The Hidden Bee infection chain, part 1: the stegano pack

Credit to Author: hasherezade| Date: Thu, 15 Aug 2019 15:26:55 +0000

The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That’s why we’re dedicating a series of posts to exploring its elements and updates made during one year of its evolution.

Categories:

Tags:

(Read more…)

The post The Hidden Bee infection chain, part 1: the stegano pack appeared first on Malwarebytes Labs.

Read more

Microsoft warns of Visual Basic, VBA and VBScript 'procedure call' errors after August patches

Credit to Author: Woody Leonhard| Date: Thu, 15 Aug 2019 05:28:00 -0700

August is going to be a perilous patching month.

We’re tracking down credible reports of the Server 2012 R2 Monthly rollup breaking RDP logins, a conflict between the Win10 1903 cumulative update and last month’s version of Outlook 365, confusion about Win7 patches being branded as “IA64 only,” dealing with the lack of telemetry (!) in the August Win7 Security Only patch, much mayhem trying to install SHA-2 signed patches (including the Win7 Monthly Rollup) on systems using Symantec Endpoint Protection, even more confusion over the difference between Symantec Endpoint Protection and Norton Security Suite, and lots of the usual installation failures and rollbacks.

To read this article in full, please click here

Read more

3 Google privacy tips for Mac and iOS users

Credit to Author: Jonny Evans| Date: Thu, 15 Aug 2019 04:15:00 -0700

Alternative search engines such as DuckDuckGo are attracting growing numbers of privacy focused users, but there’s no doubt that Google dominates the industry, even on Apple products. Fortunately, there are several ways to make your Google activity more private.

Do you have a Google account? (You probably do)

Do you use Gmail? Did you one use Google +? Perhaps you employ Google Drive, Google Docs or any of the company’s other products. If so, you have a Google account.

To read this article in full, please click here

Read more

Chrome, Firefox to expunge Extended Validation cert signals

Credit to Author: Gregg Keizer| Date: Thu, 15 Aug 2019 03:00:00 -0700

Google and Mozilla have decided to eliminate visual signals in their Chrome and Firefox desktop browsers of special digital certificates meant to assure users that they landed at a legitimate site, not a malicious copycat.

The certificates, dubbed “Extended Validation” (EV) certificates, were a subset of the usual certificates used to encrypt browser-to-server-and-back communications. Unlike run-of-the-mill certificates, EVs can be issued only by a select group of certificate authorities (CAs); to acquire one, a company must go through a complicated process that validates its legal identity as the site owner. They’re also more expensive.

The idea behind EVs was to give web users confidence that they were at their intended destination, that the site computerworld.com, for instance, was owned by its legal proprietor, IDG, and not a fishy – and phishy – URL run by It’s Crooks All the Way Down LLC and chockablock with malware. Browsers quickly took to the concept, rewarding EV-secured sites with in-your-face visual cues, notably the verified legal identity in front of the domain in the address bar. The identity was often shaded in green as an additional tip-off. (Chrome dismissed the green in September 2018 as of Chrome 69.)

To read this article in full, please click here

Read more

5 Career Tips for Young Professionals

Credit to Author: Isabelle Kahakura| Date: Wed, 14 Aug 2019 17:40:12 +0000

I joined Schneider Electric Brazil in 2012 as a Marketing Intern. Looking back, I realize that I could get amazing mentoring and advice from many leaders around the world, which… Read more »

The post 5 Career Tips for Young Professionals appeared first on Schneider Electric Blog.

Read more

One Step Forward to Transform Education

Credit to Author: Employee Voices| Date: Tue, 13 Aug 2019 23:00:47 +0000

Veronica Virina from Schneider Electric Philippines wrote about her experience in support for International Youth Day 2019 and its theme to Transform Education. In what feels a lifetime ago, I… Read more »

The post One Step Forward to Transform Education appeared first on Schneider Electric Blog.

Read more

Meet Bluetana, the Scourge of Pump Skimmers

Credit to Author: BrianKrebs| Date: Wed, 14 Aug 2019 12:25:32 +0000

“Bluetana,” a new mobile app that looks for Bluetooth-based payment card skimmers hidden inside gas pumps, is helping police and state employees more rapidly and accurately locate compromised fuel stations across the nation, a study released this week suggests. Data collected in the course of the investigation also reveals some fascinating details that may help explain why these pump skimmers are so lucrative and ubiquitous.

Read more

Trojans, ransomware dominate 2018–2019 education threat landscape

Credit to Author: Wendy Zamora| Date: Wed, 14 Aug 2019 13:00:00 +0000

Trojans such as Emotet and TrickBot were the top threat for the education sector in the 2018–2019 school year. What threats will the new school year bring?

Categories:

Tags:

(Read more…)

The post Trojans, ransomware dominate 2018–2019 education threat landscape appeared first on Malwarebytes Labs.

Read more