The Week in Ransomware - December 1st 2023 - Police hits affiliates

An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-1st-2023-police-hits-affiliates/

 US Health Dept urges hospitals to patch critical Citrix Bleed bug

The U.S. Department of Health and Human Services (HHS) warned hospitals this week to patch the critical 'Citrix Bleed' Netscaler vulnerability actively exploited in attacks. [...]

https://www.bleepingcomputer.com/news/security/us-health-dept-urges-hospitals-to-patch-critical-citrix-bleed-bug/

 Google Chrome's new cache change could boost performance

Google is introducing a significant change to Chrome's Back/Forward Cache (BFCache) behavior, allowing web pages to be stored in the cache, even if a webmaster specifies not to store a page in the browser's cache. [...]

https://www.bleepingcomputer.com/news/google/google-chromes-new-cache-change-could-boost-performance/

 Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks

Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are vulnerable to remote code execution flaws. [...]

https://www.bleepingcomputer.com/news/security/over-20-000-vulnerable-microsoft-exchange-servers-exposed-to-attacks/

 New proxy malware targets Mac users through pirated software

Cybercriminals are targeting Mac users with a new proxy trojan malware bundled with popular, copyrighted macOS software being offered on warez sites. [...]

https://www.bleepingcomputer.com/news/security/new-proxy-malware-targets-mac-users-through-pirated-software/

 Google is phasing out ad personalization for some AdSense products

Google has announced significant changes to its Search Ads publisher products, including AdSense for Search (AFS), AdSense for Shopping (AFSh), and Programmable Search Engine (ProSE). [...]

https://www.bleepingcomputer.com/news/google/google-is-phasing-out-ad-personalization-for-some-adsense-products/

 North Korea's state hackers stole $3 billion in crypto since 2017

North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. [...]

https://www.bleepingcomputer.com/news/security/north-koreas-state-hackers-stole-3-billion-in-crypto-since-2017/

 Linux version of Qilin ransomware focuses on VMware ESXi

A sample of the Qilin ransomware gang's VMware ESXi encryptor has been found and it could be one of the most advanced and customizable Linux encryptors seen to date. [...]

https://www.bleepingcomputer.com/news/security/linux-version-of-qilin-ransomware-focuses-on-vmware-esxi/

 New AeroBlade hackers target aerospace sector in the U.S.

A previously unknown cyber espionage hacking group named 'AeroBlade' was discovered targeting organizations in the United States aerospace sector. [...]

https://www.bleepingcomputer.com/news/security/new-aeroblade-hackers-target-aerospace-sector-in-the-us/

 Fake WordPress security advisory pushes backdoor plugin

WordPress administrators are being emailed fake WordPress security advisories for a fictitious vulnerability tracked as CVE-2023-45124 to infect sites with a malicious plugin. [...]

https://www.bleepingcomputer.com/news/security/fake-wordpress-security-advisory-pushes-backdoor-plugin/

 Tipalti investigates claims of data stolen by ransomware gang

Tipalti says they are investigating claims that the ALPHV ransomware gang breached its network and stole 256 GB of data, including data for Roblox and Twitch. [...]

https://www.bleepingcomputer.com/news/security/tipalti-investigates-claims-of-data-stolen-by-ransomware-gang/

 December Android updates fix critical zero-click RCE flaw

Google announced today that the December 2023 Android security updates tackle 85 vulnerabilities, including a critical severity zero-click remote code execution (RCE) bug. [...]

https://www.bleepingcomputer.com/news/security/december-android-updates-fix-critical-zero-click-rce-flaw/

 Russian hackers exploiting Outlook bug to hijack Exchange accounts

Microsoft's Threat Intelligence team issued a warning earlier today about the Russian state-sponsored actor APT28 (aka "Fancybear" or "Strontium") actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts and steal sensitive information. [...]

https://www.bleepingcomputer.com/news/microsoft/russian-hackers-exploiting-outlook-bug-to-hijack-exchange-accounts/

 Stealthier version of P2Pinfect malware targets MIPS devices

The latest variants of the P2Pinfect botnet are now focusing on infecting devices with 32-bit MIPS (Microprocessor without Interlocked Pipelined Stages) processors, such as routers and IoT devices. [...]

https://www.bleepingcomputer.com/news/security/stealthier-version-of-p2pinfect-malware-targets-mips-devices/

 Microsoft fixes Outlook Desktop crashes when sending emails

Microsoft has fixed a known issue causing Outlook Desktop clients to crash when sending emails from Outlook.com accounts. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-outlook-desktop-crashes-when-sending-emails/

 Windows 11 KB5032288 update improves Copilot, fixes 11 bugs

Microsoft has released the KB5032288 November 2023 Windows 11 preview update with improvements for the Copilot AI assistant and almost a dozen bug fixes. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5032288-update-improves-copilot-fixes-11-bugs/

 Microsoft confirms Windows bug renames printers to HP LaserJet M101-M106

Microsoft has confirmed an issue causing the HP Smart app to automatically install on Windows systems after all printers are renamed to HP LaserJet M101-M106. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-windows-bug-renames-printers-to-hp-laserjet-m101-m106/

 SpyLoan Android malware on Google Play downloaded 12 million times

More than a dozen malicious loan apps, which are generically named SpyLoan, have been downloaded more than 12 million times this year from Google Play but the count is much larger since they are also available on third-party stores and suspicious websites. [...]

https://www.bleepingcomputer.com/news/security/spyloan-android-malware-on-google-play-downloaded-12-million-times/

 Holiday Hackers: How to Safeguard Your Service Desk

Consumer traffic rises sharply during the holidays, as do the scope and severity of cyberattacks. Learn more from Specops Software on how to protect your service or help desk from social engineering attacks during the holiday season. [...]

https://www.bleepingcomputer.com/news/security/holiday-hackers-how-to-safeguard-your-service-desk/

 Hackers breach US govt agencies using Adobe ColdFusion exploit

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers. [...]

https://www.bleepingcomputer.com/news/security/hackers-breach-us-govt-agencies-using-adobe-coldfusion-exploit/

 Microsoft to let Windows 10 home users buy Extended Security Updates

Microsoft says that all Windows 10 customers (including home users) will be able to pay for three extra years of security updates through the company's Extended Security Updates (ESU) program after the end of support (EOS) date. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-let-windows-10-home-users-buy-extended-security-updates/