Police arrest 150 dark web vendors of illegal drugs and guns

Law enforcement authorities arrested 150 suspects allegedly involved in selling and buying illicit goods on DarkMarket, the largest illegal marketplace on the dark web when it was taken down in January 2021. [...]

https://www.bleepingcomputer.com/news/security/police-arrest-150-dark-web-vendors-of-illegal-drugs-and-guns/

Microsoft is force installing PC Health Check in Windows 10

Microsoft has begun force installing the PC Health Check application on Windows 10 devices using a new KB5005463 update. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-is-force-installing-pc-health-check-in-windows-10/

Researcher cracked 70% of WiFi networks sampled in Tel Aviv

A researcher has managed to crack 70% of a 5,000 WiFi network sample in his hometown, Tel Aviv, to prove that home networks are severely unsecured and easy to hijack. [...]

https://www.bleepingcomputer.com/news/security/researcher-cracked-70-percent-of-wifi-networks-sampled-in-tel-aviv/

North Korean state hackers start targeting the IT supply chain

North Korean-sponsored Lazarus hacking group has switched focus on new targets and was observed by Kaspersky security researchers expanding its supply chain attack capabilities. [...]

https://www.bleepingcomputer.com/news/security/north-korean-state-hackers-start-targeting-the-it-supply-chain/

Windows 10 KB5006738 released with fixes for printing issues

Microsoft has released the optional KB5006738 Preview cumulative update for Windows 10 2004, Windows 10 20H2, and Windows 10 21H1. Microsoft says this update and a separate Windows Server preview update will fix all outstanding printing issues affecting users since they mitigated the PrintNightmare vulnerabilities. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5006738-released-with-fixes-for-printing-issues/

Prepare for 5 cybersecurity certifications with this bundle

With The Ultimate 2021 Cyber Security Survival Training Bundle, you get full prep for five top certifications. The included content is worth a total of $495, but you can get it today for only $29.99. [...]

https://www.bleepingcomputer.com/news/security/prepare-for-5-cybersecurity-certifications-with-this-bundle/

Brutal WordPress plugin bug allows subscribers to wipe sites

A high severity security flaw found in a WordPress plugin with more than 8,000 active installs can let authenticated attackers reset and wipe vulnerable websites. [...]

https://www.bleepingcomputer.com/news/security/brutal-wordpress-plugin-bug-allows-subscribers-to-wipe-sites/

Spammers use Squirrelwaffle malware to drop Cobalt Strike

A new malware threat named Squirrelwaffle has emerged in the wild, supporting actors with an initial foothold and a way to drop malware onto compromised systems and networks. [...]

https://www.bleepingcomputer.com/news/security/spammers-use-squirrelwaffle-malware-to-drop-cobalt-strike/

Iranian gas stations out of service after distribution network hacked

Gas stations from the National Iranian Oil Products Distribution Company (NIOPDC) have stopped working today due to what appears to be a cyberattack that affected the entire distribution network. [...]

https://www.bleepingcomputer.com/news/security/iranian-gas-stations-out-of-service-after-distribution-network-hacked/

Telegram launches advertising program for public channels

Telegram has launched a new advertising program dubbed Ad Platform and offering the opportunity to display sponsored messages on the instant-messaging platform. [...]

https://www.bleepingcomputer.com/news/software/telegram-launches-advertising-program-for-public-channels/

Malicious NPM libraries install ransomware, password stealer

Malicious NPM packages pretending to be Roblox libraries are delivering ransomware and password-stealing trojans on unsuspecting users. [...]

https://www.bleepingcomputer.com/news/security/malicious-npm-libraries-install-ransomware-password-stealer/

US bans China Telecom Americas over national security risks

The Federal Communications Commission (FCC) has revoked China Telecom Americas' license to provide telecommunication services within the United States. [...]

https://www.bleepingcomputer.com/news/security/us-bans-china-telecom-americas-over-national-security-risks/

Babuk ransomware decryptor released to recover files for free

Czech cybersecurity software firm Avast has created and released a decryption tool to help Babuk ransomware victims recover their files for free. [...]

https://www.bleepingcomputer.com/news/security/babuk-ransomware-decryptor-released-to-recover-files-for-free/

Hackers arrested for ‘infiltrating’ Ukraine’s health database

The Security Service of Ukraine (SSU) has arrested a team of actors who illegally infiltrated the information system of the National Health Service of Ukraine (NHSU) and entered false vaccination entries for other people. [...]

https://www.bleepingcomputer.com/news/security/hackers-arrested-for-infiltrating-ukraine-s-health-database/

Twitter employees required to use security keys after 2020 hack

Twitter rolled out security keys to its entire workforce and made two-factor authentication (2FA) mandatory for accessing internal systems following last year's hack. [...]

https://www.bleepingcomputer.com/news/security/twitter-employees-required-to-use-security-keys-after-2020-hack/

Free decryptor released for Atom Silo and LockFile ransomware

Avast has just released a decryption tool that will help AtomSilo and LockFile ransomware victims recover some of their files for free, without having to pay a ransom. [...]

https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-atom-silo-and-lockfile-ransomware/

Android spyware apps target Israel in three-year-long campaign

A set of seemingly innocuous Android apps have been infecting Israeli users with spyware since 2018, and the campaign continues to this day. [...]

https://www.bleepingcomputer.com/news/security/android-spyware-apps-target-israel-in-three-year-long-campaign/

NRA: No comment on Russian ransomware gang attack claims

The Grief ransomware gang claims to have attacked the National Rifle Association (NRA) and released allegedly stolen data as proof of the attack. [...]

https://www.bleepingcomputer.com/news/security/nra-no-comment-on-russian-ransomware-gang-attack-claims/

Sensitive data of 400,000 German students exposed by API flaw

Approximately 400,000 users of Scoolio, a student community app widely used in Germany, had sensitive information exposed due to an API flaw in the platform. [...]

https://www.bleepingcomputer.com/news/security/sensitive-data-of-400-000-german-students-exposed-by-api-flaw/

EU investigating leak of private key used to forge Covid passes

The private key used to sign EU Digital Covid certificates has been reportedly leaked and is being circulated on messaging apps and forums. The key has also been misused to generate forged certificates, such as those for Adolf Hitler, Mickey Mouse, Sponge Bob—all of which are being recognized as valid by the official government apps. [...]

https://www.bleepingcomputer.com/news/security/eu-investigating-leak-of-private-key-used-to-forge-covid-passes/

German investigators identify REvil ransomware gang core member

German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years. [...]

https://www.bleepingcomputer.com/news/security/german-investigators-identify-revil-ransomware-gang-core-member/