deletes event logs from compromised machines. [...]

Read More

India Tells Troops to Delete Chinese Apps From Phones Amidst Tracking Fears

Security - Posted On:2017-12-09 13:30:01 Source: bleepingcomputer

The Indian Defence Ministry has advised troops stationed on the Chinese border to uninstall Chinese-made apps from their smartphones. [...]

Read More

Android Vulnerability Lets Malware Bypass App Signatures

Security - Posted On:2017-12-09 11:30:00 Source: bleepingcomputer

Google's December 2017 Android Security Bulletin contains a fix for a vulnerability that allows malicious actors to bypass app signatures and inject malicious code into Android apps. [...]

Read More

Keylogger Found in HP Notebook Keyboard Driver

Security - Posted On:2017-12-08 15:45:00 Source: bleepingcomputer

HP has released driver updates for hundreds of notebook models to remove debugging code that an attacker could have abused as a keylogger component. [...]

Read More

The Week in Ransomware - December 8th 2017 - StorageCrypt, HC7, and LockCrypt

Security - Posted On:2017-12-08 11:30:00 Source: bleepingcomputer

This week was mostly about small ransomware variants being released, but we did have some big stories. First, we have HC7, which is targeting entire networks through hacked remote desktop services, then we had StorageCrypt being installed on NAS devices, and finally the county computers of Mecklenburg County were hit by LockCrypt. [...]

Read More

Secure Apps Exposed to Hacking via Flaws in Underlying Programming Languages

Security - Posted On:2017-12-08 09:59:57 Source: bleepingcomputer

Research presented this week at the Black Hat Europe 2017 security conference has revealed that several popular interpreted programming languages are affected by severe vulnerabilities that expose apps built on these languages to attacks. [...]

Read More

But of Course This Bluetooth-Enabled Gun Safe Got Hacked. Are You Surprised?

Security - Posted On:2017-12-08 05:14:58 Source: bleepingcomputer

Researchers find three vulnerabilities in an IoT safe that can be exploited to acquire the safe's PIN code, pair with the device, and open the safe. [...]

Read More