Howard University shuts down network after ransomware attack
The private Howard University in Washington disclosed that it suffered a ransomware attack late last week and is currently working to restore affected systems. [...]
https://www.bleepingcomputer.com/news/security/howard-university-shuts-down-network-after-ransomware-attack/
The private Howard University in Washington disclosed that it suffered a ransomware attack late last week and is currently working to restore affected systems. [...]
https://www.bleepingcomputer.com/news/security/howard-university-shuts-down-network-after-ransomware-attack/
BleepingComputer
Howard University shuts down network after ransomware attack
The private Howard University in Washington disclosed that it suffered a ransomware attack late last week and is currently working to restore affected systems.
Hackers leak passwords for 500,000 Fortinet VPN accounts
A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. [...]
https://www.bleepingcomputer.com/news/security/hackers-leak-passwords-for-500-000-fortinet-vpn-accounts/
A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. [...]
https://www.bleepingcomputer.com/news/security/hackers-leak-passwords-for-500-000-fortinet-vpn-accounts/
BleepingComputer
Hackers leak passwords for 500,000 Fortinet VPN accounts
A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer.
Zoho patches actively exploited critical ADSelfService Plus bug
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical vulnerability in Zoho's ManageEngine ADSelfService Plus password management solution that allows them to take control of the system. [...]
https://www.bleepingcomputer.com/news/security/zoho-patches-actively-exploited-critical-adselfservice-plus-bug/
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical vulnerability in Zoho's ManageEngine ADSelfService Plus password management solution that allows them to take control of the system. [...]
https://www.bleepingcomputer.com/news/security/zoho-patches-actively-exploited-critical-adselfservice-plus-bug/
BleepingComputer
Zoho patches actively exploited critical ADSelfService Plus bug
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical vulnerability in Zoho's ManageEngine ADSelfService Plus password management solution that allows them to take control of the system.
Ukrainian extradited for selling 2,000 stolen logins per week
The US Department of Justice has indicted a Ukrainian man for using a malware botnet to brute force computer logon credentials and then selling them on a criminal remote access marketplace. [...]
https://www.bleepingcomputer.com/news/security/ukrainian-extradited-for-selling-2-000-stolen-logins-per-week/
The US Department of Justice has indicted a Ukrainian man for using a malware botnet to brute force computer logon credentials and then selling them on a criminal remote access marketplace. [...]
https://www.bleepingcomputer.com/news/security/ukrainian-extradited-for-selling-2-000-stolen-logins-per-week/
BleepingComputer
Ukrainian extradited for selling 2,000 stolen logins per week
The US Department of Justice has indicted a Ukrainian man for using a malware botnet to brute force computer logon credentials and then selling them on a criminal remote access marketplace.
GitHub finds 7 code execution vulnerabilities in 'tar' and npm CLI
GitHub security team has identified several high-severity vulnerabilities in npm packages, "tar" and "@npmcli/arborist," used by npm CLI. The tar package receives 20 million weekly downloads on average, whereas arborist gets downloaded over 300,000 times every week. [...]
https://www.bleepingcomputer.com/news/security/github-finds-7-code-execution-vulnerabilities-in-tar-and-npm-cli/
GitHub security team has identified several high-severity vulnerabilities in npm packages, "tar" and "@npmcli/arborist," used by npm CLI. The tar package receives 20 million weekly downloads on average, whereas arborist gets downloaded over 300,000 times every week. [...]
https://www.bleepingcomputer.com/news/security/github-finds-7-code-execution-vulnerabilities-in-tar-and-npm-cli/
BleepingComputer
GitHub finds 7 code execution vulnerabilities in 'tar' and npm CLI
GitHub security team has identified several high-severity vulnerabilities in npm packages, "tar" and "@npmcli/arborist," used by npm CLI. The tar package receives 20 million weekly downloads on average, whereas arborist gets downloaded over 300,000 timesβ¦
Yandex is battling the largest DDoS in Russian Internet history
Russian internet giant Yandex has been targeted in a massive distributed denial-of-service (DDoS) attack that started last week and reportedly continues this week. [...]
https://www.bleepingcomputer.com/news/security/yandex-is-battling-the-largest-ddos-in-russian-internet-history/
Russian internet giant Yandex has been targeted in a massive distributed denial-of-service (DDoS) attack that started last week and reportedly continues this week. [...]
https://www.bleepingcomputer.com/news/security/yandex-is-battling-the-largest-ddos-in-russian-internet-history/
BleepingComputer
Yandex is battling the largest DDoS in Russian Internet history
Russian internet giant Yandex has been targeted in a massive distributed denial-of-service (DDoS) attack that started last week and reportedly continues this week.
New MΔris botnet breaks DDoS record with 21.8 million RPS attack
A new distributed denial-of-service (DDoS) botnet that kept growing over the summer has been hammering Russian internet giant Yandex for the past month, the attack peaking at the unprecedented rate of 21.8 million requests per second. [...]
https://www.bleepingcomputer.com/news/security/new-m-ris-botnet-breaks-ddos-record-with-218-million-rps-attack/
A new distributed denial-of-service (DDoS) botnet that kept growing over the summer has been hammering Russian internet giant Yandex for the past month, the attack peaking at the unprecedented rate of 21.8 million requests per second. [...]
https://www.bleepingcomputer.com/news/security/new-m-ris-botnet-breaks-ddos-record-with-218-million-rps-attack/
BleepingComputer
New MΔris botnet breaks DDoS record with 21.8 million RPS attack
A new distributed denial-of-service (DDoS) botnet that kept growing over the summer has been hammering Russian internet giant Yandex for the past month, the attack peaking at the unprecedented rate of 21.8 million requests per second.
Microsoft fixes bug letting hackers take over Azure containers
Microsoft has fixed a vulnerability in Azure Container Instances called Azurescape that allowed a malicious container to take over containers belonging to other customers on the platform. [...]
https://www.bleepingcomputer.com/news/security/microsoft-fixes-bug-letting-hackers-take-over-azure-containers/
Microsoft has fixed a vulnerability in Azure Container Instances called Azurescape that allowed a malicious container to take over containers belonging to other customers on the platform. [...]
https://www.bleepingcomputer.com/news/security/microsoft-fixes-bug-letting-hackers-take-over-azure-containers/
BleepingComputer
Microsoft fixes bug letting hackers take over Azure containers
Microsoft has fixed a vulnerability in Azure Container Instances called Azurescape that allowed a malicious container to take over containers belonging to other customers on the platform.
Windows MSHTML zero-day defenses bypassed as new info emerges
New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor's ultimate goal of taking over corporate networks. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-defenses-bypassed-as-new-info-emerges/
New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor's ultimate goal of taking over corporate networks. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-defenses-bypassed-as-new-info-emerges/
BleepingComputer
Windows MSHTML zero-day defenses bypassed as new info emerges
New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor's ultimate goal of taking over corporate networks.
MyRepublic discloses data breach exposing government ID cards
MyRepublic Singapore has disclosed a data breach exposing the personal information of approximately 80,000 mobile subscribers. [...]
https://www.bleepingcomputer.com/news/security/myrepublic-discloses-data-breach-exposing-government-id-cards/
MyRepublic Singapore has disclosed a data breach exposing the personal information of approximately 80,000 mobile subscribers. [...]
https://www.bleepingcomputer.com/news/security/myrepublic-discloses-data-breach-exposing-government-id-cards/
BleepingComputer
MyRepublic discloses data breach exposing government ID cards
MyRepublic Singapore has disclosed a data breach exposing the personal information of approximately 80,000 mobile subscribers.
The Week in Ransomware - September 10th 2021 - REvil returns
This week marked the return of the notorious REvil ransomware group, who disappeared in July after conducting a massive attack using a Kaseya zero-day vulnerability. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-10th-2021-revil-returns/
This week marked the return of the notorious REvil ransomware group, who disappeared in July after conducting a massive attack using a Kaseya zero-day vulnerability. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-10th-2021-revil-returns/
BleepingComputer
The Week in Ransomware - September 10th 2021 - REvil returns
This week marked the return of the notorious REvil ransomware group, who disappeared in July after conducting a massive attack using a Kaseya zero-day vulnerability.
REvil ransomware is back in full attack mode and leaking data
The REvil ransomware gang has fully returned and is once again attacking new victims and publishing stolen files on a data leak site. [...]
https://www.bleepingcomputer.com/news/security/revil-ransomware-is-back-in-full-attack-mode-and-leaking-data/
The REvil ransomware gang has fully returned and is once again attacking new victims and publishing stolen files on a data leak site. [...]
https://www.bleepingcomputer.com/news/security/revil-ransomware-is-back-in-full-attack-mode-and-leaking-data/
BleepingComputer
REvil ransomware is back in full attack mode and leaking data
The REvil ransomware gang has fully returned and is once again attacking new victims and publishing stolen files on a data leak site.
Windows MSHTML zero-day exploits shared on hacking forums
Threat actors are sharing working Windows CVE-2021-40444 MSHTML zero-day exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-exploits-shared-on-hacking-forums/
Threat actors are sharing working Windows CVE-2021-40444 MSHTML zero-day exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-exploits-shared-on-hacking-forums/
BleepingComputer
Windows MSHTML zero-day exploits shared on hacking forums
Threat actors are sharing working Windows CVE-2021-40444 MSHTML zero-day exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks.
Windows 11 Android support spotted online ahead of launch
Ahead of the beta testing with Insiders, Microsoft has already published the placeholder for the Android subsystem in the Microsoft Store. According to the Microsoft Store listing, Windows 11's Android support will require at least 8GB of RAM. For the best experience, 16GB is RAM is recommended. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-11-android-support-spotted-online-ahead-of-launch/
Ahead of the beta testing with Insiders, Microsoft has already published the placeholder for the Android subsystem in the Microsoft Store. According to the Microsoft Store listing, Windows 11's Android support will require at least 8GB of RAM. For the best experience, 16GB is RAM is recommended. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-11-android-support-spotted-online-ahead-of-launch/
BleepingComputer
Windows 11 Android support spotted online ahead of launch
Ahead of the beta testing with Insiders, Microsoft has already published the placeholder for the Android subsystem in the Microsoft Store. According to the Microsoft Store listing, Windows 11's Android support will require at least 8GB of RAM. For the bestβ¦
BlackMatter ransomware hits medical technology giant Olympus
Olympus, a leading medical technology company, is investigating a "potential cybersecurity incident" that impacted some of its EMEA (Europe, Middle East, Africa) IT systems last week. [...]
https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-hits-medical-technology-giant-olympus/
Olympus, a leading medical technology company, is investigating a "potential cybersecurity incident" that impacted some of its EMEA (Europe, Middle East, Africa) IT systems last week. [...]
https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-hits-medical-technology-giant-olympus/
BleepingComputer
BlackMatter ransomware hits medical technology giant Olympus
Olympus, a leading medical technology company, is investigating a "potential cybersecurity incident" that impacted some of its EMEA (Europe, Middle East, Africa) IT systems last week.
Hacker-made Linux Cobalt Strike beacon used in ongoing attacks
An unofficial Cobalt Strike Beacon version made by unknown threat actors from scratch has been spotted by security researchers while actively used in attacks targeting organizations worldwide. [...]
https://www.bleepingcomputer.com/news/security/hacker-made-linux-cobalt-strike-beacon-used-in-ongoing-attacks/
An unofficial Cobalt Strike Beacon version made by unknown threat actors from scratch has been spotted by security researchers while actively used in attacks targeting organizations worldwide. [...]
https://www.bleepingcomputer.com/news/security/hacker-made-linux-cobalt-strike-beacon-used-in-ongoing-attacks/
BleepingComputer
Hacker-made Linux Cobalt Strike beacon used in ongoing attacks
An unofficial Cobalt Strike Beacon Linux version made by unknown threat actors from scratch has been spotted by security researchers while actively used in attacks targeting organizations worldwide.
Walmart press release hoax causes Litecoin to spike 34%
A fake Walmart press release stating that the retail chain would begin accepting Litecoin caused the cryptocurrency to jump by almost 35% this morning. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/walmart-press-release-hoax-causes-litecoin-to-spike-34-percent/
A fake Walmart press release stating that the retail chain would begin accepting Litecoin caused the cryptocurrency to jump by almost 35% this morning. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/walmart-press-release-hoax-causes-litecoin-to-spike-34-percent/
BleepingComputer
Walmart press release hoax causes Litecoin to spike 34%
A fake Walmart press release stating that the retail chain would begin accepting Litecoin caused the cryptocurrency to jump by almost 35% this morning.
FTC warns of extortionists targeting LGBTQ+ community on dating apps
The US Federal Trade Commission (FTC) warns of extortion scammers targeting the LGBTQ+ community via online dating apps such as Grindr and Feeld. [...]
https://www.bleepingcomputer.com/news/security/ftc-warns-of-extortionists-targeting-lgbtq-plus-community-on-dating-apps/
The US Federal Trade Commission (FTC) warns of extortion scammers targeting the LGBTQ+ community via online dating apps such as Grindr and Feeld. [...]
https://www.bleepingcomputer.com/news/security/ftc-warns-of-extortionists-targeting-lgbtq-plus-community-on-dating-apps/
BleepingComputer
FTC warns of extortionists targeting LGBTQ+ community on dating apps
The US Federal Trade Commission (FTC) warns of extortion scammers targeting the LGBTQ+ community via online dating apps such as Grindr and Feeld.
Apple fixes iOS zero-day used to deploy NSO iPhone spyware
Apple has released security updates to fix two zero-day vulnerabilities that have been seen exploited in the wild to attack iPhones and Macs. [...]
https://www.bleepingcomputer.com/news/apple/apple-fixes-ios-zero-day-used-to-deploy-nso-iphone-spyware/
Apple has released security updates to fix two zero-day vulnerabilities that have been seen exploited in the wild to attack iPhones and Macs. [...]
https://www.bleepingcomputer.com/news/apple/apple-fixes-ios-zero-day-used-to-deploy-nso-iphone-spyware/
BleepingComputer
Apple fixes iOS zero-day used to deploy NSO iPhone spyware
Apple has released security updates to fix two zero-day vulnerabilities that have been seen exploited in the wild to attack iPhones and Macs. One is known to be used to install the Pegasus spyware on iPhones.
Firefox now bypasses Windows 11's messy default browser settings
Fed up with the new Windows 11 default apps interface, Mozilla has bypassed Microsoft's policies to make it easier for users to switch their default browser. [...]
https://www.bleepingcomputer.com/news/microsoft/firefox-now-bypasses-windows-11s-messy-default-browser-settings/
Fed up with the new Windows 11 default apps interface, Mozilla has bypassed Microsoft's policies to make it easier for users to switch their default browser. [...]
https://www.bleepingcomputer.com/news/microsoft/firefox-now-bypasses-windows-11s-messy-default-browser-settings/
BleepingComputer
Firefox now bypasses Windows 11's messy default browser settings
Fed up with the new Windows 11 default apps interface, Mozilla has bypassed Microsoft's policies to make it easier for users to switch their default browser.