FinalSite ransomware attack shuts down thousands of school websites

FinalSite, a leading school website services provider, has suffered a ransomware attack disrupting access to websites for thousands of schools worldwide. [...]

https://www.bleepingcomputer.com/news/security/finalsite-ransomware-attack-shuts-down-thousands-of-school-websites/

QNAP warns of ransomware targeting Internet-exposed NAS devices

QNAP has warned customers today to secure Internet-exposed network-attached storage (NAS) devices immediately from ongoing ransomware and brute-force attacks. [...]

https://www.bleepingcomputer.com/news/security/qnap-warns-of-ransomware-targeting-internet-exposed-nas-devices/

NHS warns of hackers exploiting Log4Shell in VMware Horizon

UK's National Health Service (NHS) has published a cyber alert warning of an unknown threat group targeting VMware Horizon deployments with Log4Shell exploits. [...]

https://www.bleepingcomputer.com/news/security/nhs-warns-of-hackers-exploiting-log4shell-in-vmware-horizon/

US counterintelligence shares tips to block spyware attacks

The US National Counterintelligence and Security Center (NCSC) and the Department of State have jointly published guidance on defending against attacks using commercial surveillance tools. [...]

https://www.bleepingcomputer.com/news/security/us-counterintelligence-shares-tips-to-block-spyware-attacks/

Diversity job board Canvas.com ordered to stop using domain name

Diversity recruiting site Canvas.com has been ordered by a U.S. District judge to drop the use of the domain name over a trademark dispute. [...]

https://www.bleepingcomputer.com/news/legal/diversity-job-board-canvascom-ordered-to-stop-using-domain-name/

FluBot malware now targets Europe posing as Flash Player app

The widely distributed FluBot malware continues to evolve, with new campaigns distributing the malware as Flash Player and the developers adding new features. [...]

https://www.bleepingcomputer.com/news/security/flubot-malware-now-targets-europe-posing-as-flash-player-app/

FBI: Hackers target US defense firms with malicious USB packages

The Federal Bureau of Investigation (FBI) warned US companies in a recently updated flash alert that the financially motivated FIN7 cybercriminals group is targeting the US defense industry with packages containing malicious USB devices. [...]

https://www.bleepingcomputer.com/news/security/fbi-hackers-target-us-defense-firms-with-malicious-usb-packages/

SonicWall: Y2K22 bug hits Email Security, firewall products

SonicWall has confirmed today that some of its Email Security and firewall products have been hit by the Y2K22 bug, causing message log updates and junk box failures starting with January 1, 2022. [...]

https://www.bleepingcomputer.com/news/security/sonicwall-y2k22-bug-hits-email-security-firewall-products/

The Week in Ransomware - January 7th 2022 - Watch out for USB drives

With the holidays these past two weeks, there have been only a few known ransomware attacks and little research released. Here is what we know. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-7th-2022-watch-out-for-usb-drives/

Rapid window title changes cause ‘white screen of death’

Experimentation with ANSI escape characters on terminal emulators has led to the discovery of multiple high-severity DoS (denial of service) vulnerabilities on Windows terminals and Chrome-based web browsers. [...]

https://www.bleepingcomputer.com/news/security/rapid-window-title-changes-cause-white-screen-of-death-/

Trojanized dnSpy app drops malware cocktail on researchers, devs

Hackers targeted cybersecurity researchers and developers this week in a sophisticated malware campaign distributing a malicious version of the dnSpy .NET application to install cryptocurrency stealers, remote access trojans, and miners. [...]

https://www.bleepingcomputer.com/news/security/trojanized-dnspy-app-drops-malware-cocktail-on-researchers-devs/

Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps

Users of popular open-source libraries 'colors' and 'faker' were left stunned after they saw their applications, using these libraries, printing gibberish data and breaking. Some surmised if the NPM libraries had been compromised, but it turns out there's more to the story. [...]

https://www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/

WordPress 5.8.3 security update fixes SQL injection, XSS flaws

The WordPress development team released version 5.8.3, a short-cycle security release that addresses four vulnerabilities, three of which are rated of high importance. [...]

https://www.bleepingcomputer.com/news/security/wordpress-583-security-update-fixes-sql-injection-xss-flaws/

Europol ordered to erase data on those not linked to crime

The European Data Protection Supervisor (EDPS), an EU privacy and data protection independent supervisory authority, has ordered Europol to erase personal data on individuals that haven't been linked to criminal activity. [...]

https://www.bleepingcomputer.com/news/security/europol-ordered-to-erase-data-on-those-not-linked-to-crime/

Linux Mint 20.3 released promising security updates until 2025

Linux Mint has released version 20.3, codenamed 'Una,' as a long-term support version that will receive security updates until 2025. [...]

https://www.bleepingcomputer.com/news/linux/linux-mint-203-released-promising-security-updates-until-2025/

Microsoft: powerdir bug gives access to protected macOS user data

Microsoft says threat actors could use a macOS vulnerability to bypass Transparency, Consent, and Control (TCC) technology to access users' protected data. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-powerdir-bug-gives-access-to-protected-macos-user-data/

Oops: Cyberspies infect themselves with their own malware

After infecting themselves with their own custom remote access trojan (RAT), an Indian-linked cyber-espionage group has accidentally exposed its operations to security researchers. [...]

https://www.bleepingcomputer.com/news/security/oops-cyberspies-infect-themselves-with-their-own-malware/

Linux version of AvosLocker ransomware targets VMware ESXi servers

AvosLocker is the latest ransomware gang that has added support for encrypting Linux systems to its recent malware variants, specifically targeting VMware ESXi virtual machines. [...]

https://www.bleepingcomputer.com/news/security/linux-version-of-avoslocker-ransomware-targets-vmware-esxi-servers/

Extortion DDoS attacks grow stronger and more common

The end of 2021 saw a rise in the number of distributed denial-of-service incidents that came with a ransom demand from the attackers to stop the assault. [...]

https://www.bleepingcomputer.com/news/security/extortion-ddos-attacks-grow-stronger-and-more-common/

FinalSite: No school data stolen in ransomware attack behind site outages

FinalSite announced today the findings of a six-day investigation into last week's ransomware attack, stating it found no evidence schools' data accessed or stolen by hackers. [...]

https://www.bleepingcomputer.com/news/security/finalsite-no-school-data-stolen-in-ransomware-attack-behind-site-outages/

Night Sky ransomware uses Log4j bug to hack VMware Horizon servers

The Night Sky ransomware gang has started to exploit the critical CVE-2021-4422 vulnerability in the Log4j logging library, also known as Log4Shell, to gain access to VMware Horizon systems. [...]

https://www.bleepingcomputer.com/news/security/night-sky-ransomware-uses-log4j-bug-to-hack-vmware-horizon-servers/