Microsoft: Ransomware gangs exploit VMware ESXi auth bypass in attacks

Microsoft warned today that ransomware gangs are actively exploiting a VMware ESXi authentication bypass vulnerability in attacks. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-ransomware-gangs-exploit-vmware-esxi-auth-bypass-in-attacks/

 Former Avaya employee gets 4 years for $88M license piracy scheme

Three individuals who orchestrated a massive-scale pirate operation involving the sale of Avaya business telephone system software licenses worth over $88,000,000 have received imprisonment sentences. [...]

https://www.bleepingcomputer.com/news/legal/former-avaya-employee-gets-4-years-for-88m-license-piracy-scheme/

 Apple iOS 18.1 Beta previews Apple Intelligence for the first time

Apple has released the iOS 18.1 Beta to developers, allowing them to test some of its upcoming AI-powered Apple Intelligence features before they are released for testing in the public previews. [...]

https://www.bleepingcomputer.com/news/apple/apple-ios-181-beta-previews-apple-intelligence-for-the-first-time/

 New Specula tool uses Outlook for remote code execution in Windows

Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm TrustedSec. [...]

https://www.bleepingcomputer.com/news/security/new-specula-tool-uses-outlook-for-remote-code-execution-in-windows/

 Android spyware 'Mandrake' hidden in apps on Google Play since 2022

A new version of the Android spyware 'Mandrake' has been found in five applications downloaded 32,000 times from Google Play, the platform's official app store. [...]

https://www.bleepingcomputer.com/news/security/android-spyware-mandrake-hidden-in-apps-on-google-play-since-2022/

 UK govt links 2021 Electoral Commission breach to Exchange server

The United Kingdom's Information Commissioner's Office (ICO) revealed today that the Electoral Commission was breached in August 2021 because it failed to patch its on-premise Microsoft Exchange Server against ProxyShell vulnerabilities. [...]

https://www.bleepingcomputer.com/news/security/uk-govt-links-2021-electoral-commission-breach-to-exchange-server/

 Microsoft 365 and Azure outage takes down multiple services

Microsoft is investigating an ongoing and widespread outage blocking access to some Microsoft 365 and Azure services. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-365-and-azure-outage-takes-down-multiple-services/

 Is your password policy working? Key cybersecurity KPIs to measure

Are your password policies having a positive impact on the cybersecurity posture of your org? Learn more from Specops Software about how to align password policies with wider cybersecurity KPIs. [...]

https://www.bleepingcomputer.com/news/security/is-your-password-policy-working-key-cybersecurity-kpis-to-measure/

 DigiCert mass-revoking TLS certificates due to domain validation bug

DigiCert is warning that it will be mass-revoking SSL/TLS certificates due to a bug in how the company verified if a customer owned or operated a domain and requires impacted customers to reissue certificates within 24 hours. [...]

https://www.bleepingcomputer.com/news/security/digicert-mass-revoking-tls-certificates-due-to-domain-validation-bug/

 Columbus investigates whether data was stolen in ransomware attack

The City of Columbus, Ohio, says it's investigating whether personal data was stolen in a ransomware attack on July 18, 2024 that disrupted the City's services. [...]

https://www.bleepingcomputer.com/news/security/columbus-investigates-whether-data-was-stolen-in-ransomware-attack/

 Google Chrome adds app-bound encryption to block infostealer malware

Google Chrome has added app-bound encryption for better cookie protection on Windows systems and improved defenses against information-stealing malware attacks. [...]

https://www.bleepingcomputer.com/news/security/google-chrome-adds-app-bound-encryption-to-block-infostealer-malware/

 Black Basta ransomware switches to more evasive custom malware

The Black Basta ransomware gang has shown resilience and an ability to adapt to a constantly shifting space, using new custom tools and tactics to evade detection and spread throughout a network. [...]

https://www.bleepingcomputer.com/news/security/black-basta-ransomware-switches-to-more-evasive-custom-malware/

 CISA warns of VMware ESXi bug exploited in ransomware attacks

CISA has ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their servers against a VMware ESXi authentication bypass vulnerability exploited in ransomware attacks. [...]

https://www.bleepingcomputer.com/news/security/cisa-warns-of-vmware-esxi-bug-exploited-in-ransomware-attacks/

 Dark Angels ransomware receives record-breaking $75 million ransom

A Fortune 50 company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz. [...]

https://www.bleepingcomputer.com/news/security/dark-angels-ransomware-receives-record-breaking-75-million-ransom/

 Massive SMS stealer campaign infects Android devices in 113 countries

A malicious campaign targeting Android devices worldwide utilizes thousands of Telegram bots to infect devices with SMS-stealing malware and steal one-time 2FA passwords (OTPs) for over 600 services. [...]

https://www.bleepingcomputer.com/news/security/massive-sms-stealer-campaign-infects-android-devices-in-113-countries/

 Microsoft says massive Azure outage was caused by DDoS attack

Microsoft confirmed today that a nine-hour outage on Tuesday that took down and disrupted multiple Microsoft 365 and Azure services worldwide was triggered by a distributed denial-of-service (DDoS) attack. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-says-massive-azure-outage-was-caused-by-ddos-attack/

 Fraud ring pushes 600+ fake web shops via Facebook ads

A malicious fraud campaign dubbed "ERIAKOS" promotes more than 600 fake web shops through Facebook advertisements to steal visitors' personal and financial information. [...]

https://www.bleepingcomputer.com/news/security/fraud-ring-pushes-600-plus-fake-web-shops-via-facebook-ads/

 New Android malware wipes your device after draining bank accounts

A new Android malware that researchers call 'BingoMod' can wipe devices after successfully stealing money from the victims' bank accounts using the on-device fraud technique. [...]

https://www.bleepingcomputer.com/news/security/new-android-malware-wipes-your-device-after-draining-bank-accounts/

 World leading silver producer Fresnillo discloses cyberattack

​Fresnillo PLC, the world's largest silver producer and a top global producer of gold, copper, and zinc, said attackers gained access to data stored on its systems during a recent cyberattack. [...]

https://www.bleepingcomputer.com/news/security/world-leading-silver-producer-fresnillo-discloses-cyberattack/

 Google ads push fake Google Authenticator site installing malware

Google has fallen victim to its own ad platform, allowing threat actors to create fake Google Authenticator ads that push the DeerStealer information-stealing malware. [...]

https://www.bleepingcomputer.com/news/security/google-ads-push-fake-google-authenticator-site-installing-malware/

 CISA and FBI: DDoS attacks won’t impact US election integrity

​CISA and the FBI said today that Distributed Denial of Service (DDoS) attacks targeting election infrastructure will, at most, hinder public access to information but will have no impact on the integrity or security of the 2024 U.S. general election processes. [...]

https://www.bleepingcomputer.com/news/security/cisa-and-fbi-ddos-attacks-wont-impact-us-election-integrity/