Lazarus hackers linked to $60 million Alphapo cryptocurrency heist

Blockchain analysts blame the North Korean Lazarus hacking group for a recent attack on payment processing platform Alphapo where the attackers stole almost $60 million in crypto. [...]

https://www.bleepingcomputer.com/news/security/lazarus-hackers-linked-to-60-million-alphapo-cryptocurrency-heist/

 Microsoft previews Defender for IoT firmware analysis service

Microsoft announced the public preview of a new Defender for IoT feature that helps analyze the firmware of embedded Linux devices like routers for security vulnerabilities and common weaknesses. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-previews-defender-for-iot-firmware-analysis-service/

Latest news and stories from BleepingComputer.com
Microsoft previews Defender for IoT firmware analysis service

Microsoft announced the public preview of a new Defender for IoT feature that helps analyze the firmware of embedded Linux devices like routers for security vulnerabilities and common weaknesses. [...]

Latest news and stories from BleepingComputer.com
Lazarus hackers linked to $60 million Alphapo cryptocurrency heist

Blockchain analysts blame the North Korean Lazarus hacking group for a recent attack on payment processing platform Alphapo where the attackers stole almost $60 million in crypto. [...]

 Swiss visa appointments cancelled in UK due to 'IT incident'

All appointments for Swiss Schengen tourist and transit visa applicants have been cancelled across the UK. TLSContact, the Swiss government's chosen IT provider for facilitating visa applicants for citizens of third countries, has blamed an 'IT incident' at its London, Manchester, and Edinburgh centers for appointment cancellations. [...]

https://www.bleepingcomputer.com/news/security/swiss-visa-appointments-cancelled-in-uk-due-to-it-incident/

Latest news and stories from BleepingComputer.com
Swiss visa appointments cancelled in UK due to 'IT incident'

All appointments for Swiss Schengen tourist and transit visa applicants have been cancelled across the UK. TLSContact, the Swiss government's chosen IT provider for facilitating visa applicants for citizens of third countries, has blamed an 'IT incident' at its London, Manchester, and Edinburgh centers for appointment cancellations. [...]

 8 million people hit by data breach at US govt contractor Maximus

U.S. government services contractor Maximus has disclosed a data breach warning that hackers stole the personal data of 8 to 11 million people during the recent MOVEit Transfer data-theft attacks. [...]

https://www.bleepingcomputer.com/news/security/8-million-people-hit-by-data-breach-at-us-govt-contractor-maximus/

Latest news and stories from BleepingComputer.com
8 million people hit by data breach at US govt contractor Maximus

U.S. government services contractor Maximus has disclosed a data breach warning that hackers stole the personal data of 8 to 11 million people during the recent MOVEit Transfer data-theft attacks. [...]

Latest news and stories from BleepingComputer.com
Microsoft fixes bug that breaks video recording in Windows apps

Microsoft has fixed a known issue causing video recording and playing failures in some apps on Windows 10 and Windows 11 systems. [...]

 WordPress Ninja Forms plugin flaw lets hackers steal submitted data

Popular WordPress form-building plugin Ninja Forms contains three vulnerabilities that could allow attackers to achieve privilege escalation and steal user data. [...]

https://www.bleepingcomputer.com/news/security/wordpress-ninja-forms-plugin-flaw-lets-hackers-steal-submitted-data/

 SSNDOB cybercrime market admin faces 15 years after pleading guilty

A Ukrainian man, Vitalii Chychasov, has pleaded guilty in the United States to conspiracy to commit access device fraud and trafficking in unauthorized access devices through the now-shutdown SSNDOB Marketplace. [...]

https://www.bleepingcomputer.com/news/security/ssndob-cybercrime-market-admin-faces-15-years-after-pleading-guilty/

Latest news and stories from BleepingComputer.com
Zimbra patches zero-day vulnerability exploited in XSS attacks

Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers. [...]

Latest news and stories from BleepingComputer.com
SSNDOB cybercrime market admin faces 15 years after pleading guilty

A Ukrainian man, Vitalii Chychasov, has pleaded guilty in the United States to conspiracy to commit access device fraud and trafficking in unauthorized access devices through the now-shutdown SSNDOB Marketplace. [...]

Latest news and stories from BleepingComputer.com
WordPress Ninja Forms plugin flaw lets hackers steal submitted data

Popular WordPress form-building plugin Ninja Forms contains three vulnerabilities that could allow attackers to achieve privilege escalation and steal user data. [...]

 Zimbra patches zero-day vulnerability exploited in XSS attacks

Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers. [...]

https://www.bleepingcomputer.com/news/security/zimbra-patches-zero-day-vulnerability-exploited-in-xss-attacks/

 BreachForums database and private chats for sale in hacker data breach

While consumers are usually the ones worried about their information being exposed in data breaches, it's now the hacker's turn, as the notorious Breached cybercrime forum's database is up for sale and member data shared with Have I Been Pwned. [...]

https://www.bleepingcomputer.com/news/security/breachforums-database-and-private-chats-for-sale-in-hacker-data-breach/

 CoinsPaid blames Lazarus hackers for theft of $37,300,000 in crypto

Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in the theft of $37,200,000 worth of cryptocurrency. [...]

https://www.bleepingcomputer.com/news/security/coinspaid-blames-lazarus-hackers-for-theft-of-37-300-000-in-crypto/

Latest news and stories from BleepingComputer.com
CoinsPaid blames Lazarus hackers for theft of $37,300,000 in crypto

Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in the theft of $37,200,000 worth of cryptocurrency. [...]

Latest news and stories from BleepingComputer.com
BreachForums database and private chats for sale in hacker data breach

While consumers are usually the ones worried about their information being exposed in data breaches, it's now the hacker's turn, as the notorious Breached cybercrime forum's database is up for sale and member data shared with Have I Been Pwned. [...]

 Hawai'i Community College pays ransomware gang to prevent data leak

The Hawaiʻi Community College has admitted that it paid a ransom to ransomware actors to prevent the leaking of stolen data of approximately 28,000 people. [...]

https://www.bleepingcomputer.com/news/security/hawaii-community-college-pays-ransomware-gang-to-prevent-data-leak/

 New Android malware uses OCR to steal credentials from images

Two new Android malware families named 'CherryBlos' and 'FakeTrade' were discovered on Google Play, aiming to steal cryptocurrency credentials and funds or conduct scams. [...]

https://www.bleepingcomputer.com/news/security/new-android-malware-uses-ocr-to-steal-credentials-from-images/