Clop gang exploiting SolarWinds Serv-U flaw in ransomware attacks

The Clop ransomware gang, also tracked as TA505 and FIN11, is exploiting a SolarWinds Serv-U vulnerability to breach corporate networks and ultimately encrypt its devices. [...]

https://www.bleepingcomputer.com/news/security/clop-gang-exploiting-solarwinds-serv-u-flaw-in-ransomware-attacks/

New PowerShell version comes with Microsoft Update support

Microsoft has released PowerShell 7.2 with automatic updates through the Microsoft Update service on Windows 10 and Windows Server devices. [...]

https://www.bleepingcomputer.com/news/microsoft/new-powershell-version-comes-with-microsoft-update-support/

Tor Browser 11 removes V2 Onion URL support, adds new UI

The Tor Project has released Tor Browser 11.0  with a new user interface design and the removal of support for V2 onion services. [...]

https://www.bleepingcomputer.com/news/software/tor-browser-11-removes-v2-onion-url-support-adds-new-ui/

Iranian state hackers use upgraded malware in attacks on ISPs, telcos

The Iranian state-supported APT known as 'Lyceum' (Hexane, Spilrin) targeted ISPs and telecommunication service providers in the Middle East and Africa between July and October 2021. [...]

https://www.bleepingcomputer.com/news/security/iranian-state-hackers-use-upgraded-malware-in-attacks-on-isps-telcos/

Mozilla Firefox, the first Chromium alternative in the Windows Store

Firefox is now available for download through Microsoft's Windows Store for Windows 10 and Windows 11 users, the first major web browser to be added after Opera was included in late September. [...]

https://www.bleepingcomputer.com/news/software/mozilla-firefox-the-first-chromium-alternative-in-the-windows-store/

Windows 10 KB5007186 & KB5007189 updates released

The new update is now available for Windows 10 version 2004, version 20H2 and version 21H1. As per the official release notes, Microsoft has published cumulative updates KB5007186 and KB5007189. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5007186-and-kb5007189-updates-released/

Microsoft November 2021 Patch Tuesday fixes 6 zero-days, 55 flaws

Today is Microsoft's November 2021 Patch Tuesday, and with it comes fixes for six zero-day vulnerabilities and a total of 55 flaws. The actively exploited vulnerabilities are for Microsoft Exchange and Excel, with the Exchange zero-day used as part of the Tianfu hacking contest. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-november-2021-patch-tuesday-fixes-6-zero-days-55-flaws/

Windows 11 KB5007215 update released with application fixes

Microsoft has released the Windows 11 KB5007215 cumulative update to fix security vulnerabilities and bugs introduced in previous versions. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5007215-update-released-with-application-fixes/

Microsoft urges Exchange admins to patch bug exploited in the wild

Microsoft warned admins today to immediately patch a high severity Exchange Server vulnerability that may allow authenticated attackers to execute code remotely on vulnerable servers. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-urges-exchange-admins-to-patch-bug-exploited-in-the-wild/

Microsoft: Windows 10 2004 reaches end of service next month

Microsoft has reminded users today that all editions of Windows 10, version 2004 and Windows Server, version 2004 (also known as the Windows 10 May 2020 Update), will reach end of servicing on December 14, 2021. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-10-2004-reaches-end-of-service-next-month/

TeamTNT hackers target your poorly configured Docker servers

Poorly configured Docker servers and being actively targeted by the TeamTNT hacking group in an ongoing campaign started last month. [...]

https://www.bleepingcomputer.com/news/security/teamtnt-hackers-target-your-poorly-configured-docker-servers/

NUCLEUS:13 TCP security bugs impact critical healthcare devices

Researchers today published details about a suite of 13 vulnerabilities in the Nucleus real-time operating system (RTOS) from Siemens that powers devices used in the medical, industrial, automotive, and aerospace sectors. [...]

https://www.bleepingcomputer.com/news/security/nucleus-13-tcp-security-bugs-impact-critical-healthcare-devices/

These invisible characters could be hidden backdoors in your JS code

Could malicious backdoors be hiding in your code, that otherwise appears perfectly clean to the human eye and text editors alike? A security researcher has shed light on how invisible characters can be snuck into JavaScript code to introduce security risks, like backdoors, into your software. [...]

https://www.bleepingcomputer.com/news/security/these-invisible-characters-could-be-hidden-backdoors-in-your-js-code/

New Android malware targets Netflix, Instagram, and Twitter users

A new Android malware known as MasterFred uses fake login overlays to steal the credit card information of Netflix, Instagram, and Twitter users. [...]

https://www.bleepingcomputer.com/news/security/new-android-malware-targets-netflix-instagram-and-twitter-users/

PhoneSpy: Android spyware campaign targeting South Korean users

An ongoing spyware campaign dubbed 'PhoneSpy' targets South Korean users via a range of lifestyle apps that nest in the device and silently exfiltrate data. [...]

https://www.bleepingcomputer.com/news/security/phonespy-android-spyware-campaign-targeting-south-korean-users/

Microsoft patches Excel zero-day used in attacks, asks Mac users to wait

During this month's Patch Tuesday, Microsoft has patched an Excel zero-day vulnerability exploited in the wild by threat actors. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-excel-zero-day-used-in-attacks-asks-mac-users-to-wait/

TrickBot teams up with Shatak phishers for Conti ransomware attacks

A threat actor tracked as Shatak (TA551) recently partnered with the ITG23 gang (aka TrickBot and Wizard Spider) to deploy Conti ransomware on targeted systems. [...]

https://www.bleepingcomputer.com/news/security/trickbot-teams-up-with-shatak-phishers-for-conti-ransomware-attacks/

Ironic twist: WP Reset PRO bug lets hackers wipe WordPress sites

A high severity security flaw in the WP Reset PRO WordPress plugin can let authenticated attackers wipe vulnerable websites, as revealed by Patchstack security researchers. [...]

https://www.bleepingcomputer.com/news/security/ironic-twist-wp-reset-pro-bug-lets-hackers-wipe-wordpress-sites/

Lazarus hackers target researchers with trojanized IDA Pro

A North Korean state-sponsored hacking group known as Lazarus is again trying to hack security researchers, this time with a trojanized pirated version of the popular IDA Pro reverse engineering application. [...]

https://www.bleepingcomputer.com/news/security/lazarus-hackers-target-researchers-with-trojanized-ida-pro/

Researchers show that Apple’s CSAM scanning can be fooled easily

A team of researchers at the Imperial College in London have presented a simple method to evade detection by image content scanning mechanisms, such as Apple's CSAM. [...]

https://www.bleepingcomputer.com/news/technology/researchers-show-that-apple-s-csam-scanning-can-be-fooled-easily/

Telnyx is the latest VoIP provider hit with DDoS attacks

Telnyx is the latest VoIP telephony provider targeted with distributed denial-of-service (DDoS) attacks, causing worldwide outages since yesterday. [...]

https://www.bleepingcomputer.com/news/security/telnyx-is-the-latest-voip-provider-hit-with-ddos-attacks/