Security Alerts & News
by Tymoteusz A. Góral

History
#1875 US college pays $28,000 to get files back after ransomware attack
Los Angeles Valley College (LAVC) has paid a public record of $28,000 (£22,500) in Bitcoins to extortionists after ransomware encrypted hundreds of thousands of files held on its servers.

In a public statement that shares the College’s homepage with upbeat messages about visiting its campus Lion Cafeteria, LAVC said the unnamed ransomware got inside the organisation on December 30.

It was detected within hours but too late to stop IT staff being locked out of critical files held on multiple servers. In addition to losing data access, important services went down, including the College’s network, email and phone system, bringing the College to a standstill.
#1874 Shamoon disk-wiping attackers can now destroy virtual desktops, too
There's a new variant of the Shamoon disk-wiping malware that was originally unleashed on Saudi Arabia's state-owned oil company in 2012, and it has a newly added ability to destroy virtual desktops, researchers said.

The new strain is at least the second Shamoon variant to be discovered since late November, when researchers detected the return of disk-wiping malware after taking a more than four-year hiatus. The variant was almost identical to the original one except for the image that was left behind on sabotaged computers. Whereas the old one showed a burning American flag, the new one displayed the iconic photo of the body of Alan Kurdi, the three-year-old Syrian refugee boy who drowned as his family tried to cross from Turkey to Greece. Like the original Shamoon, which permanently destroyed data on more than 30,000 work stations belonging to Saudi Aramco, the updates also hit one or more Saudi targets that researchers have yet to name.
#1873 Security updates available for Adobe Flash Player
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.
#1872 Security updates available for Adobe Acrobat and Reader
Adobe has released security updates for Adobe Acrobat and Reader for Windows and Macintosh. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.
#1871 Our continuing commitment to your privacy with Windows 10
Microsoft: At Microsoft, we are deeply committed to protecting our customers’ privacy. This includes providing clear choices and easy-to-use tools that put you in control of how your information is collected and used. Trust is a core pillar of our More Personal Computing vision, and we are working hard to make sure Windows 10 is the most secure Windows ever and a product you love and trust.
#1870 Microsoft Security Bulletin Summary for January 2017
This bulletin summary lists security bulletins released for January 2017.

For information about how to receive automatic notifications whenever Microsoft security bulletins are issued, visit Microsoft Technical Security Notifications.

Microsoft also provides information to help customers prioritize monthly security updates with any non-security updates that are being released on the same day as the monthly security updates.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12