HPE discloses critical zero-day in server management software

Hewlett Packard Enterprise (HPE) has disclosed a zero-day bug in the latest versions of its proprietary HPE Systems Insight Manager (SIM) software for Windows and Linux. [...]

https://www.bleepingcomputer.com/news/security/hpe-discloses-critical-zero-day-in-server-management-software/

Malicious RubyGems packages used in cryptocurrency supply chain attack

New malicious RubyGems packages have been discovered that are being used in a supply chain attack to steal cryptocurrency from unsuspecting users. [...]

https://www.bleepingcomputer.com/news/security/malicious-rubygems-packages-used-in-cryptocurrency-supply-chain-attack/

Emulated mobile devices used to steal millions from US, EU banks

Threat actors behind an ongoing worldwide mobile banking fraud campaign were able to steal millions from multiple US and EU banks, needing just a few days for each attack. [...]

https://www.bleepingcomputer.com/news/security/emulated-mobile-devices-used-to-steal-millions-from-us-eu-banks/

FireEye, Microsoft create kill switch for SolarWinds backdoor

Microsoft, FireEye, and GoDaddy have collaborated to create a kill switch for the SolarWinds Sunburst backdoor that forces the malware to terminate itself. [...]

https://www.bleepingcomputer.com/news/security/fireeye-microsoft-create-kill-switch-for-solarwinds-backdoor/

Malicious Chrome, Edge extensions with 3M installs still in stores

Malicious Chrome and Edge browser extensions with over 3 million installs, most of them still available on the Chrome Web Store and the Microsoft Edge Add-ons portal, are capable of stealing users' info and redirecting them to phishing sites. [...]

https://www.bleepingcomputer.com/news/security/malicious-chrome-edge-extensions-with-3m-installs-still-in-stores/

Holiday deal: 40% off Malwarebytes Premium and Teams

Malwarebytes is running a holiday deal where you can get 40% off Malwarebytes Premium and the Malwarebytes for Teams business product for a limited time. [...]

https://www.bleepingcomputer.com/news/software/holiday-deal-40-percent-off-malwarebytes-premium-and-teams/

FBI, CISA officially confirm US govt hacks after SolarWinds breach

The compromise of multiple US federal networks following the SolarWinds breach was officially confirmed for the first time in a joint statement released earlier today by the FBI, DHS-CISA, and the Office of the Director of National Intelligence (ODNI). [...]

https://www.bleepingcomputer.com/news/security/fbi-cisa-officially-confirm-us-govt-hacks-after-solarwinds-breach/

WordPress plugin with 5 million installs has a critical vulnerability

The team behind a popular WordPress plugin has disclosed a critical file upload vulnerability and issued a patch. The vulnerable plugin, Contact Form 7, has over 5 million active installations making this upgrade a necessity for WordPress site owners out there. [...]

https://www.bleepingcomputer.com/news/security/wordpress-plugin-with-5-million-installs-has-a-critical-vulnerability/

Iranian nation-state hackers linked to Pay2Key ransomware

Iranian-backed hacking group Fox Kitten has been linked to the Pay2Key ransomware operation that has recently started targeting organizations from Israel and Brazil. [...]

https://www.bleepingcomputer.com/news/security/iranian-nation-state-hackers-linked-to-pay2key-ransomware/

CISA: APT group behind US govt hacks used multiple access vectors

The US Cybersecurity and Infrastructure Security Agency (CISA) said that the APT group behind the recent compromise campaign targeting US government agencies used more than one initial access vector. [...]

https://www.bleepingcomputer.com/news/security/cisa-apt-group-behind-us-govt-hacks-used-multiple-access-vectors/

Ransomware masquerades as mobile version of Cyberpunk 2077

A threat actor is distributing fake Windows and Android installers for the Cyberpunk 2077 game that is installing a ransomware calling itself CoderWare. [...]

https://www.bleepingcomputer.com/news/security/ransomware-masquerades-as-mobile-version-of-cyberpunk-2077/

Nation-state hackers breached US think tank thrice in a row

An advanced hacking group believed to be working for the Russian government has compromised the internal network of a think tank in the U.S. three times. [...]

https://www.bleepingcomputer.com/news/security/nation-state-hackers-breached-us-think-tank-thrice-in-a-row/

Bouncy Castle fixes cryptography API authentication bypass flaw

A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. When exploited, the vulnerability (CVE-2020-28052) can allow an attacker to gain access to user and administrator accounts due to a cryptographic weakness in the manner passwords are checked. [...]

https://www.bleepingcomputer.com/news/security/bouncy-castle-fixes-cryptography-api-authentication-bypass-flaw/

SolarWinds hackers breach agency in charge of US nuclear weapons

Nation-state hackers have breached the networks of the National Nuclear Security Administration (NNSA) and the US Department of Energy (DOE). [...]

https://www.bleepingcomputer.com/news/security/solarwinds-hackers-breach-agency-in-charge-of-us-nuclear-weapons/

Microsoft confirms breach in SolarWinds hack, denies infecting others

Microsoft has confirmed that they were hacked in the recent SolarWinds attacks but denied that their software was compromised in a supply-chain attack to infect customers. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-breach-in-solarwinds-hack-denies-infecting-others/

Microsoft identifies 40+ victims of SolarWinds hack, 80% from US

Microsoft said that over 40 of its customers had their networks infiltrated by hackers following the SolarWinds supply chain attack after they installed backdoored versions of the Orion IT monitoring platform. [...]

https://www.bleepingcomputer.com/news/security/microsoft-identifies-40-plus-victims-of-solarwinds-hack-80-percent-from-us/

Google Chrome disables insecure form warnings after complaints

Google has disabled a feature that displays a warning when submitting insecure forms after receiving many complaints from users and website administrators. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-disables-insecure-form-warnings-after-complaints/

NSA warns of hackers forging cloud authentication information

An advisory from the U.S. National Security Agency is providing Microsoft Azure administrators guidance to detect and protect against threat actors looking to access resources in the cloud by forging authentication information. [...]

https://www.bleepingcomputer.com/news/security/nsa-warns-of-hackers-forging-cloud-authentication-information/

Windows 10 updates cause CorsairVBusDriver BSOD crash loop

Microsoft's December 2020 Windows 10 updates are conflicting with the Corsair Utility Engine software and causing the operating system to go into a BSOD crash loop. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-updates-cause-corsairvbusdriver-bsod-crash-loop/

Europol launches new decryption platform for law enforcement

Europol and the European Commission have launched a new decryption platform that will help boost Europol's ability to gain access to information stored in encrypted media collected during criminal investigations. [...]

https://www.bleepingcomputer.com/news/security/europol-launches-new-decryption-platform-for-law-enforcement/

Stealthy Magecart malware mistakenly leaks list of hacked stores

A list of dozens of online stores hacked by a web skimming group was inadvertently leaked by a dropper used to deploy a stealthy remote access trojan (RAT) on compromised e-commerce sites. [...]

https://www.bleepingcomputer.com/news/security/stealthy-magecart-malware-mistakenly-leaks-list-of-hacked-stores/