Finnish IT services giant TietoEVRY discloses ransomware attack

Finnish IT services giant TietoEVRY has suffered a ransomware attack that forced them to disconnect clients' services. [...]

https://www.bleepingcomputer.com/news/security/finnish-it-services-giant-tietoevry-discloses-ransomware-attack/

VMware fixes critical RCE bug in all default vCenter installs

VMware has addressed a critical remote code execution (RCE) vulnerability in the vCenter Server virtual infrastructure management platform that may allow attackers to potentially take control of affected systems. [...]

https://www.bleepingcomputer.com/news/security/vmware-fixes-critical-rce-bug-in-all-default-vcenter-installs/

New WACUP release fixes a massive number of Winamp bugs

The WinAmp Community Update Project (WACUP ) has released Preview version 1.0.20.7170 with many fixes and improvements for the Winamp media player. [...]

https://www.bleepingcomputer.com/news/software/new-wacup-release-fixes-a-massive-number-of-winamp-bugs/

Google Chrome's FPS meter shows frame rate again after complaints

Google has brought the FPS (Frames Per Second), or frame rate, reading back to the Google Chrome FPS meter after users were upset about its removal. [...]

https://www.bleepingcomputer.com/news/google/google-chromes-fps-meter-shows-frame-rate-again-after-complaints/

APT32 state hackers target human rights defenders with spyware

Vietnam-backed hacking group APT32 has coordinated several spyware attacks targeting Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. [...]

https://www.bleepingcomputer.com/news/security/apt32-state-hackers-target-human-rights-defenders-with-spyware/

Heavily used Node.js package has a code injection vulnerability

The heavily downloaded Node.js library "systeminformation" has a severe command injection vulnerability tracked as CVE-2021-21315. [...]

https://www.bleepingcomputer.com/news/security/heavily-used-nodejs-package-has-a-code-injection-vulnerability/

NASA and the FAA were also breached by the SolarWinds hackers

NASA and the US Federal Aviation Administration (FAA) have also been compromised by the nation-state hackers behind the SolarWinds supply-chain attack, according to a& Washington Post report. [...]

https://www.bleepingcomputer.com/news/security/nasa-and-the-faa-were-also-breached-by-the-solarwinds-hackers/

LazyScripter hackers target airlines with remote access trojans

Security researchers analyzing multiple sets of malicious emails believe they uncovered activity belonging to a previously unidentified actor that fits the description of an advanced persistent threat (APT). [...]

https://www.bleepingcomputer.com/news/security/lazyscripter-hackers-target-airlines-with-remote-access-trojans/

Ransomware gang extorts jet maker Bombardier after Accellion breach

Business jet maker Bombardier is the latest company to suffer a data breach by the Clop ransomware gang after attackers exploited a zero-day vulnerability to steal company data. [...]

https://www.bleepingcomputer.com/news/security/ransomware-gang-extorts-jet-maker-bombardier-after-accellion-breach/

Five Eyes warns of Accellion FTA attacks leading to extortion

Five Eyes members have issued a joint security advisory regarding ongoing attacks and extortion attempts targeting organizations using the out-of-support Accellion File Transfer Appliance (FTA). [...]

https://www.bleepingcomputer.com/news/security/five-eyes-warns-of-accellion-fta-attacks-leading-to-extortion/

Russian hackers linked to attack targeting Ukrainian government

The National Security and Defense Council of Ukraine (NSDC) has linked Russian-backed hackers to attempts to compromise state agencies after breaching the government's document management system. [...]

https://www.bleepingcomputer.com/news/security/russian-hackers-linked-to-attack-targeting-ukrainian-government/

Cyberpunk 2077 patch 1.2 delayed by CD Projekt ransomware attack

CD Projekt Red announced today that they are delaying the anticipated Cyberpunk 2077 Patch 1.2 to the second half of March 2021 due to their recent cyberattack. [...]

https://www.bleepingcomputer.com/news/gaming/cyberpunk-2077-patch-12-delayed-by-cd-projekt-ransomware-attack/

Google funds Linux maintainers to boost Linux kernel security

Together with the Linux Foundation, Google announced today that they would fund two Linux kernel developers' efforts as full-time maintainers exclusively focused on improving Linux security. [...]

https://www.bleepingcomputer.com/news/security/google-funds-linux-maintainers-to-boost-linux-kernel-security/

Federal Reserve Bank outage impacts wire transfers, ACH transactions

The US Federal Reserve is suffering a massive IT systems outage preventing wire transfers, ACH transactions, and other services from operating. [...]

https://www.bleepingcomputer.com/news/government/federal-reserve-bank-outage-impacts-wire-transfers-ach-transactions/

Windows 10 Cumulative Update Preview KB4601382 Released

Microsoft has released the optional KB4601382 Preview cumulative update for Windows 10 2004 and Windows 10 20H2. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-update-preview-kb4601382-released/

Cisco fixes maximum severity MSO auth bypass vulnerability

Cisco has addressed a maximum severity authentication bypass vulnerability found in the API endpoint of the Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-maximum-severity-mso-auth-bypass-vulnerability/

Windows 10 gets first combined LCU/SSU update in public release

For the first time in a public release, Microsoft has released a Windows 10 cumulative update that is combined with a servicing stack update for ease of installation. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-gets-first-combined-lcu-ssu-update-in-public-release/

Over 8 million COVID-19 test results leaked online

Millions of COVID-19 test reports were found to be publicly accessible due to flawed online system implementation. [...]

https://www.bleepingcomputer.com/news/security/over-8-million-covid-19-test-results-leaked-online/

Attackers scan for vulnerable VMware servers after PoC exploit release

After security researchers have developed and published proof-of-concept (PoC) exploit code targeting a critical vCenter remote code execution (RCE) vulnerability, attackers are now actively scanning for vulnerable Internet-exposed VMware servers. [...]

https://www.bleepingcomputer.com/news/security/attackers-scan-for-vulnerable-vmware-servers-after-poc-exploit-release/

VC giant Sequoia discloses data breach after failed BEC attack

American venture capital firm Sequoia has disclosed a data breach following what looks like a failed business email compromise (BEC) attack from January. [...]

https://www.bleepingcomputer.com/news/security/vc-giant-sequoia-discloses-data-breach-after-failed-bec-attack/

TD Bank suffers systemwide outage, services still recovering

TD Bank is recovering from a major IT systems outage today that prevented account holders from accessing their online bank accounts, use ATM, or check balances over the phone.  [...]

https://www.bleepingcomputer.com/news/technology/td-bank-suffers-systemwide-outage-services-still-recovering/