The Week in Ransomware - February 26th 2021 - Back from the Holidays

The number of attacks had slowed down after the winter holidays, but after the past two weeks, it's evident that the ransomware attacks are back at full speed. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-26th-2021-back-from-the-holidays/

Google shares PoC exploit for critical Windows 10 Graphics RCE bug

Project Zero, Google's 0day bug-hunting team, shared technical details and proof-of-concept (PoC) exploit code for a critical remote code execution (RCE) bug affecting a Windows graphics component. [...]

https://www.bleepingcomputer.com/news/security/google-shares-poc-exploit-for-critical-windows-10-graphics-rce-bug/

Microsoft fixes Windows 10 drive corruption bug — what you need to know

Microsoft has fixed a Windows 10 bug that could cause NTFS volumes to become corrupted by merely accessing a particular path or viewing a specially crafted file. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-10-drive-corruption-bug-what-you-need-to-know/

NSA, Microsoft promote a Zero Trust approach to cybersecurity

The National Security Agency (NSA) and Microsoft are advocating for the Zero Trust security model as a more efficient way for enterprises to defend against today's increasingly sophisticated threats. [...]

https://www.bleepingcomputer.com/news/security/nsa-microsoft-promote-a-zero-trust-approach-to-cybersecurity/

Windows 10 Sun Valley design refresh — here's what you need to know

Windows 10 'Sun Valley' UI refresh, otherwise known as 'version 21H2', is reportedly arriving in the second half of this year and it will also include several new features. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-sun-valley-design-refresh-heres-what-you-need-to-know/

Google Voice silenced by expired TLS certificate in February outage

In an incident report published on Friday, Google said that a Google Voice outage affecting a majority of the telephone service's users earlier this month was caused by expired TLS certificates. [...]

https://www.bleepingcomputer.com/news/google/google-voice-silenced-by-expired-tls-certificate-in-february-outage/

What are these suspicious Google GVT1.com URLs?

These Google-owned domains have confused even the most skilled researchers and security products time and time again if these are malicious. The domains in question are redirector.gvt1.com and gvt1/gvt2 subdomains that have spun many threads on the internet. BleepingComputer has dug deeper into the origin of these domains. [...]

https://www.bleepingcomputer.com/news/security/what-are-these-suspicious-google-gvt1com-urls/

Beware: AOL phishing email states your account will be closed

An AOL mail phishing campaign is underway to steal users' login name and password by warning recipients that their account is about to be closed. [...]

https://www.bleepingcomputer.com/news/security/beware-aol-phishing-email-states-your-account-will-be-closed/

Windows 10 Cloud PC: The latest info about Microsoft's new service

With Cloud PC, Microsoft would handle your device configuration in your organization with regular updates, security improvements, and managed support. Cloud PC appears to be a part of the company's "Windows as a Service" tagline, which has become more apparent this year. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-cloud-pc-the-latest-info-about-microsofts-new-service/

Tether cryptocurrency firm says docs in $24 million ransom are 'forged'

USDT cryptocurrency developer Tether has said they are being extorted by threat actors who are demanding 500 bitcoins, or approximately $24 million, not to leak allegedly stolen emails and documents. [...]

https://www.bleepingcomputer.com/news/security/tether-cryptocurrency-firm-says-docs-in-24-million-ransom-are-forged/

NSW Transport agency extorted by ransomware gang after Accellion attack

The transport system for the Australian state of New South Wales has suffered a data breach after the Clop ransomware exploited a vulnerability to steal files. [...]

https://www.bleepingcomputer.com/news/security/nsw-transport-agency-extorted-by-ransomware-gang-after-accellion-attack/

Universal Health Services lost $67 million due to Ryuk ransomware attack

Universal Health Services (UHS) said that the Ryuk ransomware attack it suffered during September 2020 had an estimated impact of $67 million. [...]

https://www.bleepingcomputer.com/news/security/universal-health-services-lost-67-million-due-to-ryuk-ransomware-attack/

Hackers use black hat SEO to push ransomware, trojans via Google

The delivery system for the Gootkit information stealer has evolved into a complex and stealthy framework, which earned it the name Gootloader, and is now pushing a wider variety of malware via hacked WordPress sites and malicious SEO techniques for Google results. [...]

https://www.bleepingcomputer.com/news/security/hackers-use-black-hat-seo-to-push-ransomware-trojans-via-google/

World's leading dairy group Lactalis hit by cyberattack

Lactalis, the world's leading dairy group, has disclosed a cyberattack after unknown threat actors have breached some of the company's systems. [...]

https://www.bleepingcomputer.com/news/security/worlds-leading-dairy-group-lactalis-hit-by-cyberattack/

European e-ticketing platform Ticketcounter extorted in data breach

A Dutch e-Ticketing platform has suffered a data breach after a database was stolen from an unsecured staging server. [...]

https://www.bleepingcomputer.com/news/security/european-e-ticketing-platform-ticketcounter-extorted-in-data-breach/

Working Windows and Linux Spectre exploits found on VirusTotal

Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal. [...]

https://www.bleepingcomputer.com/news/security/working-windows-and-linux-spectre-exploits-found-on-virustotal/

Malicious NPM packages target Amazon, Slack with new dependency attacks

Threat actors are targeting Amazon, Zillow, Lyft, and Slack NodeJS apps using the new 'Dependency Confusion' vulnerability to steal Linux/Unix password files and open reverse shells back to the attackers. [...]

https://www.bleepingcomputer.com/news/security/malicious-npm-packages-target-amazon-slack-with-new-dependency-attacks/

Microsoft announces Windows Server 2022 with new security features

Microsoft says that Windows Server 2022 will come with security improvements and will bring Secured-core to the Windows Server platform for added protection against a wide range of threats.  [...]

https://www.bleepingcomputer.com/news/security/microsoft-announces-windows-server-2022-with-new-security-features/

Oxfam Australia confirms data breach after stolen info sold online

Oxfam Australia has confirmed a data breach after suffering a cyberattack and their donor databases put up for sale on a hacker forum in January. [...]

https://www.bleepingcomputer.com/news/security/oxfam-australia-confirms-data-breach-after-stolen-info-sold-online/

SolarWinds reports $3.5 million in expenses from supply-chain attack

SolarWinds has reported expenses of $3.5 million from last year's supply-chain attack, including costs related to incident investigation and remediation. [...]

https://www.bleepingcomputer.com/news/security/solarwinds-reports-35-million-in-expenses-from-supply-chain-attack/

Malaysia Airlines discloses a nine-year-long data breach

​Malaysia Airlines has suffered a data breach spanning nine years that exposed the personal information of members in its Enrich frequent flyer program. [...]

https://www.bleepingcomputer.com/news/security/malaysia-airlines-discloses-a-nine-year-long-data-breach/