Two Methbot suspects set to plead guilty as alleged ringleader maintains his innocence
Two men accused of participating in the multimillion-dollar Methbot digital-advertising fraud scheme are scheduled to plead guilty in the coming days, according to court filings from the Eastern District of New York. Sergey Ovysannikov and Yevgeniy Timchenko, both originally from Kazakhstan, are scheduled to appear in a federal courtroom in Brooklyn on Sept. 24 and Sept. 25, respectively, to enter plea agreements before Judge Steven M. Gold.
Meet Stop Ransomware: The Most Active Ransomware Nobody Talks About
Have you ever heard of the STOP Ransomware? Probably not, as few write about it, most researchers don't cover it, and for the most part it targets consumers through cracked software, adware bundles, and shady sites. Ryuk, GandCrab, and Sodinkibi get huge and deserved media attention because they generate giant ransom payments, can halt business and local governments, and affect enterprise customers, which are the bread and butter for AV companies.
Microsoft will offer free Windows 7 support for election officials through 2020
Microsoft said Friday it will offer state and local election officials free security support for Windows 7 operating systems used in voting systems through 2020. “We want to make sure that Windows 7 end-of-life doesn’t…become a barrier to having a secure and safe election,” Jan Neutze, head of Microsoft’s cybersecurity and democracy team, said in announcing the news, which CyberScoop was first to report.
Jira Server and Service Desk Fix Critical Security Bugs
Atlassian released updates for Jira Service Desk and Jira Service Desk Data Center to fix a critical-severity security bug that can be exploited by anyone with access to a vulnerable customer portal. The company patched another critical vulnerability affecting Jira Server and Jira Data Center that allows server-side template injection leading to remote code execution.
Facebook purges tens of thousands of apps as part of Cambridge Analytica probe
Facebook has suspended tens of thousands of applications from its platform as part of a wider investigation into data-sharing practices following the Cambridge Analytica scandal. The App Developer Investigation, launched in March 2018, has involved reviewing all apps that have access to large amounts of information, as well as those that express a "potential" to break Facebook's policies.
Flaw Gives Hackers Remote Access to Files Stored on D-Link DNS-320 Devices
D-Link DNS-320 ShareCenter network-attached storage (NAS) devices are affected by a critical vulnerability that can be exploited remotely to take complete control of a device and access the files stored on it. Researchers at Vietnam-based CyStack Security discovered the vulnerability and reported it to D-Link in mid-August.
