Phishing campaign uses math symbols to evade detection

Phishing actors are now using mathematical symbols on impersonated company logos to evade detection from anti-phishing systems. [...]

https://www.bleepingcomputer.com/review/security/phishing-campaign-uses-math-symbols-to-evade-detection/

Microsoft October 2021 Patch Tuesday fixes 4 zero-days, 71 flaws

Today is Microsoft's October 2021 Patch Tuesday, and with it comes fixes for four zero-day vulnerabilities and a total of 74 flaws. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-october-2021-patch-tuesday-fixes-4-zero-days-71-flaws/

Windows 10 updates KB5006670 & KB5006667 released

The October 2021 Patch update is now rolling out and Microsoft has published cumulative updates KB5006670 and KB5005566 for recent versions of Windows 10. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-updates-kb5006670-and-kb5006667-released/

PyPI removes 'mitmproxy2' over code execution concerns

The PyPI repository has removed a Python package called 'mitmproxy2' that was an identical copy of the official "mitmproxy" library, but with an "artificially introduced" code execution vulnerability. The 'mitmproxy' Python package is a free and open-source interactive HTTPS proxy [...]

https://www.bleepingcomputer.com/news/security/pypi-removes-mitmproxy2-over-code-execution-concerns/

Chinese hackers use Windows zero-day to attack defense, IT firms

A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a previously unknown remote access trojan (RAT). [...]

https://www.bleepingcomputer.com/news/security/chinese-hackers-use-windows-zero-day-to-attack-defense-it-firms/

Windows 11 KB5006674 update released with compatibility fixes

Microsoft has released the Windows 11 KB5006674 cumulative update, marking it as the first update for the new operating system since it has been released to the public channel. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5006674-update-released-with-compatibility-fixes/

Dutch police send warning letters to DDoS booter customers

Dutch authorities gave a final warning to more than a dozen customers of a distributed denial-of-service (DDoS) website, letting them know that continued cyber offenses lead to prosecution. [...]

https://www.bleepingcomputer.com/news/security/dutch-police-send-warning-letters-to-ddos-booter-customers/

OVH hosting provider goes down during planned maintenance

OVH, the largest hosting provider in Europe and the third-largest in the world, went down earlier today following what looks like routing configuration issues during a planned maintenance. [...]

https://www.bleepingcomputer.com/news/technology/ovh-hosting-provider-goes-down-during-planned-maintenance/

Russia and China left out of global anti-ransomware meetings

The White House National Security Council facilitates virtual meetings this week with senior officials and ministers from more than 30 countries in a virtual international counter-ransomware event to rally allies in the fight against the ransomware threat. [...]

https://www.bleepingcomputer.com/news/security/russia-and-china-left-out-of-global-anti-ransomware-meetings/

OpenSea NFT platform bugs let hackers steal crypto wallets ?

Security researchers found that an attacker could leave OpenSea account owners with an empty cryptocurrency balance by luring them to click on malicious NFT art. [...]

https://www.bleepingcomputer.com/news/security/opensea-nft-platform-bugs-let-hackers-steal-crypto-wallets-/

Verizon digital carrier Visible customer accounts were hacked

Visible, a US digital wireless carrier owned by Verizon, admitted that some customer accounts were hacked after dealing with technical problems in the past couple of days. [...]

https://www.bleepingcomputer.com/news/security/verizon-digital-carrier-visible-customer-accounts-were-hacked/

EU legislation introduced to ban anonymous domain registration

The European Union is drafting legislation that could soon end individuals registering domains anonymously on the continent. [...]

https://www.bleepingcomputer.com/news/government/eu-legislation-introduced-to-ban-anonymous-domain-registration/

Australia to tackle ransomware data breaches by deleting stolen files

Australia's Minister for Home Affairs has announced the "Australian Government's Ransomware Action Plan," which is a set of new measures the country will adopt in an attempt to tackle the rising threat. [...]

https://www.bleepingcomputer.com/news/security/australia-to-tackle-ransomware-data-breaches-by-deleting-stolen-files/

Apple silently fixes iOS zero-day, asks bug reporter to keep quiet

Apple has silently fixed a gamed zero-day vulnerability with the release of iOS 15.0.2, on Monday, a security flaw that could let attackers gain access to sensitive user information. [...]

https://www.bleepingcomputer.com/news/apple/apple-silently-fixes-ios-zero-day-asks-bug-reporter-to-keep-quiet/

MyKings botnet still active and making massive amounts of money

The MyKings botnet (aka Smominru or DarkCloud) is still actively spreading, making massive amounts of money in crypto, five years after it first appeared in the wild. [...]

https://www.bleepingcomputer.com/news/security/mykings-botnet-still-active-and-making-massive-amounts-of-money/

Microsoft confirms new Windows 11 printer installation issues

Microsoft has confirmed new Windows 11 known issues which cause printers installation fails on systems commonly found in enterprise environments. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-new-windows-11-printer-installation-issues/

New Yanluowang ransomware used in targeted enterprise attacks

A new and still under development ransomware strain is being used in highly targeted attacks against enterprise entities as Broadcom's Symantec Threat Hunter Team discovered. [...]

https://www.bleepingcomputer.com/news/security/new-yanluowang-ransomware-used-in-targeted-enterprise-attacks/

Acer confirms breach of after-sales service systems in India

Taiwanese computer giant Acer has confirmed that its after-sales service systems in India were recently breached in what the company called "an isolated attack." [...]

https://www.bleepingcomputer.com/news/security/acer-confirms-breach-of-after-sales-service-systems-in-india/

Belarus: Joining banned Telegram channels will land you in prison

Belarusian law enforcement has published a list of Telegram channels that are now considered extremist and warned people that merely joining them would be punishable by up to seven years of imprisonment. [...]

https://www.bleepingcomputer.com/news/legal/belarus-joining-banned-telegram-channels-will-land-you-in-prison/

Malicious Chrome ad blocker injects ads behind the scenes

The AllBlock Chromium ad blocking extension has been found to be injecting hidden affiliate links that generate commissions for the developers. [...]

https://www.bleepingcomputer.com/news/security/malicious-chrome-ad-blocker-injects-ads-behind-the-scenes/

Google sent 50,000 warnings of state-sponsored attacks in 2021

Google said today that it sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers during 2021, a considerable increase compared to the previous year. [...]

https://www.bleepingcomputer.com/news/security/google-sent-50-000-warnings-of-state-sponsored-attacks-in-2021/