Two men accused of participating in the multimillion-dollar Methbot digital-advertising fraud scheme are scheduled to plead guilty in the coming days, according to court filings from the Eastern District of New York. Sergey Ovysannikov and Yevgeniy Timchenko, both originally from Kazakhstan, are scheduled to appear in a federal courtroom in Brooklyn on Sept. 24 and Sept. 25, respectively, to enter plea agreements before Judge Steven M. Gold.
Have you ever heard of the STOP Ransomware? Probably not, as few write about it, most researchers don't cover it, and for the most part it targets consumers through cracked software, adware bundles, and shady sites. Ryuk, GandCrab, and Sodinkibi get huge and deserved media attention because they generate giant ransom payments, can halt business and local governments, and affect enterprise customers, which are the bread and butter for AV companies.
Microsoft said Friday it will offer state and local election officials free security support for Windows 7 operating systems used in voting systems through 2020. “We want to make sure that Windows 7 end-of-life doesn’t…become a barrier to having a secure and safe election,” Jan Neutze, head of Microsoft’s cybersecurity and democracy team, said in announcing the news, which CyberScoop was first to report.
Atlassian released updates for Jira Service Desk and Jira Service Desk Data Center to fix a critical-severity security bug that can be exploited by anyone with access to a vulnerable customer portal. The company patched another critical vulnerability affecting Jira Server and Jira Data Center that allows server-side template injection leading to remote code execution.
Facebook has suspended tens of thousands of applications from its platform as part of a wider investigation into data-sharing practices following the Cambridge Analytica scandal. The App Developer Investigation, launched in March 2018, has involved reviewing all apps that have access to large amounts of information, as well as those that express a "potential" to break Facebook's policies.
D-Link DNS-320 ShareCenter network-attached storage (NAS) devices are affected by a critical vulnerability that can be exploited remotely to take complete control of a device and access the files stored on it. Researchers at Vietnam-based CyStack Security discovered the vulnerability and reported it to D-Link in mid-August.