NY attorney general forces spyware vendor to alert victims

The New York attorney general's office has announced a $410,000 fine against a stalkerware developer who used 16 companies to promote surveillance tools illegally. [...] | Continue reading


@bleepingcomputer.com | 22 hours ago

Bermuda hit by widespread internet outage amid power cut

Bermuda experienced a widespread power outage on Friday which impacted the island's internet and phone services. Calling it a "serious incident" at BELCO, the Bermudian power supplier, the government has advised customers to "unplug all sensitive electrical equipment" as crews wo … | Continue reading


@bleepingcomputer.com | 1 day ago

The Week in Ransomware - February 3rd 2023 - Ending with a mess

While the week started slowly, it turned into a big ransomware mess, with attacks striking a big blow at businesses running VMware ESXi servers. [...] | Continue reading


@bleepingcomputer.com | 1 day ago

InstantCheckmate, TruthFinder confirm data breach affecting 20M customers

PeopleConnect, the owners of the TruthFinder and Instant Checkmate background check services, confirmed they suffered a data breach after hackers leaked a 2019 backup database containing the info of millions of customers. [...] | Continue reading


@bleepingcomputer.com | 1 day ago

Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide

Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware. [...] | Continue reading


@bleepingcomputer.com | 1 day ago

Florida hospital takes IT systems offline after cyberattack

Tallahassee Memorial HealthCare (TMH) has taken its IT systems offline and suspended non-emergency procedures following a late Thursday cyberattack. [...] | Continue reading


@bleepingcomputer.com | 1 day ago

GoAnywhere MFT zero-day vulnerability lets hackers breach servers

The developers of the GoAnywhere MFT file transfer solution are warning customers of zero-day remote code execution vulnerability on exposed administrator consoles. [...] | Continue reading


@bleepingcomputer.com | 1 day ago

Atlassian fixes critical bug giving access to Jira Service Management

A critical vulnerability in Atlassian's Jira Service Management Server and Data Center could allow an unauthenticated attacker to impersonate other users and gain remote access to the systems. [...] | Continue reading


@bleepingcomputer.com | 2 days ago

Google ads push ‘virtualized’ malware made for antivirus evasion

An ongoing Google ads malvertising campaign is spreading malware installers that leverage KoiVM virtualization technology to evade detection when installing the Formbook data stealer. [...] | Continue reading


@bleepingcomputer.com | 2 days ago

Microsoft 365 trial offer blocks access to Windows 10 desktops

Windows 10 users are reportedly being blocked from accessing their desktops by full-screen trial offers for the Microsoft 365 productivity suite (formerly Office 365). [...] | Continue reading


@bleepingcomputer.com | 2 days ago

Hackers weaponize Microsoft Visual Studio add-ins to push malware

Security researchers warn that hackers may start using Microsoft Visual Studio Tools for Office (VSTO) more often as method to achieve persistence and execute code on a target machine via malicious Office add-ins. [...] | Continue reading


@bleepingcomputer.com | 2 days ago

Microsoft: Scan for outdated Office versions respects your privacy

Microsoft says the KB5021751 update is respecting users' privacy while scanning for and identifying the number of customers running Office versions that are outdated or approaching their end of support. [...] | Continue reading


@bleepingcomputer.com | 2 days ago

Former Ubiquiti dev pleads guilty to trying to extort his employer

Nickolas Sharp, a former Ubiquiti employee who managed the networking device maker's cloud team, pled guilty today to stealing gigabytes worth of files from Ubiquiti's network and trying to extort his employer while posing as an anonymous hacker and a whistleblower. [...] | Continue reading


@bleepingcomputer.com | 2 days ago

North Korean hackers stole research data in two-month-long breach

A new cyber espionage campaign dubbed 'No Pineapple!' has been attributed to the North Korean Lazarus hacking group, allowing the threat actors to stealthily steal 100GB of data from the victim without causing any destruction. [...] | Continue reading


@bleepingcomputer.com | 2 days ago

Cisco fixes bug allowing backdoor persistence between reboots

Cisco has released security updates this week to address a high-severity vulnerability in the Cisco IOx application hosting environment that can be exploited in command injection attacks. [...] | Continue reading


@bleepingcomputer.com | 2 days ago

Ransomware attack on ION Group impacts derivatives trading market

The LockBit ransomware gang has claimed responsibility for the cyberattack on ION Group, a UK-based software company whose products are used by financial institutions, banks, and corporations for trading, investment management, and market analytics. [...] | Continue reading


@bleepingcomputer.com | 3 days ago

New HeadCrab malware infects 1,200 Redis servers to mine Monero

New stealthy malware designed to hunt down vulnerable Redis servers online has infected over a thousand of them since September 2021 to build a botnet that mines for Monero cryptocurrency. [...] | Continue reading


@bleepingcomputer.com | 3 days ago

LockBit ransomware goes 'Green,' uses new Conti-based encryptor

The LockBit ransomware gang has again started using encryptors based on other operations, this time switching to one based on the leaked source code for the Conti ransomware. [...] | Continue reading


@bleepingcomputer.com | 3 days ago

Over 1,800 Android phishing forms for sale on cybercrime market

A threat actor named InTheBox is promoting on Russian cybercrime forums an inventory of 1,894 web injects (overlays of phishing windows) for stealing credentials and sensitive data from banking, cryptocurrency exchange, and e-commerce apps [...] | Continue reading


@bleepingcomputer.com | 3 days ago

Google Fi data breach let hackers carry out SIM swap attacks

Google Fi, Google's U.S.-only telecommunications and mobile internet service, has informed customers that personal data was exposed by a data breach at one of its primary network providers, with some customers warned that it allowed SIM swapping attacks. [...] | Continue reading


@bleepingcomputer.com | 3 days ago

New Nevada Ransomware targets Windows and VMware ESXi systems

A relatively new ransomware operation known as Nevada seems to grow its capabilities quickly as security researchers noticed improved functionality for the locker targeting Windows and VMware ESXi systems. [...] | Continue reading


@bleepingcomputer.com | 3 days ago

Arnold Clark customer data stolen in attack claimed by Play ransomware

Arnold Clark, self-described as Europe's largest independent car retailer, is notifying some customers that their personal information has been stolen in a December 23 cyberattack claimed by the Play ransomware group. [...] | Continue reading


@bleepingcomputer.com | 3 days ago

New DDoS-as-a-Service platform used in recent attacks on hospitals

A new DDoS-as-a-Service (DDoSaaS) platform named 'Passion' was seen used in recent attacks by pro-Russian hacktivists against medical institutions in the United States and Europe. [...] | Continue reading


@bleepingcomputer.com | 3 days ago

Hackers use new IceBreaker malware to breach gaming companies

A previously unknown threat group has been targeting the customer service platforms of online gaming and gambling companies using social engineering to drop its custom implant. [...] | Continue reading


@bleepingcomputer.com | 4 days ago

Crypto scam apps infiltrate Apple App Store and Google Play

Operators of high-yielding investment scams known as "pig butchering" have found a way to bypass the defenses in Google Play and Apple's App Store, the official repositories for Android and iOS apps. [...] | Continue reading


@bleepingcomputer.com | 4 days ago

New Sh1mmer ChromeBook exploit unenrolls managed devices

A new exploit called 'Sh1mmer' allows users to unenroll an enterprise-managed Chromebook, enabling them to install any apps they wish and bypass device restrictions. [...] | Continue reading


@bleepingcomputer.com | 4 days ago

Over 29,000 QNAP devices unpatched against new critical flaw

Tens of thousands of QNAP network-attached storage (NAS) devices exposed online are waiting to be patched against a critical security flaw addressed by the Taiwanese company on Monday. [...] | Continue reading


@bleepingcomputer.com | 4 days ago

Microsoft stops selling Windows 10 licenses a day early

Marking an end to an era, Microsoft is no longer directly selling Windows 10 product keys on their website, instead redirecting users to Windows 11 product pages. [...] | Continue reading


@bleepingcomputer.com | 4 days ago

OpenAI releases tool to detect AI-written text

OpenAI has released an AI text classifier that attempts to detect whether input content was generated using artificial intelligence tools like ChatGPT. [...] | Continue reading


@bleepingcomputer.com | 4 days ago

Microsoft releases emergency updates to fix XPS display issues

Microsoft has released out-of-band (OOB) updates for some .NET Framework and .NET versions to address XPS display issues triggered by December 2022 cumulative security updates. [...] | Continue reading


@bleepingcomputer.com | 4 days ago

Microsoft: Over 100 threat actors deploy ransomware in attacks

Microsoft revealed today that its security teams are tracking more than 100 threat actors deploying ransomware during attacks. [...] | Continue reading


@bleepingcomputer.com | 4 days ago

PoS malware can block contactless payments to steal credit cards

New versions of the Prilex point-of-sale malware can block secure, NFC-enabled contactless credit card transactions, forcing consumers to insert credit cards that are then stolen by the malware. [...] | Continue reading


@bleepingcomputer.com | 4 days ago

Microsoft Edge is getting split screen mode - here's how to enable it

Microsoft Edge is getting a new "split screen" feature that lets you view two websites in one window by allowing you to split tabs across the screen. [...] | Continue reading


@bleepingcomputer.com | 4 days ago

Exploit released for critical VMware vRealize RCE vulnerability

Horizon3 security researchers have released proof-of-concept (PoC) code for a VMware vRealize Log Insight vulnerability chain that allows attackers to gain remote code execution on unpatched appliances. [...] | Continue reading


@bleepingcomputer.com | 4 days ago

Microsoft disables verified partner accounts used for OAuth phishing

Microsoft has disabled multiple fraudulent, verified Microsoft Partner Network accounts for creating malicious OAuth applications that breached organizations' cloud environments to steal email. [...] | Continue reading


@bleepingcomputer.com | 4 days ago

Using the Wazuh SIEM and XDR platform to meet PCI DSS compliance

Wazuh is a free, open source security platform that unifies XDR and SIEM capabilities. Here's how Wazuh helps implement PCI DSS compliance for your organization. [...] | Continue reading


@bleepingcomputer.com | 4 days ago

Microsoft Defender can now isolate compromised Linux endpoints

Microsoft announced today that it added device isolation support via Microsoft Defender for Endpoint (MDE) on onboarded Linux devices. [...] | Continue reading


@bleepingcomputer.com | 5 days ago

Porsche halts NFT launch, phishing sites fill the void

Porsche cut its minting of a new NFT collection short after a dismal turnout and backlash from the crypto community, allowing threat actors to fill the void by creating phishing sites that steal digital assets from cryptocurrency wallets. [...] | Continue reading


@bleepingcomputer.com | 5 days ago

KeePass disputes vulnerability allowing stealthy password theft

The development team behind the open-source password management software KeePass is disputing what is described as a newly found vulnerability that allows attackers to stealthily export the entire database in plain text. [...] | Continue reading


@bleepingcomputer.com | 5 days ago

Cybercrime job ads on the dark web pay up to $20k per month

Cybercrime groups are increasingly running their operations as a business, promoting jobs on the dark web that offer developers and hackers competitive monthly salaries, paid time off, and paid sick leaves. [...] | Continue reading


@bleepingcomputer.com | 5 days ago

GitHub revokes code signing certificates stolen in repo hack

GitHub says that unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories. [...] | Continue reading


@bleepingcomputer.com | 5 days ago

QNAP fixes critical bug letting hackers inject malicious code

QNAP is warning customers to install QTS and QuTS firmware updates that fix a critical security vulnerability allowing remote attackers to inject malicious code on QNAP NAS devices. [...] | Continue reading


@bleepingcomputer.com | 5 days ago

JD Sports says hackers stole data of 10 million customers

UK sports apparel chain JD Sports is warning customers of a data breach after a server was hacked that contained online order information for 10 million customers. [...] | Continue reading


@bleepingcomputer.com | 5 days ago

U.S. No Fly list shared on a hacking forum, government investigating

A U.S. No Fly list with over 1.5 million records of banned flyers and upwards of 250,000 'selectees' has been shared publicly on a hacking forum. BleepingComputer has confirmed, the list is the same TSA No Fly list that was discovered recently on an unsecured CommuteAir server. [ … | Continue reading


@bleepingcomputer.com | 6 days ago

Shady reward apps on Google Play amass 20 million downloads

A new category of activity tracking applications has been having massive success recently on Google Play, Android's official app store, having been downloaded on over 20 million devices. [...] | Continue reading


@bleepingcomputer.com | 6 days ago

Researchers to release VMware vRealize Log RCE exploit, patch now

Security researchers with Horizon3's Attack Team will release next week an exploit targeting a vulnerability chain for gaining remote code execution on unpatched VMware vRealize Log Insight appliances. [...] | Continue reading


@bleepingcomputer.com | 7 days ago

Hackers use new SwiftSlicer wiper to destroy Windows domains

Security researchers have identified a new data-wiping malware they named SwiftSlicer that aims to overwrite crucial files used by the Windows operating system. [...] | Continue reading


@bleepingcomputer.com | 7 days ago

The Week in Ransomware - January 27th 2023 - 'We hacked the hackers'

For the most part, this week has been relatively quiet regarding ransomware attacks and researcher — that is, until the FBI announced the disruption of the Hive ransomware operation. [...] | Continue reading


@bleepingcomputer.com | 8 days ago