University loses 77TB of research data due to backup error

The Kyoto University in Japan has lost about 77TB of research data due to an error in the backup system of its Hewlett-Packard supercomputer. [...]

https://www.bleepingcomputer.com/news/security/university-loses-77tb-of-research-data-due-to-backup-error/

Have I Been Pwned adds 441K accounts stolen by RedLine malware

The Have I Been Pwned data breach notification service now lets you check if your email and password are one of 441,000 accounts stolen in an information-stealing campaign using RedLine malware. [...]

https://www.bleepingcomputer.com/news/security/have-i-been-pwned-adds-441k-accounts-stolen-by-redline-malware/

Netgear leaves vulnerabilities unpatched in Nighthawk router

Researchers have found half a dozen high-risk vulnerabilities in the latest firmware version for the Netgear Nighthawk R6700v3 router. At publishing time the flaws remain unpatched. [...]

https://www.bleepingcomputer.com/news/security/netgear-leaves-vulnerabilities-unpatched-in-nighthawk-router/

Top 10 healthcare breaches in the U.S. exposed data of 19 million

The healthcare sector has been the target of hundreds of cyberattacks this year. A tally of public data breach reports so far shows that tens of millions of healthcare records have been exposed to unauthorized parties. [...]

https://www.bleepingcomputer.com/news/security/top-10-healthcare-breaches-in-the-us-exposed-data-of-19-million/

PulseTV discloses potential compromise of 200,000 credit cards

PulseTV (pulsetv.com), an American e-store that uses TV as a medium to reach customers, has disclosed a large-scale customer credit card compromise. [...]

https://www.bleepingcomputer.com/news/security/pulsetv-discloses-potential-compromise-of-200-000-credit-cards/

Popular Q&A app Curious Cat loses domain, posts bizarre tweets

Popular social networking and anonymous Q&A app, Curious Cat has lost control of its domain. Soon after the platform announced losing control of their domain, a series of bizarre events and support responses have confused the app users who are now unable to trust Curious Cat. [...]

https://www.bleepingcomputer.com/news/security/popular-qanda-app-curious-cat-loses-domain-posts-bizarre-tweets/

Microsoft Exchange year 2022 bug in FIP-FS breaks email delivery

Microsoft Exchange on-premise servers cannot deliver email starting on January 1st, 2022, due to a "Year 2022" bug in the FIP-FS anti-malware scanning engine. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-year-2022-bug-in-fip-fs-breaks-email-delivery/

Uber dismisses vulnerability that lets you email anyone as Uber!

A vulnerability in Uber's email system allows just about anyone to send emails on behalf of Uber. Uber is aware of the flaw but has decided not to fix it for now. [...]

https://www.bleepingcomputer.com/news/security/uber-dismisses-vulnerability-that-lets-you-email-anyone-as-uber/

BleepingComputer's most popular cybersecurity and tech stories of 2021

​2021 is over, and we can look forward to a hopefully healthier, safer, and more normal 2022. However, it was a big year for technology and cybersecurity with massive cyberattacks and data breaches, innovative phishing attacks, privacy concerns, and of course, zero-day vulnerabilities. [...]

https://www.bleepingcomputer.com/news/technology/bleepingcomputers-most-popular-cybersecurity-and-tech-stories-of-2021/

Microsoft releases emergency fix for Exchange year 2022 bug

Microsoft has released an emergency fix for a year 2022 bug that is breaking email delivery on on-premise Microsoft Exchange servers. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-fix-for-exchange-year-2022-bug/

Don't copy-paste commands from webpages — you can get hacked

Programmers, sysadmins, security researchers, and tech hobbyists copying-pasting commands from web pages into a console or terminal risk having their system compromised. Wizer's Gabriel Friedlander demonstrates an obvious, simple yet stunning trick that'll make you think twice before copying-pasting text from web pages. [...]

https://www.bleepingcomputer.com/news/security/dont-copy-paste-commands-from-webpages-you-can-get-hacked/

Apple iOS vulnerable to HomeKit 'doorLock' denial of service bug

A novel persistent denial of service vulnerability named 'doorLock' was discovered in Apple HomeKit, affecting iOS 14.7 through 15.2. [...]

https://www.bleepingcomputer.com/news/security/apple-ios-vulnerable-to-homekit-doorlock-denial-of-service-bug/

Broward Health discloses data breach affecting 1.3 million people

Florida's Broward Health healthcare system has disclosed a large-scale data breach incident impacting 1,357,879 individuals. [...]

https://www.bleepingcomputer.com/news/security/broward-health-discloses-data-breach-affecting-13-million-people/

Microsoft Skype makes you solve a complex captcha 10 times to sign up

New Skype users report frustration after being presented with a captcha that requires them to solve a complex puzzle ten times before signing up for the service. [...]

https://www.bleepingcomputer.com/news/security/microsoft-skype-makes-you-solve-a-complex-captcha-10-times-to-sign-up/

Purple Fox malware distributed via malicious Telegram installers

A laced Telegram for desktop installer was spotted distributing the Purple Fox malware while disabling the UAC on the infected systems. [...]

https://www.bleepingcomputer.com/news/security/purple-fox-malware-distributed-via-malicious-telegram-installers/

Have I Been Pwned warns of DatPiff data breach impacting millions

The cracked passwords for almost 7.5 million DatPiff members are being sold online, and users can check if they are part of the data breach through the Have I Been Pwned notification service. [...]

https://www.bleepingcomputer.com/news/security/have-i-been-pwned-warns-of-datpiff-data-breach-impacting-millions/

UScellular discloses data breach after billing system hack

UScellular, self-described as the fourth-largest wireless carrier in the US, has disclosed a data breach after the company's billing system was hacked in December 2021. [...]

https://www.bleepingcomputer.com/news/security/uscellular-discloses-data-breach-after-billing-system-hack/

Hackers use video player to steal credit cards from over 100 sites

Hackers used a cloud video hosting service to perform a supply chain attack on over one hundred real estate sites that injected malicious scripts to steal information inputted in website forms. [...]

https://www.bleepingcomputer.com/news/security/hackers-use-video-player-to-steal-credit-cards-from-over-100-sites/

First Microsoft Pluton-powered Windows 11 PCs unveiled at CES

Lenovo unveiled today at CES 2022 the first Microsoft Pluton-powered Windows 11 PCs, the ThinkPad Z13 and Z16, with AMD Ryzen 6000 Series processors. [...]

https://www.bleepingcomputer.com/news/microsoft/first-microsoft-pluton-powered-windows-11-pcs-unveiled-at-ces/

FTC warns companies to secure consumer data from Log4J attacks

The US Federal Trade Commission (FTC) has warned today that it will go after any US company that fails to protect its customers' data against ongoing Log4J attacks. [...]

https://www.bleepingcomputer.com/news/security/ftc-warns-companies-to-secure-consumer-data-from-log4j-attacks/

US govt provides new guidelines for authentication systems

The National Institute of Standards and Technology (NIST) released new authentication system recommendations, highlighting multiple erroneous approaches in currently established practices. [...]

https://www.bleepingcomputer.com/news/security/us-govt-provides-new-guidelines-for-authentication-systems/