Vodafone Tells Hacked Customers with “1234” Password to Pay Back Money

A Czech court recently sentenced two hackers to three years in prison for accessing Vodafone customer's mobile accounts and use them to purchase 600,000 Czech Koruna worth of gambling services. Vodafone reportedly wants the hacked victim's to pay for these charges as they were us … | Continue reading


@bleepingcomputer.com | 6 years ago

Windows Task Scheduler Zero Day Exploited by Malware

Malware developers have started to use the zero-day exploit for Windows Task Scheduler component, two days after proof-of-concept code for the vulnerability appeared online. | Continue reading


@bleepingcomputer.com | 6 years ago

USA Is the Top Country for Hosting Malicious Domains According to Report

The US continues to be the top country hosting domains that serve web-based threats and, and the main source for exploit kits on a global level, according to new research. | Continue reading


@bleepingcomputer.com | 6 years ago

White-Hats Go Rogue, Attack Financial Institutions

Continue reading


@bleepingcomputer.com | 6 years ago

Python Package Installation Can Trigger Malicious Code

Although there is nothing special about code executing on a machine, when this code is executed is a significant detail from a security standpoint. | Continue reading


@bleepingcomputer.com | 6 years ago

Microsoft To-Do App Updated for Insiders with Inking Support on Windows 10

Microsoft has started testing a new feature for the Microsoft To-Do that simply makes sense on a touch-enabled device like Surface Go. Currently available for the Insiders, the updated Microsoft To-Do app allows users to create notes using a pen like the Surface Pen. | Continue reading


@bleepingcomputer.com | 6 years ago

Thousands of Compromised MikroTik Routers Send Traffic to Attackers

Attackers compromising MikroTik routers have configured the devices to forward network traffic to a handful of IP addresses under their control. | Continue reading


@bleepingcomputer.com | 6 years ago

Fraudsters Can Access Sensitive Information from Abandoned Domains

Scammers can collect highly sensitive information about a company's activity, employees, and clients, even if after it shuts down, a cybersecurity expert warns. | Continue reading


@bleepingcomputer.com | 6 years ago

You May Soon Be Able to Log into Windows 10 Using a Google Account

According to a new project uploaded to the Chromium team's code review site, users may soon be able to login into Windows 10 using their Google G Suite accounts. This new feature uses a "Google Credential Provider" that will allow Windows to authenticate enterprise users against  … | Continue reading


@bleepingcomputer.com | 6 years ago

Researchers Detail Two New Attacks on TPM Chips

Some PC owners may need to apply motherboard firmware updates in the near future to address two attacks on TPM chips detailed earlier this month by four researchers from the National Security Research Institute of South Korea. | Continue reading


@bleepingcomputer.com | 6 years ago

4-Year Old Misfortune Cookie Rears Its Head in Medical Gateway Device

Four years after its public disclosure, the Misfortune Cookie vulnerability continues to be a threat, this time affecting medical equipment that connects bedside devices to the hospital's network infrastructure. | Continue reading


@bleepingcomputer.com | 6 years ago

Beware of Fake “Shipping Docs” Malspam Pushing the DarkComet RAT

A new malspam campaign is underway that pretends to be shipping documents and contains an attachment that installs the DarkComet remote access Trojan. When DarkComet is installed, the malware has the ability to log your keystrokes, application usage, take screenshots, and more, w … | Continue reading


@bleepingcomputer.com | 6 years ago

Data of 130M Chinese Hotel Chain Guests Sold on Dark Web Forum

A hacker is selling the personal details of over 130 million hotel guests for 8 Bitcoin ($56,000) on a Chinese Dark Web forum. | Continue reading


@bleepingcomputer.com | 6 years ago

Windows KB4100347 Intel CPU Update Causing Boot Issues

On August 21st, Microsoft released an update to the May KB4100347 Intel microcodes for Windows 10 & Windows Server 2016. After installing this latest version, Windows users are reporting that they are unable to boot Windows 10 or are having performance issues. To complicate the i … | Continue reading


@bleepingcomputer.com | 6 years ago

Exploit Published for Unpatched Flaw in Windows Task Scheduler

A security researcher has published on Twitter details about a vulnerability in the Windows OS. The vulnerability is a "local privilege escalation" issue that allows an attacker to elevate the access of malicious code from a limited USER role to an all-access SYSTEM account. | Continue reading


@bleepingcomputer.com | 6 years ago

Novel Attack Technique Uses Smart Light Bulbs to Steal Data

Continue reading


@bleepingcomputer.com | 6 years ago

Fortnite Android App Vulnerable to Man-In-the-Disk Attacks

Google security researchers have revealed this week that the immensely popular Fortnite Android app is vulnerable to so-called man-in-the-disk (MitD) attacks. | Continue reading


@bleepingcomputer.com | 6 years ago

NewsGuard Browser Extension Aims to Alert You to Fake News Sites

If you are having trouble keep tracking of site's that are considered reputable news sources verses ones that are not, a new browser extension from NewsGuard may be of help. | Continue reading


@bleepingcomputer.com | 6 years ago

New Side-Channel Attack Uses Microphone to Read Screen Content

Using regular microphones, academic researchers managed to pick up acoustic signals from computer displays and determine in real time the type of content on the screen. | Continue reading


@bleepingcomputer.com | 6 years ago

T-Mobile Detects and Stops Ongoing Security Breach

T-Mobile USA announced a security breach late last night. The company says its cyber-security team discovered and shut down unauthorized access to its customers' data on Monday, August 20. | Continue reading


@bleepingcomputer.com | 6 years ago

Windows 95 Is Now Available as an App for Windows, MacOS and Linux

Felix Rieseberg, a software engineer at Slack has released Windows 95 as an app for Windows, Mac or Linux. It's a 100MB Electron app that you can install and run on Windows, Mac or even Linux computers. | Continue reading


@bleepingcomputer.com | 6 years ago

Cheddar Scratch Kitchen Exposes Card Data of Over 500,000

Restaurants in 23 states are on the list of Cheddar Scratch Kitchen locations affected by a cyberattack that exposed payment card information. | Continue reading


@bleepingcomputer.com | 6 years ago

Lazarus Group Deploys Its First Mac Malware in Cryptocurrency Exchange Hack

Lazarus Group, the North Korean hackers who hacked Sony Films a few years back, have deployed their first Mac malware ever, according to Russian antivirus vendor Kaspersky Lab. | Continue reading


@bleepingcomputer.com | 6 years ago

Legacy System Exposes Contact Info of BlackHat 2018 Attendees

Full contact information of everyone attending the BlackHat security conference this year has been exposed in clear text, a researcher has found. The data trove includes name, email, company, and phone number. | Continue reading


@bleepingcomputer.com | 6 years ago

Vulnerability Affects All OpenSSH Versions Released in the Past Two Decades

A vulnerability affects all versions of the OpenSSH client released in the past two decades, ever since the application was released in 1999. | Continue reading


@bleepingcomputer.com | 6 years ago

Supply Chain Attack Hits Organizations in South Korea

Security researchers have uncovered a new supply chain attack that targets organizations in South Korea. The threat actor chooses the victims selectively, based on an IP range for groups of interest. | Continue reading


@bleepingcomputer.com | 6 years ago

New Attack Recovers RSA Encryption Keys from EM Waves Within Seconds

A research paper presented at the Usenix security conference last week detailed a new technique for retrieving encryption keys from electronic devices, a method that is much faster than all previously known techniques. | Continue reading


@bleepingcomputer.com | 6 years ago

Traefik API bug found: Exposes certificates, patch available

A severe issue was addressed on Monday, an issue that under certain conditions could be used to expose the private keys for TLS certificates used by companies running their infrastructure on cloud servers. | Continue reading


@bleepingcomputer.com | 6 years ago

MongoDB Server Exposes Babysitting App's Database

The makers of Sitter, a popular app for connecting babysitters with parents, have involuntarily exposed the personal details of over 93,000 users. | Continue reading


@bleepingcomputer.com | 6 years ago

Ryuk Ransomware Crew Makes $640,000 in Recent Activity Surge

A new ransomware strain named Ryuk is making the rounds, and, according to current reports, the group behind it has already made over $640,000 worth of Bitcoin. | Continue reading


@bleepingcomputer.com | 6 years ago

Microsoft Disrupts APT28 Hacking Campaign Aimed at US Midterm Elections

Microsoft revealed last night that it successfully disrupted a hacking campaign associated with the Russian military intelligence service GRU. | Continue reading


@bleepingcomputer.com | 6 years ago

Skype's End-To-End Encryption Goes Live

Support for end-to-end encrypted chats has landed in the stable versions of Skype for Windows, macOS, Linux, Android, and iOS. | Continue reading


@bleepingcomputer.com | 6 years ago

USBHarpoon Is a BadUSB Attack with a Twist

Several security experts have built a malicious version of a USB charging cable, one that can compromise a computer in just a few seconds. Once plugged in, it turns into a peripheral device capable of typing and launching commands. | Continue reading


@bleepingcomputer.com | 6 years ago

New “Turning Tables” Technique Bypasses All Windows Kernel Mitigations

Security researchers have discovered a new exploitation technique that they say can bypass the kernel protection measures present in the Windows operating systems. | Continue reading


@bleepingcomputer.com | 6 years ago

Twitch Glitch Exposed Some Users' Private Messages

Twitch is warning users of a bug in one of its recently retired features that may have exposed some of their messages to other users. | Continue reading


@bleepingcomputer.com | 6 years ago

Windows 10 Screen Sketch App Renamed to Snip & Sketch in Insider Builds

For Windows Insiders in the Skip Ahead ring, Microsoft has renamed their Windows 10 Screen Sketch app to Snip & Sketch.  This new build is not available to users running Windows 10 April 2018 Update or the latest Windows 10 Preview build 17741. | Continue reading


@bleepingcomputer.com | 6 years ago

Number of Third-Party Cookies on EU News Sites Dropped by 22% Post-GDPR

The number of tracking cookies on EU news sites has gone down by 22% according to a report by the Reuters Institute at the University of Oxford, who looked at cookie usage across EU news sites in two phases, in April 2018 and July 2018, pre and post the introduction of the new EU … | Continue reading


@bleepingcomputer.com | 6 years ago

HackNotice Alerts You When a Site Is Hacked or Your Info Is Leaked

HackNotice is a service that is designed to alert you when your information has been disclosed in leaked data breaches from hacked sites. HackNotice does this by collecting leaked information from data breaches and compiling it into a database that can be used to determine if yo … | Continue reading


@bleepingcomputer.com | 6 years ago

Zero-Day in Microsoft's VBScript Engine Used by Darkhotel APT

A vulnerability in the VBScript engine has been used by hackers working for North Korea to compromise systems targeted by the Darkhotel operation. | Continue reading


@bleepingcomputer.com | 6 years ago

China's National Cybersecurity Standards Considered a Risk for Foreign Firms

The Chinese government may use a collection of 300 so-called "national cybersecurity standards" to deter or sabotage the efforts of foreign tech firms trying to enter the Chinese market. | Continue reading


@bleepingcomputer.com | 6 years ago

Combating Social Engineering: Tips from Black Hat 2018

Social engineering is the use of deception to manipulate individuals into disclosing sensitive information that may be used to compromise a network, infiltrate an organization, gain access to trade secrets, or in furtherance of an espionage operation. In this article we look at w … | Continue reading


@bleepingcomputer.com | 6 years ago

Mozilla Removes 23 Firefox Add-Ons That Snooped on Users

Mozilla removed today 23 Firefox add-ons that snooped on users and sent data to remote servers, a Mozilla engineer has told Bleeping Computer today. | Continue reading


@bleepingcomputer.com | 6 years ago

Skim Reaper Device Detects Wide Range of Skimmer Devices

A trio of academics from the University of Florida has developed a device that can detect different types of payment card skimmers —devices developed by cyber-criminals to collect data from credit and debit cards inserted inside ATMs or gas pump card readers. | Continue reading


@bleepingcomputer.com | 6 years ago

Necurs Botnet Pushing New Marap Malware

Security researchers from Proofpoint have discovered a new malware strain that they named Marap and which is currently distributed via massive waves of spam emails carrying malicious attachments (malspam). | Continue reading


@bleepingcomputer.com | 6 years ago

Two DDoS Friendly Bugs Fixed in Linux Kernel

Maintainers behind the Linux kernel have rolled out patches in the past weeks for two bugs that are just ideal for causing havoc via DDoS attacks. | Continue reading


@bleepingcomputer.com | 6 years ago

Academics Discover New Bypasses for Browser Tracking Protections and Ad Blockers

Security and user privacy protections included in browsers, ad blockers, and anti-tracking extensions are not as secure as everyone believes, a team of three academics from the Catholic University in Leuven, Belgium (KU Leuven) have revealed yesterday. | Continue reading


@bleepingcomputer.com | 6 years ago

Chrome Bug Lets Attackers Steal Web Secrets via Audio or Video HTML Tags

Google has patched a vulnerability in the Chrome browser that allows an attacker to retrieve sensitive information from other sites via audio or video HTML tags. | Continue reading


@bleepingcomputer.com | 6 years ago

Microsoft Edge Beta on iOS Updated with Breaking News and More

Microsoft Edge Beta for iOS is getting a big update with a bunch of new features. These changes include the new breaking news alerts, the ability to reorganize the favorites folder, and much more. | Continue reading


@bleepingcomputer.com | 6 years ago