Russian APT29 hackers' stealthy malware undetected for years

Hackers associated with the Russian Federation Foreign Intelligence Service (SVR) continued their incursions on networks of multiple organizations after the SolarWinds supply-chain compromise using two recently discovered sophisticated threats. [...]

https://www.bleepingcomputer.com/news/security/russian-apt29-hackers-stealthy-malware-undetected-for-years/

Microsoft: Windows 11 now in broad deployment for eligible devices

Microsoft says Windows 11 has now entered the broad deployment phase, making it available for everyone with an eligible device via Windows Update. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-11-now-in-broad-deployment-for-eligible-devices/

Microsoft warns of multi-stage phishing campaign leveraging Azure AD

Microsoft's threat analysts have uncovered a large-scale, multi-phase phishing campaign that uses stolen credentials to register devices onto the target's network and use them to distribute phishing emails. [...]

https://www.bleepingcomputer.com/news/security/microsoft-warns-of-multi-stage-phishing-campaign-leveraging-azure-ad/

Lazarus hackers use Windows Update to deploy malware

North Korean-backed hacking group Lazarus has added the Windows Update client to its list of living-off-the-land binaries (LoLBins) and is now actively using it to execute malicious code on Windows systems. [...]

https://www.bleepingcomputer.com/news/security/lazarus-hackers-use-windows-update-to-deploy-malware/

Taiwanese Apple and Tesla contractor hit by Conti ransomware

Delta Electronics, a Taiwanese electronics company and a provider for Apple, Tesla, HP, and Dell, disclosed that it was the victim of a cyberattack discovered on Friday morning. [...]

https://www.bleepingcomputer.com/news/security/taiwanese-apple-and-tesla-contractor-hit-by-conti-ransomware/

DeepDotWeb admin imprisoned for advertising illegal dark web markets

An Israeli citizen who operated DeepDotWeb (DDW), a news site and review site for dark web sites, has received a sentence of 97 months in prison for money laundering and was ordered to forfeit $8,414,173. [...]

https://www.bleepingcomputer.com/news/security/deepdotweb-admin-imprisoned-for-advertising-illegal-dark-web-markets/

QNAP force-installs update after DeadBolt ransomware hits 3,600 devices

QNAP force-updated customer's Network Attached Storage (NAS) devices with firmware containing the latest security updates to protect against the DeadBolt ransomware, which has already encrypted over 3,600 devices. [...]

https://www.bleepingcomputer.com/news/security/qnap-force-installs-update-after-deadbolt-ransomware-hits-3-600-devices/

Microsoft Outlook RCE zero-day exploits now selling for $400,000

Exploit broker Zerodium has announced a pay jump to 400,000 for zero-day vulnerabilities that allow remote code execution (RCE) in Microsoft Outlook email client. [...]

https://www.bleepingcomputer.com/news/security/microsoft-outlook-rce-zero-day-exploits-now-selling-for-400-000/

Finland warns of Facebook accounts hijacked via Messenger phishing

Finland's National Cyber Security Centre (NCSC-FI) warns of an ongoing phishing campaign attempting to hijack Facebook accounts by impersonating victims' friends in Facebook Messenger chats. [...]

https://www.bleepingcomputer.com/news/security/finland-warns-of-facebook-accounts-hijacked-via-messenger-phishing/

Finnish diplomats’ phones infected with NSO Group Pegasus spyware

Finland's Ministry for Foreign Affairs says devices of Finnish diplomats have been hacked and infected with NSO Group's Pegasus spyware in a cyber-espionage campaign. [...]

https://www.bleepingcomputer.com/news/security/finnish-diplomats-phones-infected-with-nso-group-pegasus-spyware/

Hackers are taking over CEO accounts with rogue OAuth apps

Threat analysts have observed a new campaign named 'OiVaVoii', targeting company executives and general managers with malicious OAuth apps and custom phishing lures sent from hijacked Office 365 accounts. [...]

https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/

EU to create pan-European cyber incident coordination framework

The European Systemic Risk Board (ESRB) proposed a new systemic cyber incident coordination framework that would allow EU relevant authorities to better coordinate when having to respond to major cross-border cyber incidents impacting the Union's financial sector. [...]

https://www.bleepingcomputer.com/news/security/eu-to-create-pan-european-cyber-incident-coordination-framework/

NCSC alerts UK orgs to brace for destructive Russian cyberattacks

The UK's National Cyber Security Centre (NCSC) is urging organizations to bolster security and prepare for a potential wave of destructive cyberattacks after recent breaches of Ukrainian entities. [...]

https://www.bleepingcomputer.com/news/security/ncsc-alerts-uk-orgs-to-brace-for-destructive-russian-cyberattacks/

US bans major Chinese telecom over national security risks

The Federal Communications Commission (FCC) has revoked China Unicom Americas' license, one of the world's largest mobile service providers, over "serious national security concerns." [...]

https://www.bleepingcomputer.com/news/security/us-bans-major-chinese-telecom-over-national-security-risks/

The Week in Ransomware - January 28th 2022 - Get NAS devices off the Internet

It's been a busy week with ransomware attacks tied to political protests, new attacks on NAS devices, amazing research released about tactics, REvil's history, and more. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-28th-2022-get-nas-devices-off-the-internet/

Microsoft: Windows needs at least 8 hours online to update reliably

Microsoft says that Windows devices need to be online for at least eight hours to get the latest updates and have them correctly installed after they're released through Windows Update. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-needs-at-least-8-hours-online-to-update-reliably/

Over 20,000 data center management systems exposed to hackers

Researchers have found over 20,000 instances of publicly exposed data center infrastructure management (DCIM) software that monitor devices, HVAC control systems, and power distribution units, which could be used for a range of catastrophic attacks. [...]

https://www.bleepingcomputer.com/news/security/over-20-000-data-center-management-systems-exposed-to-hackers/

Windows vulnerability with new public exploits lets you become admin

A security researcher has publicly disclosed an exploit for a Windows local privilege elevation vulnerability that allows anyone to gain admin privileges in Windows 10. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-vulnerability-with-new-public-exploits-lets-you-become-admin/

FTC: Americans lost $770 million from social media fraud surge

Americans are increasingly targeted by scammers on social media, according to tens of thousands of reports received by the US Federal Trade Commission (FTC) in 2021. [...]

https://www.bleepingcomputer.com/news/security/ftc-americans-lost-770-million-from-social-media-fraud-surge/

Researchers use GPU fingerprinting to track users online

A team of researchers from French, Israeli, and Australian universities has explored the possibility of using people's GPUs to create unique fingerprints and use them for persistent web tracking. [...]

https://www.bleepingcomputer.com/news/security/researchers-use-gpu-fingerprinting-to-track-users-online/

277,000 routers exposed to Eternal Silence attacks via UPnP

A malicious campaign known as 'Eternal Silence' is abusing Universal Plug and Play (UPnP) turns your router into a proxy server used to launch malicious attacks while hiding the location of the threat actors. [...]

https://www.bleepingcomputer.com/news/security/277-000-routers-exposed-to-eternal-silence-attacks-via-upnp/