Wormhole platform hacked to steal $326 million in crypto

Hackers have exploited a vulnerability in the Wormhole cross-chain crypto platform to steal $320 million in cryptocurrency. [...]

https://www.bleepingcomputer.com/news/cryptocurrency/wormhole-platform-hacked-to-steal-326-million-in-crypto/

MFA adoption pushes phishing actors to reverse-proxy solutions

The rising adoption of multi-factor authentication (MFA) for online accounts pushes phishing actors to use more sophisticated solutions to continue their malicious operations, most notably reverse-proxy tools. [...]

https://www.bleepingcomputer.com/news/security/mfa-adoption-pushes-phishing-actors-to-reverse-proxy-solutions/

State hackers' new malware helped them stay undetected for 250 days

A state-backed Chinese APT actor tracked as 'Antlion' has been using a new custom backdoor called 'xPack' against financial organizations and manufacturing companies. [...]

https://www.bleepingcomputer.com/news/security/state-hackers-new-malware-helped-them-stay-undetected-for-250-days/

Microsoft blocked billions of brute-force and phishing attacks last year

Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of phishing emails and brute force attacks successfully blocked last year by Microsoft. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-blocked-billions-of-brute-force-and-phishing-attacks-last-year/

Target open sources scanner for digital credit card skimmers

Target, one of the largest American department store chains and e-commerce retailers, has open sourced 'Merry Maker' - its years-old proprietary scanner for payment card skimming. [...]

https://www.bleepingcomputer.com/news/security/target-open-sources-scanner-for-digital-credit-card-skimmers/

Cisco fixes critical bugs in RV routers, exploit code available

Cisco has released patches for multiple vulnerabilities in the Small Business RV Series router platform that could allow remote attackers to gain complete control over the device, in many cases, without authentication. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-bugs-in-rv-routers-exploit-code-available/

Intuit warns of phishing emails threatening to delete accounts

Accounting and tax software provider Intuit has notified customers of an ongoing phishing campaign impersonating the company and trying to lure victims with fake warnings that their accounts have been suspended. [...]

https://www.bleepingcomputer.com/news/security/intuit-warns-of-phishing-emails-threatening-to-delete-accounts/

Windows Terminal now can automatically launch profiles as Administrator

Microsoft released today a new Windows Terminal version that comes with a long-awaited feature making it possible to launch profiles that will automatically run as Administrator. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-terminal-now-can-automatically-launch-profiles-as-administrator/

Zimbra zero-day vulnerability actively exploited to steal emails

A cross-site scripting (XSS) vulnerability in the Zimbra email platform is currently actively exploited in attacks targeting European media and government organizations. [...]

https://www.bleepingcomputer.com/news/security/zimbra-zero-day-vulnerability-actively-exploited-to-steal-emails/

Wormhole restores stolen $326 million after major crypto bailout

Cryptocurrency platform Wormhole has recovered upwards of $326 million stolen in this week's crypto hack, thanks to a major bailout. [...]

https://www.bleepingcomputer.com/news/security/wormhole-restores-stolen-326-million-after-major-crypto-bailout/

News Corp discloses hack from "persistent" nation state cyber attacks

American media and publishing giant News Corp has disclosed today that it was the target of a "persistent" cyberattack. The attack discovered sometime this January, reportedly allowed threat actors to access emails and documents of some News Corp employees, including journalists. [...]

https://www.bleepingcomputer.com/news/security/news-corp-discloses-hack-from-persistent-nation-state-cyber-attacks/

Swissport ransomware attack delays flights, disrupts operations

Aviation services company Swissport International has disclosed a ransomware attack that has impacted its IT infrastructure and services, causing flights to suffer delays. [...]

https://www.bleepingcomputer.com/news/security/swissport-ransomware-attack-delays-flights-disrupts-operations/

Argo CD vulnerability leaks sensitive info from Kubernetes apps

A vulnerability in Argo CD, used by thousands of orgs for deploying applications to Kubernetes, can be leveraged in attacks to disclose sensitive information such as passwords and API keys. [...]

https://www.bleepingcomputer.com/news/security/argo-cd-vulnerability-leaks-sensitive-info-from-kubernetes-apps/

HHS: Conti ransomware encrypted 80% of Ireland's HSE IT systems

A threat brief published by the US Department of Health and Human Services (HHS) on Thursday paints a grim picture of how Ireland's health service, the HSE, was overwhelmed and had 80% of its systems encrypted during last year's Conti ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/hhs-conti-ransomware-encrypted-80-percent-of-irelands-hse-it-systems/

US indicts multiple call centers for IRS, Social Security scams

The U.S. Department of Justice has announced the indictment of several India-based call centers and their directors for targeting Americans with Social Security, IRS, and loan phone call scams. [...]

https://www.bleepingcomputer.com/news/security/us-indicts-multiple-call-centers-for-irs-social-security-scams/

CISA orders federal agencies to patch actively exploited Windows bug

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch their systems against an actively exploited Windows vulnerability that enables attackers to gain SYSTEM privileges. [...]

https://www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-patch-actively-exploited-windows-bug/

A look at the new Sugar ransomware demanding low ransoms

A new Sugar Ransomware operation actively targets individual computers, rather than corporate networks, with low ransom demands. [...]

https://www.bleepingcomputer.com/news/security/a-look-at-the-new-sugar-ransomware-demanding-low-ransoms/

Microsoft: Russian FSB hackers targeting Ukraine since October

Microsoft said today that a Russian hacking group known as Gamaredon has been behind a streak of spear-phishing emails targeting Ukrainian entities and organizations related to Ukrainian affairs since October 2021. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-russian-fsb-hackers-targeting-ukraine-since-october/

Microsoft disables MSIX protocol handler abused in Emotet attacks

Microsoft has disabled the MSIX ms-appinstaller protocol handler exploited in malware attacks to install malicious apps directly from a website via a Windows AppX Installer spoofing vulnerability. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-msix-protocol-handler-abused-in-emotet-attacks/

The Week in Ransomware - February 4th 2022 - Critical Infrastructure

Critical infrastructure suffered ransomware attacks, with threat actors targeting an oil petrol distributor and oil terminals in major ports in different attacks. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-4th-2022-critical-infrastructure/

FBI shares Lockbit ransomware technical details, defense tips

The Federal Bureau of Investigation (FBI) has released technical details and indicators of compromise associated with Lockbit ransomware attacks in a new flash alert published this Friday. [...]

https://www.bleepingcomputer.com/news/security/fbi-shares-lockbit-ransomware-technical-details-defense-tips/