Dave data breach affects 7.5 million users, leaked on hacker forum
Overdraft protection and cash advance service Dave has suffered a data breach after a database containing 7.5 million user records was sold in an auction and then released later for free on hacker forums. [...]
https://www.bleepingcomputer.com/news/security/dave-data-breach-affects-75-million-users-leaked-on-hacker-forum/
Overdraft protection and cash advance service Dave has suffered a data breach after a database containing 7.5 million user records was sold in an auction and then released later for free on hacker forums. [...]
https://www.bleepingcomputer.com/news/security/dave-data-breach-affects-75-million-users-leaked-on-hacker-forum/
BleepingComputer
Dave data breach affects 7.5 million users, leaked on hacker forum
Overdraft protection and cash advance service Dave has suffered a data breach after a database containing 7.5 million user records was sold in an auction and then released later for free on hacker forums.
No More Ransom turns 4: Saves $632 million in ransomware payments
The No More Ransom Project celebrates its fourth anniversary today after helping over 4.2 million visitors recover from a ransomware infection and saving an estimated $632 million in ransom payments. [...]
https://www.bleepingcomputer.com/news/security/no-more-ransom-turns-4-saves-632-million-in-ransomware-payments/
The No More Ransom Project celebrates its fourth anniversary today after helping over 4.2 million visitors recover from a ransomware infection and saving an estimated $632 million in ransom payments. [...]
https://www.bleepingcomputer.com/news/security/no-more-ransom-turns-4-saves-632-million-in-ransomware-payments/
BleepingComputer
No More Ransom turns 4: Saves $632 million in ransomware payments
The No More Ransom Project celebrates its fourth anniversary today after helping over 4.2 million visitors recover from a ransomware infection and saving an estimated $632 million in ransom payments.
Source code from dozens of companies leaked online
Source code from exposed repositories of dozens of companies across various fields of activity (tech, finance, retail, food, eCommerce, manufacturing) is publicly available as a result of misconfigurations in their infrastructure. [...]
https://www.bleepingcomputer.com/news/security/source-code-from-dozens-of-companies-leaked-online/
Source code from exposed repositories of dozens of companies across various fields of activity (tech, finance, retail, food, eCommerce, manufacturing) is publicly available as a result of misconfigurations in their infrastructure. [...]
https://www.bleepingcomputer.com/news/security/source-code-from-dozens-of-companies-leaked-online/
BleepingComputer
Source code from dozens of companies leaked online
Source code from exposed repositories of dozens of companies across various fields of activity (tech, finance, retail, food, eCommerce, manufacturing) is publicly available as a result of misconfigurations in their infrastructure.
Cerberus Android malware source code offered for sale for $100,000
The maintainer of Cerberus banking trojan for Android is auctioning the entire project for a price starting at $50,000 or close the deal for double the money. [...]
https://www.bleepingcomputer.com/news/security/cerberus-android-malware-source-code-offered-for-sale-for-100-000/
The maintainer of Cerberus banking trojan for Android is auctioning the entire project for a price starting at $50,000 or close the deal for double the money. [...]
https://www.bleepingcomputer.com/news/security/cerberus-android-malware-source-code-offered-for-sale-for-100-000/
BleepingComputer
Cerberus Android malware source code offered for sale for $100,000
The maintainer of Cerberus banking trojan for Android is auctioning the entire project for a price starting at $50,000 or close the deal for double the money.
UK and US warn QNAP owners to upgrade firmware to block malware
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK's National Cyber Security Centre (NCSC) today issued an alert about the risks of infection faced by QNAP NAS devices if QSnatch malware attacks restart. [...]
https://www.bleepingcomputer.com/news/security/uk-and-us-warn-qnap-owners-to-upgrade-firmware-to-block-malware/
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK's National Cyber Security Centre (NCSC) today issued an alert about the risks of infection faced by QNAP NAS devices if QSnatch malware attacks restart. [...]
https://www.bleepingcomputer.com/news/security/uk-and-us-warn-qnap-owners-to-upgrade-firmware-to-block-malware/
BleepingComputer
UK and US warn QNAP owners to upgrade firmware to block malware
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK's National Cyber Security Centre (NCSC) today issued an alert about the risks of infection faced by QNAP NAS devices if QSnatch malware attacks restart.
Garmin confirms ransomware attack, services coming back online
In a statement, Garmin has finally confirmed that they were the victim of a ransomware attack as they slowly bring their Garmin Connect, Strava, and navigation services back online. [...]
https://www.bleepingcomputer.com/news/security/garmin-confirms-ransomware-attack-services-coming-back-online/
In a statement, Garmin has finally confirmed that they were the victim of a ransomware attack as they slowly bring their Garmin Connect, Strava, and navigation services back online. [...]
https://www.bleepingcomputer.com/news/security/garmin-confirms-ransomware-attack-services-coming-back-online/
BleepingComputer
Garmin confirms ransomware attack, services coming back online
Garmin has officially confirmed that they were victims of a ransomware attack as they slowly bring their Garmin Connect, Strava, and navigation services back online.
Windows 10 Desktop Windows Manager crashes due to DirectX bug
Microsoft is working on a resolution for a new issue causing the Desktop Windows Manager to crash on laptops if the lid is repeatedly closed and opened. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-desktop-windows-manager-crashes-due-to-directx-bug/
Microsoft is working on a resolution for a new issue causing the Desktop Windows Manager to crash on laptops if the lid is repeatedly closed and opened. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-desktop-windows-manager-crashes-due-to-directx-bug/
BleepingComputer
Windows 10 Desktop Windows Manager crashes due to DirectX bug
Microsoft is working on a resolution for a new issue causing the Desktop Windows Manager to crash on laptops if the lid is repeatedly closed and opened.
Office 365 phishing baits employees with fake SharePoint alerts
Employees using Microsoft Office 365 are targeted in a phishing campaign that makes use of bait messages camouflaged as automated Sharepoint notifications to steal their accounts. [...]
https://www.bleepingcomputer.com/news/security/office-365-phishing-baits-employees-with-fake-sharepoint-alerts/
Employees using Microsoft Office 365 are targeted in a phishing campaign that makes use of bait messages camouflaged as automated Sharepoint notifications to steal their accounts. [...]
https://www.bleepingcomputer.com/news/security/office-365-phishing-baits-employees-with-fake-sharepoint-alerts/
BleepingComputer
Office 365 phishing baits employees with fake SharePoint alerts
Employees using Microsoft Office 365 are targeted in a phishing campaign that makes use of bait messages camouflaged as automated Sharepoint notifications to steal their accounts.
Office 365 adds new features to help identify malicious spam
Microsoft is planning to provide more info on spam emails detected as malicious by the Office 365 Advanced Threat Protection (ATP) filtering stack and allow organizations to export their list of the top targeted users by phishing attacks. [...]
https://www.bleepingcomputer.com/news/security/office-365-adds-new-features-to-help-identify-malicious-spam/
Microsoft is planning to provide more info on spam emails detected as malicious by the Office 365 Advanced Threat Protection (ATP) filtering stack and allow organizations to export their list of the top targeted users by phishing attacks. [...]
https://www.bleepingcomputer.com/news/security/office-365-adds-new-features-to-help-identify-malicious-spam/
BleepingComputer
Office 365 adds new features to help identify malicious spam
Microsoft is planning to provide more info on spam emails detected as malicious by the Office 365 Advanced Threat Protection (ATP) filtering stack and allow organizations to export their list of the top targeted users by phishing attacks.
Promo.com discloses data breach after 22M user records leaked online
Promo.com, an Israeli-based marketing video creation site, has disclosed a data breach after a database containing 22 million user records was leaked for free on a hacker forum. [...]
https://www.bleepingcomputer.com/news/security/promocom-discloses-data-breach-after-22m-user-records-leaked-online/
Promo.com, an Israeli-based marketing video creation site, has disclosed a data breach after a database containing 22 million user records was leaked for free on a hacker forum. [...]
https://www.bleepingcomputer.com/news/security/promocom-discloses-data-breach-after-22m-user-records-leaked-online/
BleepingComputer
Promo.com discloses data breach after 22M user records leaked online
Promo.com, an Israeli-based marketing video creation site, has disclosed a data breach after a database containing 22 million user records was leaked for free on a hacker forum.
Feature-rich Ensiko malware can encrypt, targets Windows, macOS, Linux
Threat researchers have found a new feature-rich malware that can encrypt files on any system running PHP, making it a high risk for Windows, macOS, and Linux web servers. [...]
https://www.bleepingcomputer.com/news/security/feature-rich-ensiko-malware-can-encrypt-targets-windows-macos-linux/
Threat researchers have found a new feature-rich malware that can encrypt files on any system running PHP, making it a high risk for Windows, macOS, and Linux web servers. [...]
https://www.bleepingcomputer.com/news/security/feature-rich-ensiko-malware-can-encrypt-targets-windows-macos-linux/
BleepingComputer
Feature-rich Ensiko malware can encrypt, targets Windows, macOS, Linux
Threat researchers have found a new feature-rich malware that can encrypt files on any system running PHP, making it a high risk for Windows, macOS, and Linux web servers.
Netflix credential phishing hides behind working CAPTCHA
A recent wave of phishing attacks aiming to steal payment card info and credentials for Netflix streaming service starts with redirecting to a functioning CAPTCHA page to bypass email security controls. [...]
https://www.bleepingcomputer.com/news/security/netflix-credential-phishing-hides-behind-working-captcha/
A recent wave of phishing attacks aiming to steal payment card info and credentials for Netflix streaming service starts with redirecting to a functioning CAPTCHA page to bypass email security controls. [...]
https://www.bleepingcomputer.com/news/security/netflix-credential-phishing-hides-behind-working-captcha/
BleepingComputer
Netflix credential phishing hides behind working CAPTCHA
A recent wave of phishing attacks aiming to steal payment card info and credentials for Netflix streaming service starts with redirecting to a functioning CAPTCHA page to bypass email security controls.
Industrial VPN vulnerabilities put critical infrastructure at risk
Security researchers analyzing popular remote access solutions used for industrial control systems (ICS) found multiple vulnerabilities that could let unauthenticated attackers execute arbitrary code and breach the environment. [...]
https://www.bleepingcomputer.com/news/security/industrial-vpn-vulnerabilities-put-critical-infrastructure-at-risk/
Security researchers analyzing popular remote access solutions used for industrial control systems (ICS) found multiple vulnerabilities that could let unauthenticated attackers execute arbitrary code and breach the environment. [...]
https://www.bleepingcomputer.com/news/security/industrial-vpn-vulnerabilities-put-critical-infrastructure-at-risk/
BleepingComputer
Industrial VPN vulnerabilities put critical infrastructure at risk
Security researchers analyzing popular remote access solutions used for industrial control systems (ICS) found multiple vulnerabilities that could let unauthenticated attackers execute arbitrary code and breach the environment.
Hacker leaks 386 million user records from 18 companies for free
A threat actor is flooding a hacker forum with databases exposing expose over 386 million user records that they claim were stolen from eighteen companies during data breaches. [...]
https://www.bleepingcomputer.com/news/security/hacker-leaks-386-million-user-records-from-18-companies-for-free/
A threat actor is flooding a hacker forum with databases exposing expose over 386 million user records that they claim were stolen from eighteen companies during data breaches. [...]
https://www.bleepingcomputer.com/news/security/hacker-leaks-386-million-user-records-from-18-companies-for-free/
BleepingComputer
Hacker leaks 386 million user records from 18 companies for free
A threat actor is flooding a hacker forum with databases exposing expose over 386 million user records that they claim were stolen from eighteen companies during data breaches.
North Korean hackers created VHD ransomware for enterprise attacks
North Korean-backed hackers tracked as the Lazarus Group have developed and are actively using VHD ransomware against enterprise targets according to a report published by Kaspersky researchers today. [...]
https://www.bleepingcomputer.com/news/security/north-korean-hackers-created-vhd-ransomware-for-enterprise-attacks/
North Korean-backed hackers tracked as the Lazarus Group have developed and are actively using VHD ransomware against enterprise targets according to a report published by Kaspersky researchers today. [...]
https://www.bleepingcomputer.com/news/security/north-korean-hackers-created-vhd-ransomware-for-enterprise-attacks/
BleepingComputer
North Korean hackers created VHD ransomware for enterprise attacks
North Korean-backed hackers tracked as the Lazarus Group have developed and are actively using VHD ransomware against enterprise targets according to a report published by Kaspersky researchers today.
Magento gets security updates for severe code execution bugs
Adobe today released security updates to fix two code execution vulnerabilities affecting Magento Commerce and Magento Open Source, rated as important and critical severity. [...]
https://www.bleepingcomputer.com/news/security/magento-gets-security-updates-for-severe-code-execution-bugs/
Adobe today released security updates to fix two code execution vulnerabilities affecting Magento Commerce and Magento Open Source, rated as important and critical severity. [...]
https://www.bleepingcomputer.com/news/security/magento-gets-security-updates-for-severe-code-execution-bugs/
BleepingComputer
Magento gets security updates for severe code execution bugs
Adobe today released security updates to fix two code execution vulnerabilities affecting Magento Commerce and Magento Open Source, rated as important and critical severity.
Emotet malware now steals your email attachments to attack contacts
The Emotet malware botnet is now also using stolen attachments to increase the authenticity of spam emails attempting to infect targets' systems. [...]
https://www.bleepingcomputer.com/news/security/emotet-malware-now-steals-your-email-attachments-to-attack-contacts/
The Emotet malware botnet is now also using stolen attachments to increase the authenticity of spam emails attempting to infect targets' systems. [...]
https://www.bleepingcomputer.com/news/security/emotet-malware-now-steals-your-email-attachments-to-attack-contacts/
BleepingComputer
Emotet malware now steals your email attachments to attack contacts
The Emotet malware botnet is now also using stolen attachments to increase the authenticity of spam emails used for infecting targets' systems.
Critical Wordpress plugin bug lets hackers take over hosting account
Hackers can exploit a maximum severity vulnerability in the wpDiscuz plugin installed on over 70,000 WordPress sites to execute code remotely after uploading arbitrary files on servers hosting vulnerable sites. [...]
https://www.bleepingcomputer.com/news/security/critical-wordpress-plugin-bug-lets-hackers-take-over-hosting-account/
Hackers can exploit a maximum severity vulnerability in the wpDiscuz plugin installed on over 70,000 WordPress sites to execute code remotely after uploading arbitrary files on servers hosting vulnerable sites. [...]
https://www.bleepingcomputer.com/news/security/critical-wordpress-plugin-bug-lets-hackers-take-over-hosting-account/
BleepingComputer
Critical Wordpress plugin bug lets hackers take over hosting account
Hackers can exploit a maximum severity vulnerability in the wpDiscuz plugin installed on over 70,000 WordPress sites to execute code remotely after uploading arbitrary files on servers hosting vulnerable sites.
Business giant Dussmann Group's data leaked after ransomware attack
The Nefilim ransomware operation has begun to publish unencrypted files stolen from a Dussmann Group subsidiary during a recent attack. [...]
https://www.bleepingcomputer.com/news/security/business-giant-dussmann-groups-data-leaked-after-ransomware-attack/
The Nefilim ransomware operation has begun to publish unencrypted files stolen from a Dussmann Group subsidiary during a recent attack. [...]
https://www.bleepingcomputer.com/news/security/business-giant-dussmann-groups-data-leaked-after-ransomware-attack/
BleepingComputer
Business giant Dussmann Group's data leaked after ransomware attack
The Nefilim ransomware operation has begun to publish unencrypted files stolen from a Dussmann Group subsidiary during a recent attack.
The IRS asks tax professionals to enable multi-factor authentication
The U.S. Internal Revenue Service is asking tax professionals to enable additional forms of authentication in software that provides the option as an improved defense against hacker takeover attempts. [...]
https://www.bleepingcomputer.com/news/security/the-irs-asks-tax-professionals-to-enable-multi-factor-authentication/
The U.S. Internal Revenue Service is asking tax professionals to enable additional forms of authentication in software that provides the option as an improved defense against hacker takeover attempts. [...]
https://www.bleepingcomputer.com/news/security/the-irs-asks-tax-professionals-to-enable-multi-factor-authentication/
BleepingComputer
The IRS asks tax professionals to enable multi-factor authentication
The U.S. Internal Revenue Service is asking tax professionals to enable additional forms of authentication in software that provides the option as an improved defense against hacker takeover attempts.
FBI warns of Netwalker ransomware targeting US government and orgs
The FBI has issued a security alert about Netwalker ransomware operators targeting U.S. and foreign government organizations, advising their victims not to pay the ransom and reporting incidents to their local FBI field offices. [...]
https://www.bleepingcomputer.com/news/security/fbi-warns-of-netwalker-ransomware-targeting-us-government-and-orgs/
The FBI has issued a security alert about Netwalker ransomware operators targeting U.S. and foreign government organizations, advising their victims not to pay the ransom and reporting incidents to their local FBI field offices. [...]
https://www.bleepingcomputer.com/news/security/fbi-warns-of-netwalker-ransomware-targeting-us-government-and-orgs/
BleepingComputer
FBI warns of Netwalker ransomware targeting US government and orgs
The FBI has issued a security alert about Netwalker ransomware operators targeting U.S. and foreign government organizations, advising their victims not to pay the ransom and reporting incidents to their local FBI field offices.