White House reminds tech giants open source is a national security issue
The White House wants government and private sector organizations to rally their efforts and resources to secure open-source software and its supply chain after the Log4J vulnerabilities exposed critical infrastructure to threat actors' attacks. [...]
https://www.bleepingcomputer.com/news/security/white-house-reminds-tech-giants-open-source-is-a-national-security-issue/
The White House wants government and private sector organizations to rally their efforts and resources to secure open-source software and its supply chain after the Log4J vulnerabilities exposed critical infrastructure to threat actors' attacks. [...]
https://www.bleepingcomputer.com/news/security/white-house-reminds-tech-giants-open-source-is-a-national-security-issue/
BleepingComputer
White House reminds tech giants open source is a national security issue
The White House wants government and private sector organizations to rally their efforts and resources to secure open-source software and its supply chain after the Log4J vulnerabilities exposed critical infrastructure to threat actors' attacks.
Former DHS official charged with stealing govt employees' PII
A former Department of Homeland Security official pleaded guilty today to stealing confidential and proprietary software and sensitive databases from the US government containing employees' personal identifying information. [...]
https://www.bleepingcomputer.com/news/security/former-dhs-official-charged-with-stealing-govt-employees-pii/
A former Department of Homeland Security official pleaded guilty today to stealing confidential and proprietary software and sensitive databases from the US government containing employees' personal identifying information. [...]
https://www.bleepingcomputer.com/news/security/former-dhs-official-charged-with-stealing-govt-employees-pii/
BleepingComputer
Former DHS official charged with stealing govt employees' PII
A former Department of Homeland Security acting inspector general pleaded guilty today to stealing confidential and proprietary software and sensitive databases from the US government containing employees' personal identifying information (PII).
Goodwill discloses data breach on its ShopGoodwill platform
American nonprofit Goodwill has disclosed a data breach that affected the accounts of customers using its ShopGoodwill.com e-commerce auction platform. [...]
https://www.bleepingcomputer.com/news/security/goodwill-discloses-data-breach-on-its-shopgoodwill-platform/
American nonprofit Goodwill has disclosed a data breach that affected the accounts of customers using its ShopGoodwill.com e-commerce auction platform. [...]
https://www.bleepingcomputer.com/news/security/goodwill-discloses-data-breach-on-its-shopgoodwill-platform/
BleepingComputer
Goodwill discloses data breach on its ShopGoodwill platform
American nonprofit Goodwill has disclosed a data breach that affected the accounts of customers using its ShopGoodwill.com e-commerce auction platform.
Microsoft brings back January 2022 Windows Server updates
The January 2022 Windows Server cumulative updates are once again available via Windows Update after being pulled yesterday without an official reason from Microsoft. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-brings-back-january-2022-windows-server-updates/
The January 2022 Windows Server cumulative updates are once again available via Windows Update after being pulled yesterday without an official reason from Microsoft. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-brings-back-january-2022-windows-server-updates/
BleepingComputer
Microsoft resumes rollout of January Windows Server updates
The January 2022 Windows Server cumulative updates are once again available via Windows Update after being pulled yesterday without an official reason from Microsoft.
The Week in Ransomware - January 14th 2022 - Russia finally takes action
Today, the Russian government announced that they arrested fourteen members of the REvil ransomware gang on behalf of US authorities. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-14th-2022-russia-finally-takes-action/
Today, the Russian government announced that they arrested fourteen members of the REvil ransomware gang on behalf of US authorities. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-14th-2022-russia-finally-takes-action/
BleepingComputer
The Week in Ransomware - January 14th 2022 - Russia finally takes action
Today, the Russian government announced that they arrested fourteen members of the REvil ransomware gang on behalf of US authorities.
Linux malware sees 35% growth during 2021
The number of malware infections on Linux-based IoT (internet of things) devices rose by 35% in 2021 compared to the previous year's numbers. The principal goal was recruiting devices to be part of DDoS (distributed denial of service) attacks. [...]
https://www.bleepingcomputer.com/news/security/linux-malware-sees-35-percent-growth-during-2021/
The number of malware infections on Linux-based IoT (internet of things) devices rose by 35% in 2021 compared to the previous year's numbers. The principal goal was recruiting devices to be part of DDoS (distributed denial of service) attacks. [...]
https://www.bleepingcomputer.com/news/security/linux-malware-sees-35-percent-growth-during-2021/
BleepingComputer
Linux malware sees 35% growth during 2021
The number of malware infections on Linux-based IoT (internet of things) devices rose by 35% in 2021 compared to the previous year's numbers. The principal goal was recruiting devices to be part of DDoS (distributed denial of service) attacks.
π1
Qlocker ransomware returns to target QNAP NAS devices worldwide
Threat actors behind the Qlocker ransomware are once again targeting Internet-exposed QNAP Network Attached Storage (NAS) devices worldwide. [...]
https://www.bleepingcomputer.com/news/security/qlocker-ransomware-returns-to-target-qnap-nas-devices-worldwide/
Threat actors behind the Qlocker ransomware are once again targeting Internet-exposed QNAP Network Attached Storage (NAS) devices worldwide. [...]
https://www.bleepingcomputer.com/news/security/qlocker-ransomware-returns-to-target-qnap-nas-devices-worldwide/
BleepingComputer
Qlocker ransomware returns to target QNAP NAS devices worldwide
Threat actors behind the Qlocker ransomware are once again targeting Internet-exposed QNAP Network Attached Storage (NAS) devices worldwide.
Russia charges 8 suspected REvil ransomware gang members
Eight members of the REvil ransomware operation that have been detained by Russian officers are currently facing criminal charges for their illegal activity. [...]
https://www.bleepingcomputer.com/news/security/russia-charges-8-suspected-revil-ransomware-gang-members/
Eight members of the REvil ransomware operation that have been detained by Russian officers are currently facing criminal charges for their illegal activity. [...]
https://www.bleepingcomputer.com/news/security/russia-charges-8-suspected-revil-ransomware-gang-members/
BleepingComputer
Russia charges 8 suspected REvil ransomware gang members
Eight members of the REvil ransomware operation that have been detained by Russian officers are currently facing criminal charges for their illegal activity.
π₯1
Facebook's Create React App builds are breaking today β how to fix
Tons of users are reporting their Facebook Create React App builds are failing since yesterday. The cause has been traced down to a dependency used by create-react-app, the latest version of which is breaking developers' apps. [...]
https://www.bleepingcomputer.com/news/security/facebooks-create-react-app-builds-are-breaking-today-how-to-fix/
Tons of users are reporting their Facebook Create React App builds are failing since yesterday. The cause has been traced down to a dependency used by create-react-app, the latest version of which is breaking developers' apps. [...]
https://www.bleepingcomputer.com/news/security/facebooks-create-react-app-builds-are-breaking-today-how-to-fix/
BleepingComputer
npm dependency is breaking some React apps today β here's the fix
Tons of users are reporting their Facebook Create React App builds are failing since yesterday. The cause has been traced down to a dependency used by create-react-app, the latest version of which is breaking developers' apps.
Microsoft: Fake ransomware targets Ukraine in data-wiping attacks
Microsoft is warning of destructive data-wiping malware disguised as ransomware being used in attacks against multiple organizations in Ukraine. [...]
https://www.bleepingcomputer.com/news/security/microsoft-fake-ransomware-targets-ukraine-in-data-wiping-attacks/
Microsoft is warning of destructive data-wiping malware disguised as ransomware being used in attacks against multiple organizations in Ukraine. [...]
https://www.bleepingcomputer.com/news/security/microsoft-fake-ransomware-targets-ukraine-in-data-wiping-attacks/
BleepingComputer
Microsoft: Fake ransomware targets Ukraine in data-wiping attacks
Microsoft is warning of destructive data-wiping malware disguised as ransomware being used in attacks against multiple organizations in Ukraine.
eNom data center migration mistakenly knocks sites offline
A data center migration from eNom web hosting provider caused unexpected domain resolution problems that are expected to last for a few hours. [...]
https://www.bleepingcomputer.com/news/security/enom-data-center-migration-mistakenly-knocks-sites-offline/
A data center migration from eNom web hosting provider caused unexpected domain resolution problems that are expected to last for a few hours. [...]
https://www.bleepingcomputer.com/news/security/enom-data-center-migration-mistakenly-knocks-sites-offline/
BleepingComputer
eNom data center migration mistakenly knocks sites offline
A data center migration from eNom web hosting provider caused unexpected domain resolution problems that are expected to last for a few hours.
Safari bug leaks your Google account info, browsing history
There's a problem with the implementation of the IndexedDB API in Safari's WebKit engine, which could result in leaking browsing histories and even user identities to anyone exploiting the flaw. [...]
https://www.bleepingcomputer.com/news/security/safari-bug-leaks-your-google-account-info-browsing-history/
There's a problem with the implementation of the IndexedDB API in Safari's WebKit engine, which could result in leaking browsing histories and even user identities to anyone exploiting the flaw. [...]
https://www.bleepingcomputer.com/news/security/safari-bug-leaks-your-google-account-info-browsing-history/
BleepingComputer
Safari bug leaks your Google account info, browsing history
There's a problem with the implementation of the IndexedDB API in Safari's WebKit engine, which could result in leaking browsing histories and even user identities to anyone exploiting the flaw.
π’1
It's not just you: Telegram is down for many users
Telegram users are currently experiencing issues around the world, with users unable to use the desktop and mobile apps. [...]
https://www.bleepingcomputer.com/news/technology/its-not-just-you-telegram-is-down-for-many-users/
Telegram users are currently experiencing issues around the world, with users unable to use the desktop and mobile apps. [...]
https://www.bleepingcomputer.com/news/technology/its-not-just-you-telegram-is-down-for-many-users/
BleepingComputer
It's not just you: Telegram is down for many users
Telegram users are currently experiencing issues around the world, with users unable to use the desktop and mobile apps.
π±5π2
Cyber espionage campaign targets renewable energy companies
A large-scale cyber-espionage campaign targeting primarily renewable energy and industrial technology organizations have been discovered to be active since at least 2019, targeting over fifteen entities worldwide. [...]
https://www.bleepingcomputer.com/news/security/cyber-espionage-campaign-targets-renewable-energy-companies/
A large-scale cyber-espionage campaign targeting primarily renewable energy and industrial technology organizations have been discovered to be active since at least 2019, targeting over fifteen entities worldwide. [...]
https://www.bleepingcomputer.com/news/security/cyber-espionage-campaign-targets-renewable-energy-companies/
BleepingComputer
Cyber espionage campaign targets renewable energy companies
A large-scale cyber-espionage campaign targeting primarily renewable energy and industrial technology organizations has been discovered to be active since at least 2019, targeting over fifteen entities worldwide.
Nintendo warns of spoofed sites pushing fake Switch discounts
Nintendo has warned customers of multiple sites impersonating the Japanese video game company's official website and pretending to sell Nintendo Switch consoles at significant discounts. [...]
https://www.bleepingcomputer.com/news/security/nintendo-warns-of-spoofed-sites-pushing-fake-switch-discounts/
Nintendo has warned customers of multiple sites impersonating the Japanese video game company's official website and pretending to sell Nintendo Switch consoles at significant discounts. [...]
https://www.bleepingcomputer.com/news/security/nintendo-warns-of-spoofed-sites-pushing-fake-switch-discounts/
BleepingComputer
Nintendo warns of spoofed sites pushing fake Switch discounts
Nintendo has warned customers of multiple sites impersonating the Japanese video game company's official website and pretending to sell Nintendo Switch consoles at significant discounts.
DHL dethrones Microsoft as most imitated brand in phishing attacks
DHL was the most imitated brand in phishing campaigns throughout Q4 2021, pushing Microsoft to second place, and Google to fourth. [...]
https://www.bleepingcomputer.com/news/security/dhl-dethrones-microsoft-as-most-imitated-brand-in-phishing-attacks/
DHL was the most imitated brand in phishing campaigns throughout Q4 2021, pushing Microsoft to second place, and Google to fourth. [...]
https://www.bleepingcomputer.com/news/security/dhl-dethrones-microsoft-as-most-imitated-brand-in-phishing-attacks/
BleepingComputer
DHL dethrones Microsoft as most imitated brand in phishing attacks
DHL was the most imitated brand in phishing campaigns throughout Q4 2021, pushing Microsoft to second place, and Google to fourth.
Zoho patches new critical authentication bypass in Desktop Central
Zoho has addressed a new critical severity vulnerability found to affect the company's Desktop Central and Desktop Central MSP unified endpoint management (UEM) solutions. [...]
https://www.bleepingcomputer.com/news/security/zoho-patches-new-critical-authentication-bypass-in-desktop-central/
Zoho has addressed a new critical severity vulnerability found to affect the company's Desktop Central and Desktop Central MSP unified endpoint management (UEM) solutions. [...]
https://www.bleepingcomputer.com/news/security/zoho-patches-new-critical-authentication-bypass-in-desktop-central/
BleepingComputer
Zoho plugs another critical security hole in Desktop Central
Zoho has addressed a new critical severity vulnerability found to affect the company's Desktop Central and Desktop Central MSP unified endpoint management (UEM) solutions.
Firefox Relay's addition to disposable email blocklist upsets users
The maintainers of a "disposable email service" blocklist have decided to add Firefox Relay to the list, leaving many users of the service upset. Firefox Relay is a privacy-centric email service that enables users to protect their real email addresses and hence limit spam. [...]
https://www.bleepingcomputer.com/news/security/firefox-relays-addition-to-disposable-email-blocklist-upsets-users/
The maintainers of a "disposable email service" blocklist have decided to add Firefox Relay to the list, leaving many users of the service upset. Firefox Relay is a privacy-centric email service that enables users to protect their real email addresses and hence limit spam. [...]
https://www.bleepingcomputer.com/news/security/firefox-relays-addition-to-disposable-email-blocklist-upsets-users/
BleepingComputer
Firefox Relay gets added to disposable email blocklist, angers users
The maintainers of a "disposable email service" blocklist have decided to add Firefox Relay to the list, leaving many users of the service upset. Firefox Relay is a privacy-centric email service that enables users to protect their real email addresses andβ¦
Microsoft: Edge will mitigate 'unforeseen active' zero day bugs
Microsoft Edge has added a new feature to the Beta channel that will be able to mitigate future in-the-wild exploitation of unknown zero-day vulnerabilities. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-will-mitigate-unforeseen-active-zero-day-bugs/
Microsoft Edge has added a new feature to the Beta channel that will be able to mitigate future in-the-wild exploitation of unknown zero-day vulnerabilities. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-will-mitigate-unforeseen-active-zero-day-bugs/
BleepingComputer
Microsoft: Edge will mitigate 'unforeseen active' zero day bugs
Microsoft Edge has added a new feature to the Beta channel that will be able to mitigate future in-the-wild exploitation of unknown zero-day vulnerabilities.
π1
Microsoft releases OOB updates for January Windows update issues
Microsoft has released emergency out-of-band (OOB) updates to address multiple issues caused by Windows Updates issued during the January 2021 Patch Tuesday. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-oob-updates-for-january-windows-update-issues/
Microsoft has released emergency out-of-band (OOB) updates to address multiple issues caused by Windows Updates issued during the January 2021 Patch Tuesday. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-oob-updates-for-january-windows-update-issues/
BleepingComputer
Microsoft releases emergency fixes for Windows Server, VPN bugs
Microsoft has released emergency out-of-band (OOB) updates to address multiple issues caused by Windows Updates issued during the January 2022 Patch Tuesday.
π1
Europol shuts down VPN service used by ransomware groups
Law enforcement authorities from 10 countries took down VPNLab.net, a VPN service provider used by ransomware operators and malware actors. [...]
https://www.bleepingcomputer.com/news/security/europol-shuts-down-vpn-service-used-by-ransomware-groups/
Law enforcement authorities from 10 countries took down VPNLab.net, a VPN service provider used by ransomware operators and malware actors. [...]
https://www.bleepingcomputer.com/news/security/europol-shuts-down-vpn-service-used-by-ransomware-groups/
BleepingComputer
Europol shuts down VPN service used by ransomware groups
Law enforcement authorities from 10 countries took down VPNLab.net, a VPN service provider used by ransomware operators and malware actors.