A new and active campaign for the CryptON Ransomware is currently underway where attackers are hacking into computers with Internet accessible Remote Desktop Services. Once the attackers gain access to the computer they manually execute the ransomware and encrypt your files. This new campaign was first discovered by Malwarebytes security researcher S!Ri who posted about it on Twitter.
Two years after being ousted, a criminal operation that has been inserting malware in the firmware of low-cost Android devices is still up and running, and has even expanded its reach. News of this group first surfaced after a report in December 2016, when Russian antivirus vendor Dr.Web disclosed that a mysterious threat actor had found a way to penetrate the supply-chain of several mobile carriers, infecting phones with malware.
In the aftermath of a fatal crash that killed a pedestrian, the state of Arizona barred Uber Technologies, Inc. from road-testing its self-driving car program. Now, the company announced on 23 May that it will close down the self-driving vehicle program in Arizona, a move that will affect more than 300 jobs, according to the Wall Street Journal. A spokeswoman for Uber said that the company will not be eliminating all of their autonomous vehicle programs and will resume operations this summer with a limited focus, testing fewer cars with smaller routes in Pittsburgh and two cities in California.
A bug in T-Mobile’s website let anyone access the personal account details of any customer with just their cell phone number. The flaw, since fixed, could have been exploited by anyone who knew where to look — a little-known T-Mobile subdomain that staff use as a customer care portal to access the company’s internal tools. The subdomain — promotool.t-mobile.com, which can be easily found on search engines — contained a hidden API that would return T-Mobile customer data simply by adding the customer’s cell phone number to the end of the web address.
Hackers have come up with a never-before-seen method of installing backdoored plugins on websites running the open-source WordPress CMS, and this new technique relies on using weakly protected WordPress.com accounts and the Jetpack plugin. The technique is highly complex, and to compromise a site, a hacker must go through different steps, during which multiple things can prevent the attack from being successful.
