Fake Ledger Live app in Microsoft Store steals $768,000 in crypto

Microsoft has recently removed from its store a fraudulent Ledger Live app for cryptocurrency management after multiple users lost at least $768,000 worth of cryptocurrency assets. [...]

https://www.bleepingcomputer.com/news/security/fake-ledger-live-app-in-microsoft-store-steals-768-000-in-crypto/

 TransForm says ransomware data breach affects 267,000 patients

Shared service provider TransForm has published an update on the cyberattack that recently impacted operations in multiple hospitals in Ontario, Canada, clarifying that it was a ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/transform-says-ransomware-data-breach-affects-267-000-patients/

 Russian-speaking threat actor "farnetwork" linked to 5 ransomware gangs

The operator of the Nokoyawa ransomware-as-a-service (RaaS), a threat actor known as 'farnetwork', built experience over the years by helping the JSWORM, Nefilim, Karma, and Nemty affiliate programs with malware development and operation management. [...]

https://www.bleepingcomputer.com/news/security/russian-speaking-threat-actor-farnetwork-linked-to-5-ransomware-gangs/

 WhatsApp now lets users hide their location during calls

WhatsApp is rolling out a new privacy feature that helps Android and iOS users hide their location during calls by relaying the connection through WhatsApp servers. [...]

https://www.bleepingcomputer.com/news/security/whatsapp-now-lets-users-hide-their-location-during-calls/

 ChatGPT down after major outage impacting OpenAI systems

OpenAI's AI-powered ChatGPT large language model-based chatbot is down because of a major ongoing outage that also took down the company's Application Programming Interface (API). [...]

https://www.bleepingcomputer.com/news/technology/chatgpt-down-after-major-outage-impacting-openai-systems/

 FBI: Ransomware gangs hack casinos via 3rd party gaming vendors

The Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management tools to increase their permissions on the network. [...]

https://www.bleepingcomputer.com/news/security/fbi-ransomware-gangs-hack-casinos-via-3rd-party-gaming-vendors/

 Russian state-owned Sberbank hit by 1 million RPS DDoS attack

Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of service (DDoS) attack in recent history. [...]

https://www.bleepingcomputer.com/news/security/russian-state-owned-sberbank-hit-by-1-million-rps-ddos-attack/

 Sumo Logic discloses security breach, advises API key resets

Security and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS (Amazon Web Services) account was compromised last week. [...]

https://www.bleepingcomputer.com/news/security/sumo-logic-discloses-security-breach-advises-api-key-resets/

 Microsoft drops SMB1 firewall rules in new Windows 11 build

Windows 11 will no longer add SMB1 Windows Defender Firewall rules when creating new SMB shares starting with today's Canary Channel Insider Preview Build 25992 build. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-drops-smb1-firewall-rules-in-new-windows-11-build/

 Signal tests usernames that keep your phone number private

Signal is now testing public usernames that allow users to conceal the phone numbers linked to their accounts while communicating with others. [...]

https://www.bleepingcomputer.com/news/software/signal-tests-usernames-that-keep-your-phone-number-private/

 OpenAI confirms DDoS attacks behind ongoing ChatGPT outages

During the last 24 hours, OpenAI has been addressing what it describes as "periodic outages" linked to DDoS attacks affecting its API and ChatGPT services. [...]

https://www.bleepingcomputer.com/news/security/openai-confirms-ddos-attacks-behind-ongoing-chatgpt-outages/

 Russian hackers switch to LOTL technique to cause power outage

Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the final stage of the attack quicker and with less resources [...]

https://www.bleepingcomputer.com/news/security/russian-hackers-switch-to-lotl-technique-to-cause-power-outage/

 Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks

Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware. [...]

https://www.bleepingcomputer.com/news/security/microsoft-sysaid-zero-day-flaw-exploited-in-clop-ransomware-attacks/

 Google ads push malicious CPU-Z app from fake Windows news site

A threat actor has been abusing Google Ads to distribute a trojanized version of the CPU-Z tool to deliver the Redline info-stealing malware. [...]

https://www.bleepingcomputer.com/news/security/google-ads-push-malicious-cpu-z-app-from-fake-windows-news-site/

 Microsoft shares temp fix for broken Windows Server 2022 VMs

Microsoft publicly acknowledged a known issue causing Windows Server 2022 virtual machine (VM) blue screens and boot failures on VMware ESXi hosts. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-temp-fix-for-broken-windows-server-2022-vms/

 Industrial and Commercial Bank of China hit by ransomware attack

The Industrial & Commercial Bank of China (ICBC) is restoring systems and services following a ransomware attack that disrupted the U.S. Treasury market, causing equities clearing issues. [...]

https://www.bleepingcomputer.com/news/security/industrial-and-commercial-bank-of-china-hit-by-ransomware-attack/

 Cloudflare website downed by DDoS attack claimed by Anonymous Sudan

Cloudflare is investigating an ongoing outage causing 'We're sorry" Google errors to be shown on the company's website. [...]

https://www.bleepingcomputer.com/news/technology/cloudflare-website-downed-by-ddos-attack-claimed-by-anonymous-sudan/

 Kyocera AVX says ransomware attack impacted 39,000 individuals

Kyocera AVX Components Corporation (KAVX) is sending notices of a data breach exposing personal information of 39,111 individuals following a ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/kyocera-avx-says-ransomware-attack-impacted-39-000-individuals/

 The Rise of Ransomware in Healthcare: What IT Leaders Need to Know

Ransomware attacks are rapidly becoming the weapon of choice, making up over half of all attacks in the healthcare industry. Learn more from Specops Software on securing your organization from these attacks. [...]

https://www.bleepingcomputer.com/news/security/the-rise-of-ransomware-in-healthcare-what-it-leaders-need-to-know/

 McLaren Health Care says data breach impacted 2.2 million people

McLaren Health Care (McLaren) is notifying nearly 2.2 million people of a data breach that occurred between late July and August this year, exposing sensitive personal information. [...]

https://www.bleepingcomputer.com/news/security/mclaren-health-care-says-data-breach-impacted-22-million-people/

 Maine govt notifies 1.3 million people of MOVEit data breach

The State of Maine has announced that its systems were breached after threat actors exploited a vulnerability in the MOVEit file transfer tool and accessed personal information of about 1.3 million, which is close to the state's entire population. [...]

https://www.bleepingcomputer.com/news/security/maine-govt-notifies-13-million-people-of-moveit-data-breach/