FBI disrupts Chinese botnet by wiping malware from infected routers

The FBI has disrupted the KV Botnet used by Chinese Volt Typhoon state hackers to evade detection during attacks targeting U.S. critical infrastructure. [...]

https://www.bleepingcomputer.com/news/security/fbi-disrupts-chinese-botnet-by-wiping-malware-from-infected-routers/

 CISA warns of patched iPhone kernel bug now exploited in attacks

CISA warned today that a patched kernel security flaw affecting Apple iPhones, Macs, TVs, and watches is now being actively exploited in attacks. [...]

https://www.bleepingcomputer.com/news/security/cisa-warns-of-patched-iphone-kernel-bug-now-exploited-in-attacks/

 Exploit released for Android local elevation flaw impacting 7 OEMs

A proof-of-concept (PoC) exploit for a local privilege elevation flaw impacting at least seven Android original equipment manufacturers (OEMs) is now publicly available on GitHub. However, as the exploit requires local access, its release will mostly be helpful to researchers. [...]

https://www.bleepingcomputer.com/news/security/exploit-released-for-android-local-elevation-flaw-impacting-7-oems/

 Europcar denies data breach of 50 million users, says data is fake

Car rental company Europcar says it has not suffered a data breach and that shared customer data is fake after a threat actor claimed to be selling the personal info of 50 million customers. [...]

https://www.bleepingcomputer.com/news/security/europcar-denies-data-breach-of-50-million-users-says-data-is-fake/

 Police seize record 50,000 Bitcoin from now-defunct piracy site

The police in Saxony, eastern Germany, have seized 50,000 Bitcoin from the former operator of the pirate site movie2k.to through a voluntary deposit to a state-controlled wallet. [...]

https://www.bleepingcomputer.com/news/legal/police-seize-record-50-000-bitcoin-from-now-defunct-piracy-site/

 Hackers push USB malware payloads via news, media hosting sites

A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub, Vimeo, and Ars Technica, to host encoded payloads embedded in seemingly benign content. [...]

https://www.bleepingcomputer.com/news/security/hackers-push-usb-malware-payloads-via-news-media-hosting-sites/

 CISA orders federal agencies to disconnect Ivanti VPN appliances by Saturday

CISA has ordered U.S. federal agencies to disconnect all Ivanti Connect Secure and Policy Secure VPN appliances vulnerable to multiple actively exploited bugs before Saturday. [...]

https://www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-disconnect-ivanti-vpn-appliances-by-saturday/

 New Windows Event Log zero-day flaw gets unofficial patches

Free unofficial patches are available for a new Windows zero-day vulnerability dubbed 'EventLogCrasher' that lets attackers remotely crash the Event Log service on devices within the same Windows domain. [...]

https://www.bleepingcomputer.com/news/microsoft/new-windows-event-log-zero-day-flaw-gets-unofficial-patches/

 Google shares fix for Pixel phones hit by bad system update

Google has shared a temporary fix for owners of Google Pixel devices that were rendered unusable after installing the January 2024 Google Play system update. [...]

https://www.bleepingcomputer.com/news/mobile/google-shares-fix-for-pixel-phones-hit-by-bad-system-update/

 PurpleFox malware infected thousands of systems in Ukraine

The Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a PurpleFox malware campaign that has infected at least 2,000 computers in the country. [...]

https://www.bleepingcomputer.com/news/security/purplefox-malware-infected-thousands-of-systems-in-ukraine/

 More Android apps riddled with malware spotted on Google Play

An Android remote access trojan (RAT) known as VajraSpy was found in 12 malicious applications, six of which were available on Google Play from April 1, 2021, through September 10, 2023. [...]

https://www.bleepingcomputer.com/news/security/more-android-apps-riddled-with-malware-spotted-on-google-play/

 Microsoft fixes connection issue affecting Outlook email apps

Microsoft has fixed a known issue causing desktop and mobile email clients to fail to connect when using Outlook.com accounts. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-connection-issue-affecting-outlook-email-apps/

 Cloudflare hacked using auth tokens stolen in Okta attack

Cloudflare disclosed today that its internal Atlassian server was breached by a suspected 'nation state attacker' who accessed its Confluence wiki, Jira bug database, and Bitbucket source code management system. [...]

https://www.bleepingcomputer.com/news/security/cloudflare-hacked-using-auth-tokens-stolen-in-okta-attack/

 FTC orders Blackbaud to boost security after massive data breach

Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. [...]

https://www.bleepingcomputer.com/news/security/ftc-orders-blackbaud-to-boost-security-after-massive-data-breach/

 Interpol operation Synergia takes down 1,300 servers used for cybercrime

An international law enforcement operation code-named 'Synergia' has taken down over 1,300 command and control servers used in ransomware, phishing, and malware campaigns. [...]

https://www.bleepingcomputer.com/news/legal/interpol-operation-synergia-takes-down-1-300-servers-used-for-cybercrime/

 BTC-e server admin indicted for laundering ransom payments, stolen crypto

Aliaksandr Klimenka, a Belarusian and Cypriot national, has been indicted in the U.S. for his involvement in an international cybercrime money laundering operation. [...]

https://www.bleepingcomputer.com/news/legal/btc-e-server-admin-indicted-for-laundering-ransom-payments-stolen-crypto/

 Lurie Children's Hospital took systems offline after cyberattack

Lurie Children's Hospital in Chicago was forced to take IT systems offline after a cyberattack, disrupting normal operations and delaying medical care in some instances. [...]

https://www.bleepingcomputer.com/news/security/lurie-childrens-hospital-took-systems-offline-after-cyberattack/

 AnyDesk says hackers breached its production servers, reset passwords

AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company's production systems. BleepingComputer has learned that source code and private code signing keys were stolen during the attack. [...]

https://www.bleepingcomputer.com/news/security/anydesk-says-hackers-breached-its-production-servers-reset-passwords/

 The Week in Ransomware - February 2nd 2024 - No honor among thieves

Attacks on hospitals continued this week, with ransomware operations disrupting patient care as they force organization to respond to cyberattacks. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-2nd-2024-no-honor-among-thieves/

 Mastodon vulnerability allows attackers to take over accounts

Mastodon, the free and open-source decentralized social networking platform, has fixed a critical vulnerability that allows attackers to impersonate and take over any remote account. [...]

https://www.bleepingcomputer.com/news/security/mastodon-vulnerability-allows-attackers-to-take-over-accounts/

 Check if you're in Google Chrome's third-party cookie phaseout test

Google has started testing the phasing out of third-party cookies on Chrome, affecting about 1% of its users or approximately 30 million people. Learn how to check if you are part of the initial test. [...]

https://www.bleepingcomputer.com/news/google/check-if-youre-in-google-chromes-third-party-cookie-phaseout-test/