Microsoft: Shrootless bug lets hackers install macOS rootkits
Attackers could use a new macOS vulnerability discovered by Microsoft to bypass System Integrity Protection (SIP) and perform arbitrary operations, elevate privileges to root, and install rootkits on vulnerable devices. [...]
https://www.bleepingcomputer.com/news/security/microsoft-shrootless-bug-lets-hackers-install-macos-rootkits/
Attackers could use a new macOS vulnerability discovered by Microsoft to bypass System Integrity Protection (SIP) and perform arbitrary operations, elevate privileges to root, and install rootkits on vulnerable devices. [...]
https://www.bleepingcomputer.com/news/security/microsoft-shrootless-bug-lets-hackers-install-macos-rootkits/
BleepingComputer
Microsoft: Shrootless bug lets hackers install macOS rootkits
Attackers could use a new macOS vulnerability discovered by Microsoft to bypass System Integrity Protection (SIP) and perform arbitrary operations, elevate privileges to root, and install rootkits on vulnerable devices.
NSA and CISA share guidance on securing 5G cloud infrastructure
CISA and the NSA shared guidance on securing cloud-native 5G networks from attacks seeking to compromise information or deny access by taking down cloud infrastructure. [...]
https://www.bleepingcomputer.com/news/security/nsa-and-cisa-share-guidance-on-securing-5g-cloud-infrastructure/
CISA and the NSA shared guidance on securing cloud-native 5G networks from attacks seeking to compromise information or deny access by taking down cloud infrastructure. [...]
https://www.bleepingcomputer.com/news/security/nsa-and-cisa-share-guidance-on-securing-5g-cloud-infrastructure/
BleepingComputer
NSA and CISA share guidance on securing 5G cloud infrastructure
CISA and the NSA shared guidance on securing cloud-native 5G networks from attacks seeking to compromise information or deny access by taking down cloud infrastructure.
All Windows versions impacted by new LPE zero-day vulnerability
A security researcher has disclosed technical details for a Windows zero-day privilege elevation vulnerability and a public proof-of-concept (PoC) exploit that gives SYSTEM privileges under certain conditions. [...]
https://www.bleepingcomputer.com/news/security/all-windows-versions-impacted-by-new-lpe-zero-day-vulnerability/
A security researcher has disclosed technical details for a Windows zero-day privilege elevation vulnerability and a public proof-of-concept (PoC) exploit that gives SYSTEM privileges under certain conditions. [...]
https://www.bleepingcomputer.com/news/security/all-windows-versions-impacted-by-new-lpe-zero-day-vulnerability/
BleepingComputer
All Windows versions impacted by new LPE zero-day vulnerability
A security researcher has disclosed technical details for a Windows zero-day privilege elevation vulnerability and a public proof-of-concept (PoC) exploit that gives SYSTEM privileges under certain conditions.
Emergency Google Chrome update fixes zero-days used in attacks
Google has released Chrome 95.0.4638.69 for Windows, Mac, and Linux to fix two zero-day vulnerabilities that attackers have actively exploited. [...]
https://www.bleepingcomputer.com/news/google/emergency-google-chrome-update-fixes-zero-days-used-in-attacks/
Google has released Chrome 95.0.4638.69 for Windows, Mac, and Linux to fix two zero-day vulnerabilities that attackers have actively exploited. [...]
https://www.bleepingcomputer.com/news/google/emergency-google-chrome-update-fixes-zero-days-used-in-attacks/
BleepingComputer
Emergency Google Chrome update fixes zero-days used in attacks
Google has released Chrome 95.0.4638.69 for Windows, Mac, and Linux to fix two zero-day vulnerabilities that attackers have actively exploited.
TrickBot malware dev extradited to U.S. faces 60 years in prison
A Russian national believed to be a member of the TrickBot malware development team has been extradited to the U.S. and is currently facing charges that could get him 60 years in prison. [...]
https://www.bleepingcomputer.com/news/security/trickbot-malware-dev-extradited-to-us-faces-60-years-in-prison/
A Russian national believed to be a member of the TrickBot malware development team has been extradited to the U.S. and is currently facing charges that could get him 60 years in prison. [...]
https://www.bleepingcomputer.com/news/security/trickbot-malware-dev-extradited-to-us-faces-60-years-in-prison/
BleepingComputer
TrickBot malware dev extradited to U.S. faces 60 years in prison
A Russian national believed to be a member of the TrickBot malware development team has been extradited to the U.S. and is currently facing charges that could get him 60 years in prison.
Police arrest criminals behind Norsk Hydro ransomware attack
The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries. [...]
https://www.bleepingcomputer.com/news/security/police-arrest-criminals-behind-norsk-hydro-ransomware-attack/
The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries. [...]
https://www.bleepingcomputer.com/news/security/police-arrest-criminals-behind-norsk-hydro-ransomware-attack/
BleepingComputer
Police arrest hackers behind over 1,800 ransomware attacks
The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries.
Google Chromebooks failing to enroll due to network issue
Since Thursday evening, Google has been investigating reports of customers having issues enrolling their Chromebooks with a network error. [...]
https://www.bleepingcomputer.com/news/security/google-chromebooks-failing-to-enroll-due-to-network-issue/
Since Thursday evening, Google has been investigating reports of customers having issues enrolling their Chromebooks with a network error. [...]
https://www.bleepingcomputer.com/news/security/google-chromebooks-failing-to-enroll-due-to-network-issue/
BleepingComputer
Google Chromebooks failing to enroll due to network issue
Since Thursday evening, Google has been investigating reports of customers having issues enrolling their Chromebooks with a network error.
Microsoft: Windows web content filtering now generally available
Microsoft has announced that web content filtering has reached general availability and is now available for all Windows enterprise customers. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-web-content-filtering-now-generally-available/
Microsoft has announced that web content filtering has reached general availability and is now available for all Windows enterprise customers. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-web-content-filtering-now-generally-available/
BleepingComputer
Microsoft: Windows web content filtering now generally available
Microsoft has announced that web content filtering has reached general availability and is now available for all Windows enterprise customers.
DOJ: Pirated sports streamer hacked accounts, extorted MLB
The U.S. Attorney's Office for the Southern District of New York has charged a man for illegally streaming MLB, NBA, NFL, and NHL games via the web and hacking into sports leagues' customer accounts. [...]
https://www.bleepingcomputer.com/news/security/doj-pirated-sports-streamer-hacked-accounts-extorted-mlb/
The U.S. Attorney's Office for the Southern District of New York has charged a man for illegally streaming MLB, NBA, NFL, and NHL games via the web and hacking into sports leagues' customer accounts. [...]
https://www.bleepingcomputer.com/news/security/doj-pirated-sports-streamer-hacked-accounts-extorted-mlb/
BleepingComputer
DOJ: Pirated sports streamer hacked accounts, extorted MLB
The U.S. Attorney's Office for the Southern District of New York has charged a man for illegally streaming MLB, NBA, NFL, and NHL games via the web and hacking into sports leagues' customer accounts.
Microsoft PowerToys adds Windows 11 theme, new mouse utility
Microsoft has added new utilities to the PowerToys toolset and updated the user interface with a new Windows 11 theme for PowerRename. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-powertoys-adds-windows-11-theme-new-mouse-utility/
Microsoft has added new utilities to the PowerToys toolset and updated the user interface with a new Windows 11 theme for PowerRename. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-powertoys-adds-windows-11-theme-new-mouse-utility/
BleepingComputer
Microsoft PowerToys adds Windows 11 theme, new mouse utility
Microsoft has added new utilities to the PowerToys toolset and updated the user interface with a new Windows 11 theme for PowerRename.
Hive ransomware now encrypts Linux and FreeBSD systems
The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms. [...]
https://www.bleepingcomputer.com/news/security/hive-ransomware-now-encrypts-linux-and-freebsd-systems/
The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms. [...]
https://www.bleepingcomputer.com/news/security/hive-ransomware-now-encrypts-linux-and-freebsd-systems/
BleepingComputer
Hive ransomware now encrypts Linux and FreeBSD systems
The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms.
Snake malware biting hard on 50 apps for only $25
Cybercriminals are flooding to use the Snake password-stealing trojan, making it one of the popular malware families used in attacks. [...]
https://www.bleepingcomputer.com/news/security/snake-malware-biting-hard-on-50-apps-for-only-25/
Cybercriminals are flooding to use the Snake password-stealing trojan, making it one of the popular malware families used in attacks. [...]
https://www.bleepingcomputer.com/news/security/snake-malware-biting-hard-on-50-apps-for-only-25/
BleepingComputer
Snake malware biting hard on 50 apps for only $25
Cybercriminals are flooding to use the Snake password-stealing trojan, making it one of the popular malware families used in attacks.
The Week in Ransomware - October 29th 2021 - Making arrests
This week, international law enforcement operations went on the offensive, making arrests in numerous countries for ransomware-related activities. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-29th-2021-making-arrests/
This week, international law enforcement operations went on the offensive, making arrests in numerous countries for ransomware-related activities. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-29th-2021-making-arrests/
BleepingComputer
The Week in Ransomware - October 29th 2021 - Making arrests
This week, international law enforcement operations went on the offensive, making arrests in numerous countries for ransomware-related activities.
Microsoft: Windows KB5006674, KB5006670 updates break printing
Microsoft says Windows customers are experiencing issues with network printing after installing the Windows 11 KB5006674 and Windows 10 KB5006670 updates issued with this month's Patch Tuesday, on October 12. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-kb5006674-kb5006670-updates-break-printing/
Microsoft says Windows customers are experiencing issues with network printing after installing the Windows 11 KB5006674 and Windows 10 KB5006670 updates issued with this month's Patch Tuesday, on October 12. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-kb5006674-kb5006670-updates-break-printing/
BleepingComputer
Microsoft: Windows KB5006674, KB5006670 updates break printing
Microsoft says Windows customers are experiencing issues with network printing after installing the Windows 11 KB5006674 and Windows 10 KB5006670 updates issued with this month's Patch Tuesday, on October 12.
Chaos ransomware targets gamers via fake Minecraft alt lists
The Chaos Ransomware gang encrypts gamers' Windows devices through fake Minecraft alt lists promoted on gaming forums. [...]
https://www.bleepingcomputer.com/news/security/chaos-ransomware-targets-gamers-via-fake-minecraft-alt-lists/
The Chaos Ransomware gang encrypts gamers' Windows devices through fake Minecraft alt lists promoted on gaming forums. [...]
https://www.bleepingcomputer.com/news/security/chaos-ransomware-targets-gamers-via-fake-minecraft-alt-lists/
BleepingComputer
Chaos ransomware targets gamers via fake Minecraft alt lists
The Chaos Ransomware gang encrypts gamers' Windows devices through fake Minecraft alt lists promoted on gaming forums.
Microsoft warns of rise in password sprays targeting cloud accounts
The Microsoft Detection and Response Team (DART) says it detected an increase in password spray attacks targeting privileged cloud accounts and high-profile identities such as C-level executives. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-rise-in-password-sprays-targeting-cloud-accounts/
The Microsoft Detection and Response Team (DART) says it detected an increase in password spray attacks targeting privileged cloud accounts and high-profile identities such as C-level executives. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-rise-in-password-sprays-targeting-cloud-accounts/
BleepingComputer
Microsoft warns of rise in password sprays targeting cloud accounts
The Microsoft Detection and Response Team (DART) says it detected an increase in password spray attacks targeting privileged cloud accounts and high-profile identities such as C-level executives.
FBI: HelloKitty ransomware adds DDoS attacks to extortion tactics
The U.S. Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry partners that the HelloKitty ransomware gang (aka FiveHands) has added distributed denial-of-service (DDoS) attacks to their arsenal of extortion tactics. [...]
https://www.bleepingcomputer.com/news/security/fbi-hellokitty-ransomware-adds-ddos-attacks-to-extortion-tactics/
The U.S. Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry partners that the HelloKitty ransomware gang (aka FiveHands) has added distributed denial-of-service (DDoS) attacks to their arsenal of extortion tactics. [...]
https://www.bleepingcomputer.com/news/security/fbi-hellokitty-ransomware-adds-ddos-attacks-to-extortion-tactics/
BleepingComputer
FBI: HelloKitty ransomware adds DDoS attacks to extortion tactics
The U.S. Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry partners that the HelloKitty ransomware gang (aka FiveHands) has added distributed denial-of-service (DDoS) attacks to their arsenal of extortion tactics.
BlackShadow hackers breach Israeli hosting firm and extort customers
The BlackShadow hacking group attacked the Israeli hosting provider Cyberserve to steal client databases and disrupt the company's services. [...]
https://www.bleepingcomputer.com/news/security/blackshadow-hackers-breach-israeli-hosting-firm-and-extort-customers/
The BlackShadow hacking group attacked the Israeli hosting provider Cyberserve to steal client databases and disrupt the company's services. [...]
https://www.bleepingcomputer.com/news/security/blackshadow-hackers-breach-israeli-hosting-firm-and-extort-customers/
BleepingComputer
BlackShadow hackers breach Israeli hosting firm and extort customers
The BlackShadow hacking group attacked the Israeli hosting provider Cyberserve to steal client databases and disrupt the company's services.
Kaspersky's stolen Amazon SES token used in Office 365 phishing
Kaspersky said today that a legitimate Amazon Simple Email Service (SES) token issued to a third-party contractor was recently used by threat actors behind a spear-phishing campaign targeting Office 365 users. [...]
https://www.bleepingcomputer.com/news/security/kasperskys-stolen-amazon-ses-token-used-in-office-365-phishing/
Kaspersky said today that a legitimate Amazon Simple Email Service (SES) token issued to a third-party contractor was recently used by threat actors behind a spear-phishing campaign targeting Office 365 users. [...]
https://www.bleepingcomputer.com/news/security/kasperskys-stolen-amazon-ses-token-used-in-office-365-phishing/
BleepingComputer
Kaspersky's stolen Amazon SES token used in Office 365 phishing
Kaspersky said today that a legitimate Amazon Simple Email Service (SES) token issued to a third-party contractor was recently used by threat actors behind a spear-phishing campaign targeting Office 365 users.
Canadian province health care system disrupted by cyberattack
The Canadian provinces of Newfoundland and Labrador have suffered a cyberattack that has led to severe disruption to healthcare providers and hospitals. [...]
https://www.bleepingcomputer.com/news/security/canadian-province-health-care-system-disrupted-by-cyberattack/
The Canadian provinces of Newfoundland and Labrador have suffered a cyberattack that has led to severe disruption to healthcare providers and hospitals. [...]
https://www.bleepingcomputer.com/news/security/canadian-province-health-care-system-disrupted-by-cyberattack/
BleepingComputer
Canadian province health care system disrupted by cyberattack
The Canadian provinces of Newfoundland and Labrador have suffered a cyberattack that has led to severe disruption to healthcare providers and hospitals.
Microsoft Defender for Windows is getting a massive overhaul
Microsoft Defender for Windows is getting a massive overhaul allowing home network admins to deploy Android, iOS, and Mac clients to monitor antivirus, phishing, compromised passwords, and identity theft alerts from a single security dashboard. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-for-windows-is-getting-a-massive-overhaul/
Microsoft Defender for Windows is getting a massive overhaul allowing home network admins to deploy Android, iOS, and Mac clients to monitor antivirus, phishing, compromised passwords, and identity theft alerts from a single security dashboard. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-for-windows-is-getting-a-massive-overhaul/
BleepingComputer
Microsoft Defender for Windows is getting a massive overhaul
Microsoft Defender for Windows is getting a massive overhaul allowing home network admins to deploy Android, iOS, and Mac clients to monitor antivirus, phishing, compromised passwords, and identity theft alerts from a single security dashboard.