FBI wipes Chinese PlugX malware from over 4,000 US computers

​The U.S. Department of Justice announced today that the FBI has deleted Chinese PlugX malware from over 4,200 computers in networks across the United States. [...]

https://www.bleepingcomputer.com/news/security/fbi-wipes-chinese-plugx-malware-from-over-4-000-us-computers/

 Google OAuth flaw lets attackers gain access to abandoned accounts

A weakness in Google's OAuth "Sign in with Google" feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various software-as-a-service (SaaS) platforms. [...]

https://www.bleepingcomputer.com/news/security/google-oauth-flaw-lets-attackers-gain-access-to-abandoned-accounts/

 Windows 11 KB5050009 & KB5050021 cumulative updates released

Microsoft has released the Windows 11 KB5050009 and KB5050021 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5050009-and-kb5050021-cumulative-updates-released/

 Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws

Today is Microsoft's January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three actively exploited in attacks. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2025-patch-tuesday-fixes-8-zero-days-159-flaws/

 Windows 10 KB5049981 update released with new BYOVD blocklist

Microsoft has released the KB5049981 cumulative update for Windows 10 22H2 and Windows 10 21H2, which contains an updated Kernel driver blocklist to prevent Bring Your Own Vulnerable Driver (BYOVD) attacks. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5049981-update-released-with-new-byovd-blocklist/

 US govt says North Korea stole over $659 million in crypto last year

​North Korean state-backed hacking groups have stolen over $659 million worth of cryptocurrency in multiple crypto-heists, according to a joint statement issued by the United States, South Korea, and Japan on Tuesday. [...]

https://www.bleepingcomputer.com/news/security/us-govt-says-north-korea-stole-over-659-million-in-crypto-last-year/

 WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites

A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal data. [...]

https://www.bleepingcomputer.com/news/security/wp3xyz-malware-attacks-add-rogue-admins-to-5-000-plus-wordpress-sites/

 Allstate car insurer sued for tracking drivers without permission

Texas Attorney General Ken Paxton has filed a lawsuit against Allstate and its data subsidiary Arity for unlawfully collecting, using, and selling driving data from over 45 million Americans. [...]

https://www.bleepingcomputer.com/news/legal/allstate-car-insurer-sued-for-tracking-drivers-without-permission/

 January Windows updates may fail if Citrix SRA is installed

Microsoft is warning that the January 2025 Windows 11 and Windows 10 cumulative updates may fail if Citrix Session Recording Agent (SRA) version 2411 is installed on the device. [...]

https://www.bleepingcomputer.com/news/microsoft/january-windows-updates-may-fail-if-citrix-sra-is-installed/

 Windows BitLocker bug triggers warnings on devices with TPMs

​Microsoft is investigating a bug triggering security alerts on systems with a Trusted Platform Module (TPM) processor after enabling BitLocker. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-bitlocker-bug-triggers-warnings-on-devices-with-tpms/

 Over 660,000 Rsync servers exposed to code execution attacks

Over 660,000 exposed Rsync servers are potentially vulnerable to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that allows remote code execution on servers. [...]

https://www.bleepingcomputer.com/news/security/over-660-000-rsync-servers-exposed-to-code-execution-attacks/

 Microsoft ends support for Office apps on Windows 10 in October

Microsoft says it will drop support for Office apps in Windows 10 after the operating system reaches its end of support on October 14. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-ends-support-for-office-apps-on-windows-10-in-october/

 Hackers use Google Search ads to steal Google Ads accounts

​Ironically, cybercriminals now use Google search advertisements to promote phishing sites that steal advertisers' credentials for the Google Ads platform. [...]

https://www.bleepingcomputer.com/news/security/hackers-use-google-search-ads-to-steal-google-ads-accounts/

 Label giant Avery says website hacked to steal credit cards

Avery Products Corporation is warning it suffered a data breach after its website was hacked to steal customers' credit cards and personal information. [...]

https://www.bleepingcomputer.com/news/security/label-giant-avery-says-website-hacked-to-steal-credit-cards/

 MikroTik botnet uses misconfigured SPF DNS records to spread malware

A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and deliver malware by spoofing roughly 20,000 web domains. [...]

https://www.bleepingcomputer.com/news/security/mikrotik-botnet-uses-misconfigured-spf-dns-records-to-spread-malware/

 CISA shares guidance for Microsoft expanded logging capabilities

​CISA shared guidance for government agencies and enterprises on using expanded cloud logs in their Microsoft 365 tenants as part of their forensic and compliance investigations. [...]

https://www.bleepingcomputer.com/news/security/cisa-shares-guidance-for-microsoft-expanded-logging-capabilities/

 SAP fixes critical vulnerabilities in NetWeaver application servers

SAP has fixed two critical vulnerabilities affecting NetWeaver web application server that could be exploited to escalate privileges and access restricted information. [...]

https://www.bleepingcomputer.com/news/security/sap-fixes-critical-vulnerabilities-in-netweaver-application-servers/

 Hackers leak configs and VPN credentials for 15,000 FortiGate devices

A new hacking group has leaked the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices for free on the dark web, exposing a great deal of sensitive technical information to other cybercriminals. [...]

https://www.bleepingcomputer.com/news/security/hackers-leak-configs-and-vpn-credentials-for-15-000-fortigate-devices/

 MFA Failures - The Worst is Yet to Come

This article delves into the rising tide of MFA failures, the alarming role of generative AI in amplifying these attacks, the growing user discontent weakening our defenses, and the glaring vulnerabilities being frequently exploited. The storm is building, and the worst is yet to come. [...]

https://www.bleepingcomputer.com/news/security/mfa-failures-the-worst-is-yet-to-come/

 New UEFI Secure Boot flaw exposes systems to bootkits, patch now

A new UEFI Secure Boot bypass vulnerability tracked as CVE-2024-7344 that affects a Microsoft-signed application could be exploited to deploy bootkits even if Secure Boot protection is active. [...]

https://www.bleepingcomputer.com/news/security/new-uefi-secure-boot-flaw-exposes-systems-to-bootkits-patch-now/

 FTC sues GoDaddy for years of poor hosting security practices

The FTC will require web hosting giant GoDaddy to implement basic security protections, such as multi-factor authentication and HTTPS APIs, to settle charges that it failed to secure its hosting services against attacks since 2018. [...]

https://www.bleepingcomputer.com/news/security/ftc-sues-godaddy-for-years-of-poor-hosting-security-practices/