Ukraine links members of Gamaredon hacker group to Russian FSB

SSU and the Ukrainian secret service say they have identified five members of the Gamaredon hacking group, a Russian state-sponsored operation known for targeting Ukraine since 2014. [...]

https://www.bleepingcomputer.com/news/security/ukraine-links-members-of-gamaredon-hacker-group-to-russian-fsb/

Windows 10 21H1 now in broad deployment, available to everyone

Microsoft has designated Windows 10, version 21H1 (aka the May 2021 Update) for broad deployment, making it available to everyone via Windows Update. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-21h1-now-in-broad-deployment-available-to-everyone/

Samsung Galaxy S21 hacked on second day of Pwn2Own Austin

Contestants hacked the Samsung Galaxy S21 smartphone during the second day of the Pwn2Own Austin 2021 competition, as well as routers, NAS devices, speakers, and printers from Cisco, TP-Link, Western Digital, Sonos, Canon, Lexmark, and HP. [...]

https://www.bleepingcomputer.com/news/security/samsung-galaxy-s21-hacked-on-second-day-of-pwn2own-austin/

Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware

A new threat actor is hacking Microsoft Exchange servers and breaching corporate networks using the ProxyShell vulnerability to deploy the Babuk Ransomware. [...]

https://www.bleepingcomputer.com/news/security/microsoft-exchange-proxyshell-exploits-used-to-deploy-babuk-ransomware/

Cisco fixes hard-coded credentials and default SSH key issues

Cisco has released security updates to address critical security flaws allowing unauthenticated attackers to log in using hard-coded credentials or default SSH keys to take over unpatched devices. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-hard-coded-credentials-and-default-ssh-key-issues/

Popular 'coa' NPM library hijacked to steal user passwords

Popular npm library 'coa' was hijacked today with malicious code injected into it, ephemerally impacting React pipelines around the world. The 'coa' library, short for Command-Option-Argument, receives about 9 million weekly downloads on npm, and is used by almost 5 million open source repositories on GitHub. [...]

https://www.bleepingcomputer.com/news/security/popular-coa-npm-library-hijacked-to-steal-user-passwords/

Phishing emails deliver spooky zombie-themed MirCop ransomware

A new phishing campaign pretending to be supply lists infects users with the MirCop ransomware that encrypts a target system in under fifteen minutes. [...]

https://www.bleepingcomputer.com/news/security/phishing-emails-deliver-spooky-zombie-themed-mircop-ransomware/

CISA urges vendors to patch BrakTooth bugs after exploits release

Researchers have released public exploit code and a proof of concept tool to test Bluetooth devices against System-on-a-Chip (SoC) security bugs impacting multiple vendors, including Intel, Qualcomm, Texas Instruments, and Cypress. [...]

https://www.bleepingcomputer.com/news/security/cisa-urges-vendors-to-patch-braktooth-bugs-after-exploits-release/

US targets DarkSide ransomware, rebrands with $10 million reward

The US government is targeting the DarkSide ransomware and its rebrands with up to a $10,000,000 reward for information leading to the identification or arrest of members of the operation. [...]

https://www.bleepingcomputer.com/news/security/us-targets-darkside-ransomware-rebrands-with-10-million-reward/

Mozilla Thunderbird 91.3 released to fix high impact flaws

​Mozilla released  Thunderbird 91.3 to fix several high-impact vulnerabilities that can cause a denial of service, spoof the origin, bypass security policies, and allow arbitrary code execution. [...]

https://www.bleepingcomputer.com/news/security/mozilla-thunderbird-913-released-to-fix-high-impact-flaws/

FBI warns of increased use of cryptocurrency ATMs, QR codes for fraud

The Federal Bureau of Investigation (FBI) warns that victims of various fraud schemes are increasingly asked by criminals to use cryptocurrency ATMs and Quick Response (QR) codes, making it harder to recover their financial losses. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-increased-use-of-cryptocurrency-atms-qr-codes-for-fraud/

US defense contractor Electronic Warfare hit by data breach

US defense contractor Electronic Warfare Associates (EWA) has disclosed a data breach after threat actors hacked their email system and stole files containing personal information. [...]

https://www.bleepingcomputer.com/news/security/us-defense-contractor-electronic-warfare-hit-by-data-breach/

Philips healthcare infomatics solution vulnerable to SQL injection

The Philips Tasy EMR, used by hundreds of hospitals as a medical record solution and healthcare management system, is vulnerable to two critical SQL injection flaws. [...]

https://www.bleepingcomputer.com/news/security/philips-healthcare-infomatics-solution-vulnerable-to-sql-injection/

FBI: Ransomware gangs hit several tribal-owned casinos in the last year

The Federal Bureau of Investigation (FBI) says that multiple ransomware gangs have hit tribal entities over the last year, taking down their systems and impacting businesses and public services. [...]

https://www.bleepingcomputer.com/news/security/fbi-ransomware-gangs-hit-several-tribal-owned-casinos-in-the-last-year/

Pwn2Own: Printer plays AC/DC, Samsung Galaxy S21 hacked twice

Trend Micro's ZDI has awarded $1,081,250 for 61 zero-days exploited at Pwn2Own Austin 2021, with competitors successfully pwning the Samsung Galaxy S21 again and hacking an HP LaserJet printer to play AC/DC's Thunderstruck on the contest's third day. [...]

https://www.bleepingcomputer.com/news/security/pwn2own-printer-plays-ac-dc-samsung-galaxy-s21-hacked-twice/

Windows 11 KB5008295 OOB update fixes certificate issue breaking apps

Microsoft has released the KB5008295 out-of-band update to address Windows 11 issues while opening or using some built-in apps and features due to an expired Microsoft digital certificate. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5008295-oob-update-fixes-certificate-issue-breaking-apps/

The Week in Ransomware - November 5th 2021 - Placing bounties

Law enforcement continues to keep up the pressure on ransomware operations with infrastructure hacks and million-dollar rewards, leading to the shut down of criminal operations. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-5th-2021-placing-bounties/

OneDrive reaches end of support on Windows 7, 8 in January

Microsoft has announced that the OneDrive desktop application will reach the end of support on legacy Windows 7, 8, and 8.1 starting with January 1, 2022. [...]

https://www.bleepingcomputer.com/news/microsoft/onedrive-reaches-end-of-support-on-windows-7-8-in-january/

Samsung sued for flawed Chromebook hinges cracking displays

Samsung is being sued for selling the Samsung Chromebook Plus 2-in-1 even though they allegedly knew for years of a defect that caused displays to break. [...]

https://www.bleepingcomputer.com/news/legal/samsung-sued-for-flawed-chromebook-hinges-cracking-displays/

Microsoft: New Windows driver deployment service coming soon

Microsoft said that the new Windows Update for Business deployment service for drivers and firmware will be available in Microsoft Endpoint Manager and in Microsoft Graph as a public preview starting with the first half of 2022. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-new-windows-driver-deployment-service-coming-soon/

Operation Cyclone deals blow to Clop ransomware operation

A thirty-month international law enforcement operation codenamed 'Operation Cyclone' targeted the Clop ransomware gang, leading to the previously reported arrests of six members in Ukraine. [...]

https://www.bleepingcomputer.com/news/security/operation-cyclone-deals-blow-to-clop-ransomware-operation/