Have I Been Pwned warns of DatPiff data breach impacting millions
The cracked passwords for almost 7.5 million DatPiff members are being sold online, and users can check if they are part of the data breach through the Have I Been Pwned notification service. [...]
https://www.bleepingcomputer.com/news/security/have-i-been-pwned-warns-of-datpiff-data-breach-impacting-millions/
The cracked passwords for almost 7.5 million DatPiff members are being sold online, and users can check if they are part of the data breach through the Have I Been Pwned notification service. [...]
https://www.bleepingcomputer.com/news/security/have-i-been-pwned-warns-of-datpiff-data-breach-impacting-millions/
BleepingComputer
Have I Been Pwned warns of DatPiff data breach impacting millions
The cracked passwords for almost 7.5 million DatPiff members are being sold online, and users can check if they are part of the data breach through the Have I Been Pwned notification service.
UScellular discloses data breach after billing system hack
UScellular, self-described as the fourth-largest wireless carrier in the US, has disclosed a data breach after the company's billing system was hacked in December 2021. [...]
https://www.bleepingcomputer.com/news/security/uscellular-discloses-data-breach-after-billing-system-hack/
UScellular, self-described as the fourth-largest wireless carrier in the US, has disclosed a data breach after the company's billing system was hacked in December 2021. [...]
https://www.bleepingcomputer.com/news/security/uscellular-discloses-data-breach-after-billing-system-hack/
BleepingComputer
UScellular discloses data breach after billing system hack
UScellular, self-described as the fourth-largest wireless carrier in the US, has disclosed a data breach after the company's billing system was hacked in December 2021.
Hackers use video player to steal credit cards from over 100 sites
Hackers used a cloud video hosting service to perform a supply chain attack on over one hundred real estate sites that injected malicious scripts to steal information inputted in website forms. [...]
https://www.bleepingcomputer.com/news/security/hackers-use-video-player-to-steal-credit-cards-from-over-100-sites/
Hackers used a cloud video hosting service to perform a supply chain attack on over one hundred real estate sites that injected malicious scripts to steal information inputted in website forms. [...]
https://www.bleepingcomputer.com/news/security/hackers-use-video-player-to-steal-credit-cards-from-over-100-sites/
BleepingComputer
Hackers use video player to steal credit cards from over 100 sites
Hackers used a cloud video hosting service to perform a supply chain attack on over one hundred real estate sites that injected malicious scripts to steal information inputted in website forms.
First Microsoft Pluton-powered Windows 11 PCs unveiled at CES
Lenovo unveiled today at CES 2022 the first Microsoft Pluton-powered Windows 11 PCs, the ThinkPad Z13 and Z16, with AMD Ryzen 6000 Series processors. [...]
https://www.bleepingcomputer.com/news/microsoft/first-microsoft-pluton-powered-windows-11-pcs-unveiled-at-ces/
Lenovo unveiled today at CES 2022 the first Microsoft Pluton-powered Windows 11 PCs, the ThinkPad Z13 and Z16, with AMD Ryzen 6000 Series processors. [...]
https://www.bleepingcomputer.com/news/microsoft/first-microsoft-pluton-powered-windows-11-pcs-unveiled-at-ces/
BleepingComputer
First Microsoft Pluton-powered Windows 11 PCs unveiled at CES
Lenovo unveiled today at CES 2022 the first Microsoft Pluton-powered Windows 11 PCs, the ThinkPad Z13 and Z16, with AMD Ryzen 6000 Series processors.
FTC warns companies to secure consumer data from Log4J attacks
The US Federal Trade Commission (FTC) has warned today that it will go after any US company that fails to protect its customers' data against ongoing Log4J attacks. [...]
https://www.bleepingcomputer.com/news/security/ftc-warns-companies-to-secure-consumer-data-from-log4j-attacks/
The US Federal Trade Commission (FTC) has warned today that it will go after any US company that fails to protect its customers' data against ongoing Log4J attacks. [...]
https://www.bleepingcomputer.com/news/security/ftc-warns-companies-to-secure-consumer-data-from-log4j-attacks/
BleepingComputer
FTC warns companies to secure consumer data from Log4J attacks
The US Federal Trade Commission (FTC) has warned today that it will go after any US company that fails to protect its customers' data against ongoing Log4J attacks.
US govt provides new guidelines for authentication systems
The National Institute of Standards and Technology (NIST) released new authentication system recommendations, highlighting multiple erroneous approaches in currently established practices. [...]
https://www.bleepingcomputer.com/news/security/us-govt-provides-new-guidelines-for-authentication-systems/
The National Institute of Standards and Technology (NIST) released new authentication system recommendations, highlighting multiple erroneous approaches in currently established practices. [...]
https://www.bleepingcomputer.com/news/security/us-govt-provides-new-guidelines-for-authentication-systems/
π2
Emergency Windows Server update fixes Remote Desktop issues
Microsoft has released an emergency out-of-band update to address a Windows Server bug leading to Remote Desktop connection and performance issues. [...]
https://www.bleepingcomputer.com/news/microsoft/emergency-windows-server-update-fixes-remote-desktop-issues/
Microsoft has released an emergency out-of-band update to address a Windows Server bug leading to Remote Desktop connection and performance issues. [...]
https://www.bleepingcomputer.com/news/microsoft/emergency-windows-server-update-fixes-remote-desktop-issues/
BleepingComputer
Emergency Windows Server update fixes Remote Desktop issues
Microsoft has released an emergency out-of-band update to address a Windows Server bug leading to Remote Desktop connection and performance issues.
Microsoft code-sign check bypassed to drop Zloader malware
A new Zloader campaign exploits Microsoft's e-signature code verification to steal user credentials from over two thousand victims in 111 countries. [...]
https://www.bleepingcomputer.com/news/security/microsoft-code-sign-check-bypassed-to-drop-zloader-malware/
A new Zloader campaign exploits Microsoft's e-signature code verification to steal user credentials from over two thousand victims in 111 countries. [...]
https://www.bleepingcomputer.com/news/security/microsoft-code-sign-check-bypassed-to-drop-zloader-malware/
BleepingComputer
Microsoft code-sign check bypassed to drop Zloader malware
A new Zloader campaign exploits Microsoft's e-signature code verification to steal user credentials from over two thousand victims in 111 countries.
π1
βElephant Beetleβ spends months in victim networks to divert transactions
A financially-motivated actor dubbed 'Elephant Beetle' is stealing millions of dollars from organizations worldwide using an arsenal of over 80 unique tools and scripts. [...]
https://www.bleepingcomputer.com/news/security/elephant-beetle-spends-months-in-victim-networks-to-divert-transactions/
A financially-motivated actor dubbed 'Elephant Beetle' is stealing millions of dollars from organizations worldwide using an arsenal of over 80 unique tools and scripts. [...]
https://www.bleepingcomputer.com/news/security/elephant-beetle-spends-months-in-victim-networks-to-divert-transactions/
BleepingComputer
βElephant Beetleβ spends months in victim networks to divert transactions
A financially-motivated actor dubbed 'Elephant Beetle' is stealing millions of dollars from organizations worldwide using an arsenal of over 80 unique tools and scripts.
iOS malware can fake iPhone shut downs to snoop on camera, microphone
Researchers have developed a new technique that fakes a shutdown or reboot of iPhones, preventing malware from being removed and allowing hackers to secretly snoop on microphones and receive sensitive data via a live network connection. [...]
https://www.bleepingcomputer.com/news/security/ios-malware-can-fake-iphone-shut-downs-to-snoop-on-camera-microphone/
Researchers have developed a new technique that fakes a shutdown or reboot of iPhones, preventing malware from being removed and allowing hackers to secretly snoop on microphones and receive sensitive data via a live network connection. [...]
https://www.bleepingcomputer.com/news/security/ios-malware-can-fake-iphone-shut-downs-to-snoop-on-camera-microphone/
BleepingComputer
iOS malware can fake iPhone shut downs to snoop on camera, microphone
Researchers have developed a new technique that fakes a shutdown or reboot of iPhones, preventing malware from being removed and allowing hackers to secretly snoop on microphones and receive sensitive data via a live network connection.
Crypto platform ARBIX flagged as a rugpull, transfers $10 million
Arbix Finance, an audited and supposedly trustworthy yield farming platform, has been flagged as a 'rugpull,' deleting its site, Twitter, and Telegram channel and transferring $10 million worth of deposited cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/crypto-platform-arbix-flagged-as-a-rugpull-transfers-10-million/
Arbix Finance, an audited and supposedly trustworthy yield farming platform, has been flagged as a 'rugpull,' deleting its site, Twitter, and Telegram channel and transferring $10 million worth of deposited cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/crypto-platform-arbix-flagged-as-a-rugpull-transfers-10-million/
BleepingComputer
Crypto platform ARBIX flagged as a rugpull, transfers $10 million
Arbix Finance, an audited and supposedly trustworthy yield farming platform, has been flagged as a 'rugpull,' deleting its site, Twitter, and Telegram channel and transferring $10 million worth of deposited cryptocurrency.
NY OAG: Hackers stole 1.1 million customer accounts from 17 companies
The New York State Office of the Attorney General (NY OAG) has warned 17 well-known companies that roughly 1.1 million of their customers have had their user accounts compromised in credential stuffing attacks. [...]
https://www.bleepingcomputer.com/news/security/ny-oag-hackers-stole-11-million-customer-accounts-from-17-companies/
The New York State Office of the Attorney General (NY OAG) has warned 17 well-known companies that roughly 1.1 million of their customers have had their user accounts compromised in credential stuffing attacks. [...]
https://www.bleepingcomputer.com/news/security/ny-oag-hackers-stole-11-million-customer-accounts-from-17-companies/
BleepingComputer
NY OAG: Hackers stole 1.1 million customer accounts from 17 companies
The New York State Office of the Attorney General (NY OAG) has warned 17 well-known companies that roughly 1.1 million of their customers have had their user accounts compromised in credential stuffing attacks.
Microsoft Defender for Endpoint adds zero-touch iOS onboarding
Microsoft says zero-touch onboarding for Microsoft Defender for Endpoint (MDE) on iOS is now available in public preview, allowing enterprise admins to silently install Defender for Endpoint automatically on enrolled devices. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-for-endpoint-adds-zero-touch-ios-onboarding/
Microsoft says zero-touch onboarding for Microsoft Defender for Endpoint (MDE) on iOS is now available in public preview, allowing enterprise admins to silently install Defender for Endpoint automatically on enrolled devices. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-for-endpoint-adds-zero-touch-ios-onboarding/
BleepingComputer
Microsoft Defender for Endpoint adds zero-touch iOS onboarding
Microsoft says zero-touch onboarding for Microsoft Defender for Endpoint (MDE) on iOS is now available in public preview, allowing enterprise admins to silently install Defender for Endpoint automatically on enrolled devices.
π1
70 investors lose $50 million to fraudsters posing as broker-dealers
A California man confirmed his role in a large-scale and long-running Internet-based fraud scheme that allowed him and other fraudsters to siphon roughly $50 million from dozens of investors over eight years, between 2012 to October 2020. [...]
https://www.bleepingcomputer.com/news/security/70-investors-lose-50-million-to-fraudsters-posing-as-broker-dealers/
A California man confirmed his role in a large-scale and long-running Internet-based fraud scheme that allowed him and other fraudsters to siphon roughly $50 million from dozens of investors over eight years, between 2012 to October 2020. [...]
https://www.bleepingcomputer.com/news/security/70-investors-lose-50-million-to-fraudsters-posing-as-broker-dealers/
BleepingComputer
Broker-dealers impersonators stole $50 million using spoofed sites
A California man confirmed his role in a large-scale and long-running Internet-based fraud scheme that allowed him and other fraudsters to siphon roughly $50 million from dozens of investors over eight years, between 2012 to October 2020.
Honda, Acura cars hit by Y2K22 bug that rolls back clocks to 2002
Honda and Acura cars have been hit with a Year 2022 bug, aka Y2K22, that resets the navigation system's clock to January 1st, 2002, with no way to change it. [...]
https://www.bleepingcomputer.com/news/technology/honda-acura-cars-hit-by-y2k22-bug-that-rolls-back-clocks-to-2002/
Honda and Acura cars have been hit with a Year 2022 bug, aka Y2K22, that resets the navigation system's clock to January 1st, 2002, with no way to change it. [...]
https://www.bleepingcomputer.com/news/technology/honda-acura-cars-hit-by-y2k22-bug-that-rolls-back-clocks-to-2002/
BleepingComputer
Honda, Acura cars hit by Y2K22 bug that rolls back clocks to 2002
Honda and Acura cars have been hit with a Year 2022 bug, aka Y2K22, that resets the navigation system's clock to January 1st, 2002, with no way to change it.
Privacy-focused Brave browser records massive growth in 2021
The privacy-focused web browser Brave continues to grow rapidly as the company reached 50 million monthly active users for the first time in 2021. [...]
https://www.bleepingcomputer.com/news/technology/privacy-focused-brave-browser-records-massive-growth-in-2021/
The privacy-focused web browser Brave continues to grow rapidly as the company reached 50 million monthly active users for the first time in 2021. [...]
https://www.bleepingcomputer.com/news/technology/privacy-focused-brave-browser-records-massive-growth-in-2021/
BleepingComputer
Privacy-focused Brave browser records massive growth in 2021
The privacy-focused web browser Brave continues to grow rapidly as the company reached 50 million monthly active users for the first time in 2021.
FBI warns about ongoing Google Voice authentication scams
The Federal Bureau of Investigation (FBI) says Americans who share their phone number online are being targeted by Google Voice authentication scams. [...]
https://www.bleepingcomputer.com/news/security/fbi-warns-about-ongoing-google-voice-authentication-scams/
The Federal Bureau of Investigation (FBI) says Americans who share their phone number online are being targeted by Google Voice authentication scams. [...]
https://www.bleepingcomputer.com/news/security/fbi-warns-about-ongoing-google-voice-authentication-scams/
BleepingComputer
FBI warns about ongoing Google Voice authentication scams
The Federal Bureau of Investigation (FBI) says Americans who share their phone number online are being targeted by Google Voice authentication scams.
π1
France hits Facebook and Google with $210 million in fines
France's National Commission on Informatics and Liberty (CNIL), the country's data privacy and protection body, has announced a 60 million euro ($68 million) sanction against Facebook and a 150 million euro ($170 million) penalty against Google. [...]
https://www.bleepingcomputer.com/news/legal/france-hits-facebook-and-google-with-210-million-in-fines/
France's National Commission on Informatics and Liberty (CNIL), the country's data privacy and protection body, has announced a 60 million euro ($68 million) sanction against Facebook and a 150 million euro ($170 million) penalty against Google. [...]
https://www.bleepingcomputer.com/news/legal/france-hits-facebook-and-google-with-210-million-in-fines/
BleepingComputer
France hits Facebook and Google with $210 million in fines
France's National Commission on Informatics and Liberty (CNIL), the country's data privacy and protection body, has announced a 60 million euro ($68 million) sanction against Facebook and a 150 million euro ($170 million) penalty against Google.
Google Docs commenting feature exploited for spear-phishing
A new trend in phishing attacks emerged in December 2021, with threat actors abusing the commenting feature of Google Docs to send out emails that appear trustworthy. [...]
https://www.bleepingcomputer.com/news/security/google-docs-commenting-feature-exploited-for-spear-phishing/
A new trend in phishing attacks emerged in December 2021, with threat actors abusing the commenting feature of Google Docs to send out emails that appear trustworthy. [...]
https://www.bleepingcomputer.com/news/security/google-docs-commenting-feature-exploited-for-spear-phishing/
BleepingComputer
Google Docs commenting feature exploited for spear-phishing
A new trend in phishing attacks emerged in December 2021, with threat actors abusing the commenting feature of Google Docs to send out emails that appear trustworthy.
Swiss army bans all chat apps but locally-developed Threema
The Swiss army has banned foreign instant-messaging apps such as Signal, Telegram, and WhatsApp and requires army members to use the locally-developed Threema messaging app instead. [...]
https://www.bleepingcomputer.com/news/security/swiss-army-bans-all-chat-apps-but-locally-developed-threema/
The Swiss army has banned foreign instant-messaging apps such as Signal, Telegram, and WhatsApp and requires army members to use the locally-developed Threema messaging app instead. [...]
https://www.bleepingcomputer.com/news/security/swiss-army-bans-all-chat-apps-but-locally-developed-threema/
BleepingComputer
Swiss army bans all chat apps but locally-developed Threema
The Swiss army has banned foreign instant-messaging apps such as Signal, Telegram, and WhatsApp and requires army members to use the locally-developed Threema messaging app instead.
π2
US online pharmacy Ravkoo links data breach to AWS portal incident
Ravkoo, a US Internet-based pharmacy service, has disclosed a data breach after the company's AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health information being accessed. [...]
https://www.bleepingcomputer.com/news/security/us-online-pharmacy-ravkoo-links-data-breach-to-aws-portal-incident/
Ravkoo, a US Internet-based pharmacy service, has disclosed a data breach after the company's AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health information being accessed. [...]
https://www.bleepingcomputer.com/news/security/us-online-pharmacy-ravkoo-links-data-breach-to-aws-portal-incident/
BleepingComputer
US online pharmacy Ravkoo links data breach to AWS portal incident
Ravkoo, a US Internet-based pharmacy service, has disclosed a data breach after the company's AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health information being accessed.