Windows XP makes ransomware gangs work harder for their money

A recently created ransomware decryptor illustrates how threat actors have to support Windows XP, even when Microsoft dropped supporting it seven years ago. [...]

https://www.bleepingcomputer.com/news/security/windows-xp-makes-ransomware-gangs-work-harder-for-their-money/

Android malware infects wannabe Netflix thieves via WhatsApp

Newly discovered Android malware found on Google's Play Store disguised as a Netflix tool is designed to auto-spread to other devices using WhatsApp auto-replies to incoming messages. [...]

https://www.bleepingcomputer.com/news/security/android-malware-infects-wannabe-netflix-thieves-via-whatsapp/

Facebook attributes 533 million users' data leak to "scraping" not hacking

Facebook has now released a public statement clarifying the cause of and addressing some of the concerns related to the recent data leak. As reported last week, information of about 533 million Facebook profiles surfaced on a hacker forum. [...]

https://www.bleepingcomputer.com/news/security/facebook-attributes-533-million-users-data-leak-to-scraping-not-hacking/

Microsoft's Windows 10, Exchange, and Teams hacked at Pwn2Own

During the first day of Pwn2Own 2021, contestants won $440,000 after successfully exploiting previously unknown vulnerabilities to hack Microsoft's Windows 10 OS, the Exchange mail server, and the Teams communication platform. [...]

https://www.bleepingcomputer.com/news/security/microsofts-windows-10-exchange-and-teams-hacked-at-pwn2own/

Gigaset Android phones infected by malware via hacked update server

Owners of Gigaset Android phones have been repeatedly infected with malware since the end of March after threat actors compromised the vendor's update server in a supply-chain attack. [...]

https://www.bleepingcomputer.com/news/security/gigaset-android-phones-infected-by-malware-via-hacked-update-server/

Google Forms and Telegram abused to collect phished credentials

Security researchers note an increase in alternative methods to steal data from phishing attacks, as scammers obtain the stolen info through Google Forms or private Telegram bots. [...]

https://www.bleepingcomputer.com/news/security/google-forms-and-telegram-abused-to-collect-phished-credentials/

New Cring ransomware hits unpatched Fortinet VPN devices

A vulnerability impacting Fortinet VPNs is being exploited by a new human-operated ransomware strain known as Cring to breach and encrypt industrial sector companies' networks. [...]

https://www.bleepingcomputer.com/news/security/new-cring-ransomware-hits-unpatched-fortinet-vpn-devices/

Cisco fixes bug allowing remote code execution with root privileges

Cisco has released security updates to address a pre-authentication remote code execution (RCE) vulnerability affecting SD-WAN vManage Software's user management function. [...]

https://www.bleepingcomputer.com/news/security/cisco-fixes-bug-allowing-remote-code-execution-with-root-privileges/

REvil ransomware now changes password to auto-login in Safe Mode

A recent change to the REvil ransomware allows the threat actors to automate file encryption via Safe Mode after changing Windows passwords. [...]

https://www.bleepingcomputer.com/news/security/revil-ransomware-now-changes-password-to-auto-login-in-safe-mode/

VISA: Hackers increasingly using web shells to steal credit cards

Global payments processor VISA warns that threat actors are increasingly deploying web shells on compromised servers to exfiltrate credit card information stolen from online store customers. [...]

https://www.bleepingcomputer.com/news/security/visa-hackers-increasingly-using-web-shells-to-steal-credit-cards/

Tech support scammers lure victims with fake antivirus billing emails

Tech support scammers are pretending to be from Microsoft, McAfee, and Norton to target users with fake antivirus billing renewals in a large-scale email campaign.  [...]

https://www.bleepingcomputer.com/news/security/tech-support-scammers-lure-victims-with-fake-antivirus-billing-emails/

North Korean hackers use new Vyveva malware to attack freighters

The North Korean-backed Lazarus hacking group used new malware with backdoor capabilities dubbed Vyveva by ESET researchers in targeted attacks against a South African freight logistics company. [...]

https://www.bleepingcomputer.com/news/security/north-korean-hackers-use-new-vyveva-malware-to-attack-freighters/

Microsoft Office 365 phishing evades detection with HTML Lego pieces

A recent phishing campaign used a clever trick to deliver the fraudulent web page that collects Microsoft Office 365 credentials by building it from chunks of HTML code stored locally and remotely. [...]

https://www.bleepingcomputer.com/news/security/microsoft-office-365-phishing-evades-detection-with-html-lego-pieces/

Windows 10 hacked again at Pwn2Own, Chrome and Zoom also fall

Contestants hacked Microsoft's Windows 10 OS twice during the second day of the Pwn2Own 2021 competition, together with the Google Chrome web browser and the Zoom video communication platform. [...]

https://www.bleepingcomputer.com/news/security/windows-10-hacked-again-at-pwn2own-chrome-and-zoom-also-fall/

Microsoft releases a cyberattack simulator - Shall we play a game?

Microsoft has released an open-source cyberattack simulator that allows security researchers and data scientists to create simulated network environments and see how they fare against AI-controlled cyber agents. [...]

https://www.bleepingcomputer.com/news/security/microsoft-releases-a-cyberattack-simulator-shall-we-play-a-game/

Belden says health benefits data stolen in 2020 cyberattack

Belden has disclosed that additional data was accessed and copied during their November 2020 cyberattack related to employees' healthcare benefits and family members covered under their plan. [...]

https://www.bleepingcomputer.com/news/security/belden-says-health-benefits-data-stolen-in-2020-cyberattack/

Over 600,000 stolen credit cards leaked after Swarmshop hack

The hacking spree targeting underground marketplaces has claimed another victim as a database from card shop Swarmshop emerged on another forum. [...]

https://www.bleepingcomputer.com/news/security/over-600-000-stolen-credit-cards-leaked-after-swarmshop-hack/

Google Chrome blocks a new port to stop NAT Slipstreaming attacks

Google Chrome is now blocking HTTP, HTTPS, and FTP access to TCP port 10080 to prevent the ports from being abused in NAT Slipstreaming 2.0 attacks. [...]

https://www.bleepingcomputer.com/news/security/google-chrome-blocks-a-new-port-to-stop-nat-slipstreaming-attacks/

CISA releases tool to review Microsoft 365 post-compromise activity

The Cybersecurity and Infrastructure Security Agency (CISA) has released a companion Splunk-based dashboard that helps review post-compromise activity in Microsoft Azure Active Directory (AD), Office 365 (O365), and Microsoft 365 (M365) environments. [...]

https://www.bleepingcomputer.com/news/security/cisa-releases-tool-to-review-microsoft-365-post-compromise-activity/

Researchers earn $1,2 million for exploits demoed at Pwn2Own 2021

Pwn2Own 2021 ended with contestants earning a record $1,210,000 for exploits and exploits chains demoed over the course of three days. [...]

https://www.bleepingcomputer.com/news/security/researchers-earn-1-2-million-for-exploits-demoed-at-pwn2own-2021/

Watch: Monkey uses Elon Musk's Neuralink to play Pong with its mind

A new video released by Elon Musk's Neuralink shows a monkey playing Pong using its mind and embedded brain-human interface. [...]

https://www.bleepingcomputer.com/news/technology/watch-monkey-uses-elon-musks-neuralink-to-play-pong-with-its-mind/