Security Alerts & News
by Tymoteusz A. Góral

History
#491 Petya ransomware encrypts master file table
Researchers at BleepingComputer said on Friday that the malware is spreading in emails that contain a Dropbox link that will lead to a file that installs the ransomware. The malware replaces the boot drive’s Master Boot Record with a malicious loader. The malware forces Windows to reboot and displays a phony check disk (CHKDSK) operation to the victim while the malware executes in the background and encrypts the master file table.
#490 Apple releases new version of iOS 9.3 for older devices affected by activation lock bug
Just a few days after releasing the iOS 9.3 update, Apple stopped offering it to a selection of older devices including the iPad Air and earlier and the iPhone 5s and earlier due to an activation issue. When the update was pulled, Apple promised to release a new version of iOS 9.3 shortly.

Apple today made good on that promise and has released a new version of iOS 9.3, build 13E237, which is now available for all iOS 9 users with older devices as an over-the-air update or through iTunes. Customers with older devices who had not yet updated to iOS 9.3 will be able to do so now.
#489 POS malware tool ‘Treasurehunt’ targets small US-based banks, retailers
As more US companies snuff out point of sale malware by deploying chip-and-PIN bankcard technology, attackers are rushing to exploit existing magnetic strip card systems still vulnerable to malware. A group of hackers that go by the name Bears Inc. are behind the latest barrage of attacks with a custom-built point of sale malware called Treasurehunt, according to research from FireEye.
#488 Google scales the Great Firewall, falls off 105 minutes later
Citizens of mainland China unexpectedly found themselves with unfettered access to Google search late last night, commencing a golden age of censorship-free searching that lasted all of 105 minutes.
#487 Badlock vulnerability clues few and far between
Despite the Badlock hype machine cranked up high, we don’t know much about this impending soul-crushing vulnerability other than it could be bad, it could be in the Windows Server Message Block and it already has its own requisite logo and website.
#486 Flaw in Truecaller Android app leaves data of millions of users exposed
A remotely exploitable flaw in the Truecaller app exposes the personal details of millions of users, security researchers from Cheetah Mobile Security Research Lab have discovered.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12