Android banking malware infects 300,000 Google Play users

Malware campaigns distributing Android trojans that steals online bank credentials have infected almost 300,000 devices through malicious apps pushed via Google's Play Store. [...]

https://www.bleepingcomputer.com/news/security/android-banking-malware-infects-300-000-google-play-users/

EwDoor botnet targets AT&T network edge devices at US firms

A recently discovered botnet is attacking unpatched AT&T enterprise network edge devices using exploits for a four-year-old critical severity Blind Command Injection security flaw. [...]

https://www.bleepingcomputer.com/news/security/ewdoor-botnet-targets-atandt-network-edge-devices-at-us-firms/

Smartwatches for children are a privacy and security nightmare

Researchers analyzed the security of four popular smartwatches for children and found pre-installed downloaders, weak passwords, and unencrypted data transmissions. [...]

https://www.bleepingcomputer.com/news/security/smartwatches-for-children-are-a-privacy-and-security-nightmare/

Finland warns of Flubot malware heavily targeting Android users

Finland's National Cyber Security Centre (NCSC-FI) has issued a "severe alert" to warn of a massive campaign targeting the country's Android users with Flubot banking malware pushed via text messages sent from compromised devices. [...]

https://www.bleepingcomputer.com/news/security/finland-warns-of-flubot-malware-heavily-targeting-android-users/

FBI seized $2.2M from affiliate of REvil, Gandcrab ransomware gangs

The FBI seized $2.2 million in August from a well-known REvil and GandCrab ransomware affiliate, according to court documents seen by BleepingComputer. [...]

https://www.bleepingcomputer.com/news/security/fbi-seized-22m-from-affiliate-of-revil-gandcrab-ransomware-gangs/

Microsoft Defender scares admins with Emotet false positives

Microsoft Defender for Endpoint is currently blocking Office documents from being opened and some executables from launching due to a false positive tagging the files as potentially bundling an Emotet malware payload. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-scares-admins-with-emotet-false-positives/

State-backed hackers increasingly use RTF injection for phishing

Three APT hacking groups from India, Russia, and China, were observed using a novel RTF (rich text format) template injection technique in their recent phishing campaigns. [...]

https://www.bleepingcomputer.com/news/security/state-backed-hackers-increasingly-use-rtf-injection-for-phishing/

VirusTotal Collections feature helps keep neat IoC lists

Scanning service VirusTotal announced today a new feature called Collections that lets researchers create and share reports with indicators of compromise observed in security incidents. [...]

https://www.bleepingcomputer.com/news/security/virustotal-collections-feature-helps-keep-neat-ioc-lists/

Europol: 18k money mules caught laundering money from online fraud

Europol has announced the arrest of 1,803 money mules out of 18,351 identified following an international money-laundering crackdown operation codenamed "EMMA 7." [...]

https://www.bleepingcomputer.com/news/legal/europol-18k-money-mules-caught-laundering-money-from-online-fraud/

Microsoft Exchange servers hacked to deploy BlackByte ransomware

BlackByte ransomware actors were observed exploiting the ProxyShell set of vulnerabilities (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) to compromise Microsoft Exchange servers. [...]

https://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-blackbyte-ransomware/

Mozilla fixes critical bug in cross-platform cryptography library

Mozilla has addressed a critical memory corruption vulnerability affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. [...]

https://www.bleepingcomputer.com/news/security/mozilla-fixes-critical-bug-in-cross-platform-cryptography-library/

Malicious Android app steals Malaysian bank credentials, MFA codes

A fake Android app is masquerading as a housekeeping service to steal online banking credentials from the customers of eight Malaysian banks. [...]

https://www.bleepingcomputer.com/news/security/malicious-android-app-steals-malaysian-bank-credentials-mfa-codes/

Microsoft fixes installation issues in new Windows 11 dev build

Microsoft has addressed a long list of issues and added more Windows 11 start menu customization options with the release of Windows 11 Insider Preview Build 22509 to the Dev Channel. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-installation-issues-in-new-windows-11-dev-build/

Bulletproof hosting founder imprisoned for helping cybercrime gangs

34-year-old Russian Aleksandr Grichishkin, the founder of a bulletproof hosting service, was sentenced to 60 months in prison for allowing cybercrime gangs to use the platform in attacks targeting US financial institutions between 2008 to 2015. [...]

https://www.bleepingcomputer.com/news/security/bulletproof-hosting-founder-imprisoned-for-helping-cybercrime-gangs/

Former Ubiquiti dev charged for trying to extort his employer

Nickolas Sharp, a former employee of networking device maker Ubiquiti, was arrested and charged today with data theft and attempting to extort his employer while posing as a whistleblower and an anonymous hacker. [...]

https://www.bleepingcomputer.com/news/security/former-ubiquiti-dev-charged-for-trying-to-extort-his-employer/

Emotet now spreads via fake Adobe Windows App Installer packages

The notorious Emotet malware is now distributed through malicious Windows App Installer packages that pretend to be Adobe PDF software. [...]

https://www.bleepingcomputer.com/news/security/emotet-now-spreads-via-fake-adobe-windows-app-installer-packages/

Planned Parenthood LA discloses data breach after ransomware attack

​Planned Parenthood Los Angeles has disclosed a data breach after suffering a ransomware attack in October that exposed the personal information of approximately 400,000 patients. [...]

https://www.bleepingcomputer.com/news/security/planned-parenthood-la-discloses-data-breach-after-ransomware-attack/

New malware hides as legit nginx process on e-commerce servers

eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions. [...]

https://www.bleepingcomputer.com/news/security/new-malware-hides-as-legit-nginx-process-on-e-commerce-servers/

Nine WiFi routers used by millions were vulnerable to 226 flaws

Security researchers analyzed nine popular WiFi routers and found a total of 226 potential vulnerabilities in them, even when running the latest firmware. [...]

https://www.bleepingcomputer.com/news/security/nine-wifi-routers-used-by-millions-were-vulnerable-to-226-flaws/

Russian internet watchdog announces ban of six more VPN products

Russia's internet watchdog, 'Roskomnadzor', has announced the ban of six more VPN products, bringing the total number to more than a dozen, shows a notification to companies in the country. [...]

https://www.bleepingcomputer.com/news/legal/russian-internet-watchdog-announces-ban-of-six-more-vpn-products/

Hackers use in-house Zoho ServiceDesk exploit to drop webshells

An advanced persistent threat (APT) group that had been exploiting a flaw in the Zoho ManageEngine ADSelfService Plus software has pivoted to leveraging a different vulnerability in another Zoho product. [...]

https://www.bleepingcomputer.com/news/security/hackers-use-in-house-zoho-servicedesk-exploit-to-drop-webshells/