Perl.com domain stolen, now using IP address tied to malware

The domain name perl.com was stolen this week and is now points to an IP address associated with malware campaigns. [...]

https://www.bleepingcomputer.com/news/security/perlcom-domain-stolen-now-using-ip-address-tied-to-malware/

New Pro-Ocean malware worms through Apache, Oracle, Redis servers

The financially-motivated Rocke hackers are using a new piece of cryptojacking malware called Pro-Ocean to target vulnerable instances of Apache ActiveMQ, Oracle WebLogic, and Redis. [...]

https://www.bleepingcomputer.com/news/security/new-pro-ocean-malware-worms-through-apache-oracle-redis-servers/

Vovalex is likely the first ransomware written in D

A new ransomware called Vovalex is being distributed through fake pirated software that impersonates popular Windows utilities, such as CCleaner. [...]

https://www.bleepingcomputer.com/news/security/vovalex-is-likely-the-first-ransomware-written-in-d/

Here'e how law enforcement's Emotet malware module works

New research released today provides greater insight into the Emotet module created by law enforcement that will uninstall the malware from infected devices in April. [...]

https://www.bleepingcomputer.com/news/security/heree-how-law-enforcements-emotet-malware-module-works/

The Week in Ransomware - January 29th 2021 - Striking back

It has been a hectic week, with law enforcement conducting two successful law enforcement operations that will significantly impact ransomware. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-29th-2021-striking-back/

Fonix ransomware shuts down and releases master decryption key

The Fonix Ransomware operators have shut down their operation and released the master decryption allowing victims to recover their files for free. [...]

https://www.bleepingcomputer.com/news/security/fonix-ransomware-shuts-down-and-releases-master-decryption-key/

UK Research and Innovation (UKRI) suffers ransomware attack

The UK Research and Innovation (UKRI) is dealing with a ransomware incident that encrypted data and impacted two of its services that offer information to subscribers and the platform for peer review of various parts of the agency. [...]

https://www.bleepingcomputer.com/news/security/uk-research-and-innovation-ukri-suffers-ransomware-attack/

Beware: Malicious Home Depot ad gets top spot in Google Search

A malicious Home Depot advertising campaign is redirect Google search visitors to tech support scams. [...]

https://www.bleepingcomputer.com/news/security/beware-malicious-home-depot-ad-gets-top-spot-in-google-search/

Windows 10 features that boost your PC's security and privacy

Like almost all operating systems these days, Windows 10 is vulnerable to security and privacy issues, and researches have proved that Microsoft can track a lot of your activities to improve their products and enable personalized ads and promotions. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-features-that-boost-your-pcs-security-and-privacy/

SpamCop anti-spam service suffers an outage after its domain expired

Cisco's SpamCop anti-spam service suffered an outage Sunday after a its domain mistakenly was allowed to expire. [...]

https://www.bleepingcomputer.com/news/security/spamcop-anti-spam-service-suffers-an-outage-after-its-domain-expired/

Android emulator supply-chain attack targets gamers with malware

ESET researchers have discovered that the updating mechanism of NoxPlayer, an Android emulator for Windows and macOS, made by Hong Kong-based company BigNox, was compromised by an unknown threat actor and used to infect gamers with malware. [...]

https://www.bleepingcomputer.com/news/security/android-emulator-supply-chain-attack-targets-gamers-with-malware/

Scammers posing as FBI agents threaten targets with jail time

The U.S. Federal Bureau of Investigation (FBI) is warning scammers actively posing as FBI representatives and threatening targets with fines and jail time unless they don't hand out personal and/or financial information. [...]

https://www.bleepingcomputer.com/news/security/scammers-posing-as-fbi-agents-threaten-targets-with-jail-time/

European volleyball org's Azure bucket exposed reporter passports

A publicly exposed cloud storage bucket was found to contain images of hundreds of passports and identity documents belonging to journalists and volleyball players from around the world. [...]

https://www.bleepingcomputer.com/news/security/european-volleyball-orgs-azure-bucket-exposed-reporter-passports/

SonicWall SMA 100 zero-day exploit actively used in the wild

A SonicWall SMA 100 zero-day vulnerability is being actively exploited in the wild, according to a tweet by cybersecurity firm NCC Group. [...]

https://www.bleepingcomputer.com/news/security/sonicwall-sma-100-zero-day-exploit-actively-used-in-the-wild/

Phishing campaign lures US businesses with fake PPP loans

Threat actors are sending phishing emails impersonating a Small Business Administration (SBA) lender to prey on US business owners who want to apply for a PPP loan to keep their business going during the COVID-19 crisis. [...]

https://www.bleepingcomputer.com/news/security/phishing-campaign-lures-us-businesses-with-fake-ppp-loans/

US govt: Number of identity theft reports doubled last year

The U.S. Federal Trade Commission (FTC) said today that the number of identity theft reports has doubled during 2020 when compared to 2019, reaching a record 1.4 million reports within a single year. [...]

https://www.bleepingcomputer.com/news/security/us-govt-number-of-identity-theft-reports-doubled-last-year/

Data breach exposes 1.6 million Washington unemployment claims

Washington's State Auditor office has suffered a data breach that exposed the personal information in 1.6 million employment claims. [...]

https://www.bleepingcomputer.com/news/security/data-breach-exposes-16-million-washington-unemployment-claims/

Netgain ransomware incident impacts local governments

The ransomware incident that Netgain, a provider of managed IT services, had late last year rippled onto its customers. Now, Ramsey County, Minnesota, is informing clients of the Family Health Division program that the hackers may have accessed personal data. [...]

https://www.bleepingcomputer.com/news/security/netgain-ransomware-incident-impacts-local-governments/

New Linux malware steals SSH credentials from supercomputers

A new backdoor has been targeting supercomputers across the world, often stealing the credentials for secure network connections by using a trojanized version of the OpenSSH software. [...]

https://www.bleepingcomputer.com/news/security/new-linux-malware-steals-ssh-credentials-from-supercomputers/

Apple pulls iCloud 12 for Windows 10 with Keychain sync feature

Apple has pulled iCloud 12 for Windows 10 from the Microsoft Store for what is believed to be issues with their new Chrome iCloud Keychain password synchronization feature. [...]

https://www.bleepingcomputer.com/news/apple/apple-pulls-icloud-12-for-windows-10-with-keychain-sync-feature/

Malicious script steals credit card info stolen by other hackers

A threat actor has infected an e-commerce store with a custom credit card skimmer designed to siphon data stolen by a previously deployed Magento card stealer. [...]

https://www.bleepingcomputer.com/news/security/malicious-script-steals-credit-card-info-stolen-by-other-hackers/