Linux Foundation unveils Sigstore β a Let's Encrypt for code signing
The Linux Foundation, Red Hat, Google, and Purdue have unveiled the free 'sigstore' service that lets developers code-sign and verify open source software to prevent supply-chain attacks. [...]
https://www.bleepingcomputer.com/news/software/linux-foundation-unveils-sigstore-a-lets-encrypt-for-code-signing/
The Linux Foundation, Red Hat, Google, and Purdue have unveiled the free 'sigstore' service that lets developers code-sign and verify open source software to prevent supply-chain attacks. [...]
https://www.bleepingcomputer.com/news/software/linux-foundation-unveils-sigstore-a-lets-encrypt-for-code-signing/
BleepingComputer
Linux Foundation unveils Sigstore β a Let's Encrypt for code signing
The Linux Foundation, Red Hat, Google, and Purdue have unveiled the free 'sigstore' service that lets developers code-sign and verify open source software to prevent supply-chain attacks.
Microsoft confirms Windows 10 crash issue due to March updates
Microsoft has confirmed that Windows 10 devices might crash with a Blue Screen of Death (BSOD) when printing under certain conditions after applying the March KB5000802 cumulative update. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-windows-10-crash-issue-due-to-march-updates/
Microsoft has confirmed that Windows 10 devices might crash with a Blue Screen of Death (BSOD) when printing under certain conditions after applying the March KB5000802 cumulative update. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-windows-10-crash-issue-due-to-march-updates/
BleepingComputer
Microsoft confirms Windows 10 crash issue due to March updates
Microsoft has confirmed that Windows 10 devices might crash with a Blue Screen of Death (BSOD) when printing under certain conditions after applying the March cumulative updates.
Chinese state hackers target Linux systems with new malware
Security researchers at Intezer have discovered a previously undocumented backdoor dubbed RedXOR, with links to a Chinese-sponsored hacking group and used in ongoing attacks targeting Linux systems. [...]
https://www.bleepingcomputer.com/news/security/chinese-state-hackers-target-linux-systems-with-new-malware/
Security researchers at Intezer have discovered a previously undocumented backdoor dubbed RedXOR, with links to a Chinese-sponsored hacking group and used in ongoing attacks targeting Linux systems. [...]
https://www.bleepingcomputer.com/news/security/chinese-state-hackers-target-linux-systems-with-new-malware/
BleepingComputer
Chinese state hackers target Linux systems with new malware
Security researchers at Intezer have discovered a previously undocumented backdoor dubbed RedXOR, with links to a Chinese-sponsored hacking group and used in ongoing attacks targeting Linux systems.
CISA: No federal civilian agency hacked in Exchange attacks, so far
CISA officials said that, so far, there is no evidence of US federal civilian agencies compromised during ongoing attacks targeting Microsoft Exchange servers. [...]
https://www.bleepingcomputer.com/news/security/cisa-no-federal-civilian-agency-hacked-in-exchange-attacks-so-far/
CISA officials said that, so far, there is no evidence of US federal civilian agencies compromised during ongoing attacks targeting Microsoft Exchange servers. [...]
https://www.bleepingcomputer.com/news/security/cisa-no-federal-civilian-agency-hacked-in-exchange-attacks-so-far/
BleepingComputer
CISA: No federal civilian agency hacked in Exchange attacks, so far
CISA officials said that, so far, there is no evidence of US federal civilian agencies compromised during ongoing attacks targeting Microsoft Exchange servers.
Molson Coors brewing operations disrupted by cyberattack
The Molson Coors Beverage Company has suffered a cyberattack that is causing significant disruption to business operations. [...]
https://www.bleepingcomputer.com/news/security/molson-coors-brewing-operations-disrupted-by-cyberattack/
The Molson Coors Beverage Company has suffered a cyberattack that is causing significant disruption to business operations. [...]
https://www.bleepingcomputer.com/news/security/molson-coors-brewing-operations-disrupted-by-cyberattack/
BleepingComputer
Molson Coors brewing operations disrupted by cyberattack
The Molson Coors Beverage Company has suffered a cyberattack that is causing significant disruption to business operations.
Smart sex toys come with Bluetooth and remote access weaknesses
Today, researchers have exposed common weaknesses lurking in the latest smart sex toys that can be exploited by attackers. As more as more adult toy brands enter the market, and COVID-19 situation has led to a rapid increase in sex toy sales, researchers believe a discussion around the security of these devices is vital. [...]
https://www.bleepingcomputer.com/news/security/smart-sex-toys-come-with-bluetooth-and-remote-access-weaknesses/
Today, researchers have exposed common weaknesses lurking in the latest smart sex toys that can be exploited by attackers. As more as more adult toy brands enter the market, and COVID-19 situation has led to a rapid increase in sex toy sales, researchers believe a discussion around the security of these devices is vital. [...]
https://www.bleepingcomputer.com/news/security/smart-sex-toys-come-with-bluetooth-and-remote-access-weaknesses/
BleepingComputer
Smart sex toys come with Bluetooth and remote hijacking weaknesses
Today, researchers have exposed common weaknesses lurking in the latest smart sex toys that can be exploited by attackers. As more as more adult toy brands enter the market, and COVID-19 situation has led to a rapid increase in sex toy sales, researchersβ¦
New Firefox version fixes Linux crashes, Apple Silicon hangs
Mozilla today started rolling out Firefox 86.0.1 to address a known bug causing the web browser to crash frequently when launched on Linux systems. [...]
https://www.bleepingcomputer.com/news/software/new-firefox-version-fixes-linux-crashes-apple-silicon-hangs/
Mozilla today started rolling out Firefox 86.0.1 to address a known bug causing the web browser to crash frequently when launched on Linux systems. [...]
https://www.bleepingcomputer.com/news/software/new-firefox-version-fixes-linux-crashes-apple-silicon-hangs/
BleepingComputer
New Firefox version fixes Linux crashes, Apple Silicon hangs
Mozilla today started rolling out Firefox 86.0.1 to address a known bug causing the web browser to crash frequently when launched on Linux systems.
7-Zip developer releases the first official Linux version
An official version of the popular 7-zip archiving program has been released for Linux for the first time. [...]
https://www.bleepingcomputer.com/news/software/7-zip-developer-releases-the-first-official-linux-version/
An official version of the popular 7-zip archiving program has been released for Linux for the first time. [...]
https://www.bleepingcomputer.com/news/software/7-zip-developer-releases-the-first-official-linux-version/
BleepingComputer
7-Zip developer releases the first official Linux version
An official version of the popular 7-zip archiving program has been released for Linux for the first time.
New DEARCRY Ransomware is targeting Microsoft Exchange Servers
A new ransomware called 'DEARCRY' is targeting Microsoft Exchange servers, with one victim stating they were infected via the ProxyLogon vulnerabilities. [...]
https://www.bleepingcomputer.com/news/security/new-dearcry-ransomware-is-targeting-microsoft-exchange-servers/
A new ransomware called 'DEARCRY' is targeting Microsoft Exchange servers, with one victim stating they were infected via the ProxyLogon vulnerabilities. [...]
https://www.bleepingcomputer.com/news/security/new-dearcry-ransomware-is-targeting-microsoft-exchange-servers/
BleepingComputer
DearCry ransomware attacks Microsoft Exchange with ProxyLogon exploits
Threat actors are now installing a new ransomware called 'DEARCRY' after hacking into Microsoft Exchange servers using the recently disclosed ProxyLogon vulnerabilities.
OVH data center fire likely caused by faulty UPS power supply
OVH founder and chairman Octave Klaba has provided a plausible explanation for the fire that burned down OVH data centers in Strasbourg, France. [...]
https://www.bleepingcomputer.com/news/security/ovh-data-center-fire-likely-caused-by-faulty-ups-power-supply/
OVH founder and chairman Octave Klaba has provided a plausible explanation for the fire that burned down OVH data centers in Strasbourg, France. [...]
https://www.bleepingcomputer.com/news/security/ovh-data-center-fire-likely-caused-by-faulty-ups-power-supply/
BleepingComputer
OVH data center fire likely caused by faulty UPS power supply
OVH founder and chairman Octave Klaba has provided a plausible explanation for the fire that burned down OVH data centers in Strasbourg, France.
Google Chrome now gobbles up 20% less memory on Windows
Google says that the latest Google Chrome version comes with major memory savings on Windows systems and improves energy consumption and overall responsiveness. [...]
https://www.bleepingcomputer.com/news/google/google-chrome-now-gobbles-up-20-percent-less-memory-on-windows/
Google says that the latest Google Chrome version comes with major memory savings on Windows systems and improves energy consumption and overall responsiveness. [...]
https://www.bleepingcomputer.com/news/google/google-chrome-now-gobbles-up-20-percent-less-memory-on-windows/
BleepingComputer
Google Chrome now gobbles up 20% less memory on Windows
Google says that the latest Google Chrome version comes with major memory savings on Windows systems and improves energy consumption and overall responsiveness.
New ZHtrap botnet malware deploys honeypots to find more targets
A new botnet is hunting down and transforming unpatched routers, DVRs, and UPnP network devices it takes over into honeypots that help it find other devices to infect. [...]
https://www.bleepingcomputer.com/news/security/new-zhtrap-botnet-malware-deploys-honeypots-to-find-more-targets/
A new botnet is hunting down and transforming unpatched routers, DVRs, and UPnP network devices it takes over into honeypots that help it find other devices to infect. [...]
https://www.bleepingcomputer.com/news/security/new-zhtrap-botnet-malware-deploys-honeypots-to-find-more-targets/
BleepingComputer
New ZHtrap botnet malware deploys honeypots to find more targets
A new botnet is hunting down and transforming unpatched routers, DVRs, and UPnP network devices it takes over into honeypots that help it find other devices to infect.
Researchers hacked Indian govt sites via exposed git and env files
Researchers have now disclosed more information on how they were able to breach multiple websites of the Indian government. The full findings disclosed today shed light on the routes leveraged by the researchers, including finding exposed .git directories and .env files on some of these systems. [...]
https://www.bleepingcomputer.com/news/security/researchers-hacked-indian-govt-sites-via-exposed-git-and-env-files/
Researchers have now disclosed more information on how they were able to breach multiple websites of the Indian government. The full findings disclosed today shed light on the routes leveraged by the researchers, including finding exposed .git directories and .env files on some of these systems. [...]
https://www.bleepingcomputer.com/news/security/researchers-hacked-indian-govt-sites-via-exposed-git-and-env-files/
BleepingComputer
Researchers hacked Indian govt sites via exposed git and env files
Researchers have now disclosed more information on how they were able to breach multiple websites of the Indian government. The full findings disclosed today shed light on the routes leveraged by the researchers, including finding exposed .git directoriesβ¦
Microsoft Exchange exploits now used by cryptomining malware
The operators of Lemon_Duck, a cryptomining botnet that targets enterprise networks, are now using Microsoft Exchange ProxyLogon exploits in attacks against unpatched servers. [...]
https://www.bleepingcomputer.com/news/security/microsoft-exchange-exploits-now-used-by-cryptomining-malware/
The operators of Lemon_Duck, a cryptomining botnet that targets enterprise networks, are now using Microsoft Exchange ProxyLogon exploits in attacks against unpatched servers. [...]
https://www.bleepingcomputer.com/news/security/microsoft-exchange-exploits-now-used-by-cryptomining-malware/
BleepingComputer
Microsoft Exchange exploits now used by cryptomining malware
The operators of Lemon_Duck, a cryptomining botnet that targets enterprise networks, are now using Microsoft Exchange ProxyLogon exploits in attacks against unpatched servers.
Google shares Spectre PoC targeting browser JavaScript engines
Google has published JavaScript proof-of-concept (PoC) code to demonstrate the practicality of using Spectre exploits targeting web browsers to gain access to information from a browser's memory. [...]
https://www.bleepingcomputer.com/news/security/google-shares-spectre-poc-targeting-browser-javascript-engines/
Google has published JavaScript proof-of-concept (PoC) code to demonstrate the practicality of using Spectre exploits targeting web browsers to gain access to information from a browser's memory. [...]
https://www.bleepingcomputer.com/news/security/google-shares-spectre-poc-targeting-browser-javascript-engines/
BleepingComputer
Google shares Spectre PoC targeting browser JavaScript engines
Google has published JavaScript proof-of-concept (PoC) code to demonstrate the practicality of using Spectre exploits targeting web browsers to gain access to information from a browser's memory.
Scammers promote fake cryptocurrency giveaways via Twitter ads
Threat actors have started to use 'Promoted' tweets, otherwise known as Twitter ads, to spread cryptocurrency giveaway scams. [...]
https://www.bleepingcomputer.com/news/security/scammers-promote-fake-cryptocurrency-giveaways-via-twitter-ads/
Threat actors have started to use 'Promoted' tweets, otherwise known as Twitter ads, to spread cryptocurrency giveaway scams. [...]
https://www.bleepingcomputer.com/news/security/scammers-promote-fake-cryptocurrency-giveaways-via-twitter-ads/
BleepingComputer
Scammers promote fake cryptocurrency giveaways via Twitter ads
Threat actors have started to use 'Promoted' tweets, otherwise known as Twitter ads, to spread cryptocurrency giveaway scams.
Google fixes second actively exploited Chrome zero-day this month
Google has fixed a second actively exploited Chrome zero-day this month with the release of Chrome 89.0.4389.90 to the Stable desktop channel for Windows, Mac, and Linux users. [...]
https://www.bleepingcomputer.com/news/security/google-fixes-second-actively-exploited-chrome-zero-day-this-month/
Google has fixed a second actively exploited Chrome zero-day this month with the release of Chrome 89.0.4389.90 to the Stable desktop channel for Windows, Mac, and Linux users. [...]
https://www.bleepingcomputer.com/news/security/google-fixes-second-actively-exploited-chrome-zero-day-this-month/
BleepingComputer
Google fixes second actively exploited Chrome zero-day this month
Google has fixed a second actively exploited Chrome zero-day this month with the release of Chrome 89.0.4389.90 to the Stable desktop channel for Windows, Mac, and Linux users.
The Week in Ransomware - March 12th 2021 - Encrypting Exchange servers
For the past two weeks, the cybersecurity news has been dominated by stories about the Microsoft Exchange ProxyLogon vulnerabilities. One overriding concern has been when will ransomware actors use the vulnerabilities to compromise and encrypt mail servers. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-12th-2021-encrypting-exchange-servers/
For the past two weeks, the cybersecurity news has been dominated by stories about the Microsoft Exchange ProxyLogon vulnerabilities. One overriding concern has been when will ransomware actors use the vulnerabilities to compromise and encrypt mail servers. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-12th-2021-encrypting-exchange-servers/
BleepingComputer
The Week in Ransomware - March 12th 2021 - Encrypting Exchange servers
For the past two weeks, the cybersecurity news has been dominated by stories about the Microsoft Exchange ProxyLogon vulnerabilities. One overriding concern has been when will ransomware actors use the vulnerabilities to compromise and encrypt mail servers.
Microsoft shares temporary fix for Windows 10 printing crashes
Microsoft has provided a temporary fix for the Windows 10 blue screen crashes plaguing customers when printing after installing the March 2021 cumulative updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-temporary-fix-for-windows-10-printing-crashes/
Microsoft has provided a temporary fix for the Windows 10 blue screen crashes plaguing customers when printing after installing the March 2021 cumulative updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-temporary-fix-for-windows-10-printing-crashes/
BleepingComputer
Microsoft shares temporary fix for Windows 10 printing crashes
Microsoft has provided a temporary fix for the Windows 10 blue screen crashes plaguing customers when printing after installing the March 2021 cumulative updates.
15-year-old Linux kernel bugs let attackers gain root privileges
Three security vulnerabilities found in the iSCSI subsystem of the Linux kernel could allow local attackers with basic user privileges to gain root privileges on unpatched Linux systems. [...]
https://www.bleepingcomputer.com/news/security/15-year-old-linux-kernel-bugs-let-attackers-gain-root-privileges/
Three security vulnerabilities found in the iSCSI subsystem of the Linux kernel could allow local attackers with basic user privileges to gain root privileges on unpatched Linux systems. [...]
https://www.bleepingcomputer.com/news/security/15-year-old-linux-kernel-bugs-let-attackers-gain-root-privileges/
BleepingComputer
15-year-old Linux kernel bugs let attackers gain root privileges
Three security vulnerabilities found in the iSCSI subsystem of the Linux kernel could allow local attackers with basic user privileges to gain root privileges on unpatched Linux systems.
CEO of Sky Global encrypted chat platform indicted by US
The US Department of Justice has indicted the CEO of encrypted messaging company Sky Global, and an associate for allegedly aiding criminal enterprises avoid detection by law enforcement. [...]
https://www.bleepingcomputer.com/news/security/ceo-of-sky-global-encrypted-chat-platform-indicted-by-us/
The US Department of Justice has indicted the CEO of encrypted messaging company Sky Global, and an associate for allegedly aiding criminal enterprises avoid detection by law enforcement. [...]
https://www.bleepingcomputer.com/news/security/ceo-of-sky-global-encrypted-chat-platform-indicted-by-us/
BleepingComputer
CEO of Sky Global encrypted chat platform indicted by US
The US Department of Justice has indicted the CEO of encrypted messaging company Sky Global, and an associate for allegedly aiding criminal enterprises avoid detection by law enforcement.