Source: www.bleepingcomputer.com – Author: Bill Toulas LayerZero Labs has launched a bug bounty on the Immunefi platform that offers a maximum reward of $15 million for...
Author:
Malicious Microsoft VSCode extensions steal passwords, open remote shells – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Cybercriminals are starting to target Microsoft’s VSCode Marketplace, uploading three malicious Visual Studio extensions that Windows developers downloaded 46,600 times....
ScanSource says ransomware attack behind multi-day outages – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Technology provider ScanSource has announced it has fallen victim to a ransomware attack impacting some of its systems, business operations, and...
FBI confirms BianLian ransomware switch to extortion only attacks – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A joint Cybersecurity Advisory from government agencies in the U.S. and Australia, and published by the Cybersecurity and Infrastructure Security...
Hackers use Azure Serial Console for stealthy access to VMs – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A financially motivated cybergang tracked by Mandiant as ‘UNC3944’ is using phishing and SIM swapping attacks to hijack Microsoft Azure...
Hackers infect TP-Link router firmware to attack EU entities – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A Chinese state-sponsored hacking group named “Camaro Dragon” infects residential TP-Link routers with a custom “Horse Shell” malware used to...
Parental control app with 5 million downloads vulnerable to attacks – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Kiddowares ‘Parental Control – Kids Place’ app for Android is impacted by multiple vulnerabilities that could enable attackers to upload...
Open-source Cobalt Strike port ‘Geacon’ used in macOS attacks – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Geacon, a Go-based implementation of the beacon from the widely abused penetration testing suite Cobalt Strike, is being used more and more...
The new info-stealing malware operations to watch out for – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The information-stealing malware market is constantly evolving, with multiple malware operations competing for cybercriminal customers by promoting better evasion and...
Ransomware gang steals data of 5.8 million PharMerica patients – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Pharmacy services provider PharMerica has disclosed a massive data breach impacting over 5.8 million patients, exposing their medical data to...
Stealthy MerDoor malware uncovered after five years of attacks – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A new APT hacking group dubbed Lancefly uses a custom ‘Merdoor’ backdoor malware to target government, aviation, and telecommunication organizations...
New RA Group ransomware targets U.S. orgs in double-extortion attacks – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A new ransomware group named ‘RA Group’ is targeting pharmaceutical, insurance, wealth management, and manufacturing firms in the United States...
Hackers target WordPress plugin flaw after PoC exploit released – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Hackers are actively exploiting a recently fixed vulnerability in the WordPress Advanced Custom Fields plugin roughly 24 hours after a...
Brave unveils new “Forgetful Browsing” anti-tracking feature – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The privacy-focused Brave Browser is introducing a new “Forgetful Browsing” feature that prevents sites from re-identifying you on subsequent visits....
FBI: Bl00dy Ransomware targets education orgs in PaperCut attacks – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The FBI and CISA issued a joint advisory to warn that the Bl00dy Ransomware gang is now also actively exploiting...
Toyota: Car location data of 2 million customers exposed for ten years – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Toyota Motor Corporation disclosed a data breach on its cloud environment that exposed the car-location information of 2,150,000 customers for...
Stealthier version of Linux BPFDoor malware spotted in the wild – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A new, stealthier variant of the Linux malware ‘BPFDoor’ has been discovered, featuring more robust encryption and reverse shell communications....
WordPress Elementor plugin bug let attackers hijack accounts on 1M sites – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas One of WordPress’s most popular Elementor plugins, “Essential Addons for Elementor,” was found to be vulnerable to an unauthenticated privilege...
Former Ubiquiti dev who extorted the firm gets six years in prison – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Nickolas Sharp, a former senior developer of Ubiquiti, was sentenced to six years in prison for stealing company data, attempting...
Twitter rolls out encrypted DMs, but only for paying accounts – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Twitter has launched its ‘Encrypted Direct Messages’ feature allowing paid Twitter Blue subscribers to send end-to-end encrypted messages to other...
RapperBot DDoS malware adds cryptojacking as new revenue stream – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas New samples of the RapperBot botnet malware have added cryptojacking capabilites to mine for cryptocurrency on compromised Intel x64 machines....
North Korean hackers breached major hospital in Seoul to steal data – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The Korean National Police Agency (KNPA) warned that North Korean hackers had breached the network of one of the country’s...
Fake in-browser Windows updates push Aurora info-stealer malware – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A recently spotted malvertising campaign tricked users with an in-browser Windows update simulation to deliver the Aurora information stealing malware....
New ransomware decryptor recovers data from partially encrypted files – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A new ‘White Phoenix’ ransomware decryptor allows victims to partially recover files encrypted by ransomware strains that use intermittent encryption....
Hacker ‘PlugwalkJoe’ pleads guilty to 2020 Twitter breach – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Joseph James O’Connor, aka ‘PlugwalkJoke,’ has pleaded guilty to multiple cybercrime offenses, including SIM swapping attacks, cyberstalking, computer hacking, and...
New ‘Greatness’ service simplifies Microsoft 365 phishing attacks – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The Phishing-as-a-Service (PhaaS) platform named ‘Greatness’ has seen a spike in activity as it targets organizations using Microsoft 365 in...
Spanish police dismantle phishing operation linked to crime ring – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The National Police of Spain have arrested two hackers, 15 members of a criminal organization, and another 23 people involved...
Critical Ruckus RCE flaw exploited by new DDoS botnet malware – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A new malware botnet named ‘AndoryuBot’ is targeting a critical-severity flaw in the Ruckus Wireless Admin panel to infect unpatched...
New Linux kernel NetFilter flaw gives attackers root privileges – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A new Linux NetFilter kernel flaw has been discovered, allowing unprivileged local users to escalate their privileges to root level,...
New CS:GO map bypasses Russia’s censorship of Ukraine war news – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Finish newspaper Helsinin Sanomat has created a custom Counter-Strike: Global Offensive (CS:GO) map explicitly made to bypass Russian news censorship...