Hackers breach US water facility via exposed Unitronics PLCs

CISA (Cybersecurity & Infrastructure Security Agency) is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers (PLCs) exposed online. [...]

https://www.bleepingcomputer.com/news/security/hackers-breach-us-water-facility-via-exposed-unitronics-plcs/

 Black Basta ransomware made over $100 million from extortion

Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic. [...]

https://www.bleepingcomputer.com/news/security/black-basta-ransomware-made-over-100-million-from-extortion/

 Microsoft starts testing new Windows 11 Energy Saver feature

Microsoft has started testing a new Windows 11 Energy Saver feature that helps customers extend their portable computers' battery life. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-starts-testing-new-windows-11-energy-saver-feature/

 SIM swapper gets 8 years in prison for account hacks, crypto theft

Amir Hossein Golshan, 25, was sentenced to eight years in prison by a Los Angeles District Court and ordered to pay $1.2 million in restitution for crimes involving SIM swapping, merchant fraud, support fraud, account hacking, and cryptocurrency theft. [...]

https://www.bleepingcomputer.com/news/security/sim-swapper-gets-8-years-in-prison-for-account-hacks-crypto-theft/

 Dollar Tree hit by third-party data breach impacting 2 million people

Discount store chain Dollar Tree was impacted by a third-party data breach affecting 1,977,486 people after the hack of service provider Zeroed-In Technologies. [...]

https://www.bleepingcomputer.com/news/security/dollar-tree-hit-by-third-party-data-breach-impacting-2-million-people/

 FjordPhantom Android malware uses virtualization to evade detection

A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade detection. [...]

https://www.bleepingcomputer.com/news/security/fjordphantom-android-malware-uses-virtualization-to-evade-detection/

 Zyxel warns of multiple critical vulnerabilities in NAS devices

Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage (NAS) devices. [...]

https://www.bleepingcomputer.com/news/security/zyxel-warns-of-multiple-critical-vulnerabilities-in-nas-devices/

 Staples confirms cyberattack behind service outages, delivery issues

American office supply retailer Staples took down some of its systems earlier this week after a cyberattack to contain the breach's impact and protect customer data. [...]

https://www.bleepingcomputer.com/news/security/staples-confirms-cyberattack-behind-service-outages-delivery-issues/

 Cactus ransomware exploiting Qlik Sense flaws to breach networks

Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks. [...]

https://www.bleepingcomputer.com/news/security/cactus-ransomware-exploiting-qlik-sense-flaws-to-breach-networks/

 Capital Health Hospitals hit by cyberattack causing IT outages

Capital Health hospitals and physician offices across New Jersey are experiencing IT outages after a cyberattack hit the non-profit organization's network earlier this week. [...]

https://www.bleepingcomputer.com/news/security/capital-health-hospitals-hit-by-cyberattack-causing-it-outages/

 Apple fixes two new iOS zero-days in emergency updates

Apple released emergency security updates to fix two zero-day vulnerabilities exploited in attacks and impacting iPhone, iPad, and Mac devices, reaching 20 zero-days patched since the start of the year. [...]

https://www.bleepingcomputer.com/news/apple/apple-fixes-two-new-ios-zero-days-in-emergency-updates/

 Get 20% off Emsisoft's Enterprise Security EDR solution for the holidays

Emsisoft is having a holiday deal where you can get 20% off 1-year licenses of the Emsisoft Enterprise Security EDR solution through December 17th, 2023, with no license limits. [...]

https://www.bleepingcomputer.com/news/security/get-20-percent-off-emsisofts-enterprise-security-edr-solution-for-the-holidays/

 WhatsApp's new Secret Code feature hides your locked chats

WhatsApp has introduced a new Secret Code feature that allows users to hide their locked chats by setting a custom password. [...]

https://www.bleepingcomputer.com/news/security/whatsapps-new-secret-code-feature-hides-your-locked-chats/

 US govt sanctions North Korea’s Kimsuky hacking group

The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence in support of the country's strategic goals. [...]

https://www.bleepingcomputer.com/news/security/us-govt-sanctions-north-koreas-kimsuky-hacking-group/

 LogoFAIL attack can install UEFI bootkits through bootup logos

Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver bootkits. [...]

https://www.bleepingcomputer.com/news/security/logofail-attack-can-install-uefi-bootkits-through-bootup-logos/

 Windows 10 KB5032278 update adds Copilot AI assistant, fixes 13 bugs

Microsoft has started rolling out its Copilot AI assistant to Windows 10 with the KB5032278 November 2023 non-security preview update for systems running Windows 10, version 22H2. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5032278-update-adds-copilot-ai-assistant-fixes-13-bugs/

 VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks

VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over two weeks since it was disclosed on November 14th. [...]

https://www.bleepingcomputer.com/news/security/vmware-fixes-critical-cloud-director-auth-bypass-unpatched-for-2-weeks/

 French government recommends against using foreign chat apps

Prime Minister of France Élisabeth Borne signed a circular last week requesting all government employees to uninstall foreign communication apps such as Signal, WhatsApp, and Telegram by December 8, 2023, in favor of a French messaging app named 'Olvid.' [...]

https://www.bleepingcomputer.com/news/security/french-government-recommends-against-using-foreign-chat-apps/

 Hackers use new Agent Raccoon malware to backdoor US targets

A novel malware named 'Agent Raccoon' (or Agent Racoon) is being used in cyberattacks against organizations in the United States, the Middle East, and Africa. [...]

https://www.bleepingcomputer.com/news/security/hackers-use-new-agent-raccoon-malware-to-backdoor-us-targets/

 TrickBot malware dev pleads guilty, faces 35 years in prison

On Thursday, a Russian national pleaded guilty to charges related to his involvement in developing and deploying the Trickbot malware, which was used in attacks against hospitals, companies, and individuals in the United States and worldwide. [...]

https://www.bleepingcomputer.com/news/security/trickbot-malware-dev-pleads-guilty-faces-35-years-in-prison/

 The Week in Ransomware - December 1st 2023 - Police hits affiliates

An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-1st-2023-police-hits-affiliates/