Ivanti Connect Secure zero-days exploited to deploy custom malware

Hackers have been exploiting the two zero-day vulnerabilities in Ivanti Connect Secure disclosed this week since early December to deploy multiple families of custom malware for espionage purposes. [...]

https://www.bleepingcomputer.com/news/security/ivanti-connect-secure-zero-days-exploited-to-deploy-custom-malware/

 Juniper warns of critical RCE bug in its firewalls and switches

Juniper Networks has released security updates to fix a critical pre-auth remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. [...]

https://www.bleepingcomputer.com/news/security/juniper-warns-of-critical-rce-bug-in-its-firewalls-and-switches/

 GitLab warns of critical zero-click account hijacking vulnerability

GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction. [...]

https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-zero-click-account-hijacking-vulnerability/

 CISA: Critical Microsoft SharePoint bug now actively exploited

CISA warns that attackers are now exploiting a critical Microsoft SharePoint privilege escalation vulnerability that can be chained with another critical bug for remote code execution. [...]

https://www.bleepingcomputer.com/news/security/cisa-critical-microsoft-sharepoint-bug-now-actively-exploited/

 The Week in Ransomware - January 12th 2024 - Targeting homeowners' data

Mortgage lenders and related companies are becoming popular targets of ransomware gangs, with four companies in this sector recently attacked. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-12th-2024-targeting-homeowners-data/

 Hacker spins up 1 million virtual servers to illegally mine crypto

A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency.  [...]

https://www.bleepingcomputer.com/news/security/hacker-spins-up-1-million-virtual-servers-to-illegally-mine-crypto/

 Save up to $315 on data privacy tools with AdGuard VPN

A VPN is the first defense you have again ISP throttling, commercial data trackers, and malicious actors. AdGuard VPN has three deals to choose from now through January 14th. [...]

https://www.bleepingcomputer.com/news/security/save-up-to-315-on-data-privacy-tools-with-adguard-vpn/

 GrapheneOS: Frequent Android auto-reboots block firmware exploits

GrapheneOS, a privacy and security-focused Android-based operating system, has posted a series of tweets on X suggesting that Android should introduce frequent auto-reboots to make it harder for forensic software vendors to exploit firmware flaws and spy on the users. [...]

https://www.bleepingcomputer.com/news/security/grapheneos-frequent-android-auto-reboots-block-firmware-exploits/

 The new Windows 11 features coming in 2024

Windows 11 is gearing up to introduce an array of exciting new features in 2024 aimed at enhancing user experience across various aspects of the operating system. [...]

https://www.bleepingcomputer.com/news/microsoft/the-new-windows-11-features-coming-in-2024/

 Latest Adblock update causes massive YouTube performance hit

Adblock and Adblock Plus users report performance issues on YouTube, initially blamed on Google but later determined to be an issue in the popular ad-blocking extension. [...]

https://www.bleepingcomputer.com/news/security/latest-adblock-update-causes-massive-youtube-performance-hit/

 Over 178K SonicWall firewalls vulnerable to DoS, potential RCE attacks

Security researchers have found over 178,000 SonicWall next-generation firewalls (NGFW) with the management interface exposed online are vulnerable to denial-of-service (DoS) and potential remote code execution (RCE) attacks. [...]

https://www.bleepingcomputer.com/news/security/over-178k-sonicwall-firewalls-vulnerable-to-dos-potential-rce-attacks/

 Windows SmartScreen flaw exploited to drop Phemedrone malware

A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files. [...]

https://www.bleepingcomputer.com/news/security/windows-smartscreen-flaw-exploited-to-drop-phemedrone-malware/

 Microsoft working on a fix for Windows 10 0x80070643 errors

Microsoft is working to fix a known issue causing 0x80070643 errors when installing the KB5034441 security update that patches the CVE-2024-20666 BitLocker vulnerability. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-working-on-a-fix-for-windows-10-0x80070643-errors/

 US court docs expose fake antivirus renewal phishing tactics

In a seizure warrant application, the U.S. Secret Service sheds light on how threat actors stole $34,000 using fake antivirus renewal subscription emails. [...]

https://www.bleepingcomputer.com/news/security/us-court-docs-expose-fake-antivirus-renewal-phishing-tactics/

 Windows Copilot autostart tests limited to 27" displays or larger

Microsoft says that tests of a controversial new Windows 11 feature that automatically opens the AI-powered Copilot assistant after Windows starts are limited to systems with 27-inch displays. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-copilot-autostart-tests-limited-to-27-displays-or-larger/

 Ivanti Connect Secure zero-days now under mass exploitation

Two zero-day vulnerabilities affecting Ivanti's Connect Secure VPN and Policy Secure network access control (NAC) appliances are now under mass exploitation. [...]

https://www.bleepingcomputer.com/news/security/ivanti-connect-secure-zero-days-now-under-mass-exploitation/

 The Dual Role AI Plays in Cybersecurity: How to Stay Ahead

AI presents significant advantages for organizations, but it's also being exploited to amplify and intensify cyberattacks. Learn more from Outpost24 about how hackers are harnessing the power of AI. [...]

https://www.bleepingcomputer.com/news/security/the-dual-role-ai-plays-in-cybersecurity-how-to-stay-ahead/

 Atlassian warns of critical RCE flaw in older Confluence versions

Atlassian Confluence Data Center and Confluence Server are vulnerable to a critical remote code execution (RCE) vulnerability that impacts versions released before December 5, 2023, including out-of-support releases. [...]

https://www.bleepingcomputer.com/news/security/atlassian-warns-of-critical-rce-flaw-in-older-confluence-versions/

 PixieFail flaws impact PXE network boot in enterprise systems

A set of nine vulnerabilities, collectively called 'PixieFail,' impact the IPv6 network protocol stack of Tianocore's EDK II, the open-source reference implementation of the UEFI specification widely used in enterprise computers and servers. [...]

https://www.bleepingcomputer.com/news/security/pixiefail-flaws-impact-pxe-network-boot-in-enterprise-systems/

 FBI: Androxgh0st malware botnet steals AWS, Microsoft credentials

CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen information to deliver additional malicious payloads. [...]

https://www.bleepingcomputer.com/news/security/fbi-androxgh0st-malware-botnet-steals-aws-microsoft-credentials/

 Majorca city Calvià extorted for $11M in ransomware attack

The Calvià City Council in Majorca announced it was targeted by a ransomware attack on Saturday, which impacted municipal services. [...]

https://www.bleepingcomputer.com/news/security/majorca-city-calvi-extorted-for-11m-in-ransomware-attack/