CISA emergency directive: Mitigate Ivanti zero-days immediately

CISA issued this year's first emergency directive ordering Federal Civilian Executive Branch (FCEB) agencies to immediately mitigate two Ivanti Connect Secure and Ivanti Policy Secure zero-day flaws in response to widespread and active exploitation by multiple threat actors. [...]

https://www.bleepingcomputer.com/news/security/cisa-emergency-directive-mitigate-ivanti-zero-days-immediately/

 Payoneer accounts in Argentina hacked in 2FA bypass attacks

Numerous Payoneer users in Argentina report waking up to find that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping. [...]

https://www.bleepingcomputer.com/news/security/payoneer-accounts-in-argentina-hacked-in-2fa-bypass-attacks/

 BreachForums hacking forum admin sentenced to 20 years supervised release

Conor Brian Fitzpatrick was sentenced to 20 years of supervised release today in the Eastern District of Virginia for operating the notorious BreachForums hacking forum, known for the sale and leaking of personal data for hundreds of millions of people worldwide. [...]

https://www.bleepingcomputer.com/news/security/breachforums-hacking-forum-admin-sentenced-to-20-years-supervised-release/

 Russian hackers stole Microsoft corporate emails in month-long breach

Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard. [...]

https://www.bleepingcomputer.com/news/security/russian-hackers-stole-microsoft-corporate-emails-in-month-long-breach/

 Meta won't remove fake Instagram profiles that are clearly catfishing

Meta seems to be falling short of effectively tackling fake Instagram profiles even when there are sufficient signs to indicate that a profile is misusing someone else's photos and identity. [...]

https://www.bleepingcomputer.com/news/security/meta-wont-remove-fake-instagram-profiles-that-are-clearly-catfishing/

 Researchers link 3AM ransomware to Conti, Royal cybercrime gangs

Security researchers analyzing the activity of the recently emerged 3AM ransomware operation uncovered close connections with infamous groups, such as the Conti syndicate and the Royal ransomware gang. [...]

https://www.bleepingcomputer.com/news/security/researchers-link-3am-ransomware-to-conti-royal-cybercrime-gangs/

 Court charges dev with hacking after cybersecurity issue disclosure

A German court has charged a programmer investigating an IT problem with hacking and fined them €3,000 ($3,265) for what it deemed was unauthorized access to external computer systems and spying on data. [...]

https://www.bleepingcomputer.com/news/security/court-charges-dev-with-hacking-after-cybersecurity-issue-disclosure/

 Brave to end 'Strict' fingerprinting protection as it breaks websites

Brave Software has announced plans to deprecate the 'Strict' fingerprinting protection mode in its privacy-focused Brave Browser because it causes many sites to function incorrectly. [...]

https://www.bleepingcomputer.com/news/security/brave-to-end-strict-fingerprinting-protection-as-it-breaks-websites/

 Watch out for "I can't believe he is gone" Facebook phishing posts

A widespread Facebook phishing campaign stating, "I can't believe he is gone. I'm gonna miss him so much," leads unsuspecting users to a website that steals your Facebook credentials. [...]

https://www.bleepingcomputer.com/news/security/watch-out-for-i-cant-believe-he-is-gone-facebook-phishing-posts/

 Tietoevry ransomware attack causes outages for Swedish firms, cities

Finnish IT services and enterprise cloud hosting provider Tietoevry has suffered a ransomware attack impacting cloud hosting customers in one of its data centers in Sweden, with the attack reportedly conducted by the Akira ransomware gang. [...]

https://www.bleepingcomputer.com/news/security/tietoevry-ransomware-attack-causes-outages-for-swedish-firms-cities/

 Hackers start exploiting critical Atlassian Confluence RCE flaw

Security researchers are observing exploitation attempts for the CVE-2023-22527 remote code execution flaw vulnerability that affects outdated versions of Atlassian Confluence servers. [...]

https://www.bleepingcomputer.com/news/security/hackers-start-exploiting-critical-atlassian-confluence-rce-flaw/

 Trezor support site breach exposes personal data of 66,000 customers

Trezor issued an alert following a security breach on January 17, 2024, when unauthorized access was gained to their third-party support ticketing portal. [...]

https://www.bleepingcomputer.com/news/security/trezor-support-site-breach-exposes-personal-data-of-66-000-customers/

 loanDepot cyberattack causes data breach for 16.6 million people

Mortgage lender loanDepot says that approximately 16.6 million people had their personal information stolen in a ransomware attack disclosed earlier this month. [...]

https://www.bleepingcomputer.com/news/security/loandepot-cyberattack-causes-data-breach-for-166-million-people/

 Ivanti: VPN appliances vulnerable if pushing configs after mitigation

Ivanti warned admins to stop pushing new device configurations to appliances after applying mitigations because this will leave them vulnerable to ongoing attacks exploiting two zero-day vulnerabilities. [...]

https://www.bleepingcomputer.com/news/security/ivanti-vpn-appliances-vulnerable-if-pushing-configs-after-mitigation/

 Apple fixes first zero-day bug exploited in attacks this year

Apple released security updates to address this year's first zero-day vulnerability exploited in attacks that could impact iPhones, Macs, and Apple TVs. [...]

https://www.bleepingcomputer.com/news/apple/apple-fixes-first-zero-day-bug-exploited-in-attacks-this-year/

 Malicious web redirect scripts stealth up to hide on hacked sites

Security researchers looking at more than 10,000 scripts used by the Parrot traffic direction system (TDS) noticed an evolution marked by optimizations that make malicious code stealthier against security mechanisms. [...]

https://www.bleepingcomputer.com/news/security/malicious-web-redirect-scripts-stealth-up-to-hide-on-hacked-sites/

 FTC orders Intuit to stop pushing "free" software that isn't really free

Today, the U.S. Federal Trade Commission (FTC) ordered Intuit to stop promoting its software products and services as "free" unless they're actually free for all consumers. [...]

https://www.bleepingcomputer.com/news/technology/ftc-orders-intuit-to-stop-pushing-free-software-that-isnt-really-free/

 Cracked macOS apps drain wallets using scripts fetched from DNS records

Hackers are using a stealthy method to deliver to macOS users information-stealing malware through DNS records that hide malicious scripts. [...]

https://www.bleepingcomputer.com/news/security/cracked-macos-apps-drain-wallets-using-scripts-fetched-from-dns-records/

 SEC confirms X account was hacked in SIM swapping attack

The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the cell phone number associated with the account. [...]

https://www.bleepingcomputer.com/news/security/sec-confirms-x-account-was-hacked-in-sim-swapping-attack/

 Australia sanctions REvil hacker behind Medibank data breach

The Australian government has announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack and a member of the REvil ransomware group. [...]

https://www.bleepingcomputer.com/news/security/australia-sanctions-revil-hacker-behind-medibank-data-breach/

 Fortra warns of new critical GoAnywhere MFT auth bypass, patch now

Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows an attacker to create a new admin user. [...]

https://www.bleepingcomputer.com/news/security/fortra-warns-of-new-critical-goanywhere-mft-auth-bypass-patch-now/