Microsoft disables Excel 4.0 macros by default to block malware

​Microsoft has announced that Excel 4.0 (XLM) macros will now be disabled by default to protect customers from malicious documents. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-excel-40-macros-by-default-to-block-malware/

Phishing impersonates shipping giant Maersk to push STRRAT malware

A new phishing campaign using fake shipping delivery lures installs the STRRAT remote access trojan on unsuspecting victim's devices. [...]

https://www.bleepingcomputer.com/news/security/phishing-impersonates-shipping-giant-maersk-to-push-strrat-malware/

Microsoft backpedals on Windows 11 NCPA control panel removal

Microsoft has backpedaled its decision to forcefully redirect users from the Network Connections (ncpa.cpl) control panel to the Advanced Network Settings screen. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-backpedals-on-windows-11-ncpa-control-panel-removal/

The Week in Ransomware - January 21st 2022 - Arrests, Wipers, and More

It has been quite a busy week with ransomware, with law enforcement making arrests, data-wiping attacks, and the return of the Qlocker ransomware. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-21st-2022-arrests-wipers-and-more/

Dutch cybersecurity agency warns of lingering Log4j risks

In a warning issued on Thursday, the Dutch National Cybersecurity Centre (NCSC) says organizations should still be aware of risks connected to Log4j attacks and remain vigilant for ongoing threats. [...]

https://www.bleepingcomputer.com/news/security/dutch-cybersecurity-agency-warns-of-lingering-log4j-risks/

School District reports a 334% hike in cybersecurity insurance costs

Bloomington School District 87 in Illinois has published its cyber-insurance renewal details, and the cost has jumped from $6,661 in 2021 to $22,229 this year. [...]

https://www.bleepingcomputer.com/news/security/school-district-reports-a-334-percent-hike-in-cybersecurity-insurance-costs/

CISA adds 17 vulnerabilities to list of bugs exploited in attacks

This week, the Cybersecurity and Infrastructure Security Agency (CISA) added seventeen actively exploited vulnerabilities to the 'Known Exploited Vulnerabilities Catalog. [...]

https://www.bleepingcomputer.com/news/security/cisa-adds-17-vulnerabilities-to-list-of-bugs-exploited-in-attacks/

FBI warns of malicious QR codes used to steal your money

The Federal Bureau of Investigation (FBI) warned Americans this week that cybercriminals are using maliciously crafted Quick Response (QR) codes to steal their credentials and financial info. [...]

https://www.bleepingcomputer.com/news/security/fbi-warns-of-malicious-qr-codes-used-to-steal-your-money/

Microsoft tests a new "Rejuvenated" Windows 11 Task Manager, how to enable

Microsoft is testing a new hidden feature in the latest Windows 11 preview build that rejuvenates the user interface for Task Manager with a new design and modern appearance. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-tests-a-new-rejuvenated-windows-11-task-manager-how-to-enable/

Dark Souls PvP servers taken down to investigate severe RCE flaw

Bandai Namco has deactivated the online PvP mode for the Dark Souls role-playing game, taking its servers offline to investigate reports about a severe security issue that may pose a risk to players. [...]

https://www.bleepingcomputer.com/news/security/dark-souls-pvp-servers-taken-down-to-investigate-severe-rce-flaw/

Malicious PowerPoint files used to push remote access trojans

Since December 2021, a growing trend in phishing campaigns has emerged that uses malicious PowerPoint documents to distribute various types of malware, including remote access and information-stealing trojans. [...]

https://www.bleepingcomputer.com/news/security/malicious-powerpoint-files-used-to-push-remote-access-trojans/

SonicWall explains why firewalls were caught in reboot loops

In a weekend update, SonicWall said the widespread reboot loops that impacted next-gen firewalls worldwide were caused by signature updates published on Thursday evening not being correctly processed. [...]

https://www.bleepingcomputer.com/news/technology/sonicwall-explains-why-firewalls-were-caught-in-reboot-loops/

Ransomware gangs increase efforts to enlist insiders for attacks

A recent survey of 100 large (over 5,000 employees) North American IT firms shows that ransomware actors are making greater effort to recruit insiders in targeted firms to aid in attacks. [...]

https://www.bleepingcomputer.com/news/security/ransomware-gangs-increase-efforts-to-enlist-insiders-for-attacks/

Hackers say they encrypted Belarusian Railway servers in protest

A group of hackers (known as Belarusian Cyber-Partisans) claim they breached and encrypted servers belonging to the Belarusian Railway, Belarus's national state-owned railway company. [...]

https://www.bleepingcomputer.com/news/security/hackers-say-they-encrypted-belarusian-railway-servers-in-protest/

Android malware BRATA wipes your device after stealing data

The Android malware known as BRATA has added new and dangerous features to its latest version, including GPS tracking, the capacity to use multiple communication channels, and a function that performs a factory reset on the device to wipe all traces of malicious activity. [...]

https://www.bleepingcomputer.com/news/security/android-malware-brata-wipes-your-device-after-stealing-data/

CWP bugs allow code execution as root on Linux servers, patch now

Two security vulnerabilities that impact the Control Web Panel (CWP) software can be chained by unauthenticated attackers to gain remote code execution (RCE) as root on vulnerable Linux servers. [...]

https://www.bleepingcomputer.com/news/security/cwp-bugs-allow-code-execution-as-root-on-linux-servers-patch-now/

Tor Project appeals Russian court's decision to block access to Tor

US-based Tor Project and Russian digital-rights protection org RosKomSvoboda are appealing a Russian court's decision to block access to public Tor nodes and the project's website. [...]

https://www.bleepingcomputer.com/news/security/tor-project-appeals-russian-courts-decision-to-block-access-to-tor/

Attackers now actively targeting critical SonicWall RCE bug

A critical severity vulnerability impacting SonicWall's Secure Mobile Access (SMA) gateways addressed last month is now targeted in ongoing exploitation attempts. [...]

https://www.bleepingcomputer.com/news/security/attackers-now-actively-targeting-critical-sonicwall-rce-bug/

Canada's foreign affairs ministry hacked, some services down

The Canadian government department for foreign and consular relations, Global Affairs Canada was hit by a cyberattack last week. While critical services remain accessible, access to some online services is currently not available, as government systems continue to recover from the attack. [...]

https://www.bleepingcomputer.com/news/security/canadas-foreign-affairs-ministry-hacked-some-services-down/

Google Drive flags nearly empty files for 'copyright infringement'

Users were left startled as Google Drive's automated detection systems flagged a nearly empty file for copyright infringement. The file, according to one Drive user, contained nothing other than just the digit "1" within. [...]

https://www.bleepingcomputer.com/news/security/google-drive-flags-nearly-empty-files-for-copyright-infringement/

Russia arrests leader of “Infraud Organization” hacker group

The Russian Federal Security Service (FSB) and law enforcement have arrested Andrey Sergeevich Novak, the alleged leader of the Infraud Organization, a hacker group that caused losses of more than $560 million in seven years of activity. [...]

https://www.bleepingcomputer.com/news/security/russia-arrests-leader-of-infraud-organization-hacker-group/