UK rail network Merseyrail likely hit by Lockbit ransomware

UK rail network Merseyrail has confirmed a cyberattack after a ransomware gang used their email system to email employees and journalists about the attack. [...]

https://www.bleepingcomputer.com/news/security/uk-rail-network-merseyrail-likely-hit-by-lockbit-ransomware/

Cyberspies target military organizations with new Nebulae backdoor

A Chinese-speaking threat actor has deployed a new backdoor in multiple cyber-espionage operations spanning roughly two years and targeting military organizations from Southeast Asia. [...]

https://www.bleepingcomputer.com/news/security/cyberspies-target-military-organizations-with-new-nebulae-backdoor/

Passwordstate hackers phish for more victims with updated malware

Click Studios, the software company behind the Passwordstate enterprise password manager, is warning customers of ongoing phishing attacks targeting them with updated Moserpass malware. [...]

https://www.bleepingcomputer.com/news/security/passwordstate-hackers-phish-for-more-victims-with-updated-malware/

SMS phishing scam lures Rogers customers with outage refunds

Cybercriminals target Rogers customers with a new SMS phishing campaign pretending to be refunds for last week's Canada-wide wireless outage. [...]

https://www.bleepingcomputer.com/news/security/sms-phishing-scam-lures-rogers-customers-with-outage-refunds/

New stealthy Linux malware used to backdoor systems for years

A recently discovered Linux malware with backdoor capabilities has flown under the radar for years, allowing attackers to harvest and exfiltrate sensitive information from compromised devices.  [...]

https://www.bleepingcomputer.com/news/security/new-stealthy-linux-malware-used-to-backdoor-systems-for-years/

Microsoft previews new APIs for managing Windows Update

New Microsoft Graph APIs released today for public preview allow developers and IT professionals to manage Windows 10 updates and expedite Windows 10 security updates in enterprise environments. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-previews-new-apis-for-managing-windows-update/

Fourth time's a charm - OGUsers hacking forum hacked again

Popular hacking forum OGUsers has been hacked for its fourth time in two years, with hackers now selling the site's database containing user records and private messages. [...]

https://www.bleepingcomputer.com/news/security/fourth-times-a-charm-ogusers-hacking-forum-hacked-again/

DigitalOcean data breach exposes customer billing information

Cloud hosting provider DigitalOcean has disclosed a data breach after a flaw exposed customers' billing information. [...]

https://www.bleepingcomputer.com/news/security/digitalocean-data-breach-exposes-customer-billing-information/

Windows 10 20H2 KB5001391 Cumulative Update Preview Released

Microsoft has released the optional KB5001391 Preview cumulative update for Windows 10 2004 and Windows 10 20H2. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-20h2-kb5001391-cumulative-update-preview-released/

Microsoft is preparing to release the Windows 10 May 2021 Update

Microsoft has announced that the Windows May 10th 2021 Update (21H1) is complete and being prepared for release. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-is-preparing-to-release-the-windows-10-may-2021-update/

Security expert coalition shares actions to disrupt ransomware

The Ransomware Task Force, a public-party coalition of more than 50 experts, has shared a framework of actions to disrupt the ransomware business model. [...]

https://www.bleepingcomputer.com/news/security/security-expert-coalition-shares-actions-to-disrupt-ransomware/

Whistler resort municipality hit by new ransomware operation

The Whistler municipality in British Columbia, Canada, has suffered a cyberattack at the hands of a new ransomware operation. [...]

https://www.bleepingcomputer.com/news/security/whistler-resort-municipality-hit-by-new-ransomware-operation/

Babuk ransomware readies 'shut down' post, plans to open source malware

After just a few months of activity, the operators of Babuk ransomware briefly posted a short message about their intention to quit the extortion business after having achieved their goal. [...]

https://www.bleepingcomputer.com/news/security/babuk-ransomware-readies-shut-down-post-plans-to-open-source-malware/

QNAP finds evidence of AgeLocker ransomware activity in the wild

QNAP customers are once again urged to secure their Network Attached Storage (NAS) devices following a massive Qlocker ransomware campaign earlier this month. [...]

https://www.bleepingcomputer.com/news/security/qnap-finds-evidence-of-agelocker-ransomware-activity-in-the-wild/

Disabling Windows 10 experiments blocks Known Issue Rollback fixes

As Microsoft begins to utilize its Known Issue Rollback feature to release Windows 10 fixes quickly, users are discovering that modifying privacy settings may prevent these fixes from being installed. [...]

https://www.bleepingcomputer.com/news/microsoft/disabling-windows-10-experiments-blocks-known-issue-rollback-fixes/

New ransomware group uses SonicWall zero-day to breach networks

A financially motivated threat actor exploited a zero-day bug in Sonicwall SMA 100 Series VPN appliances to deploy new ransomware known as FiveHands on the networks of North American and European targets. [...]

https://www.bleepingcomputer.com/news/security/new-ransomware-group-uses-sonicwall-zero-day-to-breach-networks/

Microsoft finds critical code execution bugs in IoT, OT devices

Microsoft security researchers have discovered over two dozen critical remote code execution (RCE) vulnerabilities in Internet of Things (IoT) devices and Operational Technology (OT) industrial systems. [...]

https://www.bleepingcomputer.com/news/security/microsoft-finds-critical-code-execution-bugs-in-iot-ot-devices/

Brazil's Rio Grande do Sul court system hit by REvil ransomware

Brazil's Tribunal de Justiça do Estado do Rio Grande do Sul was hit with an REvil ransomware attack yesterday that encrypted employee's files and forced the courts to shut down their network. [...]

https://www.bleepingcomputer.com/news/security/brazils-rio-grande-do-sul-court-system-hit-by-revil-ransomware/

Codecov begins notifying affected customers, discloses IOCs

Codecov has now started notifying the maintainers of software repositories affected by the recent supply-chain attack. These notifications, delivered via both email and the Codecov application interface, state that the company believes the affected repositories were downloaded by threat actors. [...]

https://www.bleepingcomputer.com/news/security/codecov-begins-notifying-affected-customers-discloses-iocs/

Suspected Chinese state hackers target Russian submarine designer

Hackers suspected to work for the Chinese government have used a new malware called PortDoor to infiltrate the systems of an engineering company that designs submarines for the Russian Navy. [...]

https://www.bleepingcomputer.com/news/security/suspected-chinese-state-hackers-target-russian-submarine-designer/

Your stolen ParkMobile data is now free for wannabe scammers

The account information for almost 22 million ParkMobile customers is now in the hands of hackers and scammers after the data was released for free on a hacking forum. [...]

https://www.bleepingcomputer.com/news/security/your-stolen-parkmobile-data-is-now-free-for-wannabe-scammers/