Former IT manager pleads guilty to attacking high school network

Conor LaHiff, a former IT manager for a New Jersey public high school, has admitted to committing a cyberattack against his former employer following the termination of his employment in June 2023. [...]

https://www.bleepingcomputer.com/news/security/former-it-manager-pleads-guilty-to-attacking-high-school-network/

 FBI: Play ransomware breached 300 victims, including critical orgs

The Federal Bureau of Investigation (FBI) says the Play ransomware gang has breached roughly 300 organizations worldwide between June 2022 and October 2023, some of them critical infrastructure entities. [...]

https://www.bleepingcomputer.com/news/security/fbi-play-ransomware-breached-300-victims-including-critical-orgs/

 Microsoft fixes Windows printer issues with new troubleshooter

Microsoft has released a troubleshooter tool to fix an issue where the HP Smart app would automatically install on Windows systems after renaming all printers to HP LaserJet M101-M106. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-printer-issues-with-new-troubleshooter/

 Vans and North Face owner VF Corp hit by ransomware attack

American global apparel and footwear giant VF Corporation, the owner of brands like Supreme, Vans, Timberland, and The North Face, has disclosed a security incident that caused operational disruptions. [...]

https://www.bleepingcomputer.com/news/security/vans-and-north-face-owner-vf-corp-hit-by-ransomware-attack/

 Microsoft discovers critical RCE flaw in Perforce Helix Core Server

Four vulnerabilities, one of which is rated critical, have been discovered in the Perforce Helix Core Server, a source code management platform widely used by the gaming, government, military, and technology sectors. [...]

https://www.bleepingcomputer.com/news/security/microsoft-discovers-critical-rce-flaw-in-perforce-helix-core-server/

 December's Windows 11 KB5033375 update breaks Wi-Fi connectivity

The KB5033375 cumulative update released during the December 2023 Patch Tuesday causes Wi-Fi connectivity issues on some Windows 11 devices. [...]

https://www.bleepingcomputer.com/news/microsoft/decembers-windows-11-kb5033375-update-breaks-wi-fi-connectivity/

 Xfinity discloses data breach after recent Citrix server hack

Comcast Cable Communications, doing business as Xfinity, disclosed on Monday that attackers who breached one of its Citrix servers in October also stole customer-sensitive information from its systems. [...]

https://www.bleepingcomputer.com/news/security/xfinity-discloses-data-breach-after-recent-citrix-server-hack/

 FBI disrupts Blackcat ransomware operation, creates decryption tool

The Department of Justice announced today that the FBI successfully breached the ALPHV ransomware operation's servers to monitor their activities and obtain decryption keys. [...]

https://www.bleepingcomputer.com/news/security/fbi-disrupts-blackcat-ransomware-operation-creates-decryption-tool/

 Terrapin attacks can downgrade security of OpenSSH connections

Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH channel integrity when certain widely-used encryption modes are used. [...]

https://www.bleepingcomputer.com/news/security/terrapin-attacks-can-downgrade-security-of-openssh-connections/

 How the FBI seized BlackCat (ALPHV) ransomware’s servers

An unsealed FBI search warrant revealed how law enforcement hijacked the ALPHV/BlackCat ransomware operations websites and seized the associated URLs. [...]

https://www.bleepingcomputer.com/news/security/how-the-fbi-seized-blackcat-alphv-ransomwares-servers/

 Microsoft confirms Windows 11 Wi-Fi issues, asks for user feedback

Microsoft has confirmed that some Windows 11 devices experience Wi-Fi connectivity issues after installing recent cumulative updates. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-windows-11-wi-fi-issues-asks-for-user-feedback/

 Interpol operation arrests 3,500 cybercriminals, seizes $300 million

An international law enforcement operation codenamed 'Operation HAECHI IV' has led to the arrest of 3,500 suspects of various lower-tier cybercrimes and seized $300 million in illicit proceeds. [...]

https://www.bleepingcomputer.com/news/security/interpol-operation-arrests-3-500-cybercriminals-seizes-300-million/

 FBI: ALPHV ransomware raked in $300 million from over 1,000 victims

The ALPHV/BlackCat ransomware gang has made over $300 million in ransom payments from more than 1,000 victims worldwide as of September 2023, according to the Federal Bureau of Investigation (FBI). [...]

https://www.bleepingcomputer.com/news/security/fbi-alphv-ransomware-raked-in-300-million-from-over-1-000-victims/

 New Web injections campaign steals banking data from 50,000 people

A new malware campaign that emerged in March 2023 used JavaScript web injections to try to steal the banking data of over 50,000 users of 40 banks in North America, South America, Europe, and Japan. [...]

https://www.bleepingcomputer.com/news/security/new-web-injections-campaign-steals-banking-data-from-50-000-people/

 German police takes down Kingdom Market cybercrime marketplace

The Federal Criminal Police Office in Germany (BKA) and the internet-crime combating unit of Frankfurt (ZIT) have announced the seizure of Kingdom Market, a dark web marketplace for drugs, cybercrime tools, and fake government IDs. [...]

https://www.bleepingcomputer.com/news/security/german-police-takes-down-kingdom-market-cybercrime-marketplace/

 The password attacks of 2023: Lessons learned and next steps

The password attacks of 2023 involved numerous high-profile brands, leading to the exposure of millions of users' data. Learn more from Specops Software on how to respond to these types of attacks. [...]

https://www.bleepingcomputer.com/news/security/the-password-attacks-of-2023-lessons-learned-and-next-steps/

 Healthcare software provider data breach impacts 2.7 million

ESO Solutions, a provider of software products for healthcare organizations and fire departments, disclosed that data belonging to 2.7 million patients has been compromised as a result of a ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/healthcare-software-provider-data-breach-impacts-27-million/

 Microsoft fixes Wi-Fi issues triggered by recent Windows updates

Microsoft has fixed a known issue causing Wi-Fi network connectivity problems on Windows 11 systems triggered by recently released cumulative updates. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-wi-fi-issues-triggered-by-recent-windows-updates/

 Ivanti releases patches for 13 critical Avalanche RCE flaws

​Ivanti has released security updates to fix 13 critical security vulnerabilities in the company's Avalanche enterprise mobile device management (MDM) solution. [...]

https://www.bleepingcomputer.com/news/security/ivanti-releases-patches-for-13-critical-avalanche-rce-flaws/

 New phishing attack steals your Instagram backup codes to bypass 2FA

A new phishing campaign pretending to be a 'copyright infringement' email attempts to steal the backup codes of Instagram users, allowing hackers to bypass the two-factor authentication configured on the account. [...]

https://www.bleepingcomputer.com/news/security/new-phishing-attack-steals-your-instagram-backup-codes-to-bypass-2fa/

 Crypto scammers abuse Twitter ‘feature’ to impersonate high-profile accounts

Cryptocurrency scammers are abusing a legitimate Twitter "feature" to promote scams, fake giveaways, and fraudulent Telegram channels used to steal your crypto and NFTs. [...]

https://www.bleepingcomputer.com/news/security/crypto-scammers-abuse-twitter-feature-to-impersonate-high-profile-accounts/