US offers up to $15 million for tips on ALPHV ransomware gang https://www.bleepingcomputer.com/news/security/us-offers-up-to-15-million-for-tips-on-alphv-ransomware-gang/
RansomHouse gang automates VMware ESXi attacks with new MrAgent tool https://www.bleepingcomputer.com/news/security/ransomhouse-gang-automates-vmware-esxi-attacks-with-new-mragent-tool/
FBI disrupts Russian Moobot botnet infecting Ubiquiti routers https://www.bleepingcomputer.com/news/security/fbi-disrupts-russian-moobot-botnet-infecting-ubiquiti-routers/
OpenAI blocks state-sponsored hackers from using ChatGPT https://www.bleepingcomputer.com/news/security/openai-blocks-state-sponsored-hackers-from-using-chatgpt/
FTC orders Blackbaud to boost security after massive data breach https://www.bleepingcomputer.com/news/security/ftc-orders-blackbaud-to-boost-security-after-massive-data-breach/
Cloudflare hacked using auth tokens stolen in Okta attack https://www.bleepingcomputer.com/news/security/cloudflare-hacked-using-auth-tokens-stolen-in-okta-attack/
Microsoft fixes connection issue affecting Outlook email apps https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-connection-issue-affecting-outlook-email-apps/
More Android apps riddled with malware spotted on Google Play https://www.bleepingcomputer.com/news/security/more-android-apps-riddled-with-malware-spotted-on-google-play/
PurpleFox malware infected thousands of systems in Ukraine https://www.bleepingcomputer.com/news/security/purplefox-malware-infected-thousands-of-systems-in-ukraine/
Google shares fix for Pixel phones hit by bad system update https://www.bleepingcomputer.com/news/mobile/google-shares-fix-for-pixel-phones-hit-by-bad-system-update/
New Windows Event Log zero-day flaw gets unofficial patches https://www.bleepingcomputer.com/news/microsoft/new-windows-event-log-zero-day-flaw-gets-unofficial-patches/
CISA orders federal agencies to disconnect Ivanti VPN appliances by Saturday https://www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-disconnect-ivanti-vpn-appliances-by-saturday/
Hackers push USB malware payloads via news, media hosting sites https://www.bleepingcomputer.com/news/security/hackers-push-usb-malware-payloads-via-news-media-hosting-sites/
Police seize record 50,000 Bitcoin from now-defunct piracy site https://www.bleepingcomputer.com/news/legal/police-seize-record-50-000-bitcoin-from-now-defunct-piracy-site/
Europcar denies data breach of 50 million users, says data is fake https://www.bleepingcomputer.com/news/security/europcar-denies-data-breach-of-50-million-users-says-data-is-fake/
Exploit released for Android local elevation flaw impacting 7 OEMs https://www.bleepingcomputer.com/news/security/exploit-released-for-android-local-elevation-flaw-impacting-7-oems/
CISA warns of patched iPhone kernel bug now exploited in attacks https://www.bleepingcomputer.com/news/security/cisa-warns-of-patched-iphone-kernel-bug-now-exploited-in-attacks/
FBI disrupts Chinese botnet by wiping malware from infected routers https://www.bleepingcomputer.com/news/security/fbi-disrupts-chinese-botnet-by-wiping-malware-from-infected-routers/
CISA: Vendors must secure SOHO routers against Volt Typhoon attacks https://www.bleepingcomputer.com/news/security/cisa-vendors-must-secure-soho-routers-against-volt-typhoon-attacks/
Johnson Controls says ransomware attack cost $27 million, data stolen https://www.bleepingcomputer.com/news/security/johnson-controls-says-ransomware-attack-cost-27-million-data-stolen/
Ivanti warns of new Connect Secure zero-day exploited in attacks https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-connect-secure-zero-day-exploited-in-attacks/
New Linux glibc flaw lets attackers get root on major distros https://www.bleepingcomputer.com/news/security/new-linux-glibc-flaw-lets-attackers-get-root-on-major-distros/
Online ransomware decryptor helps recover partially encrypted files https://www.bleepingcomputer.com/news/security/online-ransomware-decryptor-helps-recover-partially-encrypted-files/
US charges two more suspects with DraftKing account hacks https://www.bleepingcomputer.com/news/security/us-charges-two-more-suspects-with-draftking-account-hacks/
Vastaamo hacker traced via ‘untraceable’ Monero transactions, police says https://www.bleepingcomputer.com/news/security/vastaamo-hacker-traced-via-untraceable-monero-transactions-police-says/
Meta won't remove fake Instagram profiles used for obvious catfishing https://www.bleepingcomputer.com/news/security/meta-wont-remove-fake-instagram-profiles-used-for-obvious-catfishing/
Russian hackers stole Microsoft corporate emails in month-long breach https://www.bleepingcomputer.com/news/security/russian-hackers-stole-microsoft-corporate-emails-in-month-long-breach/
BreachForums hacking forum admin sentenced to 20 years supervised release https://www.bleepingcomputer.com/news/security/breachforums-hacking-forum-admin-sentenced-to-20-years-supervised-release/
Payoneer accounts in Argentina hacked in 2FA bypass attacks https://www.bleepingcomputer.com/news/security/payoneer-accounts-in-argentina-hacked-in-2fa-bypass-attacks/
CISA emergency directive: Mitigate Ivanti zero-days immediately https://www.bleepingcomputer.com/news/security/cisa-emergency-directive-mitigate-ivanti-zero-days-immediately/
FTC bans one more data broker from selling your location info https://www.bleepingcomputer.com/news/security/ftc-bans-one-more-data-broker-from-selling-your-location-info/
Chinese hackers exploit VMware bug as zero-day for two years https://www.bleepingcomputer.com/news/security/chinese-hackers-exploit-vmware-bug-as-zero-day-for-two-years/
Vans, North Face owner says ransomware breach affects 35 million people https://www.bleepingcomputer.com/news/security/vans-north-face-owner-says-ransomware-breach-affects-35-million-people/
VMware confirms critical vCenter flaw now exploited in attacks https://www.bleepingcomputer.com/news/security/vmware-confirms-critical-vcenter-flaw-now-exploited-in-attacks/
TeamViewer abused to breach networks in new ransomware attacks https://www.bleepingcomputer.com/news/security/teamviewer-abused-to-breach-networks-in-new-ransomware-attacks/
CISA: Critical Ivanti auth bypass bug now actively exploited https://www.bleepingcomputer.com/news/security/cisa-critical-ivanti-auth-bypass-bug-now-actively-exploited/
Microsoft tests instant access to Android photos in Windows 11 https://www.bleepingcomputer.com/news/microsoft/microsoft-tests-instant-access-to-android-photos-in-windows-11/
Kansas State University cyberattack disrupts IT network and services https://www.bleepingcomputer.com/news/security/kansas-state-university-cyberattack-disrupts-it-network-and-services/
Haier hits Home Assistant plugin dev with takedown notice https://www.bleepingcomputer.com/news/security/haier-hits-home-assistant-plugin-dev-with-takedown-notice/
US govt wants BreachForums admin sentenced to 15 years in prison https://www.bleepingcomputer.com/news/security/us-govt-wants-breachforums-admin-sentenced-to-15-years-in-prison/
Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets https://www.bleepingcomputer.com/news/security/credentials-are-still-king-leaked-credentials-data-breaches-and-dark-web-markets/
Google: Russian FSB hackers deploy new Spica backdoor malware https://www.bleepingcomputer.com/news/security/google-russian-fsb-hackers-deploy-new-spica-backdoor-malware/
Docker hosts hacked in ongoing website traffic theft scheme https://www.bleepingcomputer.com/news/security/docker-hosts-hacked-in-ongoing-website-traffic-theft-scheme/
Jira down: Atlassian outage affecting multiple cloud services https://www.bleepingcomputer.com/news/technology/jira-down-atlassian-outage-affecting-multiple-cloud-services/
Have I Been Pwned adds 71 million emails from Naz.API stolen account list https://www.bleepingcomputer.com/news/security/have-i-been-pwned-adds-71-million-emails-from-nazapi-stolen-account-list/
Microsoft: Iranian hackers target researchers with new MediaPl malware https://www.bleepingcomputer.com/news/security/microsoft-iranian-hackers-target-researchers-with-new-mediapl-malware/
Windows Copilot autostart tests limited to 27" displays or larger https://www.bleepingcomputer.com/news/microsoft/windows-copilot-autostart-tests-limited-to-27-displays-or-larger/
US court docs expose fake antivirus renewal phishing tactics https://www.bleepingcomputer.com/news/security/us-court-docs-expose-fake-antivirus-renewal-phishing-tactics/
Microsoft working on a fix for Windows 10 0x80070643 errors https://www.bleepingcomputer.com/news/microsoft/microsoft-working-on-a-fix-for-windows-10-0x80070643-errors/
Windows SmartScreen flaw exploited to drop Phemedrone malware https://www.bleepingcomputer.com/news/security/windows-smartscreen-flaw-exploited-to-drop-phemedrone-malware/
Over 178,000 SonicWall firewalls vulnerable to RCE, DoS attacks https://www.bleepingcomputer.com/news/security/over-178-000-sonicwall-firewalls-vulnerable-to-rce-dos-attacks/
Latest Adblock update causes massive YouTube performance hit https://www.bleepingcomputer.com/news/security/latest-adblock-update-causes-massive-youtube-performance-hit/
The new Windows 11 features coming in 2024 https://www.bleepingcomputer.com/news/microsoft/the-new-windows-11-features-coming-in-2024/
GrapheneOS: Frequent Android auto-reboots block firmware exploits https://www.bleepingcomputer.com/news/security/grapheneos-frequent-android-auto-reboots-block-firmware-exploits/
Hacker spins up 1 million virtual servers to illegally mine crypto https://www.bleepingcomputer.com/news/security/hacker-spins-up-1-million-virtual-servers-to-illegally-mine-crypto/
The Week in Ransomware - January 12th 2024 - Targeting homeowners' data https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-12th-2024-targeting-homeowners-data/
CISA: Critical Microsoft SharePoint bug now actively exploited https://www.bleepingcomputer.com/news/security/cisa-critical-microsoft-sharepoint-bug-now-actively-exploited/
GitLab warns of critical zero-click account hijacking vulnerability https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-zero-click-account-hijacking-vulnerability/
Juniper warns of critical RCE bug in its firewalls and switches https://www.bleepingcomputer.com/news/security/juniper-warns-of-critical-rce-bug-in-its-firewalls-and-switches/
Ivanti Connect Secure zero-days exploited to deploy custom malware https://www.bleepingcomputer.com/news/security/ivanti-connect-secure-zero-days-exploited-to-deploy-custom-malware/
Major T-Mobile outage takes down account access, mobile app https://www.bleepingcomputer.com/news/technology/major-t-mobile-outage-takes-down-account-access-mobile-app/
Framework discloses data breach after accountant gets phished https://www.bleepingcomputer.com/news/security/framework-discloses-data-breach-after-accountant-gets-phished/
Mandiant's X account hacked by crypto Drainer-as-a-Service gang https://www.bleepingcomputer.com/news/security/mandiants-x-account-hacked-by-crypto-drainer-as-a-service-gang/
Cisco says critical Unity Connection bug lets attackers get root https://www.bleepingcomputer.com/news/security/cisco-says-critical-unity-connection-bug-lets-attackers-get-root/
Fidelity National Financial: Hackers stole data of 1.3 million people https://www.bleepingcomputer.com/news/security/fidelity-national-financial-hackers-stole-data-of-13-million-people/
Pro-Ukraine hackers breach Russian ISP in revenge for KyivStar attack https://www.bleepingcomputer.com/news/security/pro-ukraine-hackers-breach-russian-isp-in-revenge-for-kyivstar-attack/
Ivanti warns of Connect Secure zero-days exploited in attacks https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Fake 401K year-end statements used to steal corporate credentials https://www.bleepingcomputer.com/news/security/fake-401k-year-end-statements-used-to-steal-corporate-credentials/
Windows 10 KB5034441 security update fails with 0x80070643 errors https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5034441-security-update-fails-with-0x80070643-errors/
Microsoft Exchange 2019 has reached end of mainstream support https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-2019-has-reached-end-of-mainstream-support/
ShinyHunters member gets 3 years in prison for breaching 60 firms https://www.bleepingcomputer.com/news/security/shinyhunters-member-gets-3-years-in-prison-for-breaching-60-firms/
Nigerian gets 10 years for laundering millions stolen from elderly https://www.bleepingcomputer.com/news/security/nigerian-gets-10-years-for-laundering-millions-stolen-from-elderly/
US SEC’s X account hacked to announce fake Bitcoin ETF approval https://www.bleepingcomputer.com/news/security/us-secs-x-account-hacked-to-announce-fake-bitcoin-etf-approval/
China claims it cracked Apple's AirDrop to find numbers, email addresses https://www.bleepingcomputer.com/news/security/china-claims-it-cracked-apples-airdrop-to-find-numbers-email-addresses/
Ransomware victims targeted by fake hack-back offers https://www.bleepingcomputer.com/news/security/ransomware-victims-targeted-by-fake-hack-back-offers/
FTC bans data broker from selling Americans’ location data https://www.bleepingcomputer.com/news/security/ftc-bans-data-broker-from-selling-americans-location-data/
Windows 10 KB5034122 update released with fix for shut down bug https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5034122-update-released-with-fix-for-shut-down-bug/
CISA warns agencies of fourth flaw used in Triangulation spyware attacks https://www.bleepingcomputer.com/news/security/cisa-warns-agencies-of-fourth-flaw-used-in-triangulation-spyware-attacks/
Microsoft January 2024 Patch Tuesday fixes 49 flaws, 12 RCE bugs https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2024-patch-tuesday-fixes-49-flaws-12-rce-bugs/
Windows 11 KB5034123 update released with security and Wi-Fi fixes https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5034123-update-released-with-security-and-wi-fi-fixes/
Hackers target Microsoft SQL servers in Mimic ransomware attacks https://www.bleepingcomputer.com/news/security/hackers-target-microsoft-sql-servers-in-mimic-ransomware-attacks/
Decryptor for Babuk ransomware variant released after hacker arrested https://www.bleepingcomputer.com/news/security/decryptor-for-babuk-ransomware-variant-released-after-hacker-arrested/
Paraguay warns of Black Hunt ransomware attacks after Tigo Business breach https://www.bleepingcomputer.com/news/security/paraguay-warns-of-black-hunt-ransomware-attacks-after-tigo-business-breach/
Criminal IP and Tenable Partner for Swift Vulnerability Detection https://www.bleepingcomputer.com/news/security/criminal-ip-and-tenable-partner-for-swift-vulnerability-detection/
Google Search bug shows blank page in Firefox for Android https://www.bleepingcomputer.com/news/security/google-search-bug-shows-blank-page-in-firefox-for-android/
'everything' blocks devs from removing their own npm packages https://www.bleepingcomputer.com/news/security/everything-blocks-devs-from-removing-their-own-npm-packages/
Mandiant’s account on X hacked to push cryptocurrency scam https://www.bleepingcomputer.com/news/security/mandiants-account-on-x-hacked-to-push-cryptocurrency-scam/
Hacker hijacks Orange Spain RIPE account to cause BGP havoc https://www.bleepingcomputer.com/news/security/hacker-hijacks-orange-spain-ripe-account-to-cause-bgp-havoc/
Nigerian hacker arrested for stealing $7.5M from charities https://www.bleepingcomputer.com/news/security/nigerian-hacker-arrested-for-stealing-75m-from-charities/
PornHub blocks North Carolina, Montana over new age verification laws https://www.bleepingcomputer.com/news/security/pornhub-blocks-north-carolina-montana-over-new-age-verification-laws/
LastPass now requires 12-character master passwords for better security https://www.bleepingcomputer.com/news/security/lastpass-now-requires-12-character-master-passwords-for-better-security/
Data breach at healthcare tech firm impacts 4.5 million patients https://www.bleepingcomputer.com/news/security/data-breach-at-healthcare-tech-firm-impacts-45-million-patients/
Nearly 11 million SSH servers vulnerable to new Terrapin attacks https://www.bleepingcomputer.com/news/security/nearly-11-million-ssh-servers-vulnerable-to-new-terrapin-attacks/
CISA warns of actively exploited bugs in Chrome and Excel parsing library https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-bugs-in-chrome-and-excel-parsing-library/
Steam drops support for Windows 7 and 8.1 to boost security https://www.bleepingcomputer.com/news/security/steam-drops-support-for-windows-7-and-81-to-boost-security/
Orbit Chain loses $86 million in the last fintech hack of 2023 https://www.bleepingcomputer.com/news/security/orbit-chain-loses-86-million-in-the-last-fintech-hack-of-2023/
Online museum collections down after cyberattack on service provider https://www.bleepingcomputer.com/news/security/online-museum-collections-down-after-cyberattack-on-service-provider/
Xerox says subsidiary XBS U.S. breached after ransomware gang leaks data https://www.bleepingcomputer.com/news/security/xerox-says-subsidiary-xbs-us-breached-after-ransomware-gang-leaks-data/
Game mod on Steam breached to push password-stealing malware https://www.bleepingcomputer.com/news/security/game-mod-on-steam-breached-to-push-password-stealing-malware/
Eagers Automotive halts trading in response to cyberattack https://www.bleepingcomputer.com/news/security/eagers-automotive-halts-trading-in-response-to-cyberattack/
EasyPark discloses data breach that may impact millions of users https://www.bleepingcomputer.com/news/security/easypark-discloses-data-breach-that-may-impact-millions-of-users/
Microsoft disables MSIX protocol handler abused in malware attacks https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-msix-protocol-handler-abused-in-malware-attacks/
Oddbean new post about login | logout
Notes by bleepingcomputer | export