Posts filtered by tags: Bleeping Computer[x]


 

iOS Vulnerability Prevents VPNs From Encrypting All Traffic

A vulnerability affecting iOS 13.3.1 and later prevents virtual private networks (VPNs) from encrypting all traffic, allowing some internet connections to bypass encryption, potentially exposing users' data and IP addresses. A screenshot from ProtonVPN demonstrating exposed connections to Apple's servers that should be protected by the VPN Details on the vulnerability were shared today by Bleeping Computer after it was discovered by ProtonVPN. The vulnerability is caused because iOS isn't te...
Tags: Iphone, Apple, Ios, Ipad, Mac, Rumors, Vpn, Apple Apple, Bleeping Computer


New Details Emerge on the Ransomware Attack Against Epiq Global

On Monday, this blog broke the news that Epiq Global, the international e-discovery and managed services company, had taken its systems offline globally after becoming the target of a ransomware attack. Now, new details are emerging about exactly what happened to force Epiq to shut down its systems. The information security and technology news publication Bleeping Computer, citing a source in the cybersecurity industry, is reporting that Epiq was attacked by the Ryuk ransomware and that the comp...
Tags: Law, Uncategorized, Johnson Johnson, Emsisoft, Bleeping Computer, Epiq, Ryuk, Callow, Carns, Casepoint, David Carns, Brett Callow, Epiq Global, Ransomware Attack Against Epiq Global, Crowdstrike Ryuk


Slickwraps Data Breach Exposing Financial and Customer Info

Slickwraps, a mobile device case retailer, has suffered a major data breach exposing employee resumes, personal customer information, API credentials, and more. Bleeping Computer reports: In a post to Medium, a security researcher named Lynx states that in January 2020 he was able to gain full access to the Slickwraps web site using a path traversal vulnerability in an upload script used for case customizations. Using this access, Lynx stated that they were allegedly able to gain access to the r...
Tags: Tech, Endicott, Lynx, Bleeping Computer, BleepingComputer, Slickwraps Lynx, Jonathan Endicott, Slickwraps on Twitter


Chrome Tests Removing the URL of Google's Search Results Page

"Google has started testing a feature that will display the search query in the Chrome address bar rather than the actual page's URL when performing searches on Google," reports Bleeping Computer: This experimental feature is called "Query in Omnibox" and has been available as a flag in Google Chrome since Chrome 71, but is disabled by default. In a test being conducted by Google, this feature is being enabled for some users and will cause the search keyword to be displayed in the browser's add...
Tags: Google, Tech, Bleeping Computer, OmniBox


Macy's tells customers their payment information may have been stolen by hackers

Macy's website recently suffered a data breach. An investigation on October 15 found that Macys.com was linked to a website that stole customer payment data on the "Checkout" and "My Wallet" pages, the company wrote in a notice mailed to customers on Thursday. "We are aware of a data security incident involving a small number of our customers on Macys.com," a representative from Macy's said in a statement. "We have investigated the matter thoroughly, addressed the cause and have implemented ad...
Tags: Macys, Trends, Macy, Bleeping Computer, My Wallet


Hackers breached Macy’s website and hijacked customers’ payment info

Popular US department store chain Macy’s has revealed that its website was hacked with malicious scripts in an attempt to steal customers’ payment information. According to Bleeping Computer, the online storefront — macys.com — was infected with “unauthorized code” on October 7 to its ‘Checkout’ and ‘My Wallet’ pages, allowing the bad actor to capture credit card data. Macy’s said it was alerted to the situation on October 15, a full week after the site was breached. The attackers were able to a...
Tags: Security, Startups, US, Tech, Macy, Macy 's, Bleeping Computer


A set of new tools can decrypt files locked by Stop, a highly active ransomware

Thousands of ransomware victims may finally get some long-awaited relief. New Zealand-based security company Emsisoft has built a set of decryption tools for Stop, a family of ransomware that includes Djvu and Puma, which they say could help victims recover some of their files. Stop is believed to be the most active ransomware in the world, accounting for more than half of all ransomware infections, according to figures from ID-Ransomware, a free site that helps identify infections. But Emsisoft...
Tags: Tech, New Zealand, Microsoft Office, Gillespie, Puma, Europol, Emsisoft, Bleeping Computer, Michael Gillespie, Djvu, Emsisoft It


Moonday Mornings: Bitcoin extortionists are wiping GitHub repositories – unless you pay up

Good morning. It’s Monday, so you know what that means. It’s time for Moonday Mornings, our wrap-up of the weekend’s top cryptocurrency and blockchain headlines. 1.Bitcoin extortionists have been wiping GitHub repositories and holding the data to ransom, Bleeping Computer reports. All that remains in the repositories is a ransom note demanding 0.1BTC ($560) which hackers claim will ensure the safe return of code. 2. A US district court has ordered Craig Wright to provide a list of his public Bit...
Tags: Startups, US, Btc, Cryptocurrency, Blockchain, Craig Wright, Bleeping Computer, David Kleiman, Hard Fork


Daily News Roundup: What the Apple-Qualcomm Settlement Means

Apple and Qualcomm met each other in court this week in what was supposed to be a brutal trial. Turns out that wasn’t the case, as the two companies surprisingly agreed to a settlement yesterday. This means three things. Firstly, the settlement ends all ongoing legal action across the board—from Apple, Apple’s manufacturing partners, and Qualcomm. While it’s unclear why the two suddenly decided to settle, it’s very likely that neither wanted company secrets made publicly available in court. The...
Tags: Apple, Google, Crafts, Verizon, Intel, Ars Technica, Harvard, Qualcomm, Beowulf, Engadget, Apple Apple, Bleeping Computer, Notre Dame Digital Trends


4chan, 8chan, and LiveLeak blocked by Australian internet providers for hosting the livestream of New Zealand mosque shootings

Platforms including 4chan, 8chan, and LiveLeak hosted footage of the New Zealand mosque attacks that killed 50 people last week. In response, a number of internet service providers in Australia temporarily blocked sites that hosted the videos. "We believe it's the right thing to do, out of respect to the victims of this atrocity and their loved ones, to help stop the further sharing of this disturbing video," Vodafone Australia said. Facebook and Google have also been scrambling to halt the sp...
Tags: Google, Amazon, Facebook, Australia, Youtube, New York City, US, Trends, New Zealand, Associated Press, Telstra, Christchurch, Kotaku, Optus, Vodafone Australia, Al Noor


Microsoft Asks Users To Call Windows 10 Devs About ALT+TAB Feature (slashdot)

An anonymous reader quotes a report from Bleeping Computer: Microsoft has started to display notifications in the Windows 10 Action Center asking users to have a phone call with Microsoft developers and provide direct feedback about the ALT+TAB feature in Windows. While using a Windows 10 Insider build today, I was shown a Feedback Hub notification stating that "Microsoft wants to hear your opinions! To set up a phone call with Windows engineers, go to: http://www.aka.ms/alttab." This link then ...
Tags: News, Microsoft, Bleeping Computer, BeauHD, Action Center


Microsoft Asks Users To Call Windows 10 Devs About ALT+TAB Feature

An anonymous reader quotes a report from Bleeping Computer: Microsoft has started to display notifications in the Windows 10 Action Center asking users to have a phone call with Microsoft developers and provide direct feedback about the ALT+TAB feature in Windows. While using a Windows 10 Insider build today, I was shown a Feedback Hub notification stating that "Microsoft wants to hear your opinions! To set up a phone call with Windows engineers, go to: http://www.aka.ms/alttab." This link then ...
Tags: Microsoft, Tech, Bleeping Computer, Action Center


Shlayer Malware Disables macOS Gatekeeper To Run Unsigned Payloads

A new variant of the multi-stage Shlayer malware known to target macOS users has been observed in the wild, now being capable to escalate privileges using a two-year-old technique and to disable the Gatekeeper protection mechanism to run unsigned second stage payloads. Bleeping Computer reports: This new Shlayer variant unearthed by Carbon Black's Threat Analysis Unit (TAU) targets all macOS releases up to the latest 10.14.3 Mojave, and will arrive on the targets' machines as a DMG, PKG, ISO, or...
Tags: Apple, Tech, Patrick Wardle, Dmg, Bleeping Computer, Carbon Black s Threat Analysis Unit TAU, Shlayer


Windows 10 Is Only Making Windows Fragmentation Worse

With Windows 10, Microsoft wanted to get every Windows user on the same platform. Now, the opposite is happening. Just 6.6% of Windows 10 PCs have the October 2018 Update over three months after its release. The Numbers These numbers come courtesy of AdDuplex, which tracks Windows update market share, as spotted by Bleeping Computer. In December 2018: 6.6% of Windows 10 PCs were running the October 2018 Update 83.6% were running the April 2018 Update 5.7% were running the Fall Creators Updat...
Tags: Apple, Google, Crafts, Microsoft, Intel, Amd, Bleeping Computer


Microsoft Issues Emergency Fix For Internet Explorer Zero Day (slashdot)

An anonymous reader quotes a report from Bleeping Computer: Microsoft has released an out-of-band security update that fixes an actively exploited vulnerability in Internet Explorer. This vulnerability has been assigned ID CVE-2018-8653 and was discovered by Google's Threat Analysis Group when they saw the vulnerability being used in targeted attacks. According to Microsoft's security bulletin this is vulnerability in how the Internet Explorer scripting engine handles objects in memory. Attacker...
Tags: News, Microsoft, Bleeping Computer, BeauHD, Google s Threat Analysis Group


Microsoft Issues Emergency Fix For Internet Explorer Zero Day

An anonymous reader quotes a report from Bleeping Computer: Microsoft has released an out-of-band security update that fixes an actively exploited vulnerability in Internet Explorer. This vulnerability has been assigned ID CVE-2018-8653 and was discovered by Google's Threat Analysis Group when they saw the vulnerability being used in targeted attacks. According to Microsoft's security bulletin this is vulnerability in how the Internet Explorer scripting engine handles objects in memory. Attacker...
Tags: Microsoft, Tech, Bleeping Computer, Google s Threat Analysis Group


PSA: Fake App Store Receipts Are Tricking People Into Providing All Their Personal Details

A fascinating new phishing attempt it making the rounds disguising itself as a receipt from the App Store, tricking unsuspecting users into coughing up all of their personal details. Here’s what you need to know and how to stay safe. First of all, look how skeezy this looks As reported by Bleeping Computer, the attempt shows up as an email with an attached PDF receipt for somewhere in the range of $30. With that, there’s a highly convenient “Issues with this transaction?” link at the bottom...
Tags: Apple, Crafts, Bleeping Computer


Bitcoin extortionists threaten victims with ‘hitman’ unless they cough up $4K

Cryptocurrency scams are getting more old-school with every week that passes. Hacks seem to be too difficult these days and old-fashioned threats are becoming the way of the crypto-criminal. According to emails seen by Bleeping Computer, scammers are now threatening victims with a hitman if they don’t pay $4,000 in Bitcoin to call off the hit. The emails appear to come from the owner of a dark net website who has recently received an order from someone to hire a hitman to assassinate the email r...
Tags: Startups, Bitcoin, Cryptocurrency, Blockchain, Bleeping Computer, Hard Fork


Microsoft Fixes Windows 10’s File Association Bug, Unless You’re Using the October Update

Microsoft just updated Windows 10 to fix the file association bug we reported and some other issues. For some bizarre reason, these fixes are not available if you’ve installed the October 2018 Update on your PC. On November 27, Microsoft released a “cumulative update” for Windows 10 that fixes a variety of bugs. As Bleeping Computer notes, Microsoft says the problem that prevents some Windows users from setting their default applications is fixed. Unfortunately, the Windows Media Player bug is ...
Tags: Crafts, Microsoft, Bleeping Computer


Google Wants to Remove FTP From Chrome. Would You Even Care?

Google has wanted to remove FTP from Chrome for years, and Chrome developers are taking a new step towards that goal. After all, FTP is an old, unencrypted protocol. We should have stopped using it years ago. As Lawrence Abrams over at Bleeping Computer points out, an upcoming change means Chrome will soon download resources like images and PDF files from FTP (File Transfer Protocol) sites rather than displaying them in Chrome itself. However, Chrome will still display a list of each FTP folder...
Tags: Chrome, Google, Crafts, Mozilla, Bleeping Computer, Lawrence Abrams


Winamp 5.8, the First Update In 4 Years, Is Released (slashdot)

Winamp, the world's most famous media player, has released version 5.8 to make it compatible with today's modern operating systems such as Windows 8.1 and Windows 10. Bleeping Computer notes that there hasn't been a new updates released since 2014, when Radionomy purchased Winamp from AOL. Some other new features include standalone audio player support, an auto-fullscreen option for videos, updates scrollbars and buttons, and bug fixes. From the report: Radionomy has stated that they are not sto...
Tags: News, Winamp, Bleeping Computer, BeauHD, Radionomy, Alexandre Saboundjian, Saboundjian


Winamp 5.8, the First Update In 4 Years, Is Released

Winamp, the world's most famous media player, has released version 5.8 to make it compatible with today's modern operating systems such as Windows 8.1 and Windows 10. Bleeping Computer notes that there hasn't been a new updates released since 2014, when Radionomy purchased Winamp from AOL. Some other new features include standalone audio player support, an auto-fullscreen option for videos, updates scrollbars and buttons, and bug fixes. From the report: Radionomy has stated that they are not sto...
Tags: Tech, Winamp, Bleeping Computer, Radionomy, Alexandre Saboundjian, Saboundjian


Hackers sell data of 130 million Chinese hotel guests on the dark web for 8 Bitcoin

It seems that China’s crackdown on cryptocurrencies doesn’t extend to the infamous dark web. A hacker is selling the personal data of over 130 million individuals for 8 BTC ($56,776 at press time) on a Chinese dark web forum, technology publication Bleeping Computer reports. The individuals implicated in the hack are all clients of Huazhu Hotels Group, one of China’s largest hospitality chains, which manages over 3,800 hotels across 382 cities in China. According to the local media that spotted ...
Tags: Startups, Asia, China, Btc, Cryptocurrency, Huazhu Hotels Group, Bleeping Computer, Hard Fork


Bitdefender Disables Anti-Exploit Monitoring in Chrome After Google Policy Change

secwatcher shares a report: Last week we reported that Chrome has started displaying alerts more often that suggest users remove programs that are considered incompatible applications with Chrome because they inject code into the browser's processes. These alerts are displayed by Chrome after the browser crashes and suggest the user remove the listed programs because "this application could prevent Chrome from working properly." One of the programs that a lot of users have seen listed in these a...
Tags: Google, Tech, Bitdefender, Bleeping Computer, Bogdan Botezatu


Mozilla Removes 23 Firefox Add-Ons That Snooped On Users (slashdot)

An anonymous reader writes: Mozilla has removed 23 Firefox add-ons from its add-on store that snooped on users and sent data to remote servers, a Mozilla engineer told Bleeping Computer Friday. The list of blocked add-ons includes "Web Security," a security-centric Firefox add-on with over 220,000 users, which was at the center of a controversy this week after it was caught sending users' browsing histories to a server located in Germany. "The mentioned add-on has been taken down, together with ...
Tags: Firefox, News, Germany, Mozilla, Wu, Rob Wu, Bleeping Computer, Msmash


New VORACLE Attack Can Recover HTTP Data From Some VPN Connections

"A new attack named VORACLE can recover HTTP traffic sent via encrypted VPN connections under certain conditions," reports Bleeping Computer, citing research presented last week at the Black Hat and DEF CON security conferences. An anonymous reader writes: The conditions are that the VPN service/client uses the OpenVPN protocol and that the VPN app compresses the HTTP traffic before it encrypts it using TLS. To make matters worse, the OpenVPN protocol compresses all data by default before send...
Tags: Tech, Vpn, Bleeping Computer, TunnelBear


Mozilla Removes 23 Firefox Add-Ons That Snooped On Users

An anonymous reader writes: Mozilla has removed 23 Firefox add-ons from its add-on store that snooped on users and sent data to remote servers, a Mozilla engineer told Bleeping Computer Friday. The list of blocked add-ons includes "Web Security," a security-centric Firefox add-on with over 220,000 users, which was at the center of a controversy this week after it was caught sending users' browsing histories to a server located in Germany. "The mentioned add-on has been taken down, together with ...
Tags: Firefox, Germany, Tech, Mozilla, Wu, Rob Wu, Bleeping Computer


Windows 10 Enterprise Getting 'InPrivate Desktop' Sandboxed Execution Feature

An anonymous reader quotes a report from Bleeping Computer: A recent Windows 10 Insider Feedback Hub quest revealed that Microsoft is developing a new throwaway sandboxed desktop feature called "InPrivate Desktop." This feature will allow administrators to run untrusted executables in a secure sandbox without fear that it can make any changes to the operating system or system's files. This quest is no longer available in the Feedback Hub, but according to it's description, this feature is being ...
Tags: Microsoft, Tech, Bleeping Computer, Feedback Hub, InPrivate Desktop Preview


Mozilla Is Working On a Chrome-Like 'Site Isolation' Feature For Firefox

An anonymous reader writes: "The Mozilla Foundation, the organization behind the Firefox browser, is working on adding a new feature to its browser that is similar to the Site Isolation feature that Google rolled out to Chrome users this year," reports Bleeping Computer. "[Chrome's] Site Isolation works by opening a new browser process for any domain/site the user loads in a tab." The feature has been recently rolled out to 99% of the Chrome userbase. "But Chrome won't be the only browser with S...
Tags: Firefox, Google, Tech, Mozilla, Mozilla Foundation, Bleeping Computer, Bleeping Computer Work


364 Idaho Inmates Hacked Their Prison Tablets For Free Credits

According to local Idaho media, 364 inmates across at least five institutions exploited a vulnerability in their prison-issued tablets to assign nearly $225,000 worth of digital credits to their accounts. They were then able to use these credits to buy music and games. Bleeping Computer reports: The hacked tablets have been used at low-security level prisons across the U.S. for a few years now. They've been offered through a partnership between CenturyLink and JPay. Spokespersons for both compan...
Tags: Tech, Idaho, Bleeping Computer, JPay, Idaho Department of Correction IDC