The Week in Ransomware - November 17th 2023 - Citrix in the Crosshairs

Ransomware gangs target exposed Citrix Netscaler devices using a publicly available exploit to breach large organizations, steal data, and encrypt files. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Bloomberg Crypto X account hijacked in Discord phishing attack

The official Twitter account for Bloomberg Crypto was compromised earlier today, ultimately redirecting users to a deceptive website used to steal Discord credentials in a phishing attack. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Yamaha Motor confirms ransomware attack on Philippines subsidiary

Yamaha Motor's Philippines motorcycle manufacturing subsidiary was hit by a ransomware attack last month, resulting in the theft and leak of some employees' personal information. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Google: Hackers exploited Zimbra zero-day in attacks on govt orgs

Hackers leveraged a medium-severity security issue now identified as CVE-2023-37580 since June 29, nearly a month before the vendor addressed it in version 8.8.15 Patch 41of the software on July 25. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

CISA warns of actively exploited Windows, Sophos, and Oracle bugs

The U.S. Cybersecurity & Infrastructure Security Agency has added to its catalog of known exploited vulnerabilities (KEV) three security issues that affect Microsoft devices, a Sophos product, and an enterprise solution from Oracle. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

British Library: Ongoing outage caused by ransomware attack

The British Library confirmed that a ransomware attack is behind a major outage that is still affecting services across several locations. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Long Beach, California turns off IT systems after cyberattack

The City of Long Beach in California is warning that they suffered a cyberattack on Tuesday that has led them to shut down portions of their IT network to prevent the attack's spread. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

FBI shares tactics of notorious Scattered Spider hacker collective

The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency released an advisory about the evasive threat actor tracked as Scattered Spider, a loosely knit hacking collective that now collaborates with the ALPHV/BlackCat Russian ransomware operati … | Continue reading


@bleepingcomputer.com | 4 months ago

MySQL servers targeted by 'Ddostf' DDoS-as-a-Service botnet

MySQL servers are being targeted by the 'Ddostf' malware botnet to enslave them for a DDoS-as-a-Service platform whose firepower is rented to other cybercriminals. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Toyota confirms breach after Medusa ransomware threatens to leak data

Toyota Financial Services (TFS) has confirmed that it detected unauthorized access on some of its systems in Europe and Africa after Medusa ransomware claimed an attack on the company. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Microsoft confirms Copilot AI assistant coming to Windows 10

Microsoft will roll out the Copilot AI-powered assistant to Windows 10 systems enrolled in the Insider Program over the coming months. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Fortinet warns of critical command injection bug in FortiSIEM

Fortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through specially crafted API requests. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

How DDoS attacks are taking down even the largest tech companies

DDoS attacks are increasingly taking down even the largest tech companies. Learn more Specops Software on these types of attacks and how you can protect your devices from being recruited into botnets. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Ransomware gang files SEC complaint over victim’s undisclosed breach

The ALPHV/BlackCat ransomware operation has taken extortion to a new level by filing a U.S. Securities and Exchange Commission complaint against one of their alleged victims for not complying with the four-day rule to disclose a cyberattack. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Samsung hit by new data breach impacting UK store customers

Samsung Electronics is notifying some of its customers of a data breach that exposed their personal information to an unauthorized individual. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Microsoft fixes Windows Server VMs broken by October updates

Microsoft fixed a known issue causing blue screens and boot failures in Windows Server 2022 virtual machines (VMs) deployed on VMware ESXi hosts. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Citrix Hypervisor gets hotfix for new Reptar Intel CPU flaw

Citrix has released hotfixes for two vulnerabilities impacting Citrix Hypervisor, one of them being the "Reptar" high-severity flaw that affects Intel CPUs for desktop and server systems. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Toronto Public Library confirms data stolen in ransomware attack

The Toronto Public Library (TPL) confirmed that the personal information of employees, customers, volunteers, and donors was stolen from a compromised file server during an October ransomware attack. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

FBI and CISA warn of opportunistic Rhysida ransomware attacks

The FBI and CISA warned today of Rhysida ransomware gang's opportunistic attacks targeting organizations across multiple industry sectors. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

PJ&A says cyberattack exposed data of nearly 9 million patients

PJ&A (Perry Johnson & Associates) is warning that a cyberattack in March 2023 exposed the personal information of almost nine million patients. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Fraud researchers impersonated on X to push crypto-stealing sites

Multiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X (former Twitter). [...] | Continue reading


@bleepingcomputer.com | 4 months ago

The OWASP Top 10: What They Are and How to Test Them

This article takes a deep dive into the OWASP Top 10 and advises on how to test your web applications for susceptibility to these security risks. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

IPStorm botnet with 23,000 proxies for malicious traffic dismantled

The U.S. Department of Justive announced today that Federal Bureau of Investigation took down the network and infrastructure of a botnet proxy service called IPStorm. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

WP Fastest Cache plugin bug exposes 600K WordPress sites to attacks

The WordPress plugin WP Fastest Cache is vulnerable to an SQL injection vulnerability that could allow unauthenticated attackers to read the contents of the site's database. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

New Reptar CPU flaw impacts Intel desktop and server systems

Intel has fixed a high-severity CPU vulnerability in its modern desktop, server, mobile, and embedded CPUs, including the latest Alder Lake, Raptor Lake, and Sapphire Rapids microarchitectures. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

VMWare discloses critical VCD Appliance auth bypass with no patch

VMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs

A new software-based fault injection attack, CacheWarp, can let threat actors hack into AMD SEV-protected virtual machines by targeting memory writes to escalate privileges and gain remote code execution. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed

The Lockbit ransomware attacks use publicly available exploits for the Citrix Bleed vulnerability (CVE-2023-4966) to breach the systems of large organizations, steal data, and encrypt files. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws

Today is Microsoft's November 2023 Patch Tuesday, which includes security updates for a total of 58 flaws and five zero-day vulnerabilities. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Microsoft fixes critical Azure CLI flaw that leaked credentials in logs

Microsoft has fixed a critical security vulnerability that could let attackers steal credentials from GitHub Actions or Azure DevOps logs created using Azure CLI (short for Azure command-line interface). [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Windows 11 KB5032190 update enables Moment 4 features for everyone

Microsoft has released the KB5032190 cumulative update to fix security vulnerabilities in Windows 11. This is the first Patch Tuesday update with access to Windows 11 Moment 4 features, provided you turn on the "Get latest updates" toggle. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Windows 10 KB5032189 update released with 11 improvements

Microsoft has released the KB5032189 cumulative update for Windows 10 21H2 and Windows 10 22H2, which contains eleven fixes for various issues. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Pharmacy provider Truepill data breach hits 2.3 million customers

Postmeds, doing business as 'Truepill,' is sending notifications of a data breach informing recipients that threat actors accessed their sensitive personal information. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Meet the Unique New "Hacking" Group: AlphaLock

A Russian hacking group known as AlphaLock is launching a "pentest" marketplace and training platform to empower a new generation of threat actors. Learn more from Flare about the new hacking group. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Ethereum feature abused to steal $60 million from 99K victims

Malicious actors have been abusing Ethereum's 'Create2' function to bypass wallet security alerts and poison cryptocurrency addresses, which led to stealing $60,000,000 worth of cryptocurrency from 99,000 people in six months. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

FBI: Royal ransomware asked 350 victims to pay $275 million

The FBI and CISA revealed in a joint advisory that the Royal ransomware gang has breached the networks of at least 350 organizations worldwide since September 2022. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

DP World cyberattack blocks thousands of containers in ports

A cyberattack on international logistics firm DP World Australia has severely disrupted the regular freight movement in multiple large Australian ports. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

CISA warns of actively exploited Juniper pre-auth RCE exploit chain

CISA warned federal agencies today to secure Juniper devices on their networks by Friday against four vulnerabilities used in remote code execution (RCE) attacks as part of a pre-auth exploit chain. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Israel warns of BiBi wiper attacks targeting Linux and Windows

Data-wiping attacks are becoming more frequent on Israeli computers as researchers discovered variants of the BiBi malware family that destroys data on both Linux and Windows systems. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Criminal IP & Cisco SecureX/XDR: Enhanced Cyber Threat Analysis

The Criminal IP threat intelligence search engine by AI SPERA has recently integrated with Cisco SecureX/XDR, empowering organizations to stay ahead of malicious actors. Learn more about this integration from Criminal IP in this article. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

LockBit ransomware leaks gigabytes of Boeing data

The LockBit ransomware gang published data stolen from Boeing, one of the largest aerospace companies that services commercial airplanes and defense systems. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Windows 11 will soon let you uninstall more inbox apps

Microsoft is gearing up to roll out an update for Windows 11 that will significantly enhance user control over built-in apps. In the upcoming version, you will be able to uninstall a wider range of inbox apps. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Google Chrome & Microsoft Edge to get 'Save Frame' feature for YouTube

You can soon right-click on any YouTube video in Microsoft Edge or Google Chrome and save the frame (capture the screenshot of the video) in the original resolution and PNG format. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Iranian hackers launch malware attacks on Israel’s tech sector

Security researchers have tracked a new campaign from Imperial Kitten targeting transportation, logistics, and technology firms. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Microsoft Edge is testing a new video translation feature

Microsoft Edge's latest Canary update has an innovative feature: video translation. This feature translates YouTube videos in real-time, and it allegedly supports four languages. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Police takes down BulletProftLink large-scale phishing provider

The notorious BulletProftLink phishing-as-a-service (PhaaS) platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Microsoft fixes Outlook Desktop bug causing slow saving issues

Microsoft has resolved a known issue causing significant delays for Microsoft 365 customers when saving attachments in Outlook Desktop. [...] | Continue reading


@bleepingcomputer.com | 4 months ago

Mortgage giant Mr. Cooper says customer data exposed in breach

Mr. Cooper, the largest home loan servicer in the United States, says it found evidence of customer data exposed during a cyberattack disclosed last week, on October 31. [...] | Continue reading


@bleepingcomputer.com | 4 months ago