VirusTotal Collections feature helps keep neat IoC lists
Scanning service VirusTotal announced today a new feature called Collections that lets researchers create and share reports with indicators of compromise observed in security incidents. [...]
https://www.bleepingcomputer.com/news/security/virustotal-collections-feature-helps-keep-neat-ioc-lists/
Scanning service VirusTotal announced today a new feature called Collections that lets researchers create and share reports with indicators of compromise observed in security incidents. [...]
https://www.bleepingcomputer.com/news/security/virustotal-collections-feature-helps-keep-neat-ioc-lists/
BleepingComputer
VirusTotal Collections feature helps keep neat IoC lists
Scanning service VirusTotal announced today a new feature called Collections that lets researchers create and share reports with indicators of compromise observed in security incidents.
Europol: 18k money mules caught laundering money from online fraud
Europol has announced the arrest of 1,803 money mules out of 18,351 identified following an international money-laundering crackdown operation codenamed "EMMA 7." [...]
https://www.bleepingcomputer.com/news/legal/europol-18k-money-mules-caught-laundering-money-from-online-fraud/
Europol has announced the arrest of 1,803 money mules out of 18,351 identified following an international money-laundering crackdown operation codenamed "EMMA 7." [...]
https://www.bleepingcomputer.com/news/legal/europol-18k-money-mules-caught-laundering-money-from-online-fraud/
BleepingComputer
Europol: 18k money mules caught laundering money from online fraud
Europol has announced the arrest of 1,803 money mules out of 18,351 identified following an international money-laundering crackdown operation codenamed "EMMA 7."
Microsoft Exchange servers hacked to deploy BlackByte ransomware
BlackByte ransomware actors were observed exploiting the ProxyShell set of vulnerabilities (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) to compromise Microsoft Exchange servers. [...]
https://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-blackbyte-ransomware/
BlackByte ransomware actors were observed exploiting the ProxyShell set of vulnerabilities (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) to compromise Microsoft Exchange servers. [...]
https://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-blackbyte-ransomware/
BleepingComputer
Microsoft Exchange servers hacked to deploy BlackByte ransomware
BlackByte ransomware actors were observed exploiting the ProxyShell set of vulnerabilities (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) to compromise Microsoft Exchange servers.
Mozilla fixes critical bug in cross-platform cryptography library
Mozilla has addressed a critical memory corruption vulnerability affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. [...]
https://www.bleepingcomputer.com/news/security/mozilla-fixes-critical-bug-in-cross-platform-cryptography-library/
Mozilla has addressed a critical memory corruption vulnerability affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. [...]
https://www.bleepingcomputer.com/news/security/mozilla-fixes-critical-bug-in-cross-platform-cryptography-library/
BleepingComputer
Mozilla fixes critical bug in cross-platform cryptography library
Mozilla has addressed a critical memory corruption vulnerability affecting its cross-platform Network Security Services (NSS) set of cryptography libraries.
Malicious Android app steals Malaysian bank credentials, MFA codes
A fake Android app is masquerading as a housekeeping service to steal online banking credentials from the customers of eight Malaysian banks. [...]
https://www.bleepingcomputer.com/news/security/malicious-android-app-steals-malaysian-bank-credentials-mfa-codes/
A fake Android app is masquerading as a housekeeping service to steal online banking credentials from the customers of eight Malaysian banks. [...]
https://www.bleepingcomputer.com/news/security/malicious-android-app-steals-malaysian-bank-credentials-mfa-codes/
BleepingComputer
Malicious Android app steals Malaysian bank credentials, MFA codes
A fake Android app is masquerading as a housekeeping service to steal online banking credentials from the customers of eight Malaysian banks.
Microsoft fixes installation issues in new Windows 11 dev build
Microsoft has addressed a long list of issues and added more Windows 11 start menu customization options with the release of Windows 11 Insider Preview Build 22509 to the Dev Channel. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-installation-issues-in-new-windows-11-dev-build/
Microsoft has addressed a long list of issues and added more Windows 11 start menu customization options with the release of Windows 11 Insider Preview Build 22509 to the Dev Channel. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-installation-issues-in-new-windows-11-dev-build/
BleepingComputer
Microsoft fixes installation issues in new Windows 11 dev build
Microsoft has addressed a long list of issues and added more Windows 11 start menu customization options with the release of Windows 11 Insider Preview Build 22509 to the Dev Channel.
Bulletproof hosting founder imprisoned for helping cybercrime gangs
34-year-old Russian Aleksandr Grichishkin, the founder of a bulletproof hosting service, was sentenced to 60 months in prison for allowing cybercrime gangs to use the platform in attacks targeting US financial institutions between 2008 to 2015. [...]
https://www.bleepingcomputer.com/news/security/bulletproof-hosting-founder-imprisoned-for-helping-cybercrime-gangs/
34-year-old Russian Aleksandr Grichishkin, the founder of a bulletproof hosting service, was sentenced to 60 months in prison for allowing cybercrime gangs to use the platform in attacks targeting US financial institutions between 2008 to 2015. [...]
https://www.bleepingcomputer.com/news/security/bulletproof-hosting-founder-imprisoned-for-helping-cybercrime-gangs/
BleepingComputer
Bulletproof hosting founder imprisoned for helping cybercrime gangs
34-year-old Russian Aleksandr Grichishkin, the founder of a bulletproof hosting service, was sentenced to 60 months in prison for allowing cybercrime gangs to use the platform in attacks targeting US financial institutions between 2008 to 2015.
Former Ubiquiti dev charged for trying to extort his employer
Nickolas Sharp, a former employee of networking device maker Ubiquiti, was arrested and charged today with data theft and attempting to extort his employer while posing as a whistleblower and an anonymous hacker. [...]
https://www.bleepingcomputer.com/news/security/former-ubiquiti-dev-charged-for-trying-to-extort-his-employer/
Nickolas Sharp, a former employee of networking device maker Ubiquiti, was arrested and charged today with data theft and attempting to extort his employer while posing as a whistleblower and an anonymous hacker. [...]
https://www.bleepingcomputer.com/news/security/former-ubiquiti-dev-charged-for-trying-to-extort-his-employer/
BleepingComputer
Former Ubiquiti dev charged for trying to extort his employer
Nickolas Sharp, a former employee of networking device maker Ubiquiti, was arrested and charged today with data theft and attempting to extort his employer while posing as a whistleblower and an anonymous hacker.
Emotet now spreads via fake Adobe Windows App Installer packages
The notorious Emotet malware is now distributed through malicious Windows App Installer packages that pretend to be Adobe PDF software. [...]
https://www.bleepingcomputer.com/news/security/emotet-now-spreads-via-fake-adobe-windows-app-installer-packages/
The notorious Emotet malware is now distributed through malicious Windows App Installer packages that pretend to be Adobe PDF software. [...]
https://www.bleepingcomputer.com/news/security/emotet-now-spreads-via-fake-adobe-windows-app-installer-packages/
BleepingComputer
Emotet now spreads via fake Adobe Windows App Installer packages
The notorious Emotet malware is now distributed through malicious Windows App Installer packages that pretend to be Adobe PDF software.
Planned Parenthood LA discloses data breach after ransomware attack
βPlanned Parenthood Los Angeles has disclosed a data breach after suffering a ransomware attack in October that exposed the personal information of approximately 400,000 patients. [...]
https://www.bleepingcomputer.com/news/security/planned-parenthood-la-discloses-data-breach-after-ransomware-attack/
βPlanned Parenthood Los Angeles has disclosed a data breach after suffering a ransomware attack in October that exposed the personal information of approximately 400,000 patients. [...]
https://www.bleepingcomputer.com/news/security/planned-parenthood-la-discloses-data-breach-after-ransomware-attack/
BleepingComputer
Planned Parenthood LA discloses data breach after ransomware attack
βPlanned Parenthood Los Angeles has disclosed a data breach after suffering a ransomware attack in October that exposed the personal information of approximately 400,000 patients.
New malware hides as legit nginx process on e-commerce servers
eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions. [...]
https://www.bleepingcomputer.com/news/security/new-malware-hides-as-legit-nginx-process-on-e-commerce-servers/
eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions. [...]
https://www.bleepingcomputer.com/news/security/new-malware-hides-as-legit-nginx-process-on-e-commerce-servers/
BleepingComputer
New malware hides as legit nginx process on e-commerce servers
eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions.
Nine WiFi routers used by millions were vulnerable to 226 flaws
Security researchers analyzed nine popular WiFi routers and found a total of 226 potential vulnerabilities in them, even when running the latest firmware. [...]
https://www.bleepingcomputer.com/news/security/nine-wifi-routers-used-by-millions-were-vulnerable-to-226-flaws/
Security researchers analyzed nine popular WiFi routers and found a total of 226 potential vulnerabilities in them, even when running the latest firmware. [...]
https://www.bleepingcomputer.com/news/security/nine-wifi-routers-used-by-millions-were-vulnerable-to-226-flaws/
BleepingComputer
Nine WiFi routers used by millions were vulnerable to 226 flaws
Security researchers analyzed nine popular WiFi routers and found a total of 226 potential vulnerabilities in them, even when running the latest firmware.
Russian internet watchdog announces ban of six more VPN products
Russia's internet watchdog, 'Roskomnadzor', has announced the ban of six more VPN products, bringing the total number to more than a dozen, shows a notification to companies in the country. [...]
https://www.bleepingcomputer.com/news/legal/russian-internet-watchdog-announces-ban-of-six-more-vpn-products/
Russia's internet watchdog, 'Roskomnadzor', has announced the ban of six more VPN products, bringing the total number to more than a dozen, shows a notification to companies in the country. [...]
https://www.bleepingcomputer.com/news/legal/russian-internet-watchdog-announces-ban-of-six-more-vpn-products/
BleepingComputer
Russian internet watchdog announces ban of six more VPN products
Russia's internet watchdog, 'Roskomnadzor', has announced the ban of six more VPN products, bringing the total number to more than a dozen, shows a notification to companies in the country.
Hackers use in-house Zoho ServiceDesk exploit to drop webshells
An advanced persistent threat (APT) group that had been exploiting a flaw in the Zoho ManageEngine ADSelfService Plus software has pivoted to leveraging a different vulnerability in another Zoho product. [...]
https://www.bleepingcomputer.com/news/security/hackers-use-in-house-zoho-servicedesk-exploit-to-drop-webshells/
An advanced persistent threat (APT) group that had been exploiting a flaw in the Zoho ManageEngine ADSelfService Plus software has pivoted to leveraging a different vulnerability in another Zoho product. [...]
https://www.bleepingcomputer.com/news/security/hackers-use-in-house-zoho-servicedesk-exploit-to-drop-webshells/
BleepingComputer
Hackers use in-house Zoho ServiceDesk exploit to drop webshells
An advanced persistent threat (APT) group that had been exploiting a flaw in the Zoho ManageEngine ADSelfService Plus software has pivoted to leveraging a different vulnerability in another Zoho product.
Twitter removes 3,400 accounts used in govt propaganda campaigns
Twitter today announced the permanent removal of more than 3,400 accounts linked to governments of six countries running manipulation or spam campaigns. [...]
https://www.bleepingcomputer.com/news/security/twitter-removes-3-400-accounts-used-in-govt-propaganda-campaigns/
Twitter today announced the permanent removal of more than 3,400 accounts linked to governments of six countries running manipulation or spam campaigns. [...]
https://www.bleepingcomputer.com/news/security/twitter-removes-3-400-accounts-used-in-govt-propaganda-campaigns/
BleepingComputer
Twitter removes 3,400 accounts used in govt propaganda campaigns
Twitter today announced the permanent removal of more than 3,400 accounts linked to governments of six countries running manipulation or spam campaigns.
Phishing actors start exploiting the Omicron COVID-19 variant
Phishing actors have quickly started to exploit the emergence of the Omicron COVID-19 variant and now use it as a lure in their malicious email campaigns. [...]
https://www.bleepingcomputer.com/news/security/phishing-actors-start-exploiting-the-omicron-covid-19-variant/
Phishing actors have quickly started to exploit the emergence of the Omicron COVID-19 variant and now use it as a lure in their malicious email campaigns. [...]
https://www.bleepingcomputer.com/news/security/phishing-actors-start-exploiting-the-omicron-covid-19-variant/
BleepingComputer
Phishing actors start exploiting the Omicron COVID-19 variant
Phishing actors have quickly started to exploit the emergence of the Omicron COVID-19 variant and now use it as a lure in their malicious email campaigns.
Microsoft Edge now bashes Google Chrome when you download it
βMicrosoft Edge is now displaying in-browser alerts that discourage users from downloading Google Chrome by bashing the popular browser. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-now-bashes-google-chrome-when-you-download-it/
βMicrosoft Edge is now displaying in-browser alerts that discourage users from downloading Google Chrome by bashing the popular browser. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-now-bashes-google-chrome-when-you-download-it/
BleepingComputer
Microsoft Edge now bashes Google Chrome when you download it
βMicrosoft Edge is now displaying in-browser alerts that discourage users from downloading Google Chrome by bashing the popular browser.
Zoho: Patch new ManageEngine bug exploited in attacks ASAP
Business software provider Zoho urged customers today to update their Desktop Central and Desktop Central MSP installation to the latest available version. [...]
https://www.bleepingcomputer.com/news/security/zoho-patch-new-manageengine-bug-exploited-in-attacks-asap/
Business software provider Zoho urged customers today to update their Desktop Central and Desktop Central MSP installation to the latest available version. [...]
https://www.bleepingcomputer.com/news/security/zoho-patch-new-manageengine-bug-exploited-in-attacks-asap/
BleepingComputer
Zoho: Patch new ManageEngine bug exploited in attacks ASAP
Business software provider Zoho urged customers today to update their Desktop Central and Desktop Central MSP installations to the latest available version.
Researchers discover 14 new data-stealing web browser attacks
IT security researchers from Ruhr-UniversitΓ€t Bochum (RUB) and the Niederrhein University of Applied Sciences have discovered 14 new types of 'XS-Leak' cross-site leak attacks against modern web browsers, including Google Chrome, Microsoft Edge, Safari, and Mozilla Firefox. [...]
https://www.bleepingcomputer.com/news/security/researchers-discover-14-new-data-stealing-web-browser-attacks/
IT security researchers from Ruhr-UniversitΓ€t Bochum (RUB) and the Niederrhein University of Applied Sciences have discovered 14 new types of 'XS-Leak' cross-site leak attacks against modern web browsers, including Google Chrome, Microsoft Edge, Safari, and Mozilla Firefox. [...]
https://www.bleepingcomputer.com/news/security/researchers-discover-14-new-data-stealing-web-browser-attacks/
BleepingComputer
Researchers discover 14 new data-stealing web browser attacks
IT security researchers from Ruhr-UniversitΓ€t Bochum (RUB) and the Niederrhein University of Applied Sciences have discovered 14 new types of 'XS-Leak' cross-site leak attacks against modern web browsers, including Google Chrome, Microsoft Edge, Safari, andβ¦
FBI: Cuba ransomware breached 49 US critical infrastructure orgs
The Federal Bureau of Investigation (FBI) has revealed that the Cuba ransomware gang has compromised the networks of at least 49 organizations from US critical infrastructure sectors. [...]
https://www.bleepingcomputer.com/news/security/fbi-cuba-ransomware-breached-49-us-critical-infrastructure-orgs/
The Federal Bureau of Investigation (FBI) has revealed that the Cuba ransomware gang has compromised the networks of at least 49 organizations from US critical infrastructure sectors. [...]
https://www.bleepingcomputer.com/news/security/fbi-cuba-ransomware-breached-49-us-critical-infrastructure-orgs/
BleepingComputer
FBI: Cuba ransomware breached 49 US critical infrastructure orgs
The Federal Bureau of Investigation (FBI) has revealed that the Cuba ransomware gang has compromised the networks of at least 49 organizations from US critical infrastructure sectors.
Fake support agents call victims to install Android banking malware
The BRATA Android remote access trojan (RAT) has been spotted in Italy, with threat actors calling victims of SMS attacks to steal their online banking credentials. [...]
https://www.bleepingcomputer.com/news/security/fake-support-agents-call-victims-to-install-android-banking-malware/
The BRATA Android remote access trojan (RAT) has been spotted in Italy, with threat actors calling victims of SMS attacks to steal their online banking credentials. [...]
https://www.bleepingcomputer.com/news/security/fake-support-agents-call-victims-to-install-android-banking-malware/
BleepingComputer
Fake support agents call victims to install Android banking malware
The BRATA Android remote access trojan (RAT) has been spotted in Italy, with threat actors calling victims of SMS attacks to steal their online banking credentials.