Russian hackers switch to LOTL technique to cause power outage

Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the final stage of the attack quicker and with less resources [...]

https://www.bleepingcomputer.com/news/security/russian-hackers-switch-to-lotl-technique-to-cause-power-outage/

 Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks

Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware. [...]

https://www.bleepingcomputer.com/news/security/microsoft-sysaid-zero-day-flaw-exploited-in-clop-ransomware-attacks/

 Google ads push malicious CPU-Z app from fake Windows news site

A threat actor has been abusing Google Ads to distribute a trojanized version of the CPU-Z tool to deliver the Redline info-stealing malware. [...]

https://www.bleepingcomputer.com/news/security/google-ads-push-malicious-cpu-z-app-from-fake-windows-news-site/

 Microsoft shares temp fix for broken Windows Server 2022 VMs

Microsoft publicly acknowledged a known issue causing Windows Server 2022 virtual machine (VM) blue screens and boot failures on VMware ESXi hosts. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-temp-fix-for-broken-windows-server-2022-vms/

 Industrial and Commercial Bank of China hit by ransomware attack

The Industrial & Commercial Bank of China (ICBC) is restoring systems and services following a ransomware attack that disrupted the U.S. Treasury market, causing equities clearing issues. [...]

https://www.bleepingcomputer.com/news/security/industrial-and-commercial-bank-of-china-hit-by-ransomware-attack/

 Cloudflare website downed by DDoS attack claimed by Anonymous Sudan

Cloudflare is investigating an ongoing outage causing 'We're sorry" Google errors to be shown on the company's website. [...]

https://www.bleepingcomputer.com/news/technology/cloudflare-website-downed-by-ddos-attack-claimed-by-anonymous-sudan/

 Kyocera AVX says ransomware attack impacted 39,000 individuals

Kyocera AVX Components Corporation (KAVX) is sending notices of a data breach exposing personal information of 39,111 individuals following a ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/kyocera-avx-says-ransomware-attack-impacted-39-000-individuals/

 The Rise of Ransomware in Healthcare: What IT Leaders Need to Know

Ransomware attacks are rapidly becoming the weapon of choice, making up over half of all attacks in the healthcare industry. Learn more from Specops Software on securing your organization from these attacks. [...]

https://www.bleepingcomputer.com/news/security/the-rise-of-ransomware-in-healthcare-what-it-leaders-need-to-know/

 McLaren Health Care says data breach impacted 2.2 million people

McLaren Health Care (McLaren) is notifying nearly 2.2 million people of a data breach that occurred between late July and August this year, exposing sensitive personal information. [...]

https://www.bleepingcomputer.com/news/security/mclaren-health-care-says-data-breach-impacted-22-million-people/

 Maine govt notifies 1.3 million people of MOVEit data breach

The State of Maine has announced that its systems were breached after threat actors exploited a vulnerability in the MOVEit file transfer tool and accessed personal information of about 1.3 million, which is close to the state's entire population. [...]

https://www.bleepingcomputer.com/news/security/maine-govt-notifies-13-million-people-of-moveit-data-breach/

 Microsoft extends Windows Server 2012 ESUs to October 2026

Microsoft provides three more years of Windows Server 2012 Extended Security Updates (ESUs) until October 2026, allowing administrators more time to upgrade or migrate to Azure. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-extends-windows-server-2012-esus-to-october-2026/

 Hackers breach healthcare orgs via ScreenConnect remote access

Security researchers are warning that hackers are targeting multiple healthcare organizations in the U.S. by abusing the ScreenConnect remote access tool. [...]

https://www.bleepingcomputer.com/news/security/hackers-breach-healthcare-orgs-via-screenconnect-remote-access/

 Microsoft: BlueNoroff hackers plan new crypto-theft attacks

Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. [...]

https://www.bleepingcomputer.com/news/security/microsoft-bluenoroff-hackers-plan-new-crypto-theft-attacks/

 Mortgage giant Mr. Cooper says customer data exposed in breach

Mr. Cooper, the largest home loan servicer in the United States, says it found evidence of customer data exposed during a cyberattack disclosed last week, on October 31. [...]

https://www.bleepingcomputer.com/news/security/mortgage-giant-mr-cooper-says-customer-data-exposed-in-breach/

 Microsoft fixes Outlook Desktop bug causing slow saving issues

Microsoft has resolved a known issue causing significant delays for Microsoft 365 customers when saving attachments in Outlook Desktop. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-outlook-desktop-bug-causing-slow-saving-issues/

 Police takes down BulletProftLink large-scale phishing provider

The notorious BulletProftLink phishing-as-a-service (PhaaS) platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced. [...]

https://www.bleepingcomputer.com/news/security/police-takes-down-bulletproftlink-large-scale-phishing-provider/

 Microsoft Edge is testing a new video translation feature

Microsoft Edge's latest Canary update has an innovative feature: video translation. This feature translates YouTube videos in real-time, and it allegedly supports four languages. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-is-testing-a-new-video-translation-feature/

 Iranian hackers launch malware attacks on Israel’s tech sector

Security researchers have tracked a new campaign from Imperial Kitten targeting transportation, logistics, and technology firms. [...]

https://www.bleepingcomputer.com/news/security/iranian-hackers-launch-malware-attacks-on-israels-tech-sector/

 Google Chrome & Microsoft Edge to get 'Save Frame' feature for YouTube

You can soon right-click on any YouTube video in Microsoft Edge or Google Chrome and save the frame (capture the screenshot of the video) in the original resolution and PNG format. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-and-microsoft-edge-to-get-save-frame-feature-for-youtube/

 Windows 11 will soon let you uninstall more inbox apps

Microsoft is gearing up to roll out an update for Windows 11 that will significantly enhance user control over built-in apps. In the upcoming version, you will be able to uninstall a wider range of inbox apps. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-will-soon-let-you-uninstall-more-inbox-apps/

 LockBit ransomware leaks gigabytes of Boeing data

The LockBit ransomware gang published data stolen from Boeing, one of the largest aerospace companies that services commercial airplanes and defense systems. [...]

https://www.bleepingcomputer.com/news/security/lockbit-ransomware-leaks-gigabytes-of-boeing-data/