Signal now lets you report and block spam messages

Signal has added an easy way for users to report and block spam straight from message request screens with a single mouse click. [...]

https://www.bleepingcomputer.com/news/security/signal-now-lets-you-report-and-block-spam-messages/

'Trojan Source' attack method can hide bugs into open-source code

Academic researchers have released details about a new attack method they call "Trojan Source" that allows injecting vulnerabilities into the source code of a software project in a way that human reviewers can't detect. [...]

https://www.bleepingcomputer.com/news/security/trojan-source-attack-method-can-hide-bugs-into-open-source-code/

Android November patch fixes actively exploited kernel bug

Google has released the Android November 2021 security updates, which address 18 vulnerabilities in the framework and system components, and 18 more flaws in the kernel and vendor components. [...]

https://www.bleepingcomputer.com/news/security/android-november-patch-fixes-actively-exploited-kernel-bug/

FBI: Ransomware targets companies during mergers and acquisitions

The Federal Bureau of Investigation (FBI) warns that ransomware gangs are targeting companies involved in "time-sensitive financial events" such as corporate mergers and acquisitions to make it easier to extort their victims. [...]

https://www.bleepingcomputer.com/news/security/fbi-ransomware-targets-companies-during-mergers-and-acquisitions/

MITRE shares list of most dangerous hardware weaknesses

MITRE shared a list of the topmost dangerous programming, design, and architecture security flaws plaguing hardware this year. [...]

https://www.bleepingcomputer.com/news/security/mitre-shares-list-of-most-dangerous-hardware-weaknesses/

macOS Monterey update causes some Macs to become unbootable

A growing number of Mac and Macbook owners report that their devices become unbootable after attempting to update to the latest version of macOS, codenamed 'Monterey.' [...]

https://www.bleepingcomputer.com/news/apple/macos-monterey-update-causes-some-macs-to-become-unbootable/

Microsoft Edge for Linux out of beta, now generally available

Microsoft announced today that the Chromium-based Edge web browser is now generally available on the Linux platform via the stable channel. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-for-linux-out-of-beta-now-generally-available/

Microsoft announces new endpoint security solution for SMBs

Microsoft today announced a new endpoint security solution dubbed Microsoft Defender for Business, specially built for small and medium-sized businesses. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-new-endpoint-security-solution-for-smbs/

Microsoft 365 outage blocks access to OneDrive, SharePoint files

A Microsoft 365 outage prevents access to files, such as Excel documents, stored on the SharePoint Online, OneDrive, Office, and Microsoft Teams cloud storage services. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-365-outage-blocks-access-to-onedrive-sharepoint-files/

Over 30,000 GitLab servers still unpatched against critical bug

A critical unauthenticated, remote code execution GitLab flaw fixed on April 14, 2021, remains exploitable, with over 50% of deployments remaining unpatched. [...]

https://www.bleepingcomputer.com/news/security/over-30-000-gitlab-servers-still-unpatched-against-critical-bug/

Facebook deletes 1 billion faceprints in Face Recognition shutdown

Facebook announced today that they will no longer use the Face Recognition system on their platform and will be deleting over 1 billion people's facial recognition profiles. [...]

https://www.bleepingcomputer.com/news/technology/facebook-deletes-1-billion-faceprints-in-face-recognition-shutdown/

BlackMatter ransomware claims to be shutting down due to police pressure

The BlackMatter ransomware is allegedly shutting down its operation due to pressure from the authorities and recent law enforcement operations. [...]

https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-claims-to-be-shutting-down-due-to-police-pressure/

Microsoft: Windows 11 built-in apps might not open on some systems

Microsoft says Windows 11 users might experience issues opening or using some built-in apps and features due to an expired digital certificate. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-11-built-in-apps-might-not-open-on-some-systems/

CISA orders federal agencies to fix hundreds of exploited security flaws

CISA has issued this year's first binding operational directive (BOD) ordering federal civilian agencies to mitigate security vulnerabilities exploited in the wild within an aggressive timeline. [...]

https://www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-fix-hundreds-of-exploited-security-flaws/

Yahoo becomes the next US firm to pull services out of China

Yahoo is pulling its services out of China, citing an 'increasingly challenging operating environment.' [...]

https://www.bleepingcomputer.com/news/technology/yahoo-becomes-the-next-us-firm-to-pull-services-out-of-china/

Sonos, HP, and Canon devices hacked at Pwn2Own Austin 2021

During the first day of Pwn2Own Austin 2021, contestants won $362,500 after exploiting previously unknown security flaws to hack printers, routers, NAS devices, and speakers from Canon, HP, Western Digital, Cisco, Sonos, TP-Link, and NETGEAR. [...]

https://www.bleepingcomputer.com/news/security/sonos-hp-and-canon-devices-hacked-at-pwn2own-austin-2021/

Mobile phishing attacks targeting energy sector surge by 161%

Mobile phishing attacks targeting employees in the energy industry have risen by 161% compared to last year's (H2 2020) data, and the trend is showing no signs of slowing down. [...]

https://www.bleepingcomputer.com/news/security/mobile-phishing-attacks-targeting-energy-sector-surge-by-161-percent/

US sanctions NSO Group and three others for spyware and exploit sales

The U.S. has sanctioned four companies located in Israel, Russia, and Singapore for the development of spyware or the sale of hacking tools used by state-sponsored hacking groups. [...]

https://www.bleepingcomputer.com/news/security/us-sanctions-nso-group-and-three-others-for-spyware-and-exploit-sales/

Stealthier version of Mekotio banking trojan spotted in the wild

A new version of a banking trojan known as Mekotio is being deployed in the wild, with malware analysts reporting that it's using a new, stealthier infection flow. [...]

https://www.bleepingcomputer.com/news/security/stealthier-version-of-mekotio-banking-trojan-spotted-in-the-wild/

BlackMatter ransomware moves victims to LockBit after shutdown

With the BlackMatter ransomware operation shutting down, existing affiliates are moving their victims to the competing LockBit ransomware site for continued extortion. [...]

https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-moves-victims-to-lockbit-after-shutdown/

UK Labour Party discloses data breach after ransomware attack

The UK Labour Party notified members that some of their information was impacted in a data breach after a ransomware attack hit a third-party organization that was managing the party's data. [...]

https://www.bleepingcomputer.com/news/security/uk-labour-party-discloses-data-breach-after-ransomware-attack/