Microsoft: BlueNoroff hackers plan new crypto-theft attacks

Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. [...]

https://www.bleepingcomputer.com/news/security/microsoft-bluenoroff-hackers-plan-new-crypto-theft-attacks/

 Mortgage giant Mr. Cooper says customer data exposed in breach

Mr. Cooper, the largest home loan servicer in the United States, says it found evidence of customer data exposed during a cyberattack disclosed last week, on October 31. [...]

https://www.bleepingcomputer.com/news/security/mortgage-giant-mr-cooper-says-customer-data-exposed-in-breach/

 Microsoft fixes Outlook Desktop bug causing slow saving issues

Microsoft has resolved a known issue causing significant delays for Microsoft 365 customers when saving attachments in Outlook Desktop. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-outlook-desktop-bug-causing-slow-saving-issues/

 Police takes down BulletProftLink large-scale phishing provider

The notorious BulletProftLink phishing-as-a-service (PhaaS) platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced. [...]

https://www.bleepingcomputer.com/news/security/police-takes-down-bulletproftlink-large-scale-phishing-provider/

 Microsoft Edge is testing a new video translation feature

Microsoft Edge's latest Canary update has an innovative feature: video translation. This feature translates YouTube videos in real-time, and it allegedly supports four languages. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-is-testing-a-new-video-translation-feature/

 Iranian hackers launch malware attacks on Israel’s tech sector

Security researchers have tracked a new campaign from Imperial Kitten targeting transportation, logistics, and technology firms. [...]

https://www.bleepingcomputer.com/news/security/iranian-hackers-launch-malware-attacks-on-israels-tech-sector/

 Google Chrome & Microsoft Edge to get 'Save Frame' feature for YouTube

You can soon right-click on any YouTube video in Microsoft Edge or Google Chrome and save the frame (capture the screenshot of the video) in the original resolution and PNG format. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-and-microsoft-edge-to-get-save-frame-feature-for-youtube/

 Windows 11 will soon let you uninstall more inbox apps

Microsoft is gearing up to roll out an update for Windows 11 that will significantly enhance user control over built-in apps. In the upcoming version, you will be able to uninstall a wider range of inbox apps. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-will-soon-let-you-uninstall-more-inbox-apps/

 LockBit ransomware leaks gigabytes of Boeing data

The LockBit ransomware gang published data stolen from Boeing, one of the largest aerospace companies that services commercial airplanes and defense systems. [...]

https://www.bleepingcomputer.com/news/security/lockbit-ransomware-leaks-gigabytes-of-boeing-data/

 Criminal IP & Cisco SecureX/XDR: Enhanced Cyber Threat Analysis

The Criminal IP threat intelligence search engine by AI SPERA has recently integrated with Cisco SecureX/XDR, empowering organizations to stay ahead of malicious actors. Learn more about this integration from Criminal IP in this article. [...]

https://www.bleepingcomputer.com/news/security/criminal-ip-and-cisco-securex-xdr-enhanced-cyber-threat-analysis/

 Israel warns of BiBi wiper attacks targeting Linux and Windows

Data-wiping attacks are becoming more frequent on Israeli computers as researchers discovered variants of the BiBi malware family that destroys data on both Linux and Windows systems. [...]

https://www.bleepingcomputer.com/news/security/israel-warns-of-bibi-wiper-attacks-targeting-linux-and-windows/

 CISA warns of actively exploited Juniper pre-auth RCE exploit chain

CISA warned federal agencies today to secure Juniper devices on their networks by Friday against four vulnerabilities now used in remote code execution (RCE) attacks as part of a pre-auth exploit chain. [...]

https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-juniper-pre-auth-rce-exploit-chain/

 DP World cyberattack blocks thousands of containers in ports

A cyberattack on international logistics firm DP World Australia has severely disrupted the regular freight movement in multiple large Australian ports. [...]

https://www.bleepingcomputer.com/news/security/dp-world-cyberattack-blocks-thousands-of-containers-in-ports/

 FBI: Royal ransomware asked 350 victims to pay $275 million

The FBI and CISA revealed in a joint advisory that the Royal ransomware gang has breached the networks of at least 350 organizations worldwide since September 2022. [...]

https://www.bleepingcomputer.com/news/security/fbi-royal-ransomware-asked-350-victims-to-pay-275-million/

 Ethereum feature abused to steal $60 million from 99K victims

Malicious actors have been abusing Ethereum's 'Create2' function to bypass wallet security alerts and poison cryptocurrency addresses, which led to stealing $60,000,000 worth of cryptocurrency from 99,000 people in six months. [...]

https://www.bleepingcomputer.com/news/security/ethereum-feature-abused-to-steal-60-million-from-99k-victims/

 Meet the Unique New "Hacking" Group: AlphaLock

A Russian hacking group known as AlphaLock is launching a "pentest" marketplace and training platform to empower a new generation of threat actors. Learn more from Flare about the new hacking group. [...]

https://www.bleepingcomputer.com/news/security/meet-the-unique-new-hacking-group-alphalock/

 Pharmacy provider Truepill data breach hits 2.3 million customers

Postmeds, doing business as 'Truepill,' is sending notifications of a data breach informing recipients that threat actors accessed their sensitive personal information. [...]

https://www.bleepingcomputer.com/news/security/pharmacy-provider-truepill-data-breach-hits-23-million-customers/

 Windows 10 KB5032189 update released with 11 improvements

Microsoft has released the KB5032189 cumulative update for Windows 10 21H2 and Windows 10 22H2, which contains eleven fixes for various issues. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5032189-update-released-with-11-improvements/

 Windows 11 KB5032190 update enables Moment 4 features for everyone

Microsoft has released the KB5032190 cumulative update to fix security vulnerabilities in Windows 11. This is the first Patch Tuesday update with access to Windows 11 Moment 4 features, provided you turn on the "Get latest updates" toggle. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5032190-update-enables-moment-4-features-for-everyone/

 Microsoft fixes critical Azure CLI flaw that leaked credentials in logs

Microsoft has fixed a critical security vulnerability that could let attackers steal credentials from GitHub Actions or Azure DevOps logs created using Azure CLI (short for Azure command-line interface). [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-critical-azure-cli-flaw-that-leaked-credentials-in-logs/

 Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws

Today is Microsoft's November 2023 Patch Tuesday, which includes security updates for a total of 58 flaws and five zero-day vulnerabilities. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-november-2023-patch-tuesday-fixes-5-zero-days-58-flaws/