Malicious PowerPoint files used to push remote access trojans

Since December 2021, a growing trend in phishing campaigns has emerged that uses malicious PowerPoint documents to distribute various types of malware, including remote access and information-stealing trojans. [...]

https://www.bleepingcomputer.com/news/security/malicious-powerpoint-files-used-to-push-remote-access-trojans/

SonicWall explains why firewalls were caught in reboot loops

In a weekend update, SonicWall said the widespread reboot loops that impacted next-gen firewalls worldwide were caused by signature updates published on Thursday evening not being correctly processed. [...]

https://www.bleepingcomputer.com/news/technology/sonicwall-explains-why-firewalls-were-caught-in-reboot-loops/

Ransomware gangs increase efforts to enlist insiders for attacks

A recent survey of 100 large (over 5,000 employees) North American IT firms shows that ransomware actors are making greater effort to recruit insiders in targeted firms to aid in attacks. [...]

https://www.bleepingcomputer.com/news/security/ransomware-gangs-increase-efforts-to-enlist-insiders-for-attacks/

Hackers say they encrypted Belarusian Railway servers in protest

A group of hackers (known as Belarusian Cyber-Partisans) claim they breached and encrypted servers belonging to the Belarusian Railway, Belarus's national state-owned railway company. [...]

https://www.bleepingcomputer.com/news/security/hackers-say-they-encrypted-belarusian-railway-servers-in-protest/

Android malware BRATA wipes your device after stealing data

The Android malware known as BRATA has added new and dangerous features to its latest version, including GPS tracking, the capacity to use multiple communication channels, and a function that performs a factory reset on the device to wipe all traces of malicious activity. [...]

https://www.bleepingcomputer.com/news/security/android-malware-brata-wipes-your-device-after-stealing-data/

CWP bugs allow code execution as root on Linux servers, patch now

Two security vulnerabilities that impact the Control Web Panel (CWP) software can be chained by unauthenticated attackers to gain remote code execution (RCE) as root on vulnerable Linux servers. [...]

https://www.bleepingcomputer.com/news/security/cwp-bugs-allow-code-execution-as-root-on-linux-servers-patch-now/

Tor Project appeals Russian court's decision to block access to Tor

US-based Tor Project and Russian digital-rights protection org RosKomSvoboda are appealing a Russian court's decision to block access to public Tor nodes and the project's website. [...]

https://www.bleepingcomputer.com/news/security/tor-project-appeals-russian-courts-decision-to-block-access-to-tor/

Attackers now actively targeting critical SonicWall RCE bug

A critical severity vulnerability impacting SonicWall's Secure Mobile Access (SMA) gateways addressed last month is now targeted in ongoing exploitation attempts. [...]

https://www.bleepingcomputer.com/news/security/attackers-now-actively-targeting-critical-sonicwall-rce-bug/

Canada's foreign affairs ministry hacked, some services down

The Canadian government department for foreign and consular relations, Global Affairs Canada was hit by a cyberattack last week. While critical services remain accessible, access to some online services is currently not available, as government systems continue to recover from the attack. [...]

https://www.bleepingcomputer.com/news/security/canadas-foreign-affairs-ministry-hacked-some-services-down/

Google Drive flags nearly empty files for 'copyright infringement'

Users were left startled as Google Drive's automated detection systems flagged a nearly empty file for copyright infringement. The file, according to one Drive user, contained nothing other than just the digit "1" within. [...]

https://www.bleepingcomputer.com/news/security/google-drive-flags-nearly-empty-files-for-copyright-infringement/

Russia arrests leader of “Infraud Organization” hacker group

The Russian Federal Security Service (FSB) and law enforcement have arrested Andrey Sergeevich Novak, the alleged leader of the Infraud Organization, a hacker group that caused losses of more than $560 million in seven years of activity. [...]

https://www.bleepingcomputer.com/news/security/russia-arrests-leader-of-infraud-organization-hacker-group/

Missing Microsoft Intune certs break email, VPN on Samsung devices

Microsoft says Samsung devices enrolled in Microsoft Intune using a work profile will experience email and VPN connectivity issues due to missing certificates after upgrading to Android 12. [...]

https://www.bleepingcomputer.com/news/microsoft/missing-microsoft-intune-certs-break-email-vpn-on-samsung-devices/

Segway store hacked to steal customers' credit cards

Segway's online store was compromised to include a malicious Magecart script that potentially allowed threat actors to steal credit cards and customer information during checkout. [...]

https://www.bleepingcomputer.com/news/security/segway-store-hacked-to-steal-customers-credit-cards/

Google Drive now warns you of suspicious phishing, malware docs

Google is rolling out new warning banners in Google Drive to alert users of potentially suspicious files that threat actors could use for malware delivery and in phishing attacks. [...]

https://www.bleepingcomputer.com/news/google/google-drive-now-warns-you-of-suspicious-phishing-malware-docs/

Linux kernel bug can let hackers escape Kubernetes containers

A vulnerability affecting Linux kernel and tracked as CVE-2022-0185 can be used to escape Kubernetes containers, giving access to resources on the host system. [...]

https://www.bleepingcomputer.com/news/security/linux-kernel-bug-can-let-hackers-escape-kubernetes-containers/

New DazzleSpy malware targets macOS users in watering hole attack

A new watering hole attack has been discovered targeting macOS users and visitors of a pro-democracy radio station website in Hong Kong and infecting them with the DazzleSpy malware [...]

https://www.bleepingcomputer.com/news/security/new-dazzlespy-malware-targets-macos-users-in-watering-hole-attack/

UK govt releasing Nmap scripts to find unpatched vulnerabilities

The United Kingdom's National Cyber Security Centre (NCSC), the government agency that leads UK's cyber security mission, is releasing NMAP Scripting Engine scripts to help defenders scan for and remediate vulnerable systems on their networks. [...]

https://www.bleepingcomputer.com/news/security/uk-govt-releasing-nmap-scripts-to-find-unpatched-vulnerabilities/

TrickBot now crashes researchers' browsers to block malware analysis

The notorious TrickBot malware has received new features that make it more challenging to research, analyze, and detect in the latest variants, including crashing browser tabs when it detects beautified scripts. [...]

https://www.bleepingcomputer.com/news/security/trickbot-now-crashes-researchers-browsers-to-block-malware-analysis/

Linux system service bug gives you root on every major distro

A vulnerability in the pkexec component that is present in the default configuration of all major Linux distributions can be exploited to gain full root privileges on the system, researchers warn today. [...]

https://www.bleepingcomputer.com/news/security/linux-system-service-bug-gives-you-root-on-every-major-distro/

VMware: Patch Horizon servers against ongoing Log4j attacks!

VMware is urging customers to patch critical Log4j security vulnerabilities impacting Internet-exposed VMware Horizon servers targeted in ongoing attacks. [...]

https://www.bleepingcomputer.com/news/security/vmware-patch-horizon-servers-against-ongoing-log4j-attacks/

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software. [...]

https://www.bleepingcomputer.com/news/security/new-deadbolt-ransomware-targets-qnap-devices-asks-50-btc-for-master-key/