Angry Conti ransomware affiliate leaks gang's attack playbook

A disgruntled Conti affiliate has leaked the gang's training material when conducting attacks, including information about one of the ransomware's operators. [...]

https://www.bleepingcomputer.com/news/security/angry-conti-ransomware-affiliate-leaks-gangs-attack-playbook/

New DNS vulnerability allows 'nation-state level spying' on companies

Security researchers found a new class of DNS vulnerabilities impacting major DNS-as-a-Service (DNSaaS) providers that could allow attackers to access sensitive information from corporate networks. [...]

https://www.bleepingcomputer.com/news/security/new-dns-vulnerability-allows-nation-state-level-spying-on-companies/

CISA teams up with Microsoft, Google, Amazon to fight ransomware

CISA has announced the launch of Joint Cyber Defense Collaborative (JCDC), a partnership across public and private sectors focused on defending US critical infrastructure from ransomware and other cyber threats. [...]

https://www.bleepingcomputer.com/news/security/cisa-teams-up-with-microsoft-google-amazon-to-fight-ransomware/

Linux version of BlackMatter ransomware targets VMware ESXi servers

​The BlackMatter gang has joined the ranks of ransomware operations to develop a Linux encryptor that targets VMware's ESXi virtual machine platform. [...]

https://www.bleepingcomputer.com/news/security/linux-version-of-blackmatter-ransomware-targets-vmware-esxi-servers/

Computer hardware giant GIGABYTE hit by RansomEXX ransomware

​Taiwanese motherboard maker Gigabyte has suffered a RansomEXX ransomware attack where threat actors threaten to release 112 GB of data if a ransom is not paid. [...]

https://www.bleepingcomputer.com/news/security/computer-hardware-giant-gigabyte-hit-by-ransomexx-ransomware/

Cisco: Firewall manager RCE bug is a zero-day, patch incoming

In a Thursday security advisory update, Cisco revealed that a remote code execution (RCE) vulnerability in the Adaptive Security Device Manager (ADSM) Launcher disclosed last month is a zero-day bug that has yet to receive a security update. [...]

https://www.bleepingcomputer.com/news/security/cisco-firewall-manager-rce-bug-is-a-zero-day-patch-incoming/

Windows PetitPotam vulnerability gets an unofficial free patch

A free unofficial patch is now available to block attackers from taking over domain controllers and compromising entire Windows domains via PetitPotam NTLM relay attacks. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-petitpotam-vulnerability-gets-an-unofficial-free-patch/

The Week in Ransomware - August 6th 2021 - Insider threat edition

If there is one thing we learned this week, it's that not only are corporations vulnerable to insider threats but so are ransomware operations. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-august-6th-2021-insider-threat-edition/

Go, Rust "net" library affected by critical IP address validation vulnerability

The commonly used "net" library in Go and Rust languages is also impacted by the mixed-format IP address validation vulnerability. The bug has to do with how "net" treats IP addresses as decimal, even when they are provided in a mixed (octal-decimal) format, and therefore making applications vulnerable to SSRF and RFI. [...]

https://www.bleepingcomputer.com/news/security/go-rust-net-library-affected-by-critical-ip-address-validation-vulnerability/

Actively exploited bug bypasses authentication on millions of routers

Threat actors actively exploit a critical authentication bypass vulnerability impacting home routers with Arcadyan firmware to take them over and deploy Mirai botnet malicious payloads. [...]

https://www.bleepingcomputer.com/news/security/actively-exploited-bug-bypasses-authentication-on-millions-of-routers/

Microsoft Exchange servers scanned for ProxyShell vulnerability, Patch Now

Threat actors are now actively scanning for the Microsoft Exchange ProxyShell remote code execution vulnerabilities after technical details were released at the Black Hat conference. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-servers-scanned-for-proxyshell-vulnerability-patch-now/

Australian govt warns of escalating LockBit ransomware attacks

The Australian Cyber Security Centre (ACSC) warns of an increase of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. [...]

https://www.bleepingcomputer.com/news/security/australian-govt-warns-of-escalating-lockbit-ransomware-attacks/

Windows 11: The top most requested features and changes

When Microsoft released the first preview build of Windows 11, it was met with praise by many, but also disappointment that many features users have to come to love were suddenly missing. Below we have compiled the most requested features and changes that users want in Windows 11 through the reports in the Feedback Hub. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-the-top-most-requested-features-and-changes/

Synology warns of malware infecting NAS devices with ransomware

Taiwan-based NAS maker Synology has warned customers that the StealthWorker botnet is targeting their network-attached storage devices in ongoing brute-force attacks. [...]

https://www.bleepingcomputer.com/news/security/synology-warns-of-malware-infecting-nas-devices-with-ransomware/

New ASUS BIOS updates enable TPM 2.0 support for Windows 11

ASUS has released BIOS updates for over two hundred motherboard models to automatically enable the built-in TPM 2.0 security process so that users can upgrade to Windows 11. [...]

https://www.bleepingcomputer.com/news/microsoft/new-asus-bios-updates-enable-tpm-20-support-for-windows-11/

Google drops Bluetooth Titan Security Keys in favor of NFC versions

Google is discontinuing the Bluetooth Titan Security Key to focus on security keys with Near Field Communication (NFC) functionality. [...]

https://www.bleepingcomputer.com/news/security/google-drops-bluetooth-titan-security-keys-in-favor-of-nfc-versions/

Mozilla tests if 'Firefox/100.0' user agent breaks websites

Mozilla has launched an experiment where they change the Firefox browser user agent to a three-digit "Firefox/100.0" version to see if it will break websites. [...]

https://www.bleepingcomputer.com/news/software/mozilla-tests-if-firefox-1000-user-agent-breaks-websites/

Microsoft adds Fusion ransomware attack detection to Azure Sentinel

Microsoft says that the Azure Sentinel cloud-native SIEM (Security Information and Event Management) platform is now able to detect potential ransomware activity using the Fusion machine learning model. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-adds-fusion-ransomware-attack-detection-to-azure-sentinel/

FlyTrap malware hijacks thousands of Facebook accounts

A new Android threat that researchers call FlyTrap has been hijacking Facebook accounts of users in more than 140 countries by stealing session cookies. [...]

https://www.bleepingcomputer.com/news/security/flytrap-malware-hijacks-thousands-of-facebook-accounts/

One million stolen credit cards leaked to promote carding market

A threat actor is promoting a new criminal carding marketplace by releasing one million credit cards stolen between 2018 and 2019 on hacking forums. [...]

https://www.bleepingcomputer.com/news/security/one-million-stolen-credit-cards-leaked-to-promote-carding-market/

eCh0raix ransomware now targets both QNAP and Synology NAS devices

A newly discovered eCh0raix ransomware variant has added support for encrypting both QNAP and Synology Network-Attached Storage (NAS) devices. [...]

https://www.bleepingcomputer.com/news/security/ech0raix-ransomware-now-targets-both-qnap-and-synology-nas-devices/