Unpatched QNAP devices are being hacked to mine cryptocurrency
Unpatched network-attached storage (NAS) devices are targeted in ongoing attacks where the attackers try to take them over and install cryptominer malware to mine for cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/unpatched-qnap-devices-are-being-hacked-to-mine-cryptocurrency/
Unpatched network-attached storage (NAS) devices are targeted in ongoing attacks where the attackers try to take them over and install cryptominer malware to mine for cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/unpatched-qnap-devices-are-being-hacked-to-mine-cryptocurrency/
BleepingComputer
Unpatched QNAP devices are being hacked to mine cryptocurrency
Unpatched network-attached storage (NAS) devices are targeted in ongoing attacks where the attackers try to take them over and install cryptominer malware to mine for cryptocurrency.
CISA takes over .GOV top-level domain (TLD) administration
The US Cybersecurity and Infrastructure Security Agency (CISA) is taking over the administration of the.gov top-level domain (TLD) as its new policy and management authority. [...]
https://www.bleepingcomputer.com/news/security/cisa-takes-over-gov-top-level-domain-tld-administration/
The US Cybersecurity and Infrastructure Security Agency (CISA) is taking over the administration of the.gov top-level domain (TLD) as its new policy and management authority. [...]
https://www.bleepingcomputer.com/news/security/cisa-takes-over-gov-top-level-domain-tld-administration/
BleepingComputer
CISA takes over .GOV top-level domain (TLD) administration
The US Cybersecurity and Infrastructure Security Agency (CISA) is taking over the administration of the .GOV top-level domain (TLD) as its new policy and management authority starting next month.
Flagstar Bank hit by data breach exposing customer, employee data
US bank and mortgage lender Flagstar has disclosed a data breach after the Clop ransomware gang hacked their Accellion file transfer server in January. [...]
https://www.bleepingcomputer.com/news/security/flagstar-bank-hit-by-data-breach-exposing-customer-employee-data/
US bank and mortgage lender Flagstar has disclosed a data breach after the Clop ransomware gang hacked their Accellion file transfer server in January. [...]
https://www.bleepingcomputer.com/news/security/flagstar-bank-hit-by-data-breach-exposing-customer-employee-data/
BleepingComputer
Flagstar Bank hit by data breach exposing customer, employee data
US bank and mortgage lender Flagstar has disclosed a data breach after the Clop ransomware gang hacked their Accellion file transfer server in January.
European Banking Authority discloses Exchange server hack
The European Banking Authority (EBA) took down all email systems after their Microsoft Exchange Servers were hacked as part of the ongoing attacks targeting organizations worldwide. [...]
https://www.bleepingcomputer.com/news/security/european-banking-authority-discloses-exchange-server-hack/
The European Banking Authority (EBA) took down all email systems after their Microsoft Exchange Servers were hacked as part of the ongoing attacks targeting organizations worldwide. [...]
https://www.bleepingcomputer.com/news/security/european-banking-authority-discloses-exchange-server-hack/
BleepingComputer
European Banking Authority discloses Exchange server hack
The European Banking Authority (EBA) took down all email systems after their Microsoft Exchange Servers were hacked as part of the ongoing attacks targeting organizations worldwide.
Google Chrome to block port 554 to stop NAT Slipstreaming attacks
Google Chrome will block the browser's access to TCP port 554 to protect against attacks using the NAT Slipstreaming 2.0 vulnerability. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-to-block-port-554-to-stop-nat-slipstreaming-attacks/
Google Chrome will block the browser's access to TCP port 554 to protect against attacks using the NAT Slipstreaming 2.0 vulnerability. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-to-block-port-554-to-stop-nat-slipstreaming-attacks/
BleepingComputer
Google Chrome to block port 554 to stop NAT Slipstreaming attacks
Google Chrome will block the browser's access to TCP port 554 to protect against attacks using the NAT Slipstreaming 2.0 vulnerability.
Hackers hiding Supernova malware in SolarWinds Orion linked to China
Intrusion activity related to the Supernova malware planted on compromised SolarWinds Orion installations exposed on the public internet points to an espionage threat actor based in China. [...]
https://www.bleepingcomputer.com/news/security/hackers-hiding-supernova-malware-in-solarwinds-orion-linked-to-china/
Intrusion activity related to the Supernova malware planted on compromised SolarWinds Orion installations exposed on the public internet points to an espionage threat actor based in China. [...]
https://www.bleepingcomputer.com/news/security/hackers-hiding-supernova-malware-in-solarwinds-orion-linked-to-china/
BleepingComputer
Hackers hiding Supernova malware in SolarWinds Orion linked to China
Intrusion activity related to the Supernova malware planted on compromised SolarWinds Orion installations exposed on the public internet points to an espionage threat actor based in China.
Microsoft 365 adds 'External' email tags for increased security
Microsoft is working on boosting Exchange Online phishing protection capabilities by adding support for external email message tags to its cloud-based email service. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-365-adds-external-email-tags-for-increased-security/
Microsoft is working on boosting Exchange Online phishing protection capabilities by adding support for external email message tags to its cloud-based email service. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-365-adds-external-email-tags-for-increased-security/
BleepingComputer
Microsoft 365 adds 'External' email tags for increased security
Microsoft is working on boosting Exchange Online phishing protection capabilities by adding support for external email message tags to its cloud-based email service.
New Sarbloh ransomware supports Indian farmers' protest
A new ransomware known as Sarbloh encrypts your files while at the same time delivering a message supporting the protests of Indian farmers. [...]
https://www.bleepingcomputer.com/news/security/new-sarbloh-ransomware-supports-indian-farmers-protest/
A new ransomware known as Sarbloh encrypts your files while at the same time delivering a message supporting the protests of Indian farmers. [...]
https://www.bleepingcomputer.com/news/security/new-sarbloh-ransomware-supports-indian-farmers-protest/
BleepingComputer
New Sarbloh ransomware supports Indian farmers' protest
A new ransomware known as Sarbloh encrypts your files while at the same time delivering a message supporting the protests of Indian farmers.
GitHub bug caused users to login to other user accounts
Last night, GitHub automatically logged out many users and invalidated their sessions to protect user accounts against a potentially serious security vulnerability. Earlier this month GitHub had received a report of anomalous behavior from an external party. [...]
https://www.bleepingcomputer.com/news/security/github-bug-caused-users-to-login-to-other-user-accounts/
Last night, GitHub automatically logged out many users and invalidated their sessions to protect user accounts against a potentially serious security vulnerability. Earlier this month GitHub had received a report of anomalous behavior from an external party. [...]
https://www.bleepingcomputer.com/news/security/github-bug-caused-users-to-login-to-other-user-accounts/
BleepingComputer
GitHub fixes bug causing users to log into other accounts
Last night, GitHub automatically logged out many users and invalidated their sessions to protect user accounts against a potentially serious security vulnerability. Earlier this month GitHub had received a report of anomalous behavior from an external party.
Microsoft releases ProxyLogon updates for unsupported Exchange Servers
Microsoft has released security updates for Microsoft Exchange servers running unsupported Cumulative Update versions vulnerable to ProxyLogon attacks. [...]
https://www.bleepingcomputer.com/news/security/microsoft-releases-proxylogon-updates-for-unsupported-exchange-servers/
Microsoft has released security updates for Microsoft Exchange servers running unsupported Cumulative Update versions vulnerable to ProxyLogon attacks. [...]
https://www.bleepingcomputer.com/news/security/microsoft-releases-proxylogon-updates-for-unsupported-exchange-servers/
BleepingComputer
Microsoft releases ProxyLogon updates for unsupported Exchange Servers
Microsoft has released security updates for Microsoft Exchange servers running unsupported Cumulative Update versions vulnerable to ProxyLogon attacks.
Security bug hunters focus on misconfigured services, earn big rewards
An overview of the hacking activity on the HackerOne vulnerability coordination and bug bounty platform shows that misconfiguration of cloud resources is quickly becoming a hot target for ethical hackers. [...]
https://www.bleepingcomputer.com/news/security/security-bug-hunters-focus-on-misconfigured-services-earn-big-rewards/
An overview of the hacking activity on the HackerOne vulnerability coordination and bug bounty platform shows that misconfiguration of cloud resources is quickly becoming a hot target for ethical hackers. [...]
https://www.bleepingcomputer.com/news/security/security-bug-hunters-focus-on-misconfigured-services-earn-big-rewards/
BleepingComputer
Security bug hunters focus on misconfigured services, earn big rewards
An overview of the hacking activity on the HackerOne vulnerability coordination and bug bounty platform shows that misconfiguration of cloud resources is quickly becoming a hot target for ethical hackers.
GandCrab ransomware affiliate arrested for phishing attacks
A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims. [...]
https://www.bleepingcomputer.com/news/security/gandcrab-ransomware-affiliate-arrested-for-phishing-attacks/
A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims. [...]
https://www.bleepingcomputer.com/news/security/gandcrab-ransomware-affiliate-arrested-for-phishing-attacks/
BleepingComputer
GandCrab ransomware affiliate arrested for phishing attacks
A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims.
z0Miner botnet hunts for unpatched ElasticSearch, Jenkins servers
A cryptomining botnet spotted last year is now targeting and attempting to take control of Jenkins and ElasticSearch servers to mine for Monero (XMR) cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/z0miner-botnet-hunts-for-unpatched-elasticsearch-jenkins-servers/
A cryptomining botnet spotted last year is now targeting and attempting to take control of Jenkins and ElasticSearch servers to mine for Monero (XMR) cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/z0miner-botnet-hunts-for-unpatched-elasticsearch-jenkins-servers/
BleepingComputer
z0Miner botnet hunts for unpatched ElasticSearch, Jenkins servers
A cryptomining botnet spotted last year is now targeting and attempting to take control of Jenkins and ElasticSearch servers to mine for Monero (XMR) cryptocurrency.
Adobe fixes critical Creative Cloud, Adobe Connect vulnerabilities
Adobe has released security updates that fix vulnerabilities in Adobe Creative Cloud Desktop, Framemaker, and Connect. [...]
https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-creative-cloud-adobe-connect-vulnerabilities/
Adobe has released security updates that fix vulnerabilities in Adobe Creative Cloud Desktop, Framemaker, and Connect. [...]
https://www.bleepingcomputer.com/news/security/adobe-fixes-critical-creative-cloud-adobe-connect-vulnerabilities/
BleepingComputer
Adobe fixes critical Creative Cloud, Adobe Connect vulnerabilities
Adobe has released security updates that fix vulnerabilities in Adobe Creative Cloud Desktop, Framemaker, and Connect.
Wordpress plans to drop support for Internet Explorer 11
The most well-known and popular blogging platform, WordPress, is considering dropping support for Internet Explorer 11 as the browser's usage dips below 1%. [...]
https://www.bleepingcomputer.com/news/software/wordpress-plans-to-drop-support-for-internet-explorer-11/
The most well-known and popular blogging platform, WordPress, is considering dropping support for Internet Explorer 11 as the browser's usage dips below 1%. [...]
https://www.bleepingcomputer.com/news/software/wordpress-plans-to-drop-support-for-internet-explorer-11/
BleepingComputer
Wordpress plans to drop support for Internet Explorer 11
The most well-known and popular blogging platform, WordPress, is considering dropping support for Internet Explorer 11 as the browser's usage dips below 1%.
Microsoft shares detection, mitigation advice for Azure LoLBins
Azure LoLBins can be used by attackers to bypass network defenses, deploy cryptominers, elevate privileges, and disable real-time protection on a targeted device. [...]
https://www.bleepingcomputer.com/news/security/microsoft-shares-detection-mitigation-advice-for-azure-lolbins/
Azure LoLBins can be used by attackers to bypass network defenses, deploy cryptominers, elevate privileges, and disable real-time protection on a targeted device. [...]
https://www.bleepingcomputer.com/news/security/microsoft-shares-detection-mitigation-advice-for-azure-lolbins/
BleepingComputer
Microsoft shares detection, mitigation advice for Azure LoLBins
Azure LoLBins can be used by attackers to bypass network defenses, deploy cryptominers, elevate privileges, and disable real-time protection on a targeted device.
Windows 10 Cumulative Updates KB5000808 & KB5000802 released
As part of the March Patch cycle, Microsoft is rolling out a new cumulative update for all supported version of Windows. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb5000808-and-kb5000802-released/
As part of the March Patch cycle, Microsoft is rolling out a new cumulative update for all supported version of Windows. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb5000808-and-kb5000802-released/
BleepingComputer
Windows 10 Cumulative Updates KB5000808 & KB5000802 released
As part of the March Patch cycle, Microsoft is rolling out a new cumulative update for all supported version of Windows.
Microsoft March 2021 Patch Tuesday fixes 82 flaws, 2 zero-days
Today is Microsoft's March 2021 Patch Tuesday, and with admins already struggling with Microsoft Exchange updates and hacked servers, please be nice to your IT staff today. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2021-patch-tuesday-fixes-82-flaws-2-zero-days/
Today is Microsoft's March 2021 Patch Tuesday, and with admins already struggling with Microsoft Exchange updates and hacked servers, please be nice to your IT staff today. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2021-patch-tuesday-fixes-82-flaws-2-zero-days/
BleepingComputer
Microsoft March 2021 Patch Tuesday fixes 82 flaws, 2 zero-days
Today is Microsoft's March 2021 Patch Tuesday, and with admins already struggling with Microsoft Exchange updates and hacked servers, please be nice to your IT staff today.
US seizes more domains used in COVID-19 vaccine phishing attacks
The US Department of Justice has seized a fifth domain name used to impersonate the official site of a biotechnology company involved in COVID-19 vaccine development. [...]
https://www.bleepingcomputer.com/news/security/us-seizes-more-domains-used-in-covid-19-vaccine-phishing-attacks/
The US Department of Justice has seized a fifth domain name used to impersonate the official site of a biotechnology company involved in COVID-19 vaccine development. [...]
https://www.bleepingcomputer.com/news/security/us-seizes-more-domains-used-in-covid-19-vaccine-phishing-attacks/
BleepingComputer
US seizes more domains used in COVID-19 vaccine phishing attacks
The US Department of Justice has seized a fifth domain name used to impersonate the official site of a biotechnology company involved in COVID-19 vaccine development.
Hackers access surveillance cameras at Tesla, Cloudflare, banks, more
Hackers gained access to live surveillance cameras installed at Tesla, Equinox, healthcare clinics, jails, and banks, including the Bank of Utah. [...]
https://www.bleepingcomputer.com/news/security/hackers-access-surveillance-cameras-at-tesla-cloudflare-banks-more/
Hackers gained access to live surveillance cameras installed at Tesla, Equinox, healthcare clinics, jails, and banks, including the Bank of Utah. [...]
https://www.bleepingcomputer.com/news/security/hackers-access-surveillance-cameras-at-tesla-cloudflare-banks-more/
BleepingComputer
Hackers access surveillance cameras at Tesla, Cloudflare, banks, more
Hackers gained access to live surveillance cameras installed at Tesla, Equinox, healthcare clinics, jails, and banks, including the Bank of Utah.
iPhone Call Recorder bug gave acess to other people's conversations
An iOS call recording app patched a security vulnerability that gave anyone access to the conversations of thousands of users by simply providing the correct phone numbers. [...]
https://www.bleepingcomputer.com/news/security/iphone-call-recorder-bug-gave-acess-to-other-peoples-conversations/
An iOS call recording app patched a security vulnerability that gave anyone access to the conversations of thousands of users by simply providing the correct phone numbers. [...]
https://www.bleepingcomputer.com/news/security/iphone-call-recorder-bug-gave-acess-to-other-peoples-conversations/
BleepingComputer
iPhone Call Recorder bug gave acess to other people's conversations
An iOS call recording app patched a security vulnerability that gave anyone access to the conversations of thousands of users by simply providing the correct phone numbers.