Security Alerts & News
by Tymoteusz A. Góral

History
#289 Malware and skimmer, explosions and hammers: How attackers go after ATM
What was the best way to steal cash from an ATM in 2015? Skimming still remains king, but a survey of 87 members of the ATM Industry Association (ATMIA) says that card trapping and transaction reversal fraud are on the rise around the world.
#288 KeyBase keylogger usage explodes after getting leaked online
KeyBase is a spyware family that can capture keystrokes, steal data from the user's clipboard, and take screenshots of the victim's desktop at regular intervals.

The malware was created in February 2015 but was seen for the first time in June when the same Palo Alto researchers stumbled upon an unprotected server (control panel) where KeyBase was sending its screenshots.
#287 Drupal update fixes 10 vulnerabilities, one critical
Developers at Drupal addressed 10 vulnerabilities in the content management system this week, including a critical access bypass issue that could have let users access certain elements thought to be blocked, and another issue that could lead to remote code execution.
#286 Op-ed: The international politics of VPN regulation
Repressive nations are pursuing increasingly diverse strategies for curbing VPN use.
#285 Malicious websites exploit Silverlight bug that can pwn Macs and Windows
The critical code-execution vulnerability, which Microsoft patched last month, was actively exploited for two years in attack code owned by Italy-based exploit broker Hacking Team. As Ars reported last July, the Silverlight exploit came to light following a hack on Hacking Team's network that exposed gigabytes worth of private e-mails and other data. Researchers with Russian antivirus provider Kaspersky Lab later discovered the vulnerability being exploited in the wild and privately reported it
#284 Have we been hit by hackers? No idea, CIOs admit
Current security practices mean data breaches can take six months to detect, warns a new survey.
#283 PWC report: businesses are leaving themselves vulnerable due to lack of understanding over risks.
"The insidious nature of this threat is such that of the 56 percent who say they are not victims, many have likely been compromised without knowing it. A concerning trend we have observed is that of hackers managing to remain on organisations' networks for extended periods of time without being detected," says the report, which comes following another study suggesting that businesses are often unaware that they've been breached.
#282 Advertisers need four apps to identify you
A study from the French Institute for Research in Computer Science and Automation found the majority of mobile phone users can be re-identified in a dataset by as few as four of the apps they had installed on their smartphones, raising privacy concerns as platforms increasingly share app data with advertisers.
#281 G DATA Mobile Malware Report (PDF) - 758,133 new Android malware Q4 2015
G DATA security experts identified 758,133 new Android malware files in the fourth quarter of 2015.
#280 CTB-Locker/Critroni finds new legs targeting websites
After months of relative dormancy, ransomware CTB-Locker or Critroni is back and this time finding new life targeting websites. Researchers are calling this variant “CTB-Locker for Websites” because it targets websites, encrypts their content, and demands a 0.4 bitcoin ($425) ransom for access to the decryption key.
#279 Windows 10 is showing ads on your lockscreen, here's how to turn them off
Windows 10's new Spotlight feature usually shows you neat photographs and fun facts when you first start your computer. Now, it’s started showing ads. Here’s how to turn it off.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12