Over 80% of the top websites leak user searches to advertisers

Security researchers at Norton Labs have found that roughly eight out of ten websites featuring a search bar will leak their visitor's search terms to online advertisers like Google. [...]

https://www.bleepingcomputer.com/news/security/over-80-percent-of-the-top-websites-leak-user-searches-to-advertisers/

 Microsoft: Iranian hackers encrypt Windows systems using BitLocker

Microsoft says an Iranian state-sponsored threat group it tracks as DEV-0270 (aka Nemesis Kitten) has been abusing the BitLocker Windows feature in attacks to encrypt victims' systems. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-iranian-hackers-encrypt-windows-systems-using-bitlocker/

 Microsoft rolls out emergency fix for blocked Windows logins

Microsoft says a Windows 11 update released in late August is blocking customers from signing in with newly added Microsoft Account users after restarting or logging off systems running Windows 11, version 21H2. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-emergency-fix-for-blocked-windows-logins/

 US recovers $30 million stolen from Axie Infinity by Lazarus hackers

With the help of blockchain analysts and FBI agents, the U.S. government seized $30 million worth of cryptocurrency stolen by the North Korean threat group 'Lazarus' from the token-based 'play-to-earn' game Axie Infinity earlier in the year. [...]

https://www.bleepingcomputer.com/news/security/us-recovers-30-million-stolen-from-axie-infinity-by-lazarus-hackers/

Latest news and stories from BleepingComputer.com
US recovers $30 million stolen from Axie Infinity by Lazarus hackers

With the help of blockchain analysts and FBI agents, the U.S. government seized $30 million worth of cryptocurrency stolen by the North Korean threat group 'Lazarus' from the token-based 'play-to-earn' game Axie Infinity earlier in the year. [...]

Latest news and stories from BleepingComputer.com
Microsoft rolls out emergency fix for blocked Windows logins

Microsoft says a Windows 11 update released in late August is blocking customers from signing in with newly added Microsoft Account users after restarting or logging off systems running Windows 11, version 21H2. [...]

Latest news and stories from BleepingComputer.com
Microsoft: Iranian hackers encrypt Windows systems using BitLocker

Microsoft says an Iranian state-sponsored threat group it tracks as DEV-0270 (aka Nemesis Kitten) has been abusing the BitLocker Windows feature in attacks to encrypt victims' systems. [...]

 CISA orders agencies to patch Chrome, D-Link flaws used in attacks

CISA has added 12 more security flaws to its list of bugs exploited in attacks, including two critical D-Link vulnerabilities and two (now-patched) zero-days in Google Chrome and the Photo Station QNAP software. [...]

https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-chrome-d-link-flaws-used-in-attacks/

 GIFShell attack creates reverse shell using Microsoft Teams GIFs

A new attack technique called 'GIFShell' allows threat actors to abuse Microsoft Teams for novel phishing attacks and covertly executing commands to steal data using ... GIFs. [...]

https://www.bleepingcomputer.com/news/security/gifshell-attack-creates-reverse-shell-using-microsoft-teams-gifs/

 Bumblebee malware adds post-exploitation tool for stealthy infections

A new version of the Bumblebee malware loader has been spotted in the wild, featuring a new infection chain that uses the PowerSploit framework for stealthy reflective injection of a DLL payload into memory. [...]

https://www.bleepingcomputer.com/news/security/bumblebee-malware-adds-post-exploitation-tool-for-stealthy-infections/

Latest news and stories from BleepingComputer.com
Bumblebee malware adds post-exploitation tool for stealthy infections

A new version of the Bumblebee malware loader has been spotted in the wild, featuring a new infection chain that uses the PowerSploit framework for stealthy reflective injection of a DLL payload into memory. [...]

Latest news and stories from BleepingComputer.com
GIFShell attack creates reverse shell using Microsoft Teams GIFs

A new attack technique called 'GIFShell' allows threat actors to abuse Microsoft Teams for novel phishing attacks and covertly executing commands to steal data using ... GIFs. [...]

Latest news and stories from BleepingComputer.com
CISA orders agencies to patch Chrome, D-Link flaws used in attacks

CISA has added 12 more security flaws to its list of bugs exploited in attacks, including two critical D-Link vulnerabilities and two (now-patched) zero-days in Google Chrome and the Photo Station QNAP software. [...]

Latest news and stories from BleepingComputer.com
Over 80% of the top websites leak user searches to advertisers

Security researchers at Norton Labs have found that roughly eight out of ten websites featuring a search bar will leak their visitor's search terms to online advertisers like Google. [...]

 Lampion malware returns in phishing attacks abusing WeTransfer

The Lampion malware is being distributed in greater volumes lately, with threat actors abusing WeTransfer as part of their phishing campaigns. [...]

https://www.bleepingcomputer.com/news/security/lampion-malware-returns-in-phishing-attacks-abusing-wetransfer/

 Vice Society claims LAUSD ransomware attack, theft of 500GB of data

The Vice Society gang has claimed the ransomware attack that hit Los Angeles Unified (LAUSD), the second largest school district in the United States, over the weekend. [...]

https://www.bleepingcomputer.com/news/security/vice-society-claims-lausd-ransomware-attack-theft-of-500gb-of-data/

Latest news and stories from BleepingComputer.com
Vice Society claims LAUSD ransomware attack, theft of 500GB of data

The Vice Society gang has claimed the ransomware attack that hit Los Angeles Unified (LAUSD), the second largest school district in the United States, over the weekend. [...]

Latest news and stories from BleepingComputer.com
Lampion malware returns in phishing attacks abusing WeTransfer

The Lampion malware is being distributed in greater volumes lately, with threat actors abusing WeTransfer as part of their phishing campaigns. [...]

 US sanctions Iran’s Ministry of Intelligence over Albania cyberattack

The U.S. Treasury Department announced sanctions today against Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for their role in the July cyberattack against the government of Albania, a U.S. ally and a NATO member state. [...]

https://www.bleepingcomputer.com/news/security/us-sanctions-iran-s-ministry-of-intelligence-over-albania-cyberattack/

 Winamp 5.9 Final released and it still whips the Llama's ass

Winamp 5.9 Final has been released after four years of development and includes numerous improvements, including Windows 11 support, playback of HTTPS:// streams, and various bug fixes. [...]

https://www.bleepingcomputer.com/news/software/winamp-59-final-released-and-it-still-whips-the-llamas-ass/

 Coinbase funds lawsuit against Tornado Cash cryptomixer sanctions

Coinbase announced on Tuesday that it is funding a lawsuit brought by six people in the U.S. against the Department of Treasury's for the sanctions on the Tornado Cash open-source cryptocurrency mixer platform. [...]

https://www.bleepingcomputer.com/news/security/coinbase-funds-lawsuit-against-tornado-cash-cryptomixer-sanctions/