Security Alerts & News
by Tymoteusz A. Góral

History
#1849 Exposed MongoDB installs being erased, held for ransom
Security researcher Victor Gevers, co-founder of the GDI Foundation, a non-profit dedicated to making the internet safer, is urging administrators to check their MongoDB installations, after finding nearly two hundred of them wiped and being held for ransom.

Currently, as of Monday morning, Gevers says he’s discovered 196 instances of a MongoDB installation exposed to the public that's been erased and held for ransom. UPDATE: The count has reached nearly 2,000 databases as of 4:00 p.m.

The person behind the attacks is demanding 0.2 BTC ($202.89 USD) as payment, and requiring system administrators email proof of ownership before the files are restored. Those without backups are left in a bind.
Read more
#1853 Android was 2016's most vulnerable product and Oracle with the most security bugs
#1852 California law makes ransomware use illegal
#1851 Google patches 29 critical Android vulnerabilities including holes in Mediaserver, Qualcomm
#1850 This ransomware targets HR departments with fake job applications
#1849 Exposed MongoDB installs being erased, held for ransom
#1848 State of the web 2016 (PDF)
#1847 Koolova ransomware decrypts for free if you read two articles about ransomware
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12