Flaw in mIRC App Allows Attackers to Execute Commands Remotely

Security - Posted On:2019-02-20 06:14:57 Source: bleepingcomputer

A vulnerability was discovered in the mIRC application that could allow attackers to execute commands, such as the downloading and installation of malware, on a vulnerable computer. [...]

Read More

Windows 10 Cumulative Update Build 17134.619 Released With Fixes

Security - Posted On:2019-02-20 06:14:57 Source: bleepingcomputer

Windows 10 April 2018 Update Build 17134.619 is now rolling out to the general public with a bunch of new fixes and improvements. Windows 10 KB4487029 (Build 17134.619) includes fixes for Internet Explorer and other core components. [...]

Read More

Cards Used at 137 Restaurants Exposed by Point-of-Sale Breach

Security - Posted On:2019-02-19 18:14:59 Source: bleepingcomputer

North Country Business Products point-of-sale and security solutions provider with roughly 6500 customers around the Midwest has disclosed a data breach which led to the exposure of payment information for clients who used their credit and debit cards at 137 restaurants. [...]

Read More

GitHub Updates Bug Bounty Program with Expanded Scope, Higher Rewards

Security - Posted On:2019-02-19 16:30:00 Source: bleepingcomputer

To mark the fifth year of its Security Bug Bounty program, GitHub announced a number of updates, including an expanded scope with more GitHub products covered, increased reward amounts, and new Legal Safe Harbor terms for full legal protection for researchers. [...]

Read More

Ukraine Announces Joint Exercises with EU to Fend Off Russian Cyber Threats

Security - Posted On:2019-02-19 15:15:00 Source: bleepingcomputer

Ukraine will organize a number of joint exercises in the near future with the European Union (EU) to develop appropriate response models to possible Russian cyber threats designed to interfere in Ukrainian presidential elections that will be held on March 31 [...]

Read More

North Korean APT Lazarus Targets Russian Entities with KEYMARBLE Backdoor

Security - Posted On:2019-02-19 13:45:00 Source: bleepingcomputer

Bluenoroff, a subdivision of the North Korean sponsored APT group Lazarus, recently switched its sights to Russian entities as unveiled by a newly discovered campaign which uses malicious Office documents specifically crafted to target Russian organizations. [...]

Read More

GandCrab Decrypter Available for v5.1, New 5.2 Variant Already Out

Security - Posted On:2019-02-19 13:30:01 Source: bleepingcomputer

A free file decryption tool is available for users whose computers got infected with the latest confirmed versions of GandCrab. It can unlock data encrypted by versions 4 through 5.1 of the malware, and some earlier releases of the threat. [...]

Read More

GandCrab Decrypter Available for v5.1, New Variant Already Out

Security - Posted On:2019-02-19 11:30:00 Source: bleepingcomputer

A free file decryption tool is available for users whose computers got infected with the latest confirmed versions of GandCrab. It can unlock data encrypted by versions 4 through 5.1 of the malware, and some earlier releases of the threat. [...]

Read More

Hackers Use Compromised Banks as Starting Points for Phishing Attacks

Security - Posted On:2019-02-19 05:29:58 Source: bleepingcomputer

Cybercriminals attacking banks and financial organizations use their foothold in a compromised infrastructure to gain access to similar targets in other regions or countries. [...]

Read More

Linux Subsystem Files Accessible via Explorer in Future Windows 10 Releases

Security - Posted On:2019-02-19 05:29:58 Source: bleepingcomputer

The just-released Windows 10 20H1 Build to the Skip Ahead ring comes with a new feature designed to allow Insiders to access the Windows Subsystem for Linux (WSL) filesystem using the Windows Explorer.  [...]

Read More

Windows 7 and Server 2008 Updates to Require SHA-2 Support Starting July

Security - Posted On:2019-02-18 18:44:59 Source: bleepingcomputer

Microsoft announced on its support website that future Windows 7 and Windows Server 2008 updates will require SHA-2 code signing support to be installed starting with July 16, 2019. [...]

Read More

Multi-Stage Rietspoof Malware Drops Multiple Malicious Payloads

Security - Posted On:2019-02-18 16:00:00 Source: bleepingcomputer

Rietspoof is a new malware family which uses a multi-stage delivery system, is designed to drop multiple payloads on the systems it infects, and that offers very little to no information on what audience it targets. [...]

Read More

State Actor Behind Parliament Breach Says Australian Prime Minister

Security - Posted On:2019-02-18 13:30:01 Source: bleepingcomputer

The computer network of Australia's Federal Parliament has been breached in a cyber attack which targeted the country's major political parties and carried out by a "sophisticated state actor" according to Prime Minister Scott Morrison. [...]

Read More

Mozilla Adding a Picture-in-Picture Mode to Firefox

Security - Posted On:2019-02-18 10:44:57 Source: bleepingcomputer

Like Chrome, Mozilla Firefox is adding a Picture-in-Picture Mode that allows users to pop the video out of the web page in a stay on top video that they can watch while using other applications. [...]

Read More

2.7 Million Health-Related Calls, Sensitive Info Exposed for Six Years

Security - Posted On:2019-02-18 10:44:57 Source: bleepingcomputer

A server used to store real-time recordings of phone calls made to the 1177 Swedish Healthcare Guide service for health care information was found completely exposed to the Internet, with no user or password to protect it. [...]

Read More

The Week in Ransomware - February 15th 2019 - Attack on MSPs

Security - Posted On:2019-02-16 18:29:59 Source: bleepingcomputer

It has been a really dead week with ransomware, which we are always happy to see. Not much new variants released, other than the standard ones such as Matrix and Dharma. The biggest news this week has been GandCrab affiliates targeting vulnerabilities in MSP software that allows them to infect all the clients they manage. [...]

Read More

Google to Let you Link Directly to a Word or Phrase in Chrome

Security - Posted On:2019-02-16 18:29:59 Source: bleepingcomputer

Chrome is adding a new feature to Chrome that lets you link directly to a word or phrase without the need of special markup on the web page. This will make it much easier to share a section of a page that is relevant to the person you are sending it to, rather than having them read the entire page. [...]

Read More

Apple Requiring 2-Factor Authentication on Developer Account Holders

Security - Posted On:2019-02-15 19:00:00 Source: bleepingcomputer

Users who are part of the Apple Developer program have started receiving emails that state they need to add 2-factor authentication to their accounts by February 27th, 2019. Otherwise, they will be locked out of their Developer accounts and be unable to access their Certificates, Identifiers, and Profiles. [...]

Read More

Google Fixing Chrome API to Prevent Incognito Mode Detection

Security - Posted On:2019-02-15 18:14:59 Source: bleepingcomputer

When browsing the web with Google Chrome, some sites are using a method to determine if a visitor is in a regular browsing session or in incognito mode. As this can be considered a breach in privacy, Google will be changing how a particular API works so that web sites can no longer utilize this technique. [...]

Read More

Brokerage Firms Warned by FINRA Regulator of New Phishing Attack

Security - Posted On:2019-02-15 17:45:00 Source: bleepingcomputer

The Financial Industry Regulatory Authority (FINRA) has issued an information notice to brokerage firms regarding an ongoing phishing attack which currently targets member firms with malicious spam e-mails. [...]

Read More