Police dismantle ransomware group behind attacks in 71 countries

In cooperation with Europol and Eurojust, law enforcement agencies from seven nations have arrested in Ukraine the core members of a ransomware group linked to attacks against organizations in 71 countries. [...] | Continue reading

@bleepingcomputer.com | 5 hours ago

Microsoft deprecates Defender Application Guard for Office

Microsoft is deprecating Defender Application Guard for Office and the Windows Security Isolation APIs, and it recommends Defender for Endpoint attack surface reduction rules, Protected View, and Windows Defender Application Control as an alternative. [...] | Continue reading

@bleepingcomputer.com | 17 hours ago

Ransomware attack on indie game maker wiped all player accounts

A ransomware attack on the "Ethyrial: Echoes of Yore" MMORPG last Friday destroyed 17,000 player accounts, deleting their in-game items and progress in the game. [...] | Continue reading

@bleepingcomputer.com | 18 hours ago

Healthcare giant Henry Schein hit twice by BlackCat ransomware

American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October. [...] | Continue reading

@bleepingcomputer.com | 18 hours ago

Ukraine says it hacked Russian aviation agency, leaks data

Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector. [...] | Continue reading

@bleepingcomputer.com | 19 hours ago

Ardent hospital ERs disrupted in 6 states after ransomware attack

Ardent Health Services, a healthcare provider operating 30 hospitals across five U.S. states, disclosed today that its systems were hit by a ransomware attack on Thursday. [...] | Continue reading

@bleepingcomputer.com | 20 hours ago

Slovenia's largest power provider HSE hit by ransomware attack

Slovenian power company Holding Slovenske Elektrarne (HSE) has suffered a ransomware attack that compromised its systems and encrypted files, yet the company says the incident did not disrupt electric power production. [...] | Continue reading

@bleepingcomputer.com | 22 hours ago

Leveraging Wazuh to combat insider threats

Effective strategies for mitigating insider threats involve a combination of detective and preventive controls. Such controls are provided by the Wazuh SIEM and XDR platform. [...] | Continue reading

@bleepingcomputer.com | 23 hours ago

Google Drive users angry over losing months of stored data

Google Drive users are reporting that recent files stored in the cloud have suddenly disappeared, with the cloud service reverting to a storage snapshot as it was around April-May 2023. [...] | Continue reading

@bleepingcomputer.com | 23 hours ago

New Rust-based SysJoker backdoor linked to Hamas hackers

A new version of the multi-platform malware known as 'SysJoker' has been spotted, featuring a complete code rewrite in the Rust programming language. [...] | Continue reading

@bleepingcomputer.com | 1 day ago

General Electric investigates claims of cyberattack, data theft

General Electric is investigating claims that a threat actor breached the company's development environment in a cyberattack and leaked allegedly stolen data. [...] | Continue reading

@bleepingcomputer.com | 2 days ago

Atomic Stealer malware strikes macOS via fake browser updates

The 'ClearFake' fake browser update campaign has expanded to macOS, targeting Apple computers with Atomic Stealer (AMOS) malware. [...] | Continue reading

@bleepingcomputer.com | 2 days ago

Critical bug in ownCloud file sharing app exposes admin passwords

Open source file sharing software ownCloud is warning of three critical-severity security vulnerabilities, including one that can expose administrator passwords and mail server credentials. [...] | Continue reading

@bleepingcomputer.com | 3 days ago

Hackers exploit MagicLine4NX zero-day in supply-chain attack

A joint advisory by the National Cyber Security Centre (NCSC) and Korea's National Intelligence Service (NIS) discloses a supply-chain attack executed by North Korean hackers involving the MagicLineThe National Cyber Security Centre (NCSC) and Korea's National Intelligence Servic … | Continue reading

@bleepingcomputer.com | 3 days ago

Cyberattack on IT provider CTS impacts dozens of UK law firms

A cyberattack on CTS, a leading managed service provider (MSP) for law firms and other organizations in the UK legal sector, is behind a major outage impacting numerous law firms and home buyers in the country since Wednesday. [...] | Continue reading

@bleepingcomputer.com | 3 days ago

Black Friday 2023: Get 25% off the Zero2Automated malware analysis course

The popular Zero2Automated malware analysis and reverse-engineering course has a Black Friday 2023 through Cyber Monday sale, where you can get 25% off sitewide, including gift certificates and courses. [...] | Continue reading

@bleepingcomputer.com | 5 days ago

Kansas courts confirm data theft, ransom demand after cyberattack

The Kansas Judicial Branch has published an update on a cybersecurity incident it suffered last month, confirming that hackers stole sensitive files containing confidential information from its systems. [...] | Continue reading

@bleepingcomputer.com | 5 days ago

Windows Hello auth bypassed on Microsoft, Dell, Lenovo laptops

Security researchers bypassed Windows Hello fingerprint authentication on Dell Inspiron, Lenovo ThinkPad, and Microsoft Surface Pro X laptops in attacks exploiting security flaws found in the embedded fingerprint sensors. [...] | Continue reading

@bleepingcomputer.com | 5 days ago

Welltok data breach exposes data of 8.5 million US patients

Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. [...] | Continue reading

@bleepingcomputer.com | 5 days ago

Microsoft: Lazarus hackers breach CyberLink in supply chain attack

Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers to push malware in a supply chain attack targeting potential victims worldwide. [...] | Continue reading

@bleepingcomputer.com | 5 days ago

New botnet malware exploits two zero-days to infect NVRs and routers

A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices. [...] | Continue reading

@bleepingcomputer.com | 5 days ago

The Black Friday 2023 Security, IT, VPN, & Antivirus Deals

Black Friday 2023 is here, and great deals are live in computer security, software, online courses, system admin services, antivirus, and VPN software. [...] | Continue reading

@bleepingcomputer.com | 5 days ago

Open-source Blender project battling DDoS attacks since Saturday

Blender has confirmed that recent site outages have been caused by ongoing DDoS (distributed denial of service) attacks that started on Saturday. [...] | Continue reading

@bleepingcomputer.com | 5 days ago

Microsoft now rolling out Copilot to Windows 10 devices

Microsoft is now rolling out the Copilot AI assistant to eligible non-managed systems enrolled in the Windows Insider program and running Windows 10 22H2 Home and Pro editions. [...] | Continue reading

@bleepingcomputer.com | 6 days ago

Hacktivists breach U.S. nuclear research lab, steal employee data

The Idaho National Laboratory (INL) confirms they suffered a cyberattack after 'SiegedSec' hacktivists leaked stolen human resources data online. [...] | Continue reading

@bleepingcomputer.com | 6 days ago

Lumma malware can allegedly restore expired Google auth cookies

The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts. [...] | Continue reading

@bleepingcomputer.com | 6 days ago

Microsoft launches Defender Bounty Program with $20,000 rewards

Microsoft has unveiled a new bug bounty program aimed at the Microsoft Defender security platform, with rewards between $500 and $20,000. [...] | Continue reading

@bleepingcomputer.com | 6 days ago

Auto parts giant AutoZone warns of MOVEit data breach

AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks. [...] | Continue reading

@bleepingcomputer.com | 6 days ago

CISA orders federal agencies to patch Looney Tunables Linux bug

Today, CISA ordered U.S. federal agencies to secure their systems against an actively exploited vulnerability that lets attackers gain root privileges on many major Linux distributions. [...] | Continue reading

@bleepingcomputer.com | 6 days ago

Citrix warns admins to kill NetScaler user sessions to block hackers

Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 'Citrix Bleed' vulnerability to secure vulnerable devices against attacks. [...] | Continue reading

@bleepingcomputer.com | 6 days ago

DarkGate and Pikabot malware emerge as Qakbot’s successors

A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it the most advanced phishing campaign since the Qakbot operation was dismantled. [...] | Continue reading

@bleepingcomputer.com | 6 days ago

Criminal IP Becomes VirusTotal IP and URL Scan Contributor

The Criminal IP Threat Intelligence (CTI) search engine has integrated its IP address and URL scans into VirusTotal. Learn more from Criminal IP about how this integration can help you. [...] | Continue reading

@bleepingcomputer.com | 6 days ago

Black Friday deal: Get 50% off Malwarebytes Premium + Privacy VPN

Malwarebytes' is running a Black Friday 2023 deal now through Cyber Monday, offering a 50% discount to the Malwarebytes Premium + Privacy VPN bundle until November 30th. [...] | Continue reading

@bleepingcomputer.com | 7 days ago

Tor Project removes relays because of for-profit, risky activity

The Tor Project has explained its recent decision to remove multiple network relays that represented a threat to the safety and security of all Tor network users. [...] | Continue reading

@bleepingcomputer.com | 7 days ago

Gamaredon's LittleDrifter USB malware spreads beyond Ukraine

A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group. [...] | Continue reading

@bleepingcomputer.com | 7 days ago

Microsoft fixes ‘Something Went Wrong’ Office sign-in errors

Microsoft is rolling out fixes for known Microsoft 365 issues causing 'Something Went Wrong [1001]' sign-in errors and rendering desktop applications unusable for many customers. [...] | Continue reading

@bleepingcomputer.com | 7 days ago

VX-Underground malware collective framed by Phobos ransomware

A new Phobos ransomware variant frames the popular VX-Underground malware-sharing collective, indicating the group is behind attacks using the encryptor. [...] | Continue reading

@bleepingcomputer.com | 7 days ago

Cybersecurity firm executive pleads guilty to hacking hospitals

The former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, part of the Gwinnett Medical Center (GMC), in June 2021 to boost his company's business. [...] | Continue reading

@bleepingcomputer.com | 7 days ago

Canadian government discloses data breach after contractor hacks

The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees.  [...] | Continue reading

@bleepingcomputer.com | 7 days ago

Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits

The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems. [...] | Continue reading

@bleepingcomputer.com | 7 days ago

Rhysida ransomware gang claims British Library cyberattack

The Rhysida ransomware gang has claimed responsibility for a cyberattack on the British Library in October, which has caused a major ongoing IT outage. [...] | Continue reading

@bleepingcomputer.com | 7 days ago

How to boost Security with Self-Service Password Resets

Learn more from Specops Software about the benefits of self-service password resets and ways to accomplish this with on-premises Active Directory. [...] | Continue reading

@bleepingcomputer.com | 7 days ago

Lumma Stealer malware now uses trigonometry to evade detection

The Lumma information-stealing malware is now using an interesting tactic to evade detection by security software - the measuring of mouse movements using trigonometry to determine if the malware is running on a real machine or an antivirus sandbox. [...] | Continue reading

@bleepingcomputer.com | 7 days ago

Russian hackers use Ngrok feature and WinRAR exploit to attack embassies

After Sandworm and APT28 (known as Fancy Bear), another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. [...] | Continue reading

@bleepingcomputer.com | 8 days ago

Researchers extract RSA keys from SSH server signing errors

A team of academic researchers from universities in California and Massachusetts demonstrated that it's possible under certain conditions for passive network attackers to retrieve secret RSA keys from naturally occurring errors leading to failed SSH (secure shell) connection atte … | Continue reading

@bleepingcomputer.com | 8 days ago

Windows 10 to let admins control how optional updates are deployed

Microsoft announced a new policy that allows admins to control how optional updates are deployed on Windows 10 enterprise endpoints on their networks. [...] | Continue reading

@bleepingcomputer.com | 9 days ago

FCC adopts new rules to protect consumers from SIM-swapping attacks

The Federal Communications Commission (FCC) has revealed new rules to shield consumers from criminals who hijack their phone numbers in SIM swapping attacks and port-out fraud. [...] | Continue reading

@bleepingcomputer.com | 9 days ago

Exploit for CrushFTP RCE chain released, patch now

A proof-of-concept exploit was publicly released for a critical remote code execution vulnerability in the CrushFTP enterprise suite, allowing unauthenticated attackers to access files on the server, execute code, and obtain plain-text passwords. [...] | Continue reading

@bleepingcomputer.com | 9 days ago