Hackers deploy Linux malware, web skimmer on eCommerce servers

Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops' websites. [...]

https://www.bleepingcomputer.com/news/security/hackers-deploy-linux-malware-web-skimmer-on-ecommerce-servers/

Winamp prepares a relaunch, new beta version almost ready

Winamp is getting closer to release with a redesigned website, logo, and a new beta signup allowing users to soon test the upcoming version of the media player. [...]

https://www.bleepingcomputer.com/news/software/winamp-prepares-a-relaunch-new-beta-version-almost-ready/

US indicts Iranian hackers for Proud Boys voter intimidation emails

The U.S. Department of State is offering a $10 million reward for information about the activities of two Iranian nationals charged for cyber activity intended to "intimidate and influence" American voters during the 2020 U.S. presidential campaign. [...]

https://www.bleepingcomputer.com/news/security/us-indicts-iranian-hackers-for-proud-boys-voter-intimidation-emails/

Android malware BrazKing returns as a stealthier banking trojan

​The BrazKing Android banking trojan has returned with dynamic banking overlays and a new implementation trick that enables it to operate without requesting risky permissions. [...]

https://www.bleepingcomputer.com/news/security/android-malware-brazking-returns-as-a-stealthier-banking-trojan/

Microsoft: Windows Installer breaks apps after updates, repairs

Microsoft has confirmed a new known issue impacting client and server Windows versions that breaks apps after updating or repairing them using the Windows Installer (previously known as Microsoft Installer). [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-installer-breaks-apps-after-updates-repairs/

US regulators order banks to report cyberattacks within 3 days

US federal bank regulatory agencies have approved a new rule requiring banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. [...]

https://www.bleepingcomputer.com/news/security/us-regulators-order-banks-to-report-cyberattacks-within-3-days/

Six million Sky routers exposed to takeover attacks for 17 months

Around six million Sky Broadband customer routers in the UK were affected by a critical vulnerability that took over 17 months to roll out a fix to customers. [...]

https://www.bleepingcomputer.com/news/security/six-million-sky-routers-exposed-to-takeover-attacks-for-17-months/

Utah medical center hit by data breach affecting 582k patients

Utah Imaging Associates (UIA), a Utah-based radiology center, has announced a data breach affecting 582,170 people after their personal information was exposed. [...]

https://www.bleepingcomputer.com/news/security/utah-medical-center-hit-by-data-breach-affecting-582k-patients/

Microsoft Authenticator gets new enterprise security features

Microsoft has added new security features for Microsoft Authenticator users that further secure the app and make it easier to roll out in enterprise environments. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-authenticator-gets-new-enterprise-security-features/

Fake TSA PreCheck sites scam US travelers with fake renewals

There has been a surge in reports of people getting scammed after visiting TSA PreCheck, Global Entry, and NEXUS application service sites, being charged $140 only to get nothing in return. [...]

https://www.bleepingcomputer.com/news/security/fake-tsa-precheck-sites-scam-us-travelers-with-fake-renewals/

New Windows 11 build fixes Microsoft Installer issue breaking apps

Microsoft has fixed a recently confirmed Windows 11 issue in a newly released build for Windows Insiders in the Beta and Release Preview channels. [...]

https://www.bleepingcomputer.com/news/microsoft/new-windows-11-build-fixes-microsoft-installer-issue-breaking-apps/

Emotet botnet comeback hatched by ex-Ryuk member now part of Conti gang

The Emotet botnet is back by popular demand, resurrected by its former operator convinced by ex-members of the Ryuk ransomware gang. [...]

https://www.bleepingcomputer.com/news/security/emotet-botnet-comeback-hatched-by-ex-ryuk-member-now-part-of-conti-gang/

Some Tesla owners unable to unlock cars due to server errors

Some Tesla owners worldwide are unable to unlock their cars or communicate with it using the app due to problems with the company's servers. [...]

https://www.bleepingcomputer.com/news/technology/some-tesla-owners-unable-to-unlock-cars-due-to-server-errors/

The Week in Ransomware - November 19th 2021 - Targeting Conti

While last week was full of arrests and law enforcement actions, this week has been much quieter, with mostly new research released. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-19th-2021-targeting-conti/

Microsoft: Office 365 will boost default protection for all users

Microsoft is rolling out Built-In Protection to Defender for Office 365, a new feature that would automatically enable recommended settings and policies to make sure all new and existing users get at least a basic level of protection. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-office-365-will-boost-default-protection-for-all-users/

Microsoft Exchange servers hacked in internal reply-chain attacks

Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails. [...]

https://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-in-internal-reply-chain-attacks/

US SEC warns investors of ongoing govt impersonation attacks

The Securities and Exchange Commission (SEC) has warned US investors of scammers impersonating SEC officials in government impersonator schemes via phone calls, voicemails, emails, and letters. [...]

https://www.bleepingcomputer.com/news/security/us-sec-warns-investors-of-ongoing-govt-impersonation-attacks/

How to download a Windows 10 21H2 ISO from Microsoft

Microsoft released Windows 10 21H2, the November 2021 Update, last week and you can now download an ISO image for the new version to put aside for emergencies or clean installs. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-download-a-windows-10-21h2-iso-from-microsoft/

Wind turbine giant Vestas' data compromised in cyberattack

Vestas Wind Systems, a leader in wind turbine manufacturing, has shut down its IT systems after suffering a cyberattack. [...]

https://www.bleepingcomputer.com/news/security/wind-turbine-giant-vestas-data-compromised-in-cyberattack/

GoDaddy hack causes data breach affecting 1.2 million customers

GoDaddy said in a data breach notification published today that the data of up to 1.2 million of its customers was exposed after hackers gained access to the company's Managed WordPress hosting environment. [...]

https://www.bleepingcomputer.com/news/security/godaddy-hack-causes-data-breach-affecting-12-million-customers/

Biometric auth bypassed using fingerprint photo, printer, and glue

Researchers demonstrated that fingerprints could be cloned for biometric authentication for as little as $5 without using any sophisticated or uncommon tools. [...]

https://www.bleepingcomputer.com/news/security/biometric-auth-bypassed-using-fingerprint-photo-printer-and-glue/