Two years after being ousted, a criminal operation that has been inserting malware in the firmware of low-cost Android devices is still up and running, and has even expanded its reach. News of this group first surfaced after a report in December 2016, when Russian antivirus vendor Dr.Web disclosed that a mysterious threat actor had found a way to penetrate the supply-chain of several mobile carriers, infecting phones with malware. View full story ORIGINAL SOURCE:...
Read moreDetailsA new and active campaign for the CryptON Ransomware is currently underway where attackers are hacking into computers with Internet accessible Remote Desktop Services. Once the attackers gain access to the computer they manually execute the ransomware and encrypt your files. This new campaign was first discovered by Malwarebytes security researcher S!Ri who posted about it on Twitter. View Full Story ORIGINAL SOURCE: Bleeping Computer
Read moreDetailsHackers have come up with a never-before-seen method of installing backdoored plugins on websites running the open-source WordPress CMS, and this new technique relies on using weakly protected WordPress.com accounts and the Jetpack plugin. The technique is highly complex, and to compromise a site, a hacker must go through different steps, during which multiple things can prevent the attack from being successful. View Full Story ORIGINAL SOURCE: Bleeping Computer
Read moreDetailsVerge (XVG), a cryptocurrency designed for everyday use and an improvement upon the original Bitcoin blockchain, is currently experiencing a DDOS cyber-attack. The company confirmed this with a statement on Twitter, “It appears some mining pools are under ddos attack, and we are experiencing a delay in our blocks, we are working to resolve this.” Ocminer on a BitcoinTalk forum suggests an attacker appears to have altered the Verge blockchain. The attacker manipulated a bug...
Read moreDetailsA newly-disclosed malware infection has compromised more than 500,000 home and small office routers and NAS boxes. Researchers with Cisco Talos say the malware, dubbed VPNFilter, has been spreading around the globe, but appears to primarily be largely targeting machines in the Ukraine. "Both the scale and the capability of this operation are concerning," Talos writes in its alert. View Full Story ORIGINAL SOURCE: The Register
Read moreDetailsIt has been reported that 84% of Android shopping apps have high-level vulnerabilities. The security assessment was carried out across 50 mobile shopping apps and revealed over 270 vulnerabilities. View Full Story ORIGINAL SOURCE: Help Net Security
Read moreDetailsMozilla is rolling out support for a two-step authentication process for Firefox Accounts, the credentials system that protects bookmarks, passwords, open tabs and other data synchronized between devices via the Firefox Sync feature. View Full Story ORIGINAL SOURCE: Bleeping Computer
Read moreDetailsThe GDPR (General Data Protection Regulation) comes into forces this week - on May 25 - but 57 percent of employees still don't know what they are supposed to do to protect personal data, according to a OnePoll survey of 1,000 employees undertaken for London-based Egress Software Technologies. View Full Story ORIGINAL SOURCE: ZDNet
Read moreDetailsSenior Trump administration officials warned Congress on Tuesday of ongoing efforts by Russia to interfere in the 2018 midterm congressional elections as the federal government prepares to hand out $380 million in election security funding to states. View Full Story ORIGINAL SOURCE: Reuters
Read moreDetailsA security audit conducted by Tencent's Keen Security Lab on BMW cars has given the luxury automaker a handy crop of bugs to fix – including a backdoor in infotainment units fitted since 2012. View Full Story ORIGINAL SOURCE: The Register
Read moreDetails