Malicious PyPI packages with over 10,000 downloads taken down

The Python Package Index (PyPI) registry has removed three malicious Python packages aimed at exfiltrating environment variables and dropping trojans on the infected machines. These malicious packages are estimated to have generated over 10,000 downloads and mirrors put together, according to the researchers' report. [...]

https://www.bleepingcomputer.com/news/security/malicious-pypi-packages-with-over-10-000-downloads-taken-down/

Police arrests ransomware affiliate behind high-profile attacks

Romanian law enforcement authorities arrested a ransomware affiliate suspected of hacking and stealing sensitive info from the networks of multiple high-profile companies worldwide, including a large Romanian IT company with clients from the retail, energy, and utilities sectors. [...]

https://www.bleepingcomputer.com/news/security/police-arrests-ransomware-affiliate-behind-high-profile-attacks/

Ukraine arrests 51 for selling data of 300 million people in US, EU

Ukrainian law enforcement arrested 51 suspects believed to have been selling stolen personal data on hacking forums belonging to hundreds of millions worldwide, including Ukraine, the US, and Europe. [...]

https://www.bleepingcomputer.com/news/security/ukraine-arrests-51-for-selling-data-of-300-million-people-in-us-eu/

Bugs in billions of WiFi, Bluetooth chips allow password, data theft

Researchers at the University of Darmstadt, Brescia, CNIT, and the Secure Mobile Networking Lab, have published a paper that proves it's possible to extract passwords and manipulate traffic on a WiFi chip by targeting a device's Bluetooth component. [...]

https://www.bleepingcomputer.com/news/security/bugs-in-billions-of-wifi-bluetooth-chips-allow-password-data-theft/

Attackers can get root by crashing Ubuntu’s AccountsService

A local privilege escalation security vulnerability could allow attackers to gain root access on Ubuntu systems by exploiting a double-free memory corruption bug in GNOME's AccountsService component. [...]

https://www.bleepingcomputer.com/news/security/attackers-can-get-root-by-crashing-ubuntu-s-accountsservice/

Kronos ransomware attack may cause weeks of HR solutions downtime

Workforce management solutions provider Kronos has suffered a ransomware attack that will likely disrupt many of their cloud-based solutions for weeks. [...]

https://www.bleepingcomputer.com/news/security/kronos-ransomware-attack-may-cause-weeks-of-hr-solutions-downtime/

Dell driver fix still allows Windows Kernel-level attacks

Dell's driver fix of the CVE-2021-21551 vulnerability leaves margin for catastrophic BYOVD attacks resulting in Windows kernel driver code execution. [...]

https://www.bleepingcomputer.com/news/security/dell-driver-fix-still-allows-windows-kernel-level-attacks/

Phishing campaign uses PowerPoint macros to drop Agent Tesla

A new variant of the Agent Tesla malware has been spotted in an ongoing phishing campaign that relies on Microsoft PowerPoint documents laced with malicious macro code. [...]

https://www.bleepingcomputer.com/news/security/phishing-campaign-uses-powerpoint-macros-to-drop-agent-tesla/

TinyNuke info-stealing malware is again attacking French users

The info-stealing malware TinyNuke has re-emerged in a new campaign targeting French users with invoice-themed lures in emails sent to corporate addresses and individuals working in manufacturing, technology, construction, and business services. [...]

https://www.bleepingcomputer.com/news/security/tinynuke-info-stealing-malware-is-again-attacking-french-users/

Google pushes emergency Chrome update to fix zero-day used in attacks

Google has released Chrome 96.0.4664.110 for Windows, Mac, and Linux, to address a high-severity zero-day vulnerability exploited in the wild. [...]

https://www.bleepingcomputer.com/news/security/google-pushes-emergency-chrome-update-to-fix-zero-day-used-in-attacks/

Log4j: List of vulnerable products and vendor advisories

News about a critical vulnerability in the Apache Log4j logging library broke last week when proof-of-concept exploits started to emerge on Thursday. [...]

https://www.bleepingcomputer.com/news/security/log4j-list-of-vulnerable-products-and-vendor-advisories/

CISA orders federal agencies to patch Log4Shell by December 24th

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch systems against the critical Log4Shell remote code execution vulnerability and released mitigation guidance in response to active exploitation. [...]

https://www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-patch-log4shell-by-december-24th/

Cyberattack on BHG opioid treatment network disrupts patient care

Opioid treatment network Behavioral Health Group suffered a cyberattack that led to an almost week-long disruption of IT systems and patient care. [...]

https://www.bleepingcomputer.com/news/security/cyberattack-on-bhg-opioid-treatment-network-disrupts-patient-care/

Anubis Android malware returns to target 394 financial apps

The Anubis Android banking malware is now targeting the customers of nearly 400 financial institutions in a new malware campaign. [...]

https://www.bleepingcomputer.com/news/security/anubis-android-malware-returns-to-target-394-financial-apps/

EU Parliament adopts Digital Services Act, but concerns persist

The European Parliament's Internal Market and Consumer Protection Committee has adopted the Digital Services Act (DSA) proposal by 36 votes to 7 and 2 abstentions. [...]

https://www.bleepingcomputer.com/news/legal/eu-parliament-adopts-digital-services-act-but-concerns-persist/

Hackers steal Microsoft Exchange credentials using IIS module

Threat actors are installing a malicious IIS web server module named 'Owowa' on Microsoft Exchange Outlook Web Access servers to steal credentials and execute commands on the server remotely. [...]

https://www.bleepingcomputer.com/news/security/hackers-steal-microsoft-exchange-credentials-using-iis-module/

Microsoft rolls out end-to-end encryption for Teams calls

Microsoft announced today the general availability of end-to-end encryption (E2EE) support for one-to-one Microsoft Teams calls. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-end-to-end-encryption-for-teams-calls/

Windows 10 KB5008212 & KB5008206 updates released

Like the November release, this month's security updates include security fixes for November 2021 Update, May 2021 Update, October 2020 Update (version 20H2), and May 2020 Update (version 2004). It's also the last security update for version 2004, which has been retired today. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5008212-and-kb5008206-updates-released/

Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flaws

Today is Microsoft's December 2021 Patch Tuesday, and with it comes fixes for six zero-day vulnerabilities and a total of 67 flaws. These updates include a fix for an actively exploited Windows Installer vulnerability used in malware distribution campaigns. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-december-2021-patch-tuesday-fixes-6-zero-days-67-flaws/

Microsoft fixes Windows AppX Installer zero-day used by Emotet

Microsoft has patched a high severity Windows zero-day vulnerability exploited in the wild to deliver Emotet malware payloads. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-appx-installer-zero-day-used-by-emotet/

Windows 11 KB5008215 update released with application, VPN fixes

Microsoft has released the Windows 11 KB5008215 cumulative update to fix security vulnerabilities and bugs introduced in previous versions. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5008215-update-released-with-application-vpn-fixes/