The Week in Ransomware - April 16th 2021 - The Houston Rockets

It has been a pretty quiet week with only a few large attacks disclosed and only a few new ransomware variants released. The highest-profile attack this week is the NBA's Houston Rockets who were transparent about their ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-16th-2021-the-houston-rockets/

Major BGP leak disrupts thousands of networks globally

A large BGP routing leak that occurred last night disrupted the connectivity for thousands of major networks and websites around the world. Although the BGP routing leak occurred in Vodafone's autonomous network (AS55410) based in India, it has impacted U.S. companies, including Google, according to sources. [...]

https://www.bleepingcomputer.com/news/security/major-bgp-leak-disrupts-thousands-of-networks-globally/

Google Chrome's new feature lets you easily share selected text

Google makes it easy to share text with friends and colleagues with a new Chrome 90 feature that lets you create links to selected text on a web page. [...]

https://www.bleepingcomputer.com/news/google/google-chromes-new-feature-lets-you-easily-share-selected-text/

Ryuk ransomware operation updates hacking techniques

Recent attacks from Ryuk ransomware operators show that the actors have a new preference when it comes to gaining initial access to the victim network. [...]

https://www.bleepingcomputer.com/news/security/ryuk-ransomware-operation-updates-hacking-techniques/

Microsoft fixes Windows 10 bug that can corrupt NTFS drives

Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. [...]

https://www.bleepingcomputer.com/news/security/microsoft-fixes-windows-10-bug-that-can-corrupt-ntfs-drives/

Twitter is suffering from another worldwide outage today

Twitter is suffering a worldwide outage that started last night and is continuing into Saturday morning with erratic behavior and features partially working. [...]

https://www.bleepingcomputer.com/news/technology/twitter-is-suffering-from-another-worldwide-outage-today/

Google is adding its Dinosaur Game as an iPhone widget

Google is bringing its Dinosaur Game to Apple iPhones as an iOS widget that you can add to your home screen. [...]

https://www.bleepingcomputer.com/news/google/google-is-adding-its-dinosaur-game-as-an-iphone-widget/

US sanctions cryptocurrency addresses linked to Russian cyberactivities

The US government sanctioned this week twenty-eight cryptocurrency addresses allegedly associated with entities or individuals linked to Russian cyberattacks or election interference. [...]

https://www.bleepingcomputer.com/news/security/us-sanctions-cryptocurrency-addresses-linked-to-russian-cyberactivities/

Discord Nitro gift codes now demanded as ransomware payments

In a novel approach to ransom demands, a new ransomware calling itself 'NitroRansomware' encrypts victim's files and then demands a Discord Nitro gift code to decrypt files. [...]

https://www.bleepingcomputer.com/news/security/discord-nitro-gift-codes-now-demanded-as-ransomware-payments/

WordPress to automatically disable Google FLoC on websites

WordPress announced today that they plan on treating Google's new FLoC tracking technology as a security concern and plans to block it by default on WordPress sites. [...]

https://www.bleepingcomputer.com/news/security/wordpress-to-automatically-disable-google-floc-on-websites/

Windows 10 feature update: Here's what to expect in the next release

With Windows 10 Sun Valley update, we're expecting new features for Start Menu, Taskbar, Action Center (notification center), File Explorer, and more. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-feature-update-heres-what-to-expect-in-the-next-release/

Rogers is down: Canadian users report voice and data outages

​​Rogers is currently affected by a nationwide outage in Canada that prevents customers from accessing wireless voice and data services. [...]

https://www.bleepingcomputer.com/news/mobile/rogers-is-down-canadian-users-report-voice-and-data-outages/

Microsoft disables Google's FLoC tracking in Microsoft Edge, for now

Microsoft has disabled Google's controversial FLoC browser-based tracking feature in their Chromium-based Microsoft Edge browser. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-googles-floc-tracking-in-microsoft-edge-for-now/

Windows 10's multitasking feature is getting downgraded

In 2018, Microsoft introduced a multitasking feature called "Windows Timeline" that lets you see a timeline of activities that you performed in Windows 10 including the webpages you visited, documents you created/opened, photos you added, and more. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10s-multitasking-feature-is-getting-downgraded/

Google Alerts continues to be a hotbed of scams and malware

Google Alerts continues to be a hotbed of scams and malware that threat actors are increasingly abusing to promote malicious websites. [...]

https://www.bleepingcomputer.com/news/security/google-alerts-continues-to-be-a-hotbed-of-scams-and-malware/

Geico data breach exposed customers' driver's license numbers

Car insurance provider Geico has suffered a data breach where threat actors stole the driver's licenses for policyholders for over a month. [...]

https://www.bleepingcomputer.com/news/security/geico-data-breach-exposed-customers-drivers-license-numbers/

Microsoft's Windows 10 taskbar news feed ported to older versions

Microsoft is backporting their upcoming Windows 10 News and Interests taskbar feature to Windows 10 20H2 and Windows 10 21H1, allowing far more people to access the new feature. [...]

https://www.bleepingcomputer.com/news/microsoft/microsofts-windows-10-taskbar-news-feed-ported-to-older-versions/

North Korean hackers adapt web skimming for stealing Bitcoin

Hackers linked with the North Korean government applied the web skimming technique to steal cryptocurrency in a previously undocumented campaign that started early last year, researchers say. [...]

https://www.bleepingcomputer.com/news/security/north-korean-hackers-adapt-web-skimming-for-stealing-bitcoin/

Hundreds of customer networks hacked in Codecov supply-chain attack

More details have emerged on the recent Codecov system breach which is being likened to the SolarWinds hack. Sources state hundreds of customer networks have been breached in the incident, expanding the scope of this system breach to beyond just Codecov's systems. [...]

https://www.bleepingcomputer.com/news/security/hundreds-of-customer-networks-hacked-in-codecov-supply-chain-attack/

Fake Microsoft Store, Spotify sites spread info-stealing malware

Attackers are promoting sites impersonating the Microsoft Store, Spotify, and an online document converter that distribute malware to steal credit cards and passwords saved in web browsers. [...]

https://www.bleepingcomputer.com/news/security/fake-microsoft-store-spotify-sites-spread-info-stealing-malware/

Pulse Secure VPN zero-day used to hack defense firms, govt orgs

Pulse Secure has shared mitigation measures for a zero-day authentication bypass vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance actively exploited against US Defense Industrial base (DIB) networks and worldwide organizations. [...]

https://www.bleepingcomputer.com/news/security/pulse-secure-vpn-zero-day-used-to-hack-defense-firms-govt-orgs/