Microsoft says it fixed a Windows Metadata server issue that’s still broken

Microsoft claims to have fixed Windows Metadata connection issues which continue to plague customers, causing problems for users trying to manage their printers and other hardware. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-says-it-fixed-a-windows-metadata-server-issue-thats-still-broken/

 Zeus, IcedID malware gangs leader pleads guilty, faces 40 years in prison

Ukrainian national Vyacheslav Igorevich Penchukov, one of the heads of the notorious JabberZeus cybercrime gang, has pleaded guilty to charges related to his leadership roles in the Zeus and IcedID malware groups. [...]

https://www.bleepingcomputer.com/news/security/zeus-icedid-malware-gangs-leader-pleads-guilty-faces-40-years-in-prison/

 North Korean hackers now launder stolen crypto via YoMix tumbler

The North Korean hacker collective Lazarus, infamous for having carried out numerous large-scale cryptocurrency heists over the years, has switched to using YoMix bitcoin mixer to launder stolen proceeds. [...]

https://www.bleepingcomputer.com/news/security/north-korean-hackers-now-launder-stolen-crypto-via-yomix-tumbler/

 Alpha ransomware linked to NetWalker operation dismantled in 2021

Security researchers analyzing the Alpha ransomware payload and modus operandi discovered overlaps with the now-defunct Netwalker ransomware operation. [...]

https://www.bleepingcomputer.com/news/security/alpha-ransomware-linked-to-netwalker-operation-dismantled-in-2021/

 SolarWinds fixes critical RCE bugs in access rights audit solution

SolarWinds has patched five remote code execution (RCE) flaws in its Access Rights Manager (ARM) solution, including three critical severity vulnerabilities that allow unauthenticated exploitation. [...]

https://www.bleepingcomputer.com/news/security/solarwinds-fixes-critical-rce-bugs-in-access-rights-audit-solution/

 Wyze investigating 'security issue' amid ongoing outage

Wyze Labs is investigating a security issue while experiencing a service outage that has been causing connectivity issues since this morning. [...]

https://www.bleepingcomputer.com/news/security/wyze-investigating-security-issue-amid-ongoing-outage/

 ALPHV ransomware claims loanDepot, Prudential Financial breaches

The ALPHV/Blackcat ransomware gang has claimed responsibility for the recent network breaches of Fortune 500 company Prudential Financial and mortgage lender loanDepot. [...]

https://www.bleepingcomputer.com/news/security/alphv-ransomware-claims-loandepot-prudential-financial-breaches/

 New Google Chrome feature blocks attacks against home networks

Google is testing a new feature to prevent malicious public websites from pivoting through a user's browser to attack devices and services on internal, private networks. [...]

https://www.bleepingcomputer.com/news/google/new-google-chrome-feature-blocks-attacks-against-home-networks/

 KeyTrap attack: Internet access disrupted with one DNS packet

A serious vulnerability named KeyTrap in the Domain Name System Security Extensions (DNSSEC) feature could be exploited to deny internet access to applications for an extended period. [...]

https://www.bleepingcomputer.com/news/security/keytrap-attack-internet-access-disrupted-with-one-dns-packet/

 Hacker arrested for selling bank accounts of US, Canadian users

Ukraine's cyber police arrested a 31-year-old for running a cybercrime operation that gained access to bank accounts of American and Canadian users and sold it on the dark web. [...]

https://www.bleepingcomputer.com/news/security/hacker-arrested-for-selling-bank-accounts-of-us-canadian-users/

 Anatsa Android malware downloaded 150,000 times via Google Play

The Anatsa banking trojan has been targeting users in Europe by infecting Android devices through malware droppers hosted on Google Play. [...]

https://www.bleepingcomputer.com/news/security/anatsa-android-malware-downloaded-150-000-times-via-google-play/

 Wyze camera glitch gave 13,000 users a peek into other homes

​Wyze shared more details on a security incident that impacted thousands of users on Friday and said that at least 13,000 customers could get a peek into other users' homes. [...]

https://www.bleepingcomputer.com/news/security/wyze-camera-glitch-gave-13-000-users-a-peek-into-other-homes/

 Hackers exploit critical RCE flaw in Bricks WordPress site builder

Hackers are actively exploiting a critical remote code execution (RCE) flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable sites. [...]

https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-rce-flaw-in-bricks-wordpress-site-builder/

 Over 28,500 Exchange servers vulnerable to actively exploited bug

Up to 97,000 Microsoft Exchange servers may be vulnerable to a critical severity privilege escalation flaw tracked as CVE-2024-21410 that hackers are actively exploiting. [...]

https://www.bleepingcomputer.com/news/security/over-28-500-exchange-servers-vulnerable-to-actively-exploited-bug/

 Cactus ransomware claim to steal 1.5TB of Schneider Electric data

The Cactus ransomware gang claims they stole 1.5TB of data from Schneider Electric after breaching the company's network last month. [...]

https://www.bleepingcomputer.com/news/security/cactus-ransomware-claim-to-steal-15tb-of-schneider-electric-data/

 North Korean hackers linked to defense sector supply-chain attack

In an advisory today Germany's federal intelligence agency (BfV) and South Korea's National Intelligence Service (NIS) warn of an ongoing cyber-espionage operation targeting the global defense sector on behalf of the North Korean government. [...]

https://www.bleepingcomputer.com/news/security/north-korean-hackers-linked-to-defense-sector-supply-chain-attack/

 LockBit ransomware disrupted by global police operation

Law enforcement agencies from 11 countries have disrupted the notorious LockBit ransomware operation in a joint operation known as ''Operation Cronos." [...]

https://www.bleepingcomputer.com/news/security/lockbit-ransomware-disrupted-by-global-police-operation/

 Police arrest LockBit ransomware members, release decryptor in global crackdown

Law enforcement arrested two operators of the LockBit ransomware gang in Poland and Ukraine, created a decryption tool to recover encrypted files for free, and seized over 200 crypto-wallets after hacking the cybercrime gang's servers in an international crackdown operation. [...]

https://www.bleepingcomputer.com/news/security/police-arrest-lockbit-ransomware-members-release-decryptor-in-global-crackdown/

 Critical infrastructure software maker confirms ransomware attack

PSI Software SE, a German software developer for complex production and logistics processes, has confirmed that the cyber incident it disclosed last week is a ransomware attack that impacted its internal infrastructure. [...]

https://www.bleepingcomputer.com/news/security/critical-infrastructure-software-maker-confirms-ransomware-attack/

 Ransomware Groups, Targeting Preferences, and the Access Economy

The cybercrime ecosystem has created a supply chain of stolen accounts and breached networks that are used to fuel ransomware attacks and data breaches. Learn more from Flare about how this supply chain has led to an explosion of cybercrime. [...]

https://www.bleepingcomputer.com/news/security/ransomware-groups-targeting-preferences-and-the-access-economy/

 Knight ransomware source code for sale after leak site shuts down

The alleged source code for the third iteration of the Knight ransomware is being offered for sale to a single buyer on a hacker forum by a representative of the operation. [...]

https://www.bleepingcomputer.com/news/security/knight-ransomware-source-code-for-sale-after-leak-site-shuts-down/