Researchers continue to unpack a possible second eBay security bug as eBay users brace for identity theft.
The novel "hacked-by-Oleg-Pliss" ransomware has affected many Apple users in Australia and New Zealand, and there's no reason to believe the campaign will be confined to those countries. Unlike more familiar forms of ransomware, "Oleg Pliss" doesn't encrypt victims' files, but instead activates the "Lost iDevice" feature on their iPhones or iPads. Security researchers offer advice on prevention and recovery (sound password practices are especially recommended) but much about the campaign remains baffling. Why should it seem confined largely to Australia and New Zealand—equally curious whether it used stolen credentials or exploited an iOS flaw?
Fidelis Security reported in February on the "STTEAM" cyber campaign afflicting Middle Eastern oil and gas companies; Recorded Future has an update.
Bitdefender says the instant messaging Trojan Gen:Variant.Downloader.167 is politely spreading itself through Europe and North America, asking nicely, "I want to post these pictures on Facebook, do you think it's OK?" (Tip: it's not "OK.")
Several Android exploits are currently active in the wild; other Android vulnerabilities are discovered in labs. Chinese Android users are hit by a banking Trojan that poses as a WeChat app. Researchers find some email and messaging programs (including Outlook) storing messages unencrypted on Android devices' SD card. Other researchers demonstrate that Android phones can be hacked to take pictures without owners' knowledge.
Snowden tells reporters he was "a trained spy," not just some lowly sysadmin.
Sabu walks with time served.