Security expert coalition shares actions to disrupt ransomware

The Ransomware Task Force, a public-party coalition of more than 50 experts, has shared a framework of actions to disrupt the ransomware business model. [...]

https://www.bleepingcomputer.com/news/security/security-expert-coalition-shares-actions-to-disrupt-ransomware/

Whistler resort municipality hit by new ransomware operation

The Whistler municipality in British Columbia, Canada, has suffered a cyberattack at the hands of a new ransomware operation. [...]

https://www.bleepingcomputer.com/news/security/whistler-resort-municipality-hit-by-new-ransomware-operation/

Babuk ransomware readies 'shut down' post, plans to open source malware

After just a few months of activity, the operators of Babuk ransomware briefly posted a short message about their intention to quit the extortion business after having achieved their goal. [...]

https://www.bleepingcomputer.com/news/security/babuk-ransomware-readies-shut-down-post-plans-to-open-source-malware/

QNAP finds evidence of AgeLocker ransomware activity in the wild

QNAP customers are once again urged to secure their Network Attached Storage (NAS) devices following a massive Qlocker ransomware campaign earlier this month. [...]

https://www.bleepingcomputer.com/news/security/qnap-finds-evidence-of-agelocker-ransomware-activity-in-the-wild/

Disabling Windows 10 experiments blocks Known Issue Rollback fixes

As Microsoft begins to utilize its Known Issue Rollback feature to release Windows 10 fixes quickly, users are discovering that modifying privacy settings may prevent these fixes from being installed. [...]

https://www.bleepingcomputer.com/news/microsoft/disabling-windows-10-experiments-blocks-known-issue-rollback-fixes/

New ransomware group uses SonicWall zero-day to breach networks

A financially motivated threat actor exploited a zero-day bug in Sonicwall SMA 100 Series VPN appliances to deploy new ransomware known as FiveHands on the networks of North American and European targets. [...]

https://www.bleepingcomputer.com/news/security/new-ransomware-group-uses-sonicwall-zero-day-to-breach-networks/

Microsoft finds critical code execution bugs in IoT, OT devices

Microsoft security researchers have discovered over two dozen critical remote code execution (RCE) vulnerabilities in Internet of Things (IoT) devices and Operational Technology (OT) industrial systems. [...]

https://www.bleepingcomputer.com/news/security/microsoft-finds-critical-code-execution-bugs-in-iot-ot-devices/

Brazil's Rio Grande do Sul court system hit by REvil ransomware

Brazil's Tribunal de Justiça do Estado do Rio Grande do Sul was hit with an REvil ransomware attack yesterday that encrypted employee's files and forced the courts to shut down their network. [...]

https://www.bleepingcomputer.com/news/security/brazils-rio-grande-do-sul-court-system-hit-by-revil-ransomware/

Codecov begins notifying affected customers, discloses IOCs

Codecov has now started notifying the maintainers of software repositories affected by the recent supply-chain attack. These notifications, delivered via both email and the Codecov application interface, state that the company believes the affected repositories were downloaded by threat actors. [...]

https://www.bleepingcomputer.com/news/security/codecov-begins-notifying-affected-customers-discloses-iocs/

Suspected Chinese state hackers target Russian submarine designer

Hackers suspected to work for the Chinese government have used a new malware called PortDoor to infiltrate the systems of an engineering company that designs submarines for the Russian Navy. [...]

https://www.bleepingcomputer.com/news/security/suspected-chinese-state-hackers-target-russian-submarine-designer/

Your stolen ParkMobile data is now free for wannabe scammers

The account information for almost 22 million ParkMobile customers is now in the hands of hackers and scammers after the data was released for free on a hacking forum. [...]

https://www.bleepingcomputer.com/news/security/your-stolen-parkmobile-data-is-now-free-for-wannabe-scammers/

Hotbit cryptocurrency exchange down after hackers targeted wallets

Cryptocurrency trading platform Hotbit has shut down all services for at least a week after a cyberattack that down several of its services on Thursday evening. [...]

https://www.bleepingcomputer.com/news/security/hotbit-cryptocurrency-exchange-down-after-hackers-targeted-wallets/

Microsoft PowerToys now requires Windows 10 1903 and later

Microsoft released PowerToys v0.37.0 yesterday with minor improvements and a significant change - it now requires a minimum version of Windows 10 1903. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-powertoys-now-requires-windows-10-1903-and-later/

Microsoft is bringing the AAC Bluetooth audio codec to Windows 10

Microsoft has added AAC (Advanced Audio Coding) support for Bluetooth audio devices with the release of Windows 10 Build 21370 to the Dev Channel. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-is-bringing-the-aac-bluetooth-audio-codec-to-windows-10/

Babuk quits ransomware encryption, focuses on data-theft extortion

A new message today from the operators of Babuk ransomware clarifies that the gang has decided to close the affiliate program and move to an extortion model that does not rely on encrypting victim computers. [...]

https://www.bleepingcomputer.com/news/security/babuk-quits-ransomware-encryption-focuses-on-data-theft-extortion/

First Horizon bank online accounts hacked to steal customers’ funds

Bank holding company First Horizon Corporation disclosed the some of its customers had their online banking accounts breached by unknown attackers earlier this month. [...]

https://www.bleepingcomputer.com/news/security/first-horizon-bank-online-accounts-hacked-to-steal-customers-funds/

The Week in Ransomware - April 30th 2021 - Attacks Escalate

Ransomware gangs continue to target organizations large and small, including a brazen attack on the Washington DC police department. [...]

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-30th-2021-attacks-escalate/

Python also impacted by critical IP address validation vulnerability

Python 3.3 standard library 'ipaddress' suffers from a critical IP address vulnerability (CVE-2021-29921) identical to the flaw that was reported in the "netmask" library earlier this year. [...]

https://www.bleepingcomputer.com/news/security/python-also-impacted-by-critical-ip-address-validation-vulnerability/

Office 365 security baseline adds macro signing, JScript protection

Microsoft has updated the security baseline for Microsoft 365 Apps for enterprise (formerly Office 365 Professional Plus) to include protection from JScript code execution attacks and unsigned macros. [...]

https://www.bleepingcomputer.com/news/security/office-365-security-baseline-adds-macro-signing-jscript-protection/

Google Chrome is getting a new Progressive Web App feature

In the latest effort to improve the web apps experience, Google appears to be working on a new API that will allow Chrome progressive web apps (PWAs) to 'handle' (read) files in the operating system's file system. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-is-getting-a-new-progressive-web-app-feature/

Windows 10 Device Manager update makes removing drivers easier

​The Windows 10 Device Manager is getting a helpful upgrade that makes it easier to uninstall a specific driver by seeing what devices are using it [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-device-manager-update-makes-removing-drivers-easier/