Security Alerts & News
by Tymoteusz A. Góral

History
#364 Apple has shut down the first fully-functional Mac OSX ransomware
Apple has shut down what appears to have been the first, fully-functional ransomware targeting Mac computers. This particular form of cyber threat involves malware that encrypts the data on your personal computer so you can no longer access it. Afterwards, the hackers request that you pay them in a hard-to-trace digital currency – in this case, bitcoin – in order for you to retrieve your files. This ransomware, called KeRanger,” was first reported by researchers at Palo Alto Networks. They also
#363 Google fixes critical Android mediaserver bugs, again
Google today patched two critical holes in its problematic Android Mediaserver component which would allow an attacker to use email, web browsing, and MMS processing of media files to remotely execute code. With this latest vulnerability, Google has patched its Mediaserver more than two dozen times since the Stagefright vulnerability was discovered in August.
#362 Facebook fixes bug that allowed to reset anyone's password
Facebook has paid $15,000 (€13,600) to an independent security researcher who discovered a simple way of resetting passwords for other accounts, setting a new passphrase and effectively taking over profiles.
#361 Passcode bypass bugs trouble iOS 9.1 and Later
Apple has yet to patch a series of bypass vulnerabilities in iOS that could enable an attacker to sidestep the passcode authorization screen on iPhones and iPads running iOS 9.0, 9.1, and the most recent build of the mobile operating system, 9.2.1.
#360 McAfee lied about San Bernardino shooter's iPhone hack to 'get a s**tload of public attention'
“By doing so, I knew that I would get a shitload of public attention, which I did,” McAfee said. “That video, on my YouTube account, it has 700,000 views. My point is to bring to the American public the problem that the FBI is trying to [fool] the American public. How am I going to do that, by just going off and saying it? No one is going to listen to that crap.
#359 Google extends right-to-be-forgotten rules to all search sites
Google has responded to European Union data watchdogs by expanding its right-to-be-forgotten rules to apply to its search websites across the globe.
#358 Google piracy link-removal requests jump again: Now they hit 75 million a month
At the current rate, this year Google will probably need to assess one billion URLs that allegedly infringe copyrights.
#357 Training? What training? Workers' lack of cybersecurity awareness is putting the business at risk
Employees should be the most effective security control, but instead they create the greatest vulnerabilities, warns report
#356 First Mac-targeting ransomware hits BitTorrent Transmission users
A security research firm announced Sunday its discovery of what is believed to be the world’s first ransomware that specifically goes after OS X machines. "This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom,” Ryan Olson, of Palo Alto Networks, told Reuters.
#355 MIT's new 5-atom quantum computer could make today's encryption obsolete
A functional quantum computer large enough to crack traditional RSA encryption may still be in the future, but the U.S. National Security Agency is taking the possibility seriously. In January, it posted an FAQ on the technology’s potential.
#354 Seagate phish exposes all employee W-2’s
Email scam artists last week tricked an employee at data storage giant Seagate Technology into giving away W-2 tax documents on all current and past employees, KrebsOnSecurity has learned. W-2 forms contain employee Social Security numbers, salaries and other personal data, and are highly prized by thieves involved in filing phony tax refund requests with the Internal Revenue Service (IRS) and the states.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12