Latest news and stories from BleepingComputer.com
Mandiant: “No evidence” we were hacked by LockBit ransomware

American cybersecurity firm Mandiant is investigating LockBit ransomware gang's claims that they hacked the company's network and stole data. [...]

Latest news and stories from BleepingComputer.com
QBot now pushes Black Basta ransomware in bot-powered attacks

The Black Basta ransomware gang has partnered with the QBot malware operation to gain spread laterally through hacked corporate environments. [...]

SMSFactory Android malware sneakily subscribes to premium services

Security researchers are warning of an Android malware named SMSFactory that adds unwanted costs to the phone bill by subscribing victims to premium services. [...]

https://www.bleepingcomputer.com/news/security/smsfactory-android-malware-sneakily-subscribes-to-premium-services/

Apple blocked 1.6 millions apps from defrauding users in 2021

Apple said this week that it blocked more than 343,000 iOS apps were blocked by the App Store App Review team for privacy violations last year, while another 157,000 were rejected for attempting to mislead or spamming iOS users. [...]

https://www.bleepingcomputer.com/news/security/apple-blocked-16-millions-apps-from-defrauding-users-in-2021/

Windows 11 'Restore Apps' feature will make it easier to set up new PCs

Microsoft is working on a new 'Restore Apps' feature for Windows 11 that will allow users to quickly reinstall all of their previously installed apps from the Microsoft Store on a new or freshly installed PC. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-restore-apps-feature-will-make-it-easier-to-set-up-new-pcs/

Bored Ape Yacht Club, Otherside NFTs stolen in Discord server hack

Hackers reportedly stole over $257,000 in Ethereum and thirty-two NFTs after the Yuga Lab's Bored Ape Yacht Club and Otherside Metaverse Discord servers were compromised to post a phishing scam. [...]

https://www.bleepingcomputer.com/news/security/bored-ape-yacht-club-otherside-nfts-stolen-in-discord-server-hack/

Microsoft: Windows Autopatch now available for public preview

Microsoft has announced this week that Windows Autopatch, a service to automatically keep Windows and Microsoft 365 software up to date in enterprise environments, has now reached public preview. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-autopatch-now-available-for-public-preview/

Evasive phishing mixes reverse tunnels and URL shortening services

Security researchers are seeing an uptick in the use of reverse tunnel services along with URL shorteners​​​​​​​ for large-scale phishing campaigns, making the malicious activity more difficult to stop. [...]

https://www.bleepingcomputer.com/news/security/evasive-phishing-mixes-reverse-tunnels-and-url-shortening-services/

Exploit released for Atlassian Confluence RCE bug, patch now

Proof-of-concept exploits for the actively exploited critical CVE-2022-26134 vulnerability impacting Atlassian Confluence and Data Center servers have been widely released this weekend. [...]

https://www.bleepingcomputer.com/news/security/exploit-released-for-atlassian-confluence-rce-bug-patch-now/

Italian city of Palermo shuts down all systems to fend off cyberattack

The municipality of Palermo in Southern Italy suffered a cyberattack on Friday, which appears to have had a massive impact on a broad range of operations and services to both citizens and visiting tourists. [...]

https://www.bleepingcomputer.com/news/security/italian-city-of-palermo-shuts-down-all-systems-to-fend-off-cyberattack/

Windows zero-day exploited in US local govt phishing attacks

European governments and US local governments were the targets of a phishing campaign using malicious Rich Text Format (RTF) documents designed to exploit a critical Windows zero-day vulnerability known as Follina. [...]

https://www.bleepingcomputer.com/news/security/windows-zero-day-exploited-in-us-local-govt-phishing-attacks/

Ransomware gangs now give victims time to save their reputation

Threat analysts have observed an unusual trend in ransomware group tactics, reporting that initial phases of victim extortion are becoming less open to the public as the actors tend to use hidden or anonymous entries. [...]

https://www.bleepingcomputer.com/news/security/ransomware-gangs-now-give-victims-time-to-save-their-reputation/

Microsoft bug banned Rewards accounts when redeeming points

Microsoft has fixed a bug where the Microsoft Rewards accounts of customers who redeemed points would get suspended without warning. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-bug-banned-rewards-accounts-when-redeeming-points/

Mandiant: “No evidence” we were hacked by LockBit ransomware

American cybersecurity firm Mandiant is investigating LockBit ransomware gang's claims that they hacked the company's network and stole data. [...]

https://www.bleepingcomputer.com/news/security/mandiant-no-evidence-we-were-hacked-by-lockbit-ransomware/

QBot now pushes Black Basta ransomware in bot-powered attacks

The Black Basta ransomware gang has partnered with the QBot malware operation to spread laterally through hacked corporate environments. [...]

https://www.bleepingcomputer.com/news/security/qbot-now-pushes-black-basta-ransomware-in-bot-powered-attacks/

Latest news and stories from BleepingComputer.com
Android June 2022 updates bring fix for critical RCE vulnerability

Google has released the June 2022 security updates for Android devices running OS versions 10, 11, and 12, fixing 41 vulnerabilities, five rated critical. [...]

Android June 2022 updates bring fix for critical RCE vulnerability

Google has released the June 2022 security updates for Android devices running OS versions 10, 11, and 12, fixing 41 vulnerabilities, five rated critical. [...]

https://www.bleepingcomputer.com/news/security/android-june-2022-updates-bring-fix-for-critical-rce-vulnerability/

Why Netflix isn't the Only One Bummed About Password Sharing

Carnegie Mellen found that as much as 28% of end-users willingly share passwords with others, and a Specops study found that of those who share passwords 21% of people don't know who else their password has been shared with. That's a lot of sharing going on. [...]

https://www.bleepingcomputer.com/news/security/why-netflix-isnt-the-only-one-bummed-about-password-sharing/

Shields Health Care Group data breach affects 2 million patients

Shields Health Care Group (Shields) suffered a data breach that exposed the data of approximately 2,000,000 people in the United States after hackers breached their network and stole data. [...]

https://www.bleepingcomputer.com/news/security/shields-health-care-group-data-breach-affects-2-million-patients/

Latest news and stories from BleepingComputer.com
Why Netflix isn't the Only One Bummed About Password Sharing

Carnegie Mellen found that as much as 28% of end-users willingly share passwords with others, and a Specops study found that of those who share passwords 21% of people don't know who else their password has been shared with. That's a lot of sharing going on. [...]