Netgain ransomware incident impacts local governments
The ransomware incident that Netgain, a provider of managed IT services, had late last year rippled onto its customers. Now, Ramsey County, Minnesota, is informing clients of the Family Health Division program that the hackers may have accessed personal data. [...]
https://www.bleepingcomputer.com/news/security/netgain-ransomware-incident-impacts-local-governments/
The ransomware incident that Netgain, a provider of managed IT services, had late last year rippled onto its customers. Now, Ramsey County, Minnesota, is informing clients of the Family Health Division program that the hackers may have accessed personal data. [...]
https://www.bleepingcomputer.com/news/security/netgain-ransomware-incident-impacts-local-governments/
BleepingComputer
Netgain ransomware incident impacts local governments
The ransomware incident that Netgain, a provider of managed IT services, had late last year rippled onto its customers. Now, Ramsey County, Minnesota, is informing clients of the Family Health Division program that the hackers may have accessed personal data.
New Linux malware steals SSH credentials from supercomputers
A new backdoor has been targeting supercomputers across the world, often stealing the credentials for secure network connections by using a trojanized version of the OpenSSH software. [...]
https://www.bleepingcomputer.com/news/security/new-linux-malware-steals-ssh-credentials-from-supercomputers/
A new backdoor has been targeting supercomputers across the world, often stealing the credentials for secure network connections by using a trojanized version of the OpenSSH software. [...]
https://www.bleepingcomputer.com/news/security/new-linux-malware-steals-ssh-credentials-from-supercomputers/
BleepingComputer
New Linux malware steals SSH credentials from supercomputers
A new backdoor has been targeting supercomputers across the world, often stealing the credentials for secure network connections by using a trojanized version of the OpenSSH software.
Apple pulls iCloud 12 for Windows 10 with Keychain sync feature
Apple has pulled iCloud 12 for Windows 10 from the Microsoft Store for what is believed to be issues with their new Chrome iCloud Keychain password synchronization feature. [...]
https://www.bleepingcomputer.com/news/apple/apple-pulls-icloud-12-for-windows-10-with-keychain-sync-feature/
Apple has pulled iCloud 12 for Windows 10 from the Microsoft Store for what is believed to be issues with their new Chrome iCloud Keychain password synchronization feature. [...]
https://www.bleepingcomputer.com/news/apple/apple-pulls-icloud-12-for-windows-10-with-keychain-sync-feature/
BleepingComputer
Apple pulls iCloud 12 for Windows 10 with Keychain sync feature
Apple has pulled iCloud 12 for Windows 10 from the Microsoft Store for what is believed to be issues with their new Chrome iCloud Keychain password synchronization feature.
Malicious script steals credit card info stolen by other hackers
A threat actor has infected an e-commerce store with a custom credit card skimmer designed to siphon data stolen by a previously deployed Magento card stealer. [...]
https://www.bleepingcomputer.com/news/security/malicious-script-steals-credit-card-info-stolen-by-other-hackers/
A threat actor has infected an e-commerce store with a custom credit card skimmer designed to siphon data stolen by a previously deployed Magento card stealer. [...]
https://www.bleepingcomputer.com/news/security/malicious-script-steals-credit-card-info-stolen-by-other-hackers/
BleepingComputer
Malicious script steals credit card info stolen by other hackers
A threat actor has infected an e-commerce store with a custom credit card skimmer designed to siphon data stolen by a previously deployed Magento card stealer.
Trickbot malware now maps victimsβ networks using Masscan
The Trickbot malware has been upgraded with a network reconnaissance module designed to survey local networks after infecting a victim's computer. [...]
https://www.bleepingcomputer.com/news/security/trickbot-malware-now-maps-victims-networks-using-masscan/
The Trickbot malware has been upgraded with a network reconnaissance module designed to survey local networks after infecting a victim's computer. [...]
https://www.bleepingcomputer.com/news/security/trickbot-malware-now-maps-victims-networks-using-masscan/
BleepingComputer
Trickbot malware now maps victimsβ networks using Masscan
The Trickbot malware has been upgraded with a network reconnaissance module designed to survey local networks after infecting a victim's computer.
Microsoft Defender now detects macOS system, app vulnerabilities
Microsoft announced that Defender for Endpoint will now also help admins discover OS and software vulnerabilities affecting macOS devices on their organization's network. [...]
https://www.bleepingcomputer.com/news/security/microsoft-defender-now-detects-macos-system-app-vulnerabilities/
Microsoft announced that Defender for Endpoint will now also help admins discover OS and software vulnerabilities affecting macOS devices on their organization's network. [...]
https://www.bleepingcomputer.com/news/security/microsoft-defender-now-detects-macos-system-app-vulnerabilities/
BleepingComputer
Microsoft Defender now detects macOS system, app vulnerabilities
Microsoft announced that Defender for Endpoint will now also help admins discover OS and software vulnerabilities affecting macOS devices on their organization's network.
Babyk Ransomware won't hit charities, unless they support LGBT, BLM
The Babyk ransomware operation has launched a new data leak site used to publish victim's stolen data as part of a double extortion strategy. Included is a list of targets they wont attack with some exclusions that definitely stand out. [...]
https://www.bleepingcomputer.com/news/security/babyk-ransomware-wont-hit-charities-unless-they-support-lgbt-blm/
The Babyk ransomware operation has launched a new data leak site used to publish victim's stolen data as part of a double extortion strategy. Included is a list of targets they wont attack with some exclusions that definitely stand out. [...]
https://www.bleepingcomputer.com/news/security/babyk-ransomware-wont-hit-charities-unless-they-support-lgbt-blm/
BleepingComputer
Babyk Ransomware won't hit charities, unless they support LGBT, BLM
The Babyk ransomware operation has launched a new data leak site used to publish victim's stolen data as part of a double extortion strategy. Included is a list of targets they wont attack with some exclusions that definitely stand out.
US federal payroll agency hacked using SolarWinds software flaw
The FBI has discovered that the National Finance Center (NFC), a U.S. Department of Agriculture (USDA) federal payroll agency, was compromised by exploiting a SolarWinds Orion software flaw, according to a Reuters report. [...]
https://www.bleepingcomputer.com/news/security/us-federal-payroll-agency-hacked-using-solarwinds-software-flaw/
The FBI has discovered that the National Finance Center (NFC), a U.S. Department of Agriculture (USDA) federal payroll agency, was compromised by exploiting a SolarWinds Orion software flaw, according to a Reuters report. [...]
https://www.bleepingcomputer.com/news/security/us-federal-payroll-agency-hacked-using-solarwinds-software-flaw/
BleepingComputer
US federal payroll agency hacked using SolarWinds software flaw
The FBI has discovered that the National Finance Center (NFC), a U.S. Department of Agriculture (USDA) federal payroll agency, was compromised by exploiting a SolarWinds Orion software flaw, according to a Reuters report.
Female escort review site data breach affects 470,000 members
An online community promoting female escorts and reviews of their services has suffered a data breach after a hacker downloaded the site's database. [...]
https://www.bleepingcomputer.com/news/security/female-escort-review-site-data-breach-affects-470-000-members/
An online community promoting female escorts and reviews of their services has suffered a data breach after a hacker downloaded the site's database. [...]
https://www.bleepingcomputer.com/news/security/female-escort-review-site-data-breach-affects-470-000-members/
BleepingComputer
Female escort review site data breach affects 470,000 members
An online community promoting female escorts and reviews of their services has suffered a data breach after a hacker downloaded the site's database.
Latest macOS Big Sur also has SUDO root privilege escalation flaw
Recently discovered Linux SUDO privilege escalation vulnerability, CVE-2021-3156 (aka Baron Samedit) also impacts the latest Apple macOS Big Sur with no patch available yet. [...]
https://www.bleepingcomputer.com/news/security/latest-macos-big-sur-also-has-sudo-root-privilege-escalation-flaw/
Recently discovered Linux SUDO privilege escalation vulnerability, CVE-2021-3156 (aka Baron Samedit) also impacts the latest Apple macOS Big Sur with no patch available yet. [...]
https://www.bleepingcomputer.com/news/security/latest-macos-big-sur-also-has-sudo-root-privilege-escalation-flaw/
BleepingComputer
Latest macOS Big Sur also has SUDO root privilege escalation flaw
Recently discovered Linux SUDO privilege escalation vulnerability, CVE-2021-3156 (aka Baron Samedit) also impacts the latest Apple macOS Big Sur with no patch available yet.
SolarWinds patches critical vulnerabilities in the Orion platform
Even with the security updates prompted by the recent SolarWinds Orion supply-chain attack, researchers still found some glaring vulnerabilities affecting the platform, one of them allowing code execution with top privileges. [...]
https://www.bleepingcomputer.com/news/security/solarwinds-patches-critical-vulnerabilities-in-the-orion-platform/
Even with the security updates prompted by the recent SolarWinds Orion supply-chain attack, researchers still found some glaring vulnerabilities affecting the platform, one of them allowing code execution with top privileges. [...]
https://www.bleepingcomputer.com/news/security/solarwinds-patches-critical-vulnerabilities-in-the-orion-platform/
BleepingComputer
SolarWinds patches critical vulnerabilities in the Orion platform
Even with the security updates prompted by the recent SolarWinds Orion supply-chain attack, researchers still found some glaring vulnerabilities affecting the platform, one of them allowing code execution with top privileges.
Windows 10 KB4598291 update fixes device deactivation, responsiveness issues
Microsoft has released the KB4598291 release preview cumulative update for all editions of Windows 10 and Windows Server versions 2004 and 20H2, with fixes for device deactivation issues and unresponsiveness while playing games in full-screen. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4598291-update-fixes-device-deactivation-responsiveness-issues/
Microsoft has released the KB4598291 release preview cumulative update for all editions of Windows 10 and Windows Server versions 2004 and 20H2, with fixes for device deactivation issues and unresponsiveness while playing games in full-screen. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4598291-update-fixes-device-deactivation-responsiveness-issues/
BleepingComputer
Windows 10 KB4598291 update fixes device deactivation, freezing issues
Microsoft has released the KB4598291 release preview cumulative update for all editions of Windows 10 and Windows Server versions 2004 and 20H2, with fixes for device deactivation issues and unresponsiveness while playing games in full-screen.
Twitter now autoswitches to dark mode based on your OS settings
If Twitter is suddenly using a dark mode theme, you are not alone. Starting yesterday, Twitter automatically switched to a dark or light theme based on your operating system settings. [...]
https://www.bleepingcomputer.com/news/technology/twitter-now-autoswitches-to-dark-mode-based-on-your-os-settings/
If Twitter is suddenly using a dark mode theme, you are not alone. Starting yesterday, Twitter automatically switched to a dark or light theme based on your operating system settings. [...]
https://www.bleepingcomputer.com/news/technology/twitter-now-autoswitches-to-dark-mode-based-on-your-os-settings/
BleepingComputer
Twitter now autoswitches to dark mode based on your OS settings
If Twitter is suddenly using a dark mode theme, you are not alone. Starting yesterday, Twitter automatically switched to a dark or light theme based on your operating system settings.
Microsoft Defender ATP detects Chrome updates as PHP backdoors
Microsoft Defender for Endpoint is currently detecting at least two Chrome updates as malware, tagging the Slovenian localization file bundled with the Google Chrome installer as a malicious file. [...]
https://www.bleepingcomputer.com/news/security/microsoft-defender-atp-detects-chrome-updates-as-php-backdoors/
Microsoft Defender for Endpoint is currently detecting at least two Chrome updates as malware, tagging the Slovenian localization file bundled with the Google Chrome installer as a malicious file. [...]
https://www.bleepingcomputer.com/news/security/microsoft-defender-atp-detects-chrome-updates-as-php-backdoors/
BleepingComputer
Microsoft Defender ATP detects Chrome updates as PHP backdoors
Microsoft Defender for Endpoint is currently detecting at least two Chrome updates as malware, tagging the Slovenian localization file bundled with the Google Chrome installer as a malicious file.
Cisco fixes critical code execution bugs in SMB VPN routers
Cisco has addressed multiple pre-auth remote code execution (RCE) vulnerabilities affecting several small business VPN routers and allowing attackers to execute arbitrary code as root on successfully exploited devices. [...]
https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-code-execution-bugs-in-smb-vpn-routers/
Cisco has addressed multiple pre-auth remote code execution (RCE) vulnerabilities affecting several small business VPN routers and allowing attackers to execute arbitrary code as root on successfully exploited devices. [...]
https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-code-execution-bugs-in-smb-vpn-routers/
BleepingComputer
Cisco fixes critical code execution bugs in SMB VPN routers
Cisco has addressed multiple pre-auth remote code execution (RCE) vulnerabilities affecting several small business VPN routers and allowing attackers to execute arbitrary code as root on successfully exploited devices.
Microsoft fixes issue causing Windows 10 apps to forget passwords
Microsoft has addressed a known issue impacting multiple Windows 10 apps and causing them to forget users' passwords after upgrading devices to certain Windows 10, version 2004 builds. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-issue-causing-windows-10-apps-to-forget-passwords/
Microsoft has addressed a known issue impacting multiple Windows 10 apps and causing them to forget users' passwords after upgrading devices to certain Windows 10, version 2004 builds. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-issue-causing-windows-10-apps-to-forget-passwords/
BleepingComputer
Microsoft fixes issue causing Windows 10 apps to forget passwords
Microsoft has addressed a known issue impacting multiple Windows 10 apps and causing them to forget users' passwords after upgrading devices to certain Windows 10, version 2004 builds.
SonicWall fixes actively exploited SMA 100 zero-day vulnerability
SonicWall has released a patch for the zero-day vulnerability used in attacks against the SMA 100 series of remote access appliances. [...]
https://www.bleepingcomputer.com/news/security/sonicwall-fixes-actively-exploited-sma-100-zero-day-vulnerability/
SonicWall has released a patch for the zero-day vulnerability used in attacks against the SMA 100 series of remote access appliances. [...]
https://www.bleepingcomputer.com/news/security/sonicwall-fixes-actively-exploited-sma-100-zero-day-vulnerability/
BleepingComputer
SonicWall fixes actively exploited SMA 100 zero-day vulnerability
SonicWall has released a patch for the zero-day vulnerability used in attacks against the SMA 100 series of remote access appliances.
New Fonix ransomware decryptor can recover victim's files for free
Kaspersky has released a decryptor for the Fonix Ransomware (XONIF) that allows victims to recover their encrypted files for free. [...]
https://www.bleepingcomputer.com/news/security/new-fonix-ransomware-decryptor-can-recover-victims-files-for-free/
Kaspersky has released a decryptor for the Fonix Ransomware (XONIF) that allows victims to recover their encrypted files for free. [...]
https://www.bleepingcomputer.com/news/security/new-fonix-ransomware-decryptor-can-recover-victims-files-for-free/
BleepingComputer
New Fonix ransomware decryptor can recover victim's files for free
Kaspersky has released a decryptor for the Fonix Ransomware (XONIF) that allows victims to recover their encrypted files for free.
Oxfam Australia investigates data breach after database sold online
Oxfam Australia investigates a suspected data breach after a threat actor claimed to be selling their database belonging on a hacker forum. [...]
https://www.bleepingcomputer.com/news/security/oxfam-australia-investigates-data-breach-after-database-sold-online/
Oxfam Australia investigates a suspected data breach after a threat actor claimed to be selling their database belonging on a hacker forum. [...]
https://www.bleepingcomputer.com/news/security/oxfam-australia-investigates-data-breach-after-database-sold-online/
BleepingComputer
Oxfam Australia investigates data breach after database put up for sale
Oxfam Australia investigates a suspected data breach after a threat actor claimed to be selling their database belonging on a hacker forum.
Rise in ransomware attacks mistakenly causing data destruction
More and more ransomware victims are resisting the extortionists and refuse to pay when they can recover from backups, despite hackers' threats to leak the data stolen before encryption. [...]
https://www.bleepingcomputer.com/news/security/rise-in-ransomware-attacks-mistakenly-causing-data-destruction/
More and more ransomware victims are resisting the extortionists and refuse to pay when they can recover from backups, despite hackers' threats to leak the data stolen before encryption. [...]
https://www.bleepingcomputer.com/news/security/rise-in-ransomware-attacks-mistakenly-causing-data-destruction/
BleepingComputer
Ransomware attacks increasingly destroy victimsβ data by mistake
More and more ransomware victims are resisting the extortionists and refuse to pay when they can recover from backups, despite hackers' threats to leak the data stolen before encryption.
Microsoft fixes PowerPoint crashes in Office February updates
Microsoft released the February 2021 non-security Microsoft Office updates with improvements and fixes for issues and crashes impacting Windows Installer (MSI) editions of Office 2016, Office 2013, and Office 2010 products. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-powerpoint-crashes-in-office-february-updates/
Microsoft released the February 2021 non-security Microsoft Office updates with improvements and fixes for issues and crashes impacting Windows Installer (MSI) editions of Office 2016, Office 2013, and Office 2010 products. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-powerpoint-crashes-in-office-february-updates/
BleepingComputer
Microsoft fixes PowerPoint crashes in Office February updates
Microsoft released the February 2021 non-security Microsoft Office updates with improvements and fixes for issues and crashes impacting Windows Installer (MSI) editions of Office 2016, Office 2013, and Office 2010 products.