HHS: Conti ransomware encrypted 80% of Ireland's HSE IT systems

A threat brief published by the US Department of Health and Human Services (HHS) on Thursday paints a grim picture of how Ireland's health service, the HSE, was overwhelmed and had 80% of its systems encrypted during last year's Conti ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/hhs-conti-ransomware-encrypted-80-percent-of-irelands-hse-it-systems/

US indicts multiple call centers for IRS, Social Security scams

The U.S. Department of Justice has announced the indictment of several India-based call centers and their directors for targeting Americans with Social Security, IRS, and loan phone call scams. [...]

https://www.bleepingcomputer.com/news/security/us-indicts-multiple-call-centers-for-irs-social-security-scams/

CISA orders federal agencies to patch actively exploited Windows bug

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch their systems against an actively exploited Windows vulnerability that enables attackers to gain SYSTEM privileges. [...]

https://www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-patch-actively-exploited-windows-bug/

A look at the new Sugar ransomware demanding low ransoms

A new Sugar Ransomware operation actively targets individual computers, rather than corporate networks, with low ransom demands. [...]

https://www.bleepingcomputer.com/news/security/a-look-at-the-new-sugar-ransomware-demanding-low-ransoms/

Microsoft: Russian FSB hackers targeting Ukraine since October

Microsoft said today that a Russian hacking group known as Gamaredon has been behind a streak of spear-phishing emails targeting Ukrainian entities and organizations related to Ukrainian affairs since October 2021. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-russian-fsb-hackers-targeting-ukraine-since-october/

Microsoft disables MSIX protocol handler abused in Emotet attacks

Microsoft has disabled the MSIX ms-appinstaller protocol handler exploited in malware attacks to install malicious apps directly from a website via a Windows AppX Installer spoofing vulnerability. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-msix-protocol-handler-abused-in-emotet-attacks/

The Week in Ransomware - February 4th 2022 - Critical Infrastructure

Critical infrastructure suffered ransomware attacks, with threat actors targeting an oil petrol distributor and oil terminals in major ports in different attacks. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-4th-2022-critical-infrastructure/

FBI shares Lockbit ransomware technical details, defense tips

The Federal Bureau of Investigation (FBI) has released technical details and indicators of compromise associated with Lockbit ransomware attacks in a new flash alert published this Friday. [...]

https://www.bleepingcomputer.com/news/security/fbi-shares-lockbit-ransomware-technical-details-defense-tips/

What's new in Windows 11 Sun Valley 2 Update, arriving this year

In 2022, Microsoft is planning to launch the first big update for Windows 11. The update is reportedly codenamed "Sun Valley 2" and it is expected to ship with a new Task Manager, improvements to Start Menu and Taskbar, and more. [...]

https://www.bleepingcomputer.com/news/microsoft/whats-new-in-windows-11-sun-valley-2-update-arriving-this-year/

BlackCat (ALPHV) ransomware linked to BlackMatter, DarkSide gangs

The Black Cat ransomware gang, also known as ALPHV, has confirmed they are former members of the notorious BlackMatter/DarkSide ransomware operation. [...]

https://www.bleepingcomputer.com/news/security/blackcat-alphv-ransomware-linked-to-blackmatter-darkside-gangs/

Law enforcement action push ransomware gangs to surgical attacks

The numerous law enforcement operations leading to the arrests and takedown of ransomware operations in 2021 have forced threat actors to narrow their targeting scope and maximize the efficiency of their operations. [...]

https://www.bleepingcomputer.com/news/security/law-enforcement-action-push-ransomware-gangs-to-surgical-attacks/

Roaming Mantis Android malware campaign sets sights on Europe

The Roaming Mantis SMS phishing campaign has finally reached Europe, as researchers detect campaigns targeting Android and iPhone users in Germany and France with malicious apps and phishing pages. [...]

https://www.bleepingcomputer.com/news/security/roaming-mantis-android-malware-campaign-sets-sights-on-europe/

Microsoft fixes Windows Active Directory bug caused by Jan updates

Microsoft says it has fixed a known issue triggered by last month's Windows updates that would cause apps using Microsoft .NET to experience problems, close, or throw errors when acquiring or setting Active Directory Forest Trust Information. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-active-directory-bug-caused-by-jan-updates/

Medusa malware ramps up Android SMS phishing attacks

The Medusa Android banking Trojan is seeing increased infection rates as it targets more geographic regions to steal online credentials and perform financial fraud. [...]

https://www.bleepingcomputer.com/news/security/medusa-malware-ramps-up-android-sms-phishing-attacks/

Google Cloud hypervisor modified to detect cryptominers without agents

Google has announced the public preview of a new Virtual Machine Threat Detection (VMTD) system that can detect cryptocurrency miners and other malware without the need for software agents. [...]

https://www.bleepingcomputer.com/news/security/google-cloud-hypervisor-modified-to-detect-cryptominers-without-agents/

Free decryptor released for TargetCompany ransomware victims

Czech cybersecurity software firm Avast has released a decryption utility to help TargetCompany ransomware victims recover their files for free. [...]

https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-targetcompany-ransomware-victims/

Microsoft plans to kill malware delivery via Office macros

Microsoft announced today that it will make it difficult to enable VBA macros downloaded from the Internet in several Microsoft Office apps starting in early April, effectively killing a popular distribution method for malware. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-plans-to-kill-malware-delivery-via-office-macros/

Puma hit by data breach after Kronos ransomware attack

Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021. [...]

https://www.bleepingcomputer.com/news/security/puma-hit-by-data-breach-after-kronos-ransomware-attack/

Russia arrests third hacking group, seizes carding forums

Russia arrested six people today, allegedly part of a hacking group that was involved in the theft and selling of stolen credit cards. [...]

https://www.bleepingcomputer.com/news/security/russia-arrests-third-hacking-group-seizes-carding-forums/

DPD Group parcel tracking flaw may have exposed customer data

An unauthenticated API call vulnerability in DPD Group's package tracking system could have been exploited to access the personally identifiable details of its clients. [...]

https://www.bleepingcomputer.com/news/security/dpd-group-parcel-tracking-flaw-may-have-exposed-customer-data/

Qbot needs only 30 minutes to steal your credentials, emails

The widespread malware known as Qbot (aka Qakbot or QuakBot) has recently returned to light-speed attacks, and according to analysts, it only takes around 30 minutes to steal sensitive data after the initial infection. [...]

https://www.bleepingcomputer.com/news/security/qbot-needs-only-30-minutes-to-steal-your-credentials-emails/