New worm turns Windows, Linux servers into Monero miners

A newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December. [...]

https://www.bleepingcomputer.com/news/security/new-worm-turns-windows-linux-servers-into-monero-miners/

Emotet malware hits Lithuania's National Public Health Center

The internal networks of Lithuania's National Center for Public Health (NVSC) and several municipalities have been infected with Emotet malware following a large campaign targeting the country's state institutions. [...]

https://www.bleepingcomputer.com/news/security/emotet-malware-hits-lithuanias-national-public-health-center/

T-Mobile data breach exposed phone numbers, call records

T-Mobile has announced a data breach exposing customers' proprietary network information (CPNI), including phone numbers and call records. [...]

https://www.bleepingcomputer.com/news/security/t-mobile-data-breach-exposed-phone-numbers-call-records/

DHS orders federal agencies to update SolarWinds Orion platform

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered all US federal agencies to update the SolarWinds Orion platform to the latest version by the end of business hours on December 31, 2020. [...]

https://www.bleepingcomputer.com/news/security/dhs-orders-federal-agencies-to-update-solarwinds-orion-platform/

Adobe now shows alerts in Windows 10 to uninstall Flash Player

With the Flash Player officially reaching the end of life tomorrow, Adobe has started to display alerts on Windows computers recommending that users uninstall Flash Player. [...]

https://www.bleepingcomputer.com/news/software/adobe-now-shows-alerts-in-windows-10-to-uninstall-flash-player/

Ticketmaster fined $10 million for breaking into rival’s systems

Ticketmaster, a Live Nation subsidiary and a leading ticket distribution and sales company, was fined $10 million for illegally accessing the systems of competitor CrowdSurge using the credentials of one of its former employees. [...]

https://www.bleepingcomputer.com/news/security/ticketmaster-fined-10-million-for-breaking-into-rival-s-systems/

Adobe Flash Player is officially dead tomorrow

Flash Player will reach its end of life (EOL) on January 1, 2021, after always being a security risk to those who have used it over the years. [...]

https://www.bleepingcomputer.com/news/security/adobe-flash-player-is-officially-dead-tomorrow/

Data breach broker selling user records stolen from 26 companies

A data breach broker is selling the allegedly stolen user records for twenty-six companies on a hacker forum, BleepingComputer has learned. [...]

https://www.bleepingcomputer.com/news/security/data-breach-broker-selling-user-records-stolen-from-26-companies/

Microsoft: SolarWinds hackers accessed our source code

The threat actors behind the SolarWinds attack could breach internal Microsoft accounts to view the source code for Microsoft products. [...]

https://www.bleepingcomputer.com/news/security/microsoft-solarwinds-hackers-accessed-our-source-code/

BleepingComputer's most popular tech stories of 2020

It was a big year for technology and cybersecurity with massive cyberattacks, worldwide outages, privacy concerns, and new features added to Windows. In this article, we list the ten most popular stories at BleepingComputer during 2020 with a summary of each. [...]

https://www.bleepingcomputer.com/news/technology/bleepingcomputers-most-popular-tech-stories-of-2020/

The Week in Ransomware - January 1st 2021 - New Year Edition

This holiday edition cover the latest ransomware news from the past two weeks, including known ransomware attacks and law enforcement takedowns. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-1st-2021-new-year-edition/

How to download the latest Windows 10 ISO from Microsoft

When a new version of Windows 10 is released, Microsoft also releases new ISO disk images of the operating system to perform clean installs or create a bootable recovery environment. Using the steps in this article, you can download the ISO images directly, rather than being forced to use Microsoft's Media Creation Tool. [...]

https://www.bleepingcomputer.com/news/microsoft/how-to-download-the-latest-windows-10-iso-from-microsoft/

Secret backdoor discovered in Zyxel firewall and AP controllers

Over 100,000 Zyxel devices are potentially vulnerable to a secret backdoor caused by hardcoded credentials used to update firewall and AP controllers' firmware. [...]

https://www.bleepingcomputer.com/news/security/secret-backdoor-discovered-in-zyxel-firewall-and-ap-controllers/

Google Chrome fixes antivirus 'file locking' bug on Windows 10

Google has fixed a Chromium bug to prevent antivirus programs running on Windows 10 from blocking new files and bookmarks. [...]

https://www.bleepingcomputer.com/news/security/google-chrome-fixes-antivirus-file-locking-bug-on-windows-10/

Beware: PayPal phishing texts state your account is 'limited'

A PayPal text message phishing campaign is underway that attempts to steal your account credentials and other sensitive information that can be used for identity theft. [...]

https://www.bleepingcomputer.com/news/security/beware-paypal-phishing-texts-state-your-account-is-limited/

Microsoft's unreleased Windows Core Polaris OS leaks online

A user that keeps track of unreleased Windows builds, has now leaked a new build that may indicate that Windows Core OS-powered Polaris OS was real. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-unreleased-windows-core-polaris-os-leaks-online/

China's APT hackers move to ransomware attacks

Security researchers investigating a set of ransomware incidents at multiple companies discovered malware indicating that the attacks may be the work of a hacker group believed to operate on behalf of China. [...]

https://www.bleepingcomputer.com/news/security/chinas-apt-hackers-move-to-ransomware-attacks/

Slack suffers its first massive outage of 2021

As everyone gets back to work after the New Year holiday, Slack brings in 2021 with a massive outage affecting users worldwide. [...]

https://www.bleepingcomputer.com/news/technology/slack-suffers-its-first-massive-outage-of-2021/

Zend Framework remote code execution vulnerability revealed

An untrusted deserialization vulnerability has been disclosed in Zend Framework which can be used by attackers to achieve remote code execution on PHP sites. Portions of Laminas Project may also be impacted by this flaw, tracked as CVE-2021-3007. [...]

https://www.bleepingcomputer.com/news/security/zend-framework-remote-code-execution-vulnerability-revealed/

Citrix adds NetScaler ADC setting to block recent DDoS attacks

Citrix has released a feature enhancement designed to block attackers from using the Datagram Transport Layer Security (DTLS) feature of NetScaler ADC devices as an amplification vector in DDoS attacks. [...]

https://www.bleepingcomputer.com/news/security/citrix-adds-netscaler-adc-setting-to-block-recent-ddos-attacks/

TransLink confirms ransomware data theft, still restoring systems

Metro Vancouver's transportation agency TransLink has confirmed that the Egregor ransomware operators who breached its network at the beginning of December 2020 also accessed and potentially stole employees' banking and social security information. [...]

https://www.bleepingcomputer.com/news/security/translink-confirms-ransomware-data-theft-still-restoring-systems/