What's Yours is Mine: Is Your Business Ready for Cryptojacking Attacks?

Cryptojacking may be stealthy, but its impact is anything but. From inflated cloud bills to sluggish performance, it's a threat that companies can't ignore. Learn more from Pentera about how automated security validation can protect your org from these threats. [...]

https://www.bleepingcomputer.com/news/security/whats-yours-is-mine-is-your-business-ready-for-cryptojacking-attacks/

 PowerSchool starts notifying victims of massive data breach

Education software giant PowerSchool has started notifying individuals in the U.S. and Canada whose personal data was exposed in a late December 2024 cyberattack. [...]

https://www.bleepingcomputer.com/news/security/powerschool-starts-notifying-victims-of-massive-data-breach/

 Signal will let you sync old messages when linking new devices

Signal is finally adding a new feature that allows users to synchronize their old message history from their primary iOS or Android devices to newly linked devices like desktops and iPads. [...]

https://www.bleepingcomputer.com/news/security/signal-will-let-you-sync-old-messages-when-linking-new-devices/

 Engineering giant Smiths Group discloses security breach

London-based engineering giant Smiths Group disclosed a security breach after unknown attackers gained access to the company's systems. [...]

https://www.bleepingcomputer.com/news/security/engineering-giant-smiths-group-discloses-security-breach/

 New Apple CPU side-channel attacks steals data from browsers

A team of security researchers has disclosed new side-channel vulnerabilities in modern Apple processors that could steal sensitive information from web browsers. [...]

https://www.bleepingcomputer.com/news/security/new-apple-cpu-side-channel-attack-steals-data-from-browsers/

 Garmin GPS watches crashing, stuck in triangle 'reboot loop'

Garmin users are reporting that their watches crash when using apps that require GPS access and then get stuck in a reboot loop, showing a blue triangle logo. [...]

https://www.bleepingcomputer.com/news/technology/garmin-gps-watches-crashing-stuck-in-triangle-reboot-loop/

 Google to kill Chrome Sync on older Chrome browser versions

Google announced that the Chrome Sync feature will be discontinued in early 2025 for Chrome versions older than four years. [...]

https://www.bleepingcomputer.com/news/google/google-to-kill-chrome-sync-on-older-chrome-browser-versions/

 Hackers exploiting flaws in SimpleHelp RMM to breach networks

Hackers are believed to be exploiting recently fixed SimpleHelp Remote Monitoring and Management (RMM) software vulnerabilities to gain initial access to target networks. [...]

https://www.bleepingcomputer.com/news/security/hackers-exploiting-flaws-in-simplehelp-rmm-to-breach-networks/

 Windows 11 KB5050094 update fixes bugs causing audio issues

​Microsoft has released the optional KB5050094 Preview cumulative update for Windows 11 24H2 with 28 bug fixes and changes, including fixes for bugs causing audio playback issues on systems with USB audio device drivers. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5050094-update-fixes-bugs-causing-audio-issues/

 January Windows 10 preview update force installs new Outlook

Microsoft has started force-installing the new Outlook email client on Windows 10 systems for users who deploy this month's KB5050081 non-security preview update. [...]

https://www.bleepingcomputer.com/news/microsoft/january-windows-10-preview-update-force-installs-new-outlook/

 Hackers exploit critical unpatched flaw in Zyxel CPE devices

Hackers are exploiting a critical command injection vulnerability in Zyxel CPE Series devices that is currently tracked as CVE-2024-40891 and remains unpatched since last July. [...]

https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-unpatched-flaw-in-zyxel-cpe-devices/

 Uncover Hidden Browsing Threats: Get a Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks

As GenAI tools and SaaS platforms become a staple component in the employee toolkit, the risks associated with data exposure, identity vulnerabilities, and unmonitored browsing behavior have skyrocketed. Learn how a complimentary LayerX risk assessment can help identify, assess, and address browsing and SaaS risks in your workplace. [...]

https://www.bleepingcomputer.com/news/security/uncover-hidden-browsing-threats-get-a-free-risk-assessment-for-genai-identity-web-and-saas-risks/

 Windows 11's Start menu is getting iPhone and Android integration

Windows 11's Start menu is getting a big update with full-fledged Android and iPhone integration, allowing users improved access to users' mobile texts and images from their computers. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11s-start-menu-is-getting-iphone-and-android-integration/

 FBI seizes domains for Cracked.io, Nulled.to hacking forums

The FBI has seized the domains for the infamous Cracked.io and Nulled.to hacking forums, which are known for their focus on cybercrime, password theft, cracking, and credential stuffing attacks. [...]

https://www.bleepingcomputer.com/news/security/fbi-seizes-domains-for-crackedio-nulledto-hacking-forums/

 Microsoft investigates Microsoft 365 outage affecting users, admins

Microsoft is investigating an ongoing outage preventing users and admins from accessing some Microsoft 365 services and the admin center. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-investigates-microsoft-365-outage-affecting-users-admins/

 Laravel admin package Voyager vulnerable to one-click RCE flaw

Three vulnerabilities discovered in the open-source PHP package Voyager for managing Laravel applications could be used for remote code execution attacks. [...]

https://www.bleepingcomputer.com/news/security/laravel-admin-package-voyager-vulnerable-to-one-click-rce-flaw/

 Solana Pump.fun tool DogWifTool compromised to drain wallets

DogWifTools has disclosed on its official Discord channel that its software has been compromised by a supply chain attack that impacted its Windows client, infecting users with malware. [...]

https://www.bleepingcomputer.com/news/security/solana-pumpfun-tool-dogwiftool-compromised-to-drain-wallets/

 New Aquabotv3 botnet malware targets Mitel command injection flaw

A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. [...]

https://www.bleepingcomputer.com/news/security/new-aquabotv3-botnet-malware-targets-mitel-command-injection-flaw/

 Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics

A ChatGPT jailbreak flaw, dubbed "Time Bandit," allows you to bypass OpenAI's safety guidelines when asking for detailed instructions on sensitive topics, including the creation of weapons, information on nuclear topics, and malware creation. [...]

https://www.bleepingcomputer.com/news/security/time-bandit-chatgpt-jailbreak-bypasses-safeguards-on-sensitive-topics/

 Police seizes Cracked and Nulled hacking forum servers, arrests suspects

Europol and German law enforcement confirmed the arrest of two suspects and the seizure of 17 servers in Operation Talent, which took down Cracked and Nulled, two of the largest hacking forums with over 10 million users. [...]

https://www.bleepingcomputer.com/news/security/police-seizes-cracked-and-nulled-hacking-forum-servers-arrests-suspects/

 Microsoft lifts Windows 11 update block for PCs with gaming issues

Microsoft has removed a safeguard hold that prevented devices with Auto HDR enabled from installing the Windows 11 2024 Update due to gaming issues. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-lifts-windows-11-update-block-for-pcs-with-gaming-issues/