Cybersecurity consultant arrested after allegedly extorting IT firm

A former cybersecurity consultant was arrested for allegedly attempting to extort a publicly traded IT company by threatening to disclose confidential and proprietary data unless they paid him $1,500,000. [...]

https://www.bleepingcomputer.com/news/legal/cybersecurity-consultant-arrested-after-allegedly-extorting-it-firm/

 Microsoft won't fix Windows 0x80070643 errors, manual fix required

​Microsoft has confirmed that it won't provide an automated fix for a known issue causing 0x80070643 errors when installing recent Windows Recovery Environment (WinRE) updates. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-wont-fix-windows-0x80070643-errors-manual-fix-required/

 REvil hacker behind Kaseya ransomware attack gets 13 years in prison

Yaroslav Vasinskyi, a Ukrainian national, was sentenced to 13 years and seven months in prison and ordered to pay $16 million in restitution for his involvement in the REvil ransomware operation. [...]

https://www.bleepingcomputer.com/news/security/revil-hacker-behind-kaseya-ransomware-attack-gets-13-years-in-prison/

 Microsoft warns of "Dirty Stream" attack impacting Android apps

Microsoft has highlighted a novel attack dubbed "Dirty Stream," which could allow malicious Android apps to overwrite files in another application's home directory, potentially leading to arbitrary code execution and secrets theft. [...]

https://www.bleepingcomputer.com/news/security/microsoft-warns-of-dirty-stream-attack-impacting-android-apps/

 Police shuts down 12 fraud call centres, arrests 21 suspects

Law enforcement shut down 12 phone fraud call centers in Albania, Bosnia and Herzegovina, Kosovo, and Lebanon, behind thousands of scam calls daily. [...]

https://www.bleepingcomputer.com/news/security/police-shuts-down-12-fraud-call-centres-arrests-21-suspects/

 CISA urges software devs to weed out path traversal vulnerabilities

​CISA and the FBI urged software companies today to review their products and eliminate path traversal security vulnerabilities before shipping. [...]

https://www.bleepingcomputer.com/news/security/cisa-urges-software-devs-to-weed-out-path-traversal-vulnerabilities/

 Bitwarden launches new MFA Authenticator app for iOS, Android

Bitwarden, the creator of the popular open-source password manager, has just launched a new authenticator app called Bitwarden Authenticator, which is available for iOS and Android devices. [...]

https://www.bleepingcomputer.com/news/software/bitwarden-launches-new-mfa-authenticator-app-for-ios-android/

 CEO who sold fake Cisco devices to US military gets 6 years in prison

Onur Aksoy, the CEO of a group of companies controlling multiple online storefronts, was sentenced to six and a half years in prison for selling $100 million worth of counterfeit Cisco network equipment to government, health, education, and military organizations worldwide. [...]

https://www.bleepingcomputer.com/news/security/ceo-who-sold-fake-cisco-devices-to-us-military-gets-6-years-in-prison/

 Microsoft rolls out passkey auth for personal Microsoft accounts

Microsoft announced that Windows users can now log into their Microsoft consumer accounts using a passkey, allowing users to authenticate using password-less methods such as Windows Hello, FIDO2 security keys, biometric data (facial scans or fingerprints), or device PINs. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-passkey-auth-for-personal-microsoft-accounts/

 NATO and EU condemn Russia's cyberattacks against Germany, Czechia

​NATO and the European Union, with international partners, formally condemned a long-term cyber espionage campaign against European countries conducted by the Russian threat group APT28. [...]

https://www.bleepingcomputer.com/news/security/nato-and-eu-condemn-russias-cyberattacks-against-germany-czechia/

 Google rolls back reCaptcha update to fix Firefox issues

Google has rolled back a recent release of its reCaptcha captcha script after a bug caused the service to no longer work on Firefox for Windows. [...]

https://www.bleepingcomputer.com/news/security/google-rolls-back-recaptcha-update-to-fix-firefox-issues/

 NSA warns of North Korean hackers exploiting weak DMARC email policies

The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conformance (DMARC) policies to mask spearphishing attacks. [...]

https://www.bleepingcomputer.com/news/security/nsa-warns-of-north-korean-hackers-exploiting-weak-dmarc-email-policies/

 Android bug can leak DNS traffic with VPN kill switch enabled

A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option. [...]

https://www.bleepingcomputer.com/news/security/android-bug-can-leak-dns-traffic-with-vpn-kill-switch-enabled/

 Iranian hackers pose as journalists to push backdoor malware

The Iranian state-backed threat actor tracked as APT42 is employing social engineering attacks, including posing as journalists, to breach corporate networks and cloud environments of Western and Middle Eastern targets. [...]

https://www.bleepingcomputer.com/news/security/iranian-hackers-pose-as-journalists-to-push-backdoor-malware/

 Finland warns of Android malware attacks breaching bank accounts

Finland's Transport and Communications Agency (Traficom) has issued a warning about an ongoing Android malware campaign targeting banking accounts. [...]

https://www.bleepingcomputer.com/news/security/finland-warns-of-android-malware-attacks-breaching-bank-accounts/

 Lockbit's seized site comes alive to tease new police announcements

The NCA, FBI, and Europol have revived a seized LockBit ransomware data leak site to hint at new information being revealed by law enforcement this Tuesday. [...]

https://www.bleepingcomputer.com/news/security/lockbits-seized-site-comes-alive-to-tease-new-police-announcements/

 Get ahead in cybersecurity with $145 off a training course bundle

Cybersecurity is everyone's concern, and for IT workers, a key skill on their resume. This five-course exam prep bundle helps you get more advanced credentials for $49.99, $145 off the $195 MSRP. [...]

https://www.bleepingcomputer.com/news/security/get-ahead-in-cybersecurity-with-145-off-a-training-course-bundle/

 City of Wichita shuts down IT network after ransomware attack

The City of Wichita, Kansas, disclosed it was forced to shut down portions of its network after suffering a weekend ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/city-of-wichita-shuts-down-it-network-after-ransomware-attack/

 Microsoft tests using MT/s for memory speed in Windows 11 Task Manager

Microsoft is testing showing memory speeds as MT/s (mega-transfers per second) rather than MHz (megahertz) in the Windows 11 Task Manager. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-tests-using-mt-s-for-memory-speed-in-windows-11-task-manager/

 Google Chrome is getting native support for YouTube-like video chapters

Google is adding a new feature to Google Chrome that allows publishers to add video chapters to videos embedded on websites, similar to how chapters work on YouTube. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-is-getting-native-support-for-youtube-like-video-chapters/

 LockBit ransomware admin identified, sanctioned in US, UK, Australia

The FBI, UK National Crime Agency, and Europol have unveiled sweeping indictments and sanctions against the admin of the LockBit ransomware operation, with the identity of the Russian threat actor revealed for the first time. [...]

https://www.bleepingcomputer.com/news/security/lockbit-ransomware-admin-identified-sanctioned-in-us-uk-australia/