Top 10 Stories

An Indian developer is playing around with an open source ransomware builder, which in the long run may end up causing serious problems for innocent users. This developer, who goes by the nickname of Empinel and claims to be based in Mumbai, has forked the open source code of the EDA2 project, and with the help of another user, has removed the backdoor hidden in EDA2's original code. View full story ORIGINAL SOURCE: Bleeping Computer

A bipartisan and bicameral bill will make it unlawful for officials to search a phone, laptop, or social media accounts of Americans and lawful permanent residents at the border without a warrant. The lawmakers want the bill to prevent Americans from being delayed or foreign nationals -- who are allowed to live permanently in the US -- from being denied entry if they decline to provide passwords or passcodes in response to a warrantless request...

North Korean cyber attackers have targeted banks in 18 countries with Pyongyang using the money to boost its terrifying nuclear programme, security experts have claimed. A hacking operation known as Lazarus has targeted financial institutions in Europe, Central and South America, Africa, India and the Middle East, according to Russian researchers. Cyber security firm Kaspersky Lab said it had obtained digital evidence that fuels suspicions that North Korea was involved in last year's $81 million cyber heist...

The software that powers the Samsung Gear S3 Frontier has been likened to a "hackers' dream", following the shocking revelation from Israeli researcher Amihai Neiderman that the Tizen operating system was "the worst code" he had seen. Samsung Gear S3 Frontier owners might be feeling a little nervous this morning, following a keynote address by Israeli researcher Amihai Neiderman. Mr Neiderman has skewered Samsung's TizenOS, which powers the Gear S3 Frontier and a slew of other smart...

Kaspersky Lab on Tuesday revealed further details about a memory-only "fileless malware" campaign that a cyber-criminal organisation has been employing to steal money remotely from ATMs while leaving behind virtually no trace of malicious activity. According to a Securelist blog post, the primary payload used in the cyber-heists is ATMitch, a malware capable of issuing a variety of commands to compromised ATM machines, including counting the number of banknotes in a dispenser (for reconnaissance purposes) and dispensing money from...

The traditional model of hacking a bank isn’t so different from the old-fashioned method of robbing one. Thieves get in, get the goods, and get out. But one enterprising group of hackers targeting a Brazilian bank seems to have taken a more comprehensive and devious approach: One weekend afternoon, they rerouted all of the bank’s online customers to perfectly reconstructed fakes of the bank’s properties, where the marks obediently handed over their account information. View...

About 53% of users haven’t changed their social network passwords in more than one year—with a fifth having never changed their passwords at all, according to research from Thycotic. More than a quarter of respondents said they change their passwords at work only when the system tells them to. The survey, conducted by the company at RSA Conference in San Francisco in February, said that this state of affairs not only shows the vulnerability of users’...

With a newly developed toolsuite that can analyze Android apps and detect whether two or more of them can collude with each other to acquire information that they would otherwise not be capable of obtaining, a group of researchers has shed some light on an existing capability that could easily become a big problem in the future. View full story ORIGINAL SOURCE: Help Net Security

Tizen, the operating system installed by Samsung on millions of smartphone, watches and other internet-connected devices like televisions and fridges, is deeply insecure, a cyber security researcher has claimed. The software was found to have 40 un-patched vulnerabilities by a computer security analyst who described Tizen as potentially "the worst code I've ever seen." View full story ORIGINAL SOURCE: IBTimes

Airline travellers have been targeted in a new phishing campaign that aims to infect victims' systems with malware and trick users into handing over personal or business details.According to researchers at Barracuda, the criminals are having a success rate of 90 percent with the attacks. The campaign uses a combination of impersonation, malware and phishing to mount attacks against victims. View full story ORIGINAL SOURCE: SC Magazine