Google: Malware abusing API is standard token theft, not an API issue

Google is downplaying reports of malware abusing an undocumented Google Chrome API to generate new authentication cookies when previously stolen ones have expired. [...]

https://www.bleepingcomputer.com/news/security/google-malware-abusing-api-is-standard-token-theft-not-an-api-issue/

 KyberSlash attacks put quantum encryption projects at risk

Multiple implementations of the Kyber key encapsulation mechanism for quantum-safe encryption, are vulnerable to a set of flaws collectively referred to as KyberSlash, which could allow the recovery of secret keys. [...]

https://www.bleepingcomputer.com/news/security/kyberslash-attacks-put-quantum-encryption-projects-at-risk/

 Stealthy AsyncRAT malware attacks targets US infrastructure for 11 months

A campaign delivering the AsyncRAT malware to select targets has been active for at least the past 11 months, using hundreds of unique loader samples and more than 100 domains. [...]

https://www.bleepingcomputer.com/news/security/stealthy-asyncrat-malware-attacks-targets-us-infrastructure-for-11-months/

 Mortgage firm loanDepot cyberattack impacts IT systems, payment portal

U.S. mortgage lender loanDepot has suffered a cyberattack that caused the company to take IT systems offline, preventing online payments against loans. [...]

https://www.bleepingcomputer.com/news/security/mortgage-firm-loandepot-cyberattack-impacts-it-systems-payment-portal/

 Securing helpdesks from hackers: What we can learn from the MGM breach

In the wake of the MGM Resorts service desk hack, it's clear that organizations need to rethink their approach to securing their help desks. Learn more from Specops Software on how to prevent such incidents. [...]

https://www.bleepingcomputer.com/news/security/securing-helpdesks-from-hackers-what-we-can-learn-from-the-mgm-breach/

 Capital Health attack claimed by LockBit ransomware, risk of data leak

The Lockbit ransomware operation has claimed responsibility for a November 2023 cyberattack on the Capital Health hospital network and threatens to leak stolen data and negotiation chats by tomorrow. [...]

https://www.bleepingcomputer.com/news/security/capital-health-attack-claimed-by-lockbit-ransomware-risk-of-data-leak/

 US mortgage lender loanDepot confirms ransomware attack

​Leading U.S. mortgage lender loanDepot confirmed today that a cyber incident disclosed over the weekend was a ransomware attack that led to data encryption. [...]

https://www.bleepingcomputer.com/news/security/us-mortgage-lender-loandepot-confirms-ransomware-attack/

 Twilio will ditch its Authy desktop 2FA app in August, goes mobile only

The Authy desktop apps for Windows, macOS, and Linux will be discontinued in August 2024, with the company recommending users switch to a mobile version of the two-factor authentication (2FA) app. [...]

https://www.bleepingcomputer.com/news/security/twilio-will-ditch-its-authy-desktop-2fa-app-in-august-goes-mobile-only/

 Turkish hackers Sea Turtle expand attacks to Dutch ISPs, telcos

The Turkish state-backed cyber espionage group tracked as Sea Turtle has been carrying out multiple spying campaigns in the Netherlands, focusing on telcos, media, internet service providers (ISPs), and Kurdish websites. [...]

https://www.bleepingcomputer.com/news/security/turkish-hackers-sea-turtle-expand-attacks-to-dutch-isps-telcos/

 Netgear, Hyundai latest X accounts hacked to push crypto drainers

The official Netgear and Hyundai MEA Twitter/X accounts (together with over 160,000 followers) are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware. [...]

https://www.bleepingcomputer.com/news/security/netgear-hyundai-latest-x-accounts-hacked-to-push-crypto-drainers/

 Toronto Zoo: Ransomware attack had no impact on animal wellbeing

Toronto Zoo, the largest zoo in Canada, says that a ransomware attack that hit its systems on early Friday had no impact on the animals, its website, or its day-to-day operations. [...]

https://www.bleepingcomputer.com/news/security/toronto-zoo-ransomware-attack-had-no-impact-on-animal-wellbeing/

 The best Windows 11 features added in 2023

The year 2023 marks a significant milestone for Windows 11 with the introduction of several new features and improvements. This includes drag and drop for the taskbar, AI, and more. [...]

https://www.bleepingcomputer.com/news/microsoft/the-best-windows-11-features-added-in-2023/

 The best Windows 11 features added in 2023

The year 2023 marks a significant milestone for Windows 11 with the introduction of several new features and improvements. This includes drag and drop for the taskbar, AI, and more. [...]

https://www.bleepingcomputer.com/news/microsoft/the-best-windows-11-features-added-in-2023/

 Google Search bug shows blank page in Firefox for Android

Users of the Firefox browser for Android have been reporting that they are seeing a blank page when trying to load the main Google Search site. [...]

https://www.bleepingcomputer.com/news/security/google-search-bug-shows-blank-page-in-firefox-for-android/

 Criminal IP and Tenable Partner for Swift Vulnerability Detection

Cyber Threat Intelligence (CTI) search engine Criminal IP has established a technical partnership with Tenable. Learn more from Criminal IP about how this partnership can assist in real-time vulnerability and maliciousness scans. [...]

https://www.bleepingcomputer.com/news/security/criminal-ip-and-tenable-partner-for-swift-vulnerability-detection/

 Paraguay warns of Black Hunt ransomware attacks after Tigo Business breach

The Paraguay military is warning of Black Hunt ransomware attacks after Tigo Business suffered a cyberattack last week impacting cloud and hosting services in the company's business division. [...]

https://www.bleepingcomputer.com/news/security/paraguay-warns-of-black-hunt-ransomware-attacks-after-tigo-business-breach/

 Decryptor for Babuk ransomware variant released after hacker arrested

Researchers from Cisco Talos working with the Dutch police obtained a decryption tool for the Tortilla variant of Babuk ransomware and shared intelligence that led to the arrest of the ransomware's operator. [...]

https://www.bleepingcomputer.com/news/security/decryptor-for-babuk-ransomware-variant-released-after-hacker-arrested/

 Hackers target Microsoft SQL servers in Mimic ransomware attacks

A group of financially motivated Turkish hackers targets Microsoft SQL (MSSQL) servers worldwide to encrypt the victims' files with Mimic (N3ww4v3) ransomware. [...]

https://www.bleepingcomputer.com/news/security/hackers-target-microsoft-sql-servers-in-mimic-ransomware-attacks/

 Windows 11 KB5034123 update released with security and Wi-Fi fixes

Microsoft has released the Windows 11 KB5034123 cumulative update for versions 23H2 and 22H2 to fix a variety of issues, including a potential Wi-Fi bug that was fixed in a KIR last month. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5034123-update-released-with-security-and-wi-fi-fixes/

 Microsoft January 2024 Patch Tuesday fixes 49 flaws, 12 RCE bugs

Today is Microsoft's January 2024 Patch Tuesday, which includes security updates for a total of 49 flaws and 12 remote code execution vulnerabilities. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2024-patch-tuesday-fixes-49-flaws-12-rce-bugs/

 CISA warns agencies of fourth flaw used in Triangulation spyware attacks

The U.S. Cybersecurity and Infrastructure Security Agency has added to its to the Known Exploited Vulnerabilities catalog six vulnerabilities that impact products from Adobe, Apache, D-Link, and Joomla. [...]

https://www.bleepingcomputer.com/news/security/cisa-warns-agencies-of-fourth-flaw-used-in-triangulation-spyware-attacks/