Sysinternals apps can now auto-update via the Microsoft Store

​Microsoft added their Sysinternals Suite to the Microsoft Store, allowing the popular Sysinternals utilities to be updated automatically as new versions are released. [...]

https://www.bleepingcomputer.com/news/microsoft/sysinternals-apps-can-now-auto-update-via-the-microsoft-store/

How to unlock Windows 11's God Mode to access advanced settings

The settings app has been significantly improved, but several Control Panel features are still missing. Thankfully, Windows 11 still comes with the Control Panel and File Explorer-based advanced configuration page called "God Mode" that allows you to easily access all advanced tools, features, and tasks. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-unlock-windows-11s-god-mode-to-access-advanced-settings/

REvil ransomware shuts down again after Tor sites were hijacked

The REvil ransomware operation has likely shut down once again after an unknown person hijacked their Tor payment portal and data leak blog. [...]

https://www.bleepingcomputer.com/news/security/revil-ransomware-shuts-down-again-after-tor-sites-were-hijacked/

Ransomware attack likely behind Sinclair TV stations downtime

TV stations owned by the Sinclair Broadcast Group broadcast television company went down over the weekend across the US, with multiple sources telling BleepingComputer the downtime was caused by a ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/ransomware-attack-likely-behind-sinclair-tv-stations-downtime/

Credit card PINs can be guessed even when covering the ATM pad

Researchers have proven it's possible to train a special-purpose deep-learning algorithm that can guess 4-digit card PINs 41% of the time, even if the victim is covering the pad with their hands.  [...]

https://www.bleepingcomputer.com/news/security/credit-card-pins-can-be-guessed-even-when-covering-the-atm-pad/

Microsoft fixes Windows 10 auth issue impacting Remote Desktop

Microsoft has fixed a known Windows 10 issue causing smartcard authentication to fail when trying to connect using Remote Desktop after installing the cumulative updates released during the September 2021 Patch Tuesday. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-auth-issue-impacting-remote-desktop/

Microsoft asks admins to patch PowerShell to fix WDAC bypass

Microsoft has asked system administrators to patch PowerShell 7 against two vulnerabilities allowing attackers to bypass Windows Defender Application Control (WDAC) enforcements and gain access to plain text credentials. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-asks-admins-to-patch-powershell-to-fix-wdac-bypass/

Microsoft: Windows 11 bug may only allow admins to print

Microsoft is working on a fix for a known issue impacting Windows 11 customers and causing a prompt for admin credentials before every attempt to print. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-11-bug-may-only-allow-admins-to-print/

Suspected Chinese hackers behind attacks on ten Israeli hospitals

A joint announcement from the Ministry of Health and the National Cyber Directorate in Israel describes a spike in ransomware attacks over the weekend that targeted the systems of nine health institutes in the country. [...]

https://www.bleepingcomputer.com/news/security/suspected-chinese-hackers-behind-attacks-on-ten-israeli-hospitals/

State-backed hackers breach telcos with custom malware

A previously unknown state-sponsored actor is deploying a novel toolset in attacks targeting telecommunication providers and IT firms in South Asia. [...]

https://www.bleepingcomputer.com/news/security/state-backed-hackers-breach-telcos-with-custom-malware/

FBI, CISA, NSA share defense tips for BlackMatter ransomware attacks

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) published today an advisory with details about how the BlackMatter ransomware gang operates. [...]

https://www.bleepingcomputer.com/news/security/fbi-cisa-nsa-share-defense-tips-for-blackmatter-ransomware-attacks/

ACE takes down Electro TV Sat pirate streaming service

ACE (Alliance for Creativity) has forced Electro TV Sat offline following a crackdown operation in Morocco, where the pirate streaming platform was based. [...]

https://www.bleepingcomputer.com/news/technology/ace-takes-down-electro-tv-sat-pirate-streaming-service/

Microsoft fixes Surface Pro 3 TPM bypass with public exploit code

Microsoft has patched a security feature bypass vulnerability impacting Surface Pro 3 tablets that enables threat actors to introduce malicious devices within enterprise environments. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-surface-pro-3-tpm-bypass-with-public-exploit-code/

New Karma ransomware group likely a Nemty rebrand

Threat analysts at Sentinel Labs have found evidence of the Karma ransomware being just another evolutionary step in the strain that started as JSWorm, became Nemty, then Nefilim, Fusion, Milihpen, and most recently, Gangbang. [...]

https://www.bleepingcomputer.com/news/security/new-karma-ransomware-group-likely-a-nemty-rebrand/

FBI warns of fake govt sites used to steal financial, personal data

The FBI warned the US public that threat actors actively use fake and spoofed unemployment benefit websites to harvest sensitive financial and personal information from unsuspecting victims. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-fake-govt-sites-used-to-steal-financial-personal-data/

Man gets 7 years in prison for hacking 65K health care employees

Justin Sean Johnson, also known as TheDearthStar and Dearthy Star, was sentenced this week to seen years in prison for the 2014 hack of the health care provider and insurer University of Pittsburgh Medical Center (UPMC). [...]

https://www.bleepingcomputer.com/news/security/man-gets-7-years-in-prison-for-hacking-65k-health-care-employees/

China's VPN market now open to foreign investment

The central government of China in Beijing has announced a decision to allow foreign entities to invest in the ownership of VPN (virtual private network) services in the country. [...]

https://www.bleepingcomputer.com/news/government/chinas-vpn-market-now-open-to-foreign-investment/

LightBasin hacking group breaches 13 global telecoms in two years

A group of hackers that security researchers call LightBasin has been compromising mobile telecommunication systems across the world for the past five years. [...]

https://www.bleepingcomputer.com/news/security/lightbasin-hacking-group-breaches-13-global-telecoms-in-two-years/

BlackByte ransomware decryptor released to recover files for free

A free decryptor for the BlackByte ransomware has been released, allowing past victims to recover their files for free. [...]

https://www.bleepingcomputer.com/news/security/blackbyte-ransomware-decryptor-released-to-recover-files-for-free/

About 26% of all malicious JavaScript threats are obfuscated

A research that analyzed over 10,000 samples of diverse malicious software written in JavaScript concluded that roughly 26% of it is obfuscated to evade detection and analysis.  [...]

https://www.bleepingcomputer.com/news/security/about-26-percent-of-all-malicious-javascript-threats-are-obfuscated/

Acer hacked twice in a week by the same threat actor

Acer has suffered a second cyberattack in just a week by the same hacking group that says other regions are vulnerable. [...]

https://www.bleepingcomputer.com/news/security/acer-hacked-twice-in-a-week-by-the-same-threat-actor/