What's new in Windows 11 Sun Valley 2 Update, arriving this year

In 2022, Microsoft is planning to launch the first big update for Windows 11. The update is reportedly codenamed "Sun Valley 2" and it is expected to ship with a new Task Manager, improvements to Start Menu and Taskbar, and more. [...]

https://www.bleepingcomputer.com/news/microsoft/whats-new-in-windows-11-sun-valley-2-update-arriving-this-year/

BlackCat (ALPHV) ransomware linked to BlackMatter, DarkSide gangs

The Black Cat ransomware gang, also known as ALPHV, has confirmed they are former members of the notorious BlackMatter/DarkSide ransomware operation. [...]

https://www.bleepingcomputer.com/news/security/blackcat-alphv-ransomware-linked-to-blackmatter-darkside-gangs/

Law enforcement action push ransomware gangs to surgical attacks

The numerous law enforcement operations leading to the arrests and takedown of ransomware operations in 2021 have forced threat actors to narrow their targeting scope and maximize the efficiency of their operations. [...]

https://www.bleepingcomputer.com/news/security/law-enforcement-action-push-ransomware-gangs-to-surgical-attacks/

Roaming Mantis Android malware campaign sets sights on Europe

The Roaming Mantis SMS phishing campaign has finally reached Europe, as researchers detect campaigns targeting Android and iPhone users in Germany and France with malicious apps and phishing pages. [...]

https://www.bleepingcomputer.com/news/security/roaming-mantis-android-malware-campaign-sets-sights-on-europe/

Microsoft fixes Windows Active Directory bug caused by Jan updates

Microsoft says it has fixed a known issue triggered by last month's Windows updates that would cause apps using Microsoft .NET to experience problems, close, or throw errors when acquiring or setting Active Directory Forest Trust Information. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-active-directory-bug-caused-by-jan-updates/

Medusa malware ramps up Android SMS phishing attacks

The Medusa Android banking Trojan is seeing increased infection rates as it targets more geographic regions to steal online credentials and perform financial fraud. [...]

https://www.bleepingcomputer.com/news/security/medusa-malware-ramps-up-android-sms-phishing-attacks/

Google Cloud hypervisor modified to detect cryptominers without agents

Google has announced the public preview of a new Virtual Machine Threat Detection (VMTD) system that can detect cryptocurrency miners and other malware without the need for software agents. [...]

https://www.bleepingcomputer.com/news/security/google-cloud-hypervisor-modified-to-detect-cryptominers-without-agents/

Free decryptor released for TargetCompany ransomware victims

Czech cybersecurity software firm Avast has released a decryption utility to help TargetCompany ransomware victims recover their files for free. [...]

https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-targetcompany-ransomware-victims/

Microsoft plans to kill malware delivery via Office macros

Microsoft announced today that it will make it difficult to enable VBA macros downloaded from the Internet in several Microsoft Office apps starting in early April, effectively killing a popular distribution method for malware. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-plans-to-kill-malware-delivery-via-office-macros/

Puma hit by data breach after Kronos ransomware attack

Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021. [...]

https://www.bleepingcomputer.com/news/security/puma-hit-by-data-breach-after-kronos-ransomware-attack/

Russia arrests third hacking group, seizes carding forums

Russia arrested six people today, allegedly part of a hacking group that was involved in the theft and selling of stolen credit cards. [...]

https://www.bleepingcomputer.com/news/security/russia-arrests-third-hacking-group-seizes-carding-forums/

DPD Group parcel tracking flaw may have exposed customer data

An unauthenticated API call vulnerability in DPD Group's package tracking system could have been exploited to access the personally identifiable details of its clients. [...]

https://www.bleepingcomputer.com/news/security/dpd-group-parcel-tracking-flaw-may-have-exposed-customer-data/

Qbot needs only 30 minutes to steal your credentials, emails

The widespread malware known as Qbot (aka Qakbot or QuakBot) has recently returned to light-speed attacks, and according to analysts, it only takes around 30 minutes to steal sensitive data after the initial infection. [...]

https://www.bleepingcomputer.com/news/security/qbot-needs-only-30-minutes-to-steal-your-credentials-emails/

Google sees 50% security boost for 150M users after 2FA enroll

After accelerating its efforts to auto-enroll as many accounts as possible in two-factor authentication (2FA), Google announced that an additional 150 million users now have 2FA enabled. [...]

https://www.bleepingcomputer.com/news/google/google-sees-50-percent-security-boost-for-150m-users-after-2fa-enroll/

NetWalker ransomware affiliate sentenced to 80 months in prison

Sebastien Vachon-Desjardins, a Canadian man charged by the US for his involvement in NetWalker ransomware attacks, was sentenced to 6 years and 8 months in prison after pleading guilty before an Ontario judge to multiple offenses linked to attacks on 17 Canadian victims. [...]

https://www.bleepingcomputer.com/news/security/netwalker-ransomware-affiliate-sentenced-to-80-months-in-prison/

Vodafone Portugal 4G and 5G services down after cyberattack

Vodafone Portugal suffered a cyberattack causing country-wide service outages, including the disruption of 4G/5G data networks, SMS texts, and television services. [...]

https://www.bleepingcomputer.com/news/security/vodafone-portugal-4g-and-5g-services-down-after-cyberattack/

ExpressVPN offering $100,000 to first person who hacks its servers

ExpressVPN has updated its bug bounty program to make it more inviting to ethical hackers, now offering a one-time $100,000 bug bounty to whoever can compromise its systems. [...]

https://www.bleepingcomputer.com/news/security/expressvpn-offering-100-000-to-first-person-who-hacks-its-servers/

Mozilla fixes Firefox bug letting you get Windows admin privileges

Mozilla released a security update to address a high severity privilege escalation vulnerability found in the Mozilla Maintenance Service. [...]

https://www.bleepingcomputer.com/news/security/mozilla-fixes-firefox-bug-letting-you-get-windows-admin-privileges/

US seizes $3.6 billion stolen in 2016 Bitfinex cryptoexchange hack

The US Department of Justice announced that law enforcement seized billions worth of cryptocurrency linked to the 2016 Bitfinex cryptocurrency exchange hack. [...]

https://www.bleepingcomputer.com/news/security/us-seizes-36-billion-stolen-in-2016-bitfinex-cryptoexchange-hack/

Microsoft February 2022 Patch Tuesday fixes 48 flaws, 1 zero-day

Today is Microsoft's February 2022 Patch Tuesday, and with it comes fixes for one zero-day vulnerability and a total of 48 flaws. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-february-2022-patch-tuesday-fixes-48-flaws-1-zero-day/

Windows 11 KB5010386 update released with performance fixes

Microsoft has released the Windows 11 KB5010386 cumulative update with security updates, performance improvements, and fixes for an LDAP bug. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5010386-update-released-with-performance-fixes/