CISA warns admins to urgently patch Exchange ProxyShell bugs

The US Cybersecurity and Infrastructure Security Agency (CISA) issued its first alert tagged as "urgent," warning admins to patch on-premises Microsoft Exchange servers against actively exploited ProxyShell vulnerabilities. [...]

https://www.bleepingcomputer.com/news/security/cisa-warns-admins-to-urgently-patch-exchange-proxyshell-bugs/

Nokia subsidiary discloses data breach after Conti ransomware attack

SAC Wireless, a US-based and independently-operating Nokia company subsidiary, has disclosed a data breach following a ransomware attack where Conti operators were able to successfully breach its network, steal data, and encrypt systems. [...]

https://www.bleepingcomputer.com/news/security/nokia-subsidiary-discloses-data-breach-after-conti-ransomware-attack/

Hacker gets 500K reward for returning stolen cryptocurrency

The saga of what has been dubbed the biggest hack in the world of decentralized finance appears to be over as Poly Network recovered more than $610 million in cryptocurrency assets it lost two weeks ago and the hacker received a $500,000 bounty for returning the money. [...]

https://www.bleepingcomputer.com/news/security/hacker-gets-500k-reward-for-returning-stolen-cryptocurrency/

Botnet targets hundreds of thousands of devices using Realtek SDK

A Mirai-based botnet now targets a critical vulnerability in the software SDK used by hundreds of thousands of Realtek-based devices, encompassing 200 models from at least 65 vendors, including Asus, Belkin, D-Link, Netgear, Tenda, ZTE, and Zyxel. [...]

https://www.bleepingcomputer.com/news/security/botnet-targets-hundreds-of-thousands-of-devices-using-realtek-sdk/

Phishing campaign uses UPS.com XSS vuln to distribute malware

A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious 'Invoice' Word documents. [...]

https://www.bleepingcomputer.com/news/security/phishing-campaign-uses-upscom-xss-vuln-to-distribute-malware/

FBI: OnePercent Group Ransomware targeted US orgs since Nov 2020

The Federal Bureau of Investigation (FBI) has shared info about a threat actor known as OnePercent Group that has been actively targeting US organizations in ransomware attacks since at least November 2020. [...]

https://www.bleepingcomputer.com/news/security/fbi-onepercent-group-ransomware-targeted-us-orgs-since-nov-2020/

New zero-click iPhone exploit used to deploy NSO spyware

Digital threat researchers at Citizen Lab have uncovered a new zero-click iMessage exploit used to deploy NSO Group's Pegasus spyware on devices belonging to Bahraini activists. [...]

https://www.bleepingcomputer.com/news/apple/new-zero-click-iphone-exploit-used-to-deploy-nso-spyware/

Malicious WhatsApp mod infects Android devices with malware

A malicious version of the FMWhatsappWhatsApp mod delivers a Triadatrojan payload, a nasty surprise that infects their devices with additional malware, including the very hard-to-remove xHelper trojan. [...]

https://www.bleepingcomputer.com/news/security/malicious-whatsapp-mod-infects-android-devices-with-malware/

Ransomware gang's script shows exactly the files they're after

A PowerShell script used by the Pysa ransomware operation gives us a sneak peek at the types of data they attempt to steal during a cyberattack. [...]

https://www.bleepingcomputer.com/news/security/ransomware-gangs-script-shows-exactly-the-files-theyre-after/

SteelSeries bug gives Windows 10 admin rights by plugging in a device

The official app for installing SteelSeries devices on Windows 10 can be exploited to obtain administrator rights, a security researcher has found. [...]

https://www.bleepingcomputer.com/news/security/steelseries-bug-gives-windows-10-admin-rights-by-plugging-in-a-device/

Samsung can remotely disable their TVs worldwide using TV Block

Samsung says that it can disable any of its Samsung TV sets remotely using TV Block, a feature built into all television products sold worldwide. [...]

https://www.bleepingcomputer.com/news/security/samsung-can-remotely-disable-their-tvs-worldwide-using-tv-block/

Windows 10 KB5005932 fixes devices that can't install new updates

Microsoft has released the Windows 10 KB5005932 setup update to fix '"PSFX_E_MATCHING_BINARY_MISSING" errors when attempting to install the latest cumulative updates. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5005932-fixes-devices-that-cant-install-new-updates/

Fake OpenSea support staff are stealing cryptowallets and NFTs

OpenSea users are being targeted in an ongoing and aggressive Discord phishing attack to steal cryptocurrency funds and NFTs. [...]

https://www.bleepingcomputer.com/news/security/fake-opensea-support-staff-are-stealing-cryptowallets-and-nfts/

FIN8 cybercrime gang backdoors US orgs with new Sardonic malware

A financially motivated cybercrime gang has breached and backdoored the network of a US financial organization with a new malware known dubbed Sardonic by Bitdefender researchers who first spotted it. [...]

https://www.bleepingcomputer.com/news/security/fin8-cybercrime-gang-backdoors-us-orgs-with-new-sardonic-malware/

Ethereum urges Go devs to fix severe chain-split vulnerability

Ethreum project is urging developers to apply a hotfix to squash a high-severity vulnerability. The chain-split vulnerability tracked as CVE-2021-39137, impacts "Geth," the official Golang implementation of the Ethereum protocol. [...]

https://www.bleepingcomputer.com/news/security/ethereum-urges-go-devs-to-fix-severe-chain-split-vulnerability/

New Hampshire town loses $2.3 million to overseas scammers

Peterborough, a small New Hampshire town, has lost $2.3 million after BEC scammers redirected several bank transfers using forged documents sent to the town's Finance Department staff in multiple email exchanges. [...]

https://www.bleepingcomputer.com/news/security/new-hampshire-town-loses-23-million-to-overseas-scammers/

Critical F5 BIG-IP bug impacts customers in sensitive sectors

BIG-IP application services company F5 has fixed more than a dozen high-severity vulnerabilities in its networking device, one of them being elevated to critical severity under specific conditions. [...]

https://www.bleepingcomputer.com/news/security/critical-f5-big-ip-bug-impacts-customers-in-sensitive-sectors/

Microsoft will add secure preview for Office 365 quarantined emails

Microsoft is updating Defender for Office 365 to protect customers from embedded email threats while previewing quarantined emails. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-will-add-secure-preview-for-office-365-quarantined-emails/

Microsoft: ProxyShell bugs “might be exploited,” patch servers now!

Microsoft has finally published guidance today for the actively exploited ProxyShell vulnerabilities impacting multiple on-premises Microsoft Exchange versions. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-proxyshell-bugs-might-be-exploited-patch-servers-now/

Microsoft accidentally lowers OneDrive for Business storage limits

Microsoft is investigating an ongoing issue impacting OneDrive for Business customers and causing their storage space to shrink down to the default setting or switching them to read-only mode, forcing some to delete files to free up space to work on their projects. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-accidentally-lowers-onedrive-for-business-storage-limits/

Kaseya patches Unitrends server zero-days, issues client mitigations

American software company Kaseya has issued a security updates to patch server side Kaseya Unitrends vulnerabilities found by security researchers at the Dutch Institute for Vulnerability Disclosure (DIVD). [...]

https://www.bleepingcomputer.com/news/security/kaseya-patches-unitrends-server-zero-days-issues-client-mitigations/