US bans China Telecom Americas over national security risks

The Federal Communications Commission (FCC) has revoked China Telecom Americas' license to provide telecommunication services within the United States. [...]

https://www.bleepingcomputer.com/news/security/us-bans-china-telecom-americas-over-national-security-risks/

Babuk ransomware decryptor released to recover files for free

Czech cybersecurity software firm Avast has created and released a decryption tool to help Babuk ransomware victims recover their files for free. [...]

https://www.bleepingcomputer.com/news/security/babuk-ransomware-decryptor-released-to-recover-files-for-free/

Hackers arrested for ‘infiltrating’ Ukraine’s health database

The Security Service of Ukraine (SSU) has arrested a team of actors who illegally infiltrated the information system of the National Health Service of Ukraine (NHSU) and entered false vaccination entries for other people. [...]

https://www.bleepingcomputer.com/news/security/hackers-arrested-for-infiltrating-ukraine-s-health-database/

Twitter employees required to use security keys after 2020 hack

Twitter rolled out security keys to its entire workforce and made two-factor authentication (2FA) mandatory for accessing internal systems following last year's hack. [...]

https://www.bleepingcomputer.com/news/security/twitter-employees-required-to-use-security-keys-after-2020-hack/

Free decryptor released for Atom Silo and LockFile ransomware

Avast has just released a decryption tool that will help AtomSilo and LockFile ransomware victims recover some of their files for free, without having to pay a ransom. [...]

https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-atom-silo-and-lockfile-ransomware/

Android spyware apps target Israel in three-year-long campaign

A set of seemingly innocuous Android apps have been infecting Israeli users with spyware since 2018, and the campaign continues to this day. [...]

https://www.bleepingcomputer.com/news/security/android-spyware-apps-target-israel-in-three-year-long-campaign/

NRA: No comment on Russian ransomware gang attack claims

The Grief ransomware gang claims to have attacked the National Rifle Association (NRA) and released allegedly stolen data as proof of the attack. [...]

https://www.bleepingcomputer.com/news/security/nra-no-comment-on-russian-ransomware-gang-attack-claims/

Sensitive data of 400,000 German students exposed by API flaw

Approximately 400,000 users of Scoolio, a student community app widely used in Germany, had sensitive information exposed due to an API flaw in the platform. [...]

https://www.bleepingcomputer.com/news/security/sensitive-data-of-400-000-german-students-exposed-by-api-flaw/

EU investigating leak of private key used to forge Covid passes

The private key used to sign EU Digital Covid certificates has been reportedly leaked and is being circulated on messaging apps and forums. The key has also been misused to generate forged certificates, such as those for Adolf Hitler, Mickey Mouse, Sponge Bob—all of which are being recognized as valid by the official government apps. [...]

https://www.bleepingcomputer.com/news/security/eu-investigating-leak-of-private-key-used-to-forge-covid-passes/

German investigators identify REvil ransomware gang core member

German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years. [...]

https://www.bleepingcomputer.com/news/security/german-investigators-identify-revil-ransomware-gang-core-member/

Microsoft now rolling out Windows 11 to more eligible devices

Microsoft is now rolling out the Windows 11 upgrade to more eligible Windows devices as part of a phased rollout designed to deliver a smooth upgrade experience. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-now-rolling-out-windows-11-to-more-eligible-devices/

Ransomware gangs use SEO poisoning to infect visitors

Researchers have spotted two campaigns linked to either the REvil ransomware gang or the SolarMarker backdoor that use SEO poisoning to serve payloads to targets. [...]

https://www.bleepingcomputer.com/news/security/ransomware-gangs-use-seo-poisoning-to-infect-visitors/

New AbstractEmu malware roots Android devices, evades detection

New Android malware can root infected devices to take complete control and silently tweak system settings, as well as evade detection using code abstraction and anti-emulation checks. [...]

https://www.bleepingcomputer.com/news/security/new-abstractemu-malware-roots-android-devices-evades-detection/

WordPress plugin bug impacts 1M sites, allows malicious redirects

The OptinMonster plugin is affected by a high-severity flaw that allows unauthorized API access and sensitive information disclosure on roughly a million WordPress sites. [...]

https://www.bleepingcomputer.com/news/security/wordpress-plugin-bug-impacts-1m-sites-allows-malicious-redirects/

Android spyware spreading as antivirus software in Japan

A new variant of the Android info-stealer called FakeCop has been spotted by Japanese security researchers, who warn that the distribution of the malicious APK is picking up pace. [...]

https://www.bleepingcomputer.com/news/security/android-spyware-spreading-as-antivirus-software-in-japan/

Microsoft: Shrootless bug lets hackers install macOS rootkits

Attackers could use a new macOS vulnerability discovered by Microsoft to bypass System Integrity Protection (SIP) and perform arbitrary operations, elevate privileges to root, and install rootkits on vulnerable devices. [...]

https://www.bleepingcomputer.com/news/security/microsoft-shrootless-bug-lets-hackers-install-macos-rootkits/

NSA and CISA share guidance on securing 5G cloud infrastructure

CISA and the NSA shared guidance on securing cloud-native 5G networks from attacks seeking to compromise information or deny access by taking down cloud infrastructure. [...]

https://www.bleepingcomputer.com/news/security/nsa-and-cisa-share-guidance-on-securing-5g-cloud-infrastructure/

All Windows versions impacted by new LPE zero-day vulnerability

A security researcher has disclosed technical details for a Windows zero-day privilege elevation vulnerability and a public proof-of-concept (PoC) exploit that gives SYSTEM privileges under certain conditions. [...]

https://www.bleepingcomputer.com/news/security/all-windows-versions-impacted-by-new-lpe-zero-day-vulnerability/

Emergency Google Chrome update fixes zero-days used in attacks

Google has released Chrome 95.0.4638.69 for Windows, Mac, and Linux to fix two zero-day vulnerabilities that attackers have actively exploited. [...]

https://www.bleepingcomputer.com/news/google/emergency-google-chrome-update-fixes-zero-days-used-in-attacks/

TrickBot malware dev extradited to U.S. faces 60 years in prison

A Russian national believed to be a member of the TrickBot malware development team has been extradited to the U.S. and is currently facing charges that could get him 60 years in prison. [...]

https://www.bleepingcomputer.com/news/security/trickbot-malware-dev-extradited-to-us-faces-60-years-in-prison/

Police arrest criminals behind Norsk Hydro ransomware attack

The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries. [...]

https://www.bleepingcomputer.com/news/security/police-arrest-criminals-behind-norsk-hydro-ransomware-attack/