• A new version of Firefox will warn you if your passwords were pirated
    The Bleeping Computer website is reporting that web browser Firefox should soon be equipped with a new function that will tell you if your personal data (e-mail address, passwords, address, etc.) The Mozilla team is gradually integrating its independent Firefox Monitor service natively into Firefox. The service, which lists every time e-mail addresses have turned up data breaches, can also directly ping users if an e-mail address is found in such a cull. The idea is to also provide warnings when a site or service being visited using the browser has recently been the target of a breach. The service will be integrated into Firefox 70 (the current version is number 68), and is actually an implementation of the Have I Been Pwned database, with which Mozilla is now collaborating. The Mozilla Foundation's project is thus not brand new, but the integration with its web browser will soon be a reality, as Firefox 70 should be released in the Fall of 2019.Read More
  • Report: Equifax to Pay $700 Million in Breach Settlement
    SAN FRANCISCO - The Wall Street Journal says Equifax will pay around $700 million to settle with the Federal Trade Commission over a 2017 data breach that exposed Social Security numbers and other private information of nearly 150 million people. Equifax Finds Additional 2.4 Million Impacted by 2017 Breach Equifax said Thursday that an additional 2.4 million Americans were impacted by last year's data breach, however these newly disclosed consumers had significantly less personal information stolen. The company says the additional consumers only had their names and a partial driver's license number stolen by the attackers, unlike the original 145.5 million Americans who had their Social Security numbers impacted.Read More
  • In the cooler for the next three years: Hacker of iCloud accounts used by athletes and rappers
    A man from the US state of Georgia who pleaded guilty in March to breaking into the Apple iCloud accounts of sports and entertainment figures was sentenced on Thursday to three years and one month in federal prison – and ordered to pay almost $700,000 in restitution. Ford faced charges for hacking into more than 100 Apple iCloud accounts of professional athletes and rappers using a phishing scheme. "Using these spoof email accounts, Ford sent emails to victims containing misrepresentations about the status of their iCloud accounts, including false claims that the account had been locked or that a user was attempting to share a video file, and requested that the victims provide login credentials, including the account password or the answers to iForgot security questions," the complaint. Once he had obtained the login credentials of victims' iCloud accounts, Ford would access them and reset the passwords so he would have sole control. The court documents do not make clear whether the credit card numbers obtained were stored in files accessible through iCloud or were stored by Apple as an iCloud payment method.Read More
  • Ransomware Attacks Aren’t Going Anywhere, Experts Warn
    Just this week, LaPorte County government offices were forced to pay $132,000 to hackers after a ransomware attack shut down part of the county's computer system. Cybersecurity experts warn ransomware attacks, in which data is held hostage until the victims — often private companies or government offices — pay a ransom fee, and other cyberattacks are becoming disturbingly more common. Hackers, who often gain access to computer systems through phishing emails with malicious attachments or links to infected websites, attack companies, school districts, colleges, courts and a growing number of local governments. "More than 20 local municipalities, cities, counties and state governments have been hit this year that we know of," Bush said. The Federal Bureau of Investigations advises victims not to pay ransoms to decrypt files, but a business analysis may find that it's the less expensive option in many cases, Cyber Leadership Alliance President Douglas Rapp said.Read More
  • Bug in NVIDIA’s Tegra Chipset Opens Door to Malicious Code Execution
    Researcher creates ‘Selfblow’ proof-of-concept attack for exploiting a vulnerability that exists in “every single Tegra device released so far”. A flaw impacting millions of mobile and internet of things (IoT) devices running NVIDIA’s Tegra processor opens the door for a variety of attacks, including device hijacking or siphoning of data. The warning comes from researcher Triszka Balázs, who discovered the flaw and asserts that the bug “affects every single Tegra device released so far.” He also created a proof-of-concept (PoC), called Selfblow, to exploit the vulnerability. On Thursday, NVIDIA released a patch for the bug (CVE‑2019‑5680) via a security bulletin. However, the researcher said his PoC can flash (or reprogram) Tegra chips to run Jetson TX1, significantly enlarging the range of vulnerable devices. To gain permanent one, the adversary flashes this to your device and takes over even higher rights, since this gives the bad guy even more permissions.” For that reason, the researcher believes NVIDIA is slightly downplaying risks associated with the bug.Read More
  • New 'US State Police' Extortion Scam Includes Contact Numbers
    A new extortion scam is underway that pretends to be from a US State Police detective who is willing to delete child porn evidence if you send them $2,000 in bitcoins. In this new campaign, exortionists are pretending to be state police detectives for different states in the U.S.A. where they state that the email recipient has been involved in child pornography. Users have reported receiving these emails 'fromt states' such as California, Georgia, Florida, Minnesota, New York, and Tennessee.  Below is an example of this scam pretending to be from the Tennessee State Police that was shared with BleepingComputer by Reddit user Talory09. The Tennessee State Police had a responsibility to protect people and property, to prevent and detect crime and other violations of law, pursue criminal investigations, and arrest criminals.Read More
  • Elusive MegaCortex Ransomware Found - Here is What We Know
    It is not known exactly how the attackers gained access to a network, but Sophos stated that the Emotet or Qakbot Trojans were present on networks also infected with MegaCortex.  The MegaCortex encryption process In a sample of MegaCortex discovered by MalwareHunterTeam, analyzed by Vitali Kremez, and shared with BleepingComputer, we are able to gain new insight into how the ransomware operates. The ransomware will then begin to encrypt files on the victim's hard drives. When encrypting files, it will not encrypt any of the following types of files, file names, or files under listed folders. .dll .exe .sys .mui .tmp .lnk .config .manifest .tlb .olb .blf .ico .regtrans-ms .devicemetadata-ms .settingcontent-ms .bat .cmd .ps1 desktop.ini iconcache.db ntuser.dat ntuser.ini ntuser.dat.log1 ntuser.dat.log2 usrclass.dat usrclass.dat.log1 usrclass.dat.log2 bootmgr bootnxt temp\ .+\\Microsoft\\(User Account Pictures|Windows\\(Explorer|Caches)|Device Stage\\Device|Windows)\\ As the ransomware encrypts a file it will append the .megac0rtx extension to the encrypted file's name.Read More
  • Cybersecurity industry can contribute its expertise to cyberspace peace
    Estonia, a small nation in Europe, suffered the first nationwide cyberattack in 2007 when a DDoS attack crippled several key websites including those of banks, Parliament, government ministries and the media. But they are also actively campaigning for greater cooperation from various sectors including governments and cybersecurity companies and practitioners to work together against the cyber perpetrators. The trio have been involved in the 2015 United Nations report on norms for cybersecurity behaviour among countries. Werdaningtyas pointed out that the nature of cyber attacks are trans-boundary and cannot be solved by single countries. That’s the reason many countries cannot deal with the cybersecurity threat by themselves because they are small, in size as well as technological capability. Singapore is also working with Indonesia and Australia to help other ASEAN countries get up to speed on cybersecurity, supporting them in capability development.Read More
  • URL Spreading Shellbot and XMRig Using 17-year old XHide
    One of our honeypots detected a threat that propagates by scanning for open ports and brute forcing weak credentials, installing a Monero cryptocurrency miner and a Perl-based IRC backdoor as the final payload. The malware scans for open ports and weak credentials to infiltrate and then sends a command that will download the Perl-based Internet Relay Chat (IRC) Shellbot with file name “sshd2” (detected by Trend Micro as Backdoor.Perl.SHELLBOT.D) and “findz” (detected by Trend Micro as Trojan.SH.MINESTARTER.A) — which will infect the system with the miner by downloading and extracting “so3” (detected by Trend Micro as Coinminer.Linux.MALXMR.UWEJQ). “a”, a bash script that performs the following (detected by Trend Micro as Trojan.SH.MINESTARTER.A): Drops “upd”, a shell script that serves as a watchdog for the mining process Sets up a cron tab executing “upd” every minute Executes “r” “r”, a script that executes “e” or “f” depending on the central processing unit (CPU) architecture of the infected machine (detected by Trend Micro as Trojan.SH.MINESTARTER.A).Read More
  • AI, quantum computing and 5G could make criminals more dangerous than ever, warn police
    Artificial intelligence, quantum computing, 5G and the rise of the Internet of Things are just some of the emerging technologies that could aid cybercriminals in ways that could make them more dangerous than ever – and law enforcement must innovate quickly in order to help keep citizens safe, a new report has warned. Published by Europol, the 'Do criminals dream of electric sheep: how technology shapes the future of crime and law enforcement' report – the title of which references the work of science fiction writer Philip K. Dick – explores the consequences that emerging technology could have for cybercrime. For example, AI is detailed as a technology that could benefit law enforcement by helping to improve the security of systems and devices. One area Europol fears this could have an impact is in the realm of deepfakes and disinformation – the report even warns that "criminals are already reported to have used deepfake audio impersonating chief executives in an attempt to defraud organisations".Read More