Activision: Enable 2FA to secure accounts recently stolen by malware

An infostealer malware campaign has reportedly collected millions of logins from users of various gaming websites, including players that use cheats, pay-to-cheat services. [...]

https://www.bleepingcomputer.com/news/security/activision-enable-2fa-to-secure-accounts-recently-stolen-by-malware/

 Vultur banking malware for Android poses as McAfee Security app

Security researchers found a new version of the Vultur banking trojan for Android that includes more advanced remote control capabilities and an improved evasion mechanism. [...]

https://www.bleepingcomputer.com/news/security/vultur-banking-malware-for-android-poses-as-mcafee-security-app/

 AT&T confirms data for 73 million customers leaked on hacker forum

AT&T has finally confirmed it is impacted by a data breach affecting 73 million current and former customers after initially denying the leaked data originated from them. [...]

https://www.bleepingcomputer.com/news/security/atandt-confirms-data-for-73-million-customers-leaked-on-hacker-forum/

 It's surprisingly difficult for AI to create just a plain white image

Generative AI services like Midjourney and OpenAI's DALL-E can deliver the unimaginable when it comes to stunning artifacts produced from simple text prompts. Sketching complex art imagery may be AI's specialty, yet some of the simplest tasks are evidently what AI struggles with the most. [...]

https://www.bleepingcomputer.com/news/technology/its-surprisingly-difficult-for-ai-to-create-just-a-plain-white-image/

 DinodasRAT malware targets Linux servers in espionage campaign

Security researchers have observed Red Hat and Ubuntu systems being attacked by a Linux version of the DinodasRAT (also known as XDealer) that may have been operating since 2022. [...]

https://www.bleepingcomputer.com/news/security/dinodasrat-malware-targets-linux-servers-in-espionage-campaign/

 Shopping platform PandaBuy data leak impacts 1.3 million users

Data belonging to more than 1.3 million customers of the PandaBuy online shopping platform has been leaked, allegedly after two threat actors exploited multiple vulnerabilities to breach systems. [...]

https://www.bleepingcomputer.com/news/security/shopping-platform-pandabuy-data-leak-impacts-13-million-users/

 FTC: Americans lost $1.1 billion to impersonation scams in 2023

Impersonation scams in the U.S. exceeded $1.1 billion in losses last year, according to statistics collected by the Federal Trade Commission (FTC), a figure that is three times higher than in 2020. [...]

https://www.bleepingcomputer.com/news/security/ftc-americans-lost-11-billion-to-impersonation-scams-in-2023/

 Yacht retailer MarineMax discloses data breach after cyberattack

MarineMax, self-described as one of the world's largest recreational boat and yacht retailers, says attackers stole employee and customer data after breaching its systems in a March cyberattack. [...]

https://www.bleepingcomputer.com/news/security/yacht-retailer-marinemax-discloses-data-breach-after-cyberattack/

 OWASP discloses data breach caused by wiki misconfiguration

The OWASP Foundation has disclosed a data breach after some members' resumes were exposed online due to a misconfiguration of its old Wiki web server. [...]

https://www.bleepingcomputer.com/news/security/owasp-discloses-data-breach-caused-by-wiki-misconfiguration/

 Google now blocks spoofed emails for better phishing protection

Google has started automatically blocking emails sent by bulk senders who don't meet stricter spam thresholds and authenticate their messages as required by new guidelines to strengthen defenses against spam and phishing attacks. [...]

https://www.bleepingcomputer.com/news/google/google-now-blocks-spoofed-emails-for-better-phishing-protection/

 India rescues 250 citizens enslaved by Cambodian cybercrime gang

The Indian government says it rescued and repatriated 250 citizens who sought jobs in Cambodia, only to be forced into conducting cybercrime once they arrived. [...]

https://www.bleepingcomputer.com/news/security/india-rescues-250-citizens-enslaved-by-cambodian-cybercrime-gang/

 New XZ backdoor scanner detects implant in any Linux binary

Firmware security firm Binarly has released a free online scanner to detect Linux executables impacted by the XZ Utils supply chain attack, tracked as CVE-2024-3094. [...]

https://www.bleepingcomputer.com/news/security/new-xz-backdoor-scanner-detects-implant-in-any-linux-binary/

 Russia charges suspects behind theft of 160,000 credit cards

Russia's Prosecutor General's Office has announced the indictment of six suspected "hacking group" members for using malware to steal credit card and payment information from foreign online stores. [...]

https://www.bleepingcomputer.com/news/security/russia-charges-suspects-behind-theft-of-160-000-credit-cards/

 Google agrees to delete Chrome browsing data of 136 million users

Google has agreed to delete billions of data records collected from 136 million Chrome users in the United States, as part of a lawsuit settlement regarding alleged undisclosed browser data collection while in Incognito mode. [...]

https://www.bleepingcomputer.com/news/legal/google-agrees-to-delete-chrome-browsing-data-of-136-million-users/

 New Chrome feature aims to stop hackers from using stolen cookies

Google announced a new Chrome security feature called 'Device Bound Session Credentials' that ties cookies to a specific device, blocking hackers from stealing and using them to hijack users' accounts. [...]

https://www.bleepingcomputer.com/news/security/new-chrome-feature-aims-to-stop-hackers-from-using-stolen-cookies/

 Omni Hotels experiencing nationwide IT outage since Friday

Omni Hotels & Resorts has been experiencing a chain-wide outage that brought down its IT systems on Friday, impacting reservation, hotel room door lock, and point-of-sale (POS) systems. [...]

https://www.bleepingcomputer.com/news/security/omni-hotels-experiencing-nationwide-it-outage-since-friday/

 Winnti's new UNAPIMON tool hides malware from security software

The Chinese 'Winnti' hacking group was found using a previously undocumented malware called UNAPIMON to let malicous processes run without being detected. [...]

https://www.bleepingcomputer.com/news/security/winntis-new-unapimon-tool-hides-malware-from-security-software/

 Microsoft warns Gmail blocks some Outlook email as spam, shares fix

Microsoft has confirmed that some Outlook.com users are experiencing issues with emails being blocked and marked as spam when trying to email Gmail accounts. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-gmail-blocks-some-outlook-email-as-spam-shares-fix/

 6 Prompts You Don't Want Employees Putting in Microsoft Copilot

Microsoft Copilot is a powerful asset for companies, but with it comes an increased risk of data exposure. In this article, Varonis demonstrates prompt-hacking examples that can expose sensitive data. [...]

https://www.bleepingcomputer.com/news/security/6-prompts-you-dont-want-employees-putting-in-microsoft-copilot/

 Google fixes two Pixel zero-day flaws exploited by forensics firms

Google has fixed two Google Pixel zero-days exploited by forensic firms to unlock phones without a PIN and gain access to the data stored within them. [...]

https://www.bleepingcomputer.com/news/security/google-fixes-two-pixel-zero-day-flaws-exploited-by-forensics-firms/

 AT&T faces lawsuits over data breach affecting 73 million customers

AT&T is facing multiple class-action lawsuits following the company's admission to a massive data breach that exposed the sensitive data of 73 million current and former customers. [...]

https://www.bleepingcomputer.com/news/security/atandt-faces-lawsuits-over-data-breach-affecting-73-million-customers/