Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flaws

Today is Microsoft's December 2021 Patch Tuesday, and with it comes fixes for six zero-day vulnerabilities and a total of 67 flaws. These updates include a fix for an actively exploited Windows Installer vulnerability used in malware distribution campaigns. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-december-2021-patch-tuesday-fixes-6-zero-days-67-flaws/

Microsoft fixes Windows AppX Installer zero-day used by Emotet

Microsoft has patched a high severity Windows zero-day vulnerability exploited in the wild to deliver Emotet malware payloads. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-appx-installer-zero-day-used-by-emotet/

Windows 11 KB5008215 update released with application, VPN fixes

Microsoft has released the Windows 11 KB5008215 cumulative update to fix security vulnerabilities and bugs introduced in previous versions. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5008215-update-released-with-application-vpn-fixes/

DHS announces 'Hack DHS' bug bounty program for vetted researchers

The Department of Homeland Security (DHS) has launched a new bug bounty program dubbed "Hack DHS" that allows vetted cybersecurity researchers to find and report security vulnerabilities in external DHS systems. [...]

https://www.bleepingcomputer.com/news/security/dhs-announces-hack-dhs-bug-bounty-program-for-vetted-researchers/

New ransomware now being deployed in Log4Shell attacks

The first public case of the Log4j Log4Shell vulnerability used to download and install ransomware has been discovered by researchers. [...]

https://www.bleepingcomputer.com/news/security/new-ransomware-now-being-deployed-in-log4shell-attacks/

Telecom operators targeted in recent espionage hacking campaign

Researchers have spotted a new espionage campaign targeting telecommunication and IT service providers in the Middle East and Asia. [...]

https://www.bleepingcomputer.com/news/security/telecom-operators-targeted-in-recent-espionage-hacking-campaign/

Sites hacked with credit card stealers undetected for months

Threat actors are gearing up for the holidays with credit card skimming attacks remaining undetected for months as payment information is stolen from customers. [...]

https://www.bleepingcomputer.com/news/security/sites-hacked-with-credit-card-stealers-undetected-for-months/

Microsoft fixes bug blocking Defender for Endpoint on Windows Server

Microsoft has addressed a known issue that plagued Windows Server customers for weeks, preventing the Defender for Endpoint enterprise security platform from launching on some systems. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-blocking-defender-for-endpoint-on-windows-server/

Log4j vulnerability now used by state-backed hackers, access brokers

As expected, nation-state hackers of all kinds have jumped at the opportunity to exploit the recently disclosed critical vulnerability (CVE-2021-44228) in the Log4j Java-based logging library. [...]

https://www.bleepingcomputer.com/news/security/log4j-vulnerability-now-used-by-state-backed-hackers-access-brokers/

AWS down again, outage impacts Twitch, Zoom, PSN, Xbox Live

Amazon AWS is experiencing an outage that has impacted numerous online services, including Twitch, Zoom, PSN, Xbox Live, Doordash, Quickbooks Online, and Hulu. [...]

https://www.bleepingcomputer.com/news/technology/aws-down-again-outage-impacts-twitch-zoom-psn-xbox-live/

State-sponsored hackers abuse Slack API to steal airline data

A suspected Iranian state-supported threat actor is deploying a newly discovered backdoor named 'Aclip' that abuses the Slack API for covert communications. [...]

https://www.bleepingcomputer.com/news/security/state-sponsored-hackers-abuse-slack-api-to-steal-airline-data/

CISA warns critical infrastructure to stay vigilant for ongoing threats

The Cybersecurity and Infrastructure Security Agency (CISA) warned critical infrastructure organizations today to strengthen their cybersecurity defenses against potential and ongoing threats. [...]

https://www.bleepingcomputer.com/news/security/cisa-warns-critical-infrastructure-to-stay-vigilant-for-ongoing-threats/

Large-scale phishing study shows who bites the bait more often

A large-scale phishing study involving 14,733 participants over a 15-month experiment has produced some surprising findings that contradict previous research results that formed the basis for popular industry practices. [...]

https://www.bleepingcomputer.com/news/security/large-scale-phishing-study-shows-who-bites-the-bait-more-often/

Microsoft to set Windows Terminal as default console in Windows 11

Microsoft is working on making Windows Terminal the default terminal emulator program in Windows 11 instead of the Windows Console Host, starting next year. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-set-windows-terminal-as-default-console-in-windows-11/

Emotet starts dropping Cobalt Strike again for faster attacks

Right in time for the holidays, the notorious Emotet malware is once again directly installing Cobalt Strike beacons for rapid cyberattacks. [...]

https://www.bleepingcomputer.com/news/security/emotet-starts-dropping-cobalt-strike-again-for-faster-attacks/

Firefox users can't reach Microsoft.com — here's what to do

Those using the Mozilla Firefox web browser are left unable to access Microsoft.com domain. Tests by BleepingComputer confirm the issue relates to SSL certificate validation errors. Below we explain what can you do to remedy the issue. [...]

https://www.bleepingcomputer.com/news/security/firefox-users-cant-reach-microsoftcom-heres-what-to-do/

Phorpiex botnet returns with new tricks making it harder to disrupt

The previously shutdown Phorpiex botnet has re-emerged with new peer-to-peer command and control infrastructure, making the malware more difficult to disrupt. [...]

https://www.bleepingcomputer.com/news/security/phorpiex-botnet-returns-with-new-tricks-making-it-harder-to-disrupt/

Hive ransomware enters big league with hundreds breached in four months

The Hive ransomware gang is more active and aggressive than its leak site shows, with affiliates attacking an average of three companies every day since the operation became known in late June. [...]

https://www.bleepingcomputer.com/news/security/hive-ransomware-enters-big-league-with-hundreds-breached-in-four-months/

Lenovo laptops vulnerable to bug allowing admin privileges

Lenovo laptops, including ThinkPad and Yoga models, are vulnerable to a privilege elevation bug in the ImControllerService service allowing attackers to execute commands with admin privileges. [...]

https://www.bleepingcomputer.com/news/security/lenovo-laptops-vulnerable-to-bug-allowing-admin-privileges/

Gumtree classifieds site leaked personal info via the F12 key

British classifieds site Gumtree.com suffered a data leak after a security researcher revealed that he could access sensitive personally identifiable data of advertisers simply by pressing F12 on the keyboard. [...]

https://www.bleepingcomputer.com/news/security/gumtree-classifieds-site-leaked-personal-info-via-the-f12-key/

Microsoft: Khonsari ransomware hits self-hosted Minecraft servers

Microsoft urges admins of self-hosted Minecraft servers to upgrade to the latest release to defend against Khonsari ransomware attacks exploiting the critical Log4Shell security vulnerability. [...]

https://www.bleepingcomputer.com/news/security/microsoft-khonsari-ransomware-hits-self-hosted-minecraft-servers/