SECURITY WARNINGS & Notices - Please post them here

[mchain]

Intel chip flaw allows hackers to hijack thousands of PCs
http://www.telegraph.co.uk/technology/2017/05/08/intel-chip-flaw-allows-hackers-hijack-thousands-pcs/
Dated May 8th, somehow not noted:  Apparently affects commercial systems.

[DavidR]

Intel chip flaw allows hackers to hijack thousands of PCs
http://www.telegraph.co.uk/technology/2017/05/08/intel-chip-flaw-allows-hackers-hijack-thousands-pcs/
Dated May 8th, somehow not noted:  Apparently affects commercial systems.

Isn't it so damn typical build a backdoor and people will take advantage of it.

EDIT: Not sure why it would only be on commercial systems. I don't believe Intel built specific chips for commerce.

[Be Secure]

News Brief: BitKangoroo Ransomware Deletes Your Files If You Do not Pay
https://www.bleepingcomputer.com/news/security/news-brief-bitkangoroo-ransomware-deletes-your-files-if-you-do-not-pay/

[Pondus]

Not new   May 8, 2017

[Be Secure]

Man Linked to Auto Parts Store Behind Bachosens Malware
https://www.bleepingcomputer.com/news/security/man-linked-to-auto-parts-store-behind-bachosens-malware/

[Be Secure]

Security Researchers Are Gathering Funds to Buy Future Shadow Brokers Exploits
https://www.bleepingcomputer.com/news/security/security-researchers-are-gathering-funds-to-buy-future-shadow-brokers-exploits/
UPDATE [June 1, 05:00 AM ET]: Due to legal concerns, the team behind this campaign has pulled out and shut down the project. Statements here and here.

[Be Secure]

Fireball Malware Infects 20% of Corporate Networks Worldwide
https://www.infosecurity-magazine.com/news/fireball-infects-20-of-corporate/

[Be Secure]

Kmart Point of Sale Hacked with 'Undetectable' Malware
https://www.infosecurity-magazine.com/news/kmart-point-of-sale-hacked/

[Eddy]

More about Fireball
http://blog.checkpoint.com/2017/06/01/fireball-chinese-malware-250-million-infection/

[Asyn]

Identity Manager OneLogin Has Suffered a Nasty Looking Data Breach
https://motherboard.vice.com/en_us/article/identity-manager-onelogin-has-suffered-a-nasty-looking-data-breach
https://www.onelogin.com/blog/may-31-2017-security-incident

[Be Secure]

Russian State Hackers Use Britney Spears Instagram Posts to Control Malware
https://www.bleepingcomputer.com/news/security/russian-state-hackers-use-britney-spears-instagram-posts-to-control-malware/

[Eddy]

Microsoft Internet Explorer Multiple Vulnerabilities
Secunia Advisory SA76672
Where: From remote
Impact: Security Bypass, Spoofing, System access
Solution Status: Vendor Patch
Software:
Microsoft Internet Explorer 10.x
Microsoft Internet Explorer 11.x
Microsoft Internet Explorer 9.x

CVE Reference(s): CVE-2017-0064, CVE-2017-0222, CVE-2017-0226, CVE-2017-0228, CVE-2017-0231, CVE-2017-0238

[polonus]

Dangerous new AMT SOL malware abused by hackers. Can avast protect us?
Read: https://blogs.technet.microsoft.com/mmpc/2017/06/07/platinum-continues-to-evolve-find-ways-to-maintain-invisibility/

There is more trouble like WannaCry in the pipeline for us all. Why supervisors do not make an effort to make the general infrastructure somewhat less holed with all those that wanna spook on the general public or abuse them, big gubberment and big commerce alike.

All small remainders of your privacy and other rights will go down the drain when this tracking and surveillance tornado is not brought to calm down. The sad thing is there seems no end to this.

polonus

[bob3160]

Ransomware now available for mac computer's - http://www.myce.com/news/security-researchers-discover-ransomware-apple-computers-tor-network-82111/

Nothing new: http://blog.trendmicro.com/ransomware-is-a-growing-risk-on-macs/

[Pondus]

Microsoft Patches Windows XP Again As Part of June Patch Tuesday
http://blog.trendmicro.com/trendlabs-security-intelligence/microsoft-patches-windows-xp-again-june-patch-tuesday/