Hackers start exploiting critical ownCloud flaw, patch now
Hackers are exploiting a critical ownCloud vulnerability tracked as CVE-2023-49103 that exposes admin passwords, mail server credentials, and license keys in containerized deployments. [...]
https://www.bleepingcomputer.com/news/security/hackers-start-exploiting-critical-owncloud-flaw-patch-now/
Hackers are exploiting a critical ownCloud vulnerability tracked as CVE-2023-49103 that exposes admin passwords, mail server credentials, and license keys in containerized deployments. [...]
https://www.bleepingcomputer.com/news/security/hackers-start-exploiting-critical-owncloud-flaw-patch-now/
BleepingComputer
Hackers start exploiting critical ownCloud flaw, patch now
Hackers are exploiting a critical ownCloud vulnerability tracked as CVE-2023-49103 that exposes admin passwords, mail server credentials, and license keys in containerized deployments.
DP World confirms data stolen in cyberattack, no ransomware used
International logistics giant DP World has confirmed that data was stolen during a cyber attack that disrupted its operations in Australia earlier this month. However, no ransomware payloads or encryption was used in the attack. [...]
https://www.bleepingcomputer.com/news/security/dp-world-confirms-data-stolen-in-cyberattack-no-ransomware-used/
International logistics giant DP World has confirmed that data was stolen during a cyber attack that disrupted its operations in Australia earlier this month. However, no ransomware payloads or encryption was used in the attack. [...]
https://www.bleepingcomputer.com/news/security/dp-world-confirms-data-stolen-in-cyberattack-no-ransomware-used/
BleepingComputer
DP World confirms data stolen in cyberattack, no ransomware used
International logistics giant DP World has confirmed that data was stolen during a cyber attack that disrupted its operations in Australia earlier this month. However, no ransomware payloads or encryption was used in the attack.
Microsoft shares temp fix for Outlook crashes when sending emails
Today, Microsoft shared a temporary fix for a known issue causing Outlook Desktop to crash when sending emails from Outlook.com accounts. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-temp-fix-for-outlook-crashes-when-sending-emails/
Today, Microsoft shared a temporary fix for a known issue causing Outlook Desktop to crash when sending emails from Outlook.com accounts. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-temp-fix-for-outlook-crashes-when-sending-emails/
BleepingComputer
Microsoft shares temp fix for Outlook crashes when sending emails
Today, Microsoft shared a temporary fix for a known issue causing Outlook Desktop to crash when sending emails from Outlook.com accounts.
Qilin ransomware claims attack on automotive giant Yanfeng
The Qilin ransomware group has claimed responsibility for a cyber attack on Yanfeng Automotive Interiors (Yanfeng), one of the world's largest automotive parts suppliers. [...]
https://www.bleepingcomputer.com/news/security/qilin-ransomware-claims-attack-on-automotive-giant-yanfeng/
The Qilin ransomware group has claimed responsibility for a cyber attack on Yanfeng Automotive Interiors (Yanfeng), one of the world's largest automotive parts suppliers. [...]
https://www.bleepingcomputer.com/news/security/qilin-ransomware-claims-attack-on-automotive-giant-yanfeng/
BleepingComputer
Qilin ransomware claims attack on automotive giant Yanfeng
The Qilin ransomware group has claimed responsibility for a cyber attack on Yanfeng Automotive Interiors (Yanfeng), one of the world's largest automotive parts suppliers.
Google Chrome emergency update fixes 6th zero-day exploited in 2023
Google has fixed the sixth Chrome zero-day vulnerability this year in an emergency security update released today to counter ongoing exploitation in attacks. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-emergency-update-fixes-6th-zero-day-exploited-in-2023/
Google has fixed the sixth Chrome zero-day vulnerability this year in an emergency security update released today to counter ongoing exploitation in attacks. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-emergency-update-fixes-6th-zero-day-exploited-in-2023/
BleepingComputer
Google Chrome emergency update fixes 6th zero-day exploited in 2023
Google has fixed the sixth Chrome zero-day vulnerability this year in an emergency security update released today to counter ongoing exploitation in attacks.
New BLUFFS attack lets attackers hijack Bluetooth connections
Researchers at Eurecom have developed six new attacks collectively named 'BLUFFS' that can break the secrecy of Bluetooth sessions, allowing for device impersonation and man-in-the-middle (MitM) attacks. [...]
https://www.bleepingcomputer.com/news/security/new-bluffs-attack-lets-attackers-hijack-bluetooth-connections/
Researchers at Eurecom have developed six new attacks collectively named 'BLUFFS' that can break the secrecy of Bluetooth sessions, allowing for device impersonation and man-in-the-middle (MitM) attacks. [...]
https://www.bleepingcomputer.com/news/security/new-bluffs-attack-lets-attackers-hijack-bluetooth-connections/
BleepingComputer
New BLUFFS attack lets attackers hijack Bluetooth connections
Researchers at Eurecom have developed six new attacks collectively named 'BLUFFS' that can break the secrecy of Bluetooth sessions, allowing for device impersonation and man-in-the-middle (MitM) attacks.
Okta: October data breach affects all customer support system users
Okta's investigation into the breach of its Help Center environment last month revealed that the hackers obtained data belonging to all customer support system users. [...]
https://www.bleepingcomputer.com/news/security/okta-october-data-breach-affects-all-customer-support-system-users/
Okta's investigation into the breach of its Help Center environment last month revealed that the hackers obtained data belonging to all customer support system users. [...]
https://www.bleepingcomputer.com/news/security/okta-october-data-breach-affects-all-customer-support-system-users/
BleepingComputer
Okta: October data breach affects all customer support system users
Okta's investigation into the breach of its Help Center environment last month revealed that the hackers obtained data belonging to all customer support system users.
How Continuous Pen Testing Protects Web Apps from Emerging Threats
The nature and ubiquity of modern web apps make them rife for targeting by hackers. Learn more from Outpost24 about the value of continuous monitoring to secure modern web apps. [...]
https://www.bleepingcomputer.com/news/security/how-continuous-pen-testing-protects-web-apps-from-emerging-threats/
The nature and ubiquity of modern web apps make them rife for targeting by hackers. Learn more from Outpost24 about the value of continuous monitoring to secure modern web apps. [...]
https://www.bleepingcomputer.com/news/security/how-continuous-pen-testing-protects-web-apps-from-emerging-threats/
BleepingComputer
How Continuous Pen Testing Protects Web Apps from Emerging Threats
The nature and ubiquity of modern web apps make them rife for targeting by hackers. Learn more from Outpost24 about the value of continuous monitoring to secure modern web apps.
US seizes Sinbad crypto mixer used by North Korean Lazarus hackers
The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group. [...]
https://www.bleepingcomputer.com/news/security/us-seizes-sinbad-crypto-mixer-used-by-north-korean-lazarus-hackers/
The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group. [...]
https://www.bleepingcomputer.com/news/security/us-seizes-sinbad-crypto-mixer-used-by-north-korean-lazarus-hackers/
BleepingComputer
US seizes Sinbad crypto mixer used by North Korean Lazarus hackers
The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group.
Japanese Space Agency JAXA hacked in summer cyberattack
The Japan Aerospace Exploration Agency (JAXA) was hacked in a cyberattack over the summer, potentially compromising sensitive space-related technology and data. [...]
https://www.bleepingcomputer.com/news/security/japanese-space-agency-jaxa-hacked-in-summer-cyberattack/
The Japan Aerospace Exploration Agency (JAXA) was hacked in a cyberattack over the summer, potentially compromising sensitive space-related technology and data. [...]
https://www.bleepingcomputer.com/news/security/japanese-space-agency-jaxa-hacked-in-summer-cyberattack/
BleepingComputer
Japanese Space Agency JAXA hacked in summer cyberattack
The Japan Aerospace Exploration Agency (JAXA) was hacked in a cyberattack over the summer, potentially compromising sensitive space-related technology and data.
❤2
Hackers breach US water facility via exposed Unitronics PLCs
CISA (Cybersecurity & Infrastructure Security Agency) is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers (PLCs) exposed online. [...]
https://www.bleepingcomputer.com/news/security/hackers-breach-us-water-facility-via-exposed-unitronics-plcs/
CISA (Cybersecurity & Infrastructure Security Agency) is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers (PLCs) exposed online. [...]
https://www.bleepingcomputer.com/news/security/hackers-breach-us-water-facility-via-exposed-unitronics-plcs/
BleepingComputer
Hackers breach US water facility via exposed Unitronics PLCs
CISA (Cybersecurity & Infrastructure Security Agency) is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers (PLCs) exposed online.
👍2
Black Basta ransomware made over $100 million from extortion
Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic. [...]
https://www.bleepingcomputer.com/news/security/black-basta-ransomware-made-over-100-million-from-extortion/
Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic. [...]
https://www.bleepingcomputer.com/news/security/black-basta-ransomware-made-over-100-million-from-extortion/
BleepingComputer
Black Basta ransomware made over $100 million from extortion
Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic.
🤯1
Microsoft starts testing new Windows 11 Energy Saver feature
Microsoft has started testing a new Windows 11 Energy Saver feature that helps customers extend their portable computers' battery life. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-starts-testing-new-windows-11-energy-saver-feature/
Microsoft has started testing a new Windows 11 Energy Saver feature that helps customers extend their portable computers' battery life. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-starts-testing-new-windows-11-energy-saver-feature/
BleepingComputer
Microsoft starts testing new Windows 11 Energy Saver feature
Microsoft has started testing a new Windows 11 Energy Saver feature that helps customers extend their portable computers' battery life.
SIM swapper gets 8 years in prison for account hacks, crypto theft
Amir Hossein Golshan, 25, was sentenced to eight years in prison by a Los Angeles District Court and ordered to pay $1.2 million in restitution for crimes involving SIM swapping, merchant fraud, support fraud, account hacking, and cryptocurrency theft. [...]
https://www.bleepingcomputer.com/news/security/sim-swapper-gets-8-years-in-prison-for-account-hacks-crypto-theft/
Amir Hossein Golshan, 25, was sentenced to eight years in prison by a Los Angeles District Court and ordered to pay $1.2 million in restitution for crimes involving SIM swapping, merchant fraud, support fraud, account hacking, and cryptocurrency theft. [...]
https://www.bleepingcomputer.com/news/security/sim-swapper-gets-8-years-in-prison-for-account-hacks-crypto-theft/
BleepingComputer
SIM swapper gets 8 years in prison for account hacks, crypto theft
Amir Hossein Golshan, 25, was sentenced to eight years in prison by a Los Angeles District Court and ordered to pay $1.2 million in restitution for crimes involving SIM swapping, merchant fraud, support fraud, account hacking, and cryptocurrency theft.
Dollar Tree hit by third-party data breach impacting 2 million people
Discount store chain Dollar Tree was impacted by a third-party data breach affecting 1,977,486 people after the hack of service provider Zeroed-In Technologies. [...]
https://www.bleepingcomputer.com/news/security/dollar-tree-hit-by-third-party-data-breach-impacting-2-million-people/
Discount store chain Dollar Tree was impacted by a third-party data breach affecting 1,977,486 people after the hack of service provider Zeroed-In Technologies. [...]
https://www.bleepingcomputer.com/news/security/dollar-tree-hit-by-third-party-data-breach-impacting-2-million-people/
BleepingComputer
Dollar Tree hit by third-party data breach impacting 2 million people
Discount store chain Dollar Tree was impacted by a third-party data breach affecting 1,977,486 people after the hack of service provider Zeroed-In Technologies.
👍1
FjordPhantom Android malware uses virtualization to evade detection
A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade detection. [...]
https://www.bleepingcomputer.com/news/security/fjordphantom-android-malware-uses-virtualization-to-evade-detection/
A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade detection. [...]
https://www.bleepingcomputer.com/news/security/fjordphantom-android-malware-uses-virtualization-to-evade-detection/
BleepingComputer
FjordPhantom Android malware uses virtualization to evade detection
A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade detection.
Zyxel warns of multiple critical vulnerabilities in NAS devices
Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage (NAS) devices. [...]
https://www.bleepingcomputer.com/news/security/zyxel-warns-of-multiple-critical-vulnerabilities-in-nas-devices/
Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage (NAS) devices. [...]
https://www.bleepingcomputer.com/news/security/zyxel-warns-of-multiple-critical-vulnerabilities-in-nas-devices/
BleepingComputer
Zyxel warns of multiple critical vulnerabilities in NAS devices
Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage (NAS) devices.
Staples confirms cyberattack behind service outages, delivery issues
American office supply retailer Staples took down some of its systems earlier this week after a cyberattack to contain the breach's impact and protect customer data. [...]
https://www.bleepingcomputer.com/news/security/staples-confirms-cyberattack-behind-service-outages-delivery-issues/
American office supply retailer Staples took down some of its systems earlier this week after a cyberattack to contain the breach's impact and protect customer data. [...]
https://www.bleepingcomputer.com/news/security/staples-confirms-cyberattack-behind-service-outages-delivery-issues/
BleepingComputer
Staples confirms cyberattack behind service outages, delivery issues
American office supply retailer Staples took down some of its systems earlier this week after a cyberattack to contain the breach's impact and protect customer data.
Cactus ransomware exploiting Qlik Sense flaws to breach networks
Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks. [...]
https://www.bleepingcomputer.com/news/security/cactus-ransomware-exploiting-qlik-sense-flaws-to-breach-networks/
Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks. [...]
https://www.bleepingcomputer.com/news/security/cactus-ransomware-exploiting-qlik-sense-flaws-to-breach-networks/
BleepingComputer
Cactus ransomware exploiting Qlik Sense flaws to breach networks
Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks.
Capital Health Hospitals hit by cyberattack causing IT outages
Capital Health hospitals and physician offices across New Jersey are experiencing IT outages after a cyberattack hit the non-profit organization's network earlier this week. [...]
https://www.bleepingcomputer.com/news/security/capital-health-hospitals-hit-by-cyberattack-causing-it-outages/
Capital Health hospitals and physician offices across New Jersey are experiencing IT outages after a cyberattack hit the non-profit organization's network earlier this week. [...]
https://www.bleepingcomputer.com/news/security/capital-health-hospitals-hit-by-cyberattack-causing-it-outages/
BleepingComputer
Capital Health Hospitals hit by cyberattack causing IT outages
Capital Health hospitals and physician offices across New Jersey are experiencing IT outages after a cyberattack hit the non-profit organization's network earlier this week.
Apple fixes two new iOS zero-days in emergency updates
Apple released emergency security updates to fix two zero-day vulnerabilities exploited in attacks and impacting iPhone, iPad, and Mac devices, reaching 20 zero-days patched since the start of the year. [...]
https://www.bleepingcomputer.com/news/apple/apple-fixes-two-new-ios-zero-days-in-emergency-updates/
Apple released emergency security updates to fix two zero-day vulnerabilities exploited in attacks and impacting iPhone, iPad, and Mac devices, reaching 20 zero-days patched since the start of the year. [...]
https://www.bleepingcomputer.com/news/apple/apple-fixes-two-new-ios-zero-days-in-emergency-updates/
BleepingComputer
Apple fixes two new iOS zero-days in emergency updates
Apple released emergency security updates to fix two zero-day vulnerabilities exploited in attacks and impacting iPhone, iPad, and Mac devices, reaching 20 zero-days patched since the start of the year.