βRussian TrickBot malware dev sentenced to 64 months in prison
Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the Trickbot malware used in attacks against hospitals, companies, and individuals worldwide. [...]
https://www.bleepingcomputer.com/news/security/russian-trickbot-malware-dev-sentenced-to-64-months-in-prison/
Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the Trickbot malware used in attacks against hospitals, companies, and individuals worldwide. [...]
https://www.bleepingcomputer.com/news/security/russian-trickbot-malware-dev-sentenced-to-64-months-in-prison/
BleepingComputer
Russian TrickBot malware dev sentenced to 64 months in prison
Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the Trickbot malware used in attacks against hospitals, companies, and individuals worldwide.
π’3π₯2π1
βBlackwood hackers hijack WPS Office update to install malware
A previously unknown advanced threat actor tracked as 'Blackwood' is using sophisticated malware called NSPX30 in cyberespionage attacks against companies and individuals. [...]
https://www.bleepingcomputer.com/news/security/blackwood-hackers-hijack-wps-office-update-to-install-malware/
A previously unknown advanced threat actor tracked as 'Blackwood' is using sophisticated malware called NSPX30 in cyberespionage attacks against companies and individuals. [...]
https://www.bleepingcomputer.com/news/security/blackwood-hackers-hijack-wps-office-update-to-install-malware/
BleepingComputer
Blackwood hackers hijack WPS Office update to install malware
A previously unknown advanced threat actor tracked as 'Blackwood' is using sophisticated malware called NSPX30 in cyberespionage attacks against companies and individuals.
π1
β23andMe data breach: Hackers stole raw genotype data, health reports
Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27. [...]
https://www.bleepingcomputer.com/news/security/23andme-data-breach-hackers-stole-raw-genotype-data-health-reports/
Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27. [...]
https://www.bleepingcomputer.com/news/security/23andme-data-breach-hackers-stole-raw-genotype-data-health-reports/
BleepingComputer
23andMe data breach: Hackers stole raw genotype data, health reports
Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27.
π3β€1
βPwn2Own Automotive: $1.3M for 49 zero-days, Tesla hacked twice
The first edition of Pwn2Own Automotive has ended with competitors earning $1,323,750 for hacking Tesla twice and demoing 49 zero-day bugs in multiple electric car systems between January 24 and January 26. [...]
https://www.bleepingcomputer.com/news/security/pwn2own-automotive-13m-for-49-zero-days-tesla-hacked-twice/
The first edition of Pwn2Own Automotive has ended with competitors earning $1,323,750 for hacking Tesla twice and demoing 49 zero-day bugs in multiple electric car systems between January 24 and January 26. [...]
https://www.bleepingcomputer.com/news/security/pwn2own-automotive-13m-for-49-zero-days-tesla-hacked-twice/
BleepingComputer
Pwn2Own Automotive: $1.3M for 49 zero-days, Tesla hacked twice
The first edition of Pwn2Own Automotive has ended with competitors earning $1,323,750 for hacking Tesla twice and demoing 49 zero-day bugs in multiple electric car systems between January 24 and January 26.
βRole of Wazuh in building a robust cybersecurity architecture
Leveraging open source solutions and tools to build a cybersecurity architecture offers organizations several benefits. Learn more from Wazuh about the benefits of open source solutions. [...]
https://www.bleepingcomputer.com/news/security/role-of-wazuh-in-building-a-robust-cybersecurity-architecture/
Leveraging open source solutions and tools to build a cybersecurity architecture offers organizations several benefits. Learn more from Wazuh about the benefits of open source solutions. [...]
https://www.bleepingcomputer.com/news/security/role-of-wazuh-in-building-a-robust-cybersecurity-architecture/
BleepingComputer
Role of Wazuh in building a robust cybersecurity architecture
Leveraging open source solutions and tools to build a cybersecurity architecture offers organizations several benefits. Learn more from Wazuh about the benefits of open source solutions.
βMicrosoft reveals how hackers breached its Exchange Online accounts
Microsoft confirmed that the Russian Foreign Intelligence Service hacking group, which hacked into its executives' email accounts in November 2023, also breached other organizations as part of this malicious campaign. [...]
https://www.bleepingcomputer.com/news/security/microsoft-reveals-how-hackers-breached-its-exchange-online-accounts/
Microsoft confirmed that the Russian Foreign Intelligence Service hacking group, which hacked into its executives' email accounts in November 2023, also breached other organizations as part of this malicious campaign. [...]
https://www.bleepingcomputer.com/news/security/microsoft-reveals-how-hackers-breached-its-exchange-online-accounts/
BleepingComputer
Microsoft reveals how hackers breached its Exchange Online accounts
Microsoft confirmed that the Russian Foreign Intelligence Service hacking group, which hacked into its executives' email accounts in November 2023, also breached other organizations as part of this malicious campaign.
βUkraine: Hack wiped 2 petabytes of data from Russian research center
The Main Intelligence Directorate of Ukraine's Ministry of Defense claims that pro-Ukrainian hacktivists breached the Russian Center for Space Hydrometeorology, aka "planeta" (ΠΏΠ»Π°Π½Π΅ΡΠ°), and wiped 2 petabytes of data. [...]
https://www.bleepingcomputer.com/news/security/ukraine-hack-wiped-2-petabytes-of-data-from-russian-research-center/
The Main Intelligence Directorate of Ukraine's Ministry of Defense claims that pro-Ukrainian hacktivists breached the Russian Center for Space Hydrometeorology, aka "planeta" (ΠΏΠ»Π°Π½Π΅ΡΠ°), and wiped 2 petabytes of data. [...]
https://www.bleepingcomputer.com/news/security/ukraine-hack-wiped-2-petabytes-of-data-from-russian-research-center/
BleepingComputer
Ukraine: Hack wiped 2 petabytes of data from Russian research center
The Main Intelligence Directorate of Ukraine's Ministry of Defense claims that pro-Ukrainian hacktivists breached the Russian Center for Space Hydrometeorology, aka "planeta" (ΠΏΠ»Π°Π½Π΅ΡΠ°), and wiped 2 petabytes of data.
π4π€¬2π1
βMicrosoft Teams outage causes connection issues, message delays
Microsoft is investigating an ongoing and widespread outage impacting the users of its Teams communication platform and causing connectivity issues, login problems, and message delays. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-teams-outage-causes-connection-issues-message-delays/
Microsoft is investigating an ongoing and widespread outage impacting the users of its Teams communication platform and causing connectivity issues, login problems, and message delays. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-teams-outage-causes-connection-issues-message-delays/
BleepingComputer
Microsoft Teams outage causes connection issues, message delays
Microsoft is investigating an ongoing and widespread outage impacting the users of its Teams communication platform and causing connectivity issues, login problems, and message delays.
βMicrosoft introduces flighting for Windows Server insiders
Microsoft has launched flighting for Windows Server systems enrolled in its Windows Insider open software testing program. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-introduces-flighting-for-windows-server-insiders/
Microsoft has launched flighting for Windows Server systems enrolled in its Windows Insider open software testing program. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-introduces-flighting-for-windows-server-insiders/
BleepingComputer
Microsoft introduces flighting for Windows Server insiders
Microsoft has launched flighting for Windows Server systems enrolled in its Windows Insider open software testing program.
βMicrosoft releases first Windows Server 2025 preview build
Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-first-windows-server-2025-preview-build/
Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-first-windows-server-2025-preview-build/
BleepingComputer
Microsoft releases first Windows Server 2025 preview build
Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program.
βKansas public transportation authority hit by ransomware
The Kansas City Area Transportation Authority (KCATA) announced it was targeted by a ransomware attack on Tuesday, January 23. [...]
https://www.bleepingcomputer.com/news/security/kansas-public-transportation-authority-hit-by-ransomware/
The Kansas City Area Transportation Authority (KCATA) announced it was targeted by a ransomware attack on Tuesday, January 23. [...]
https://www.bleepingcomputer.com/news/security/kansas-public-transportation-authority-hit-by-ransomware/
BleepingComputer
Kansas public transportation authority hit by ransomware
The Kansas City Area Transportation Authority (KCATA) announced it was targeted by a ransomware attack on Tuesday, January 23.
π1
βThe Week in Ransomware - January 26th 2024 - Govts strike back
Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-26th-2024-govts-strike-back/
Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-26th-2024-govts-strike-back/
BleepingComputer
The Week in Ransomware - January 26th 2024 - Govts strike back
Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison.
βExploits released for critical Jenkins RCE flaw, patch now
Multiple proof-of-concept (PoC) exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly available, with some researchers reporting attackers actively exploiting the flaws in attacks. [...]
https://www.bleepingcomputer.com/news/security/exploits-released-for-critical-jenkins-rce-flaw-patch-now/
Multiple proof-of-concept (PoC) exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly available, with some researchers reporting attackers actively exploiting the flaws in attacks. [...]
https://www.bleepingcomputer.com/news/security/exploits-released-for-critical-jenkins-rce-flaw-patch-now/
BleepingComputer
Exploits released for critical Jenkins RCE flaw, patch now
Multiple proof-of-concept (PoC) exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly available, with some researchers reporting attackers actively exploiting the flaws in attacks.
βMicrosoft Teams hit by second outage in three days
Microsoft is investigating a second outage affecting Microsoft Teams users across North and South America in the last three days. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-teams-hit-by-second-outage-in-three-days/
Microsoft is investigating a second outage affecting Microsoft Teams users across North and South America in the last three days. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-teams-hit-by-second-outage-in-three-days/
BleepingComputer
Microsoft Teams hit by second outage in three days
Microsoft is investigating a second outage affecting Microsoft Teams users across North and South America in the last three days.
βDHS employees jailed for stealing data of 200K U.S. govt workers
Three former Department of Homeland Security (DHS) employees were sentenced to prison for stealing proprietary U.S. government software and databases containing the personal data of 200,000 federal employees. [...]
https://www.bleepingcomputer.com/news/security/dhs-employees-jailed-for-stealing-data-of-200k-us-govt-workers/
Three former Department of Homeland Security (DHS) employees were sentenced to prison for stealing proprietary U.S. government software and databases containing the personal data of 200,000 federal employees. [...]
https://www.bleepingcomputer.com/news/security/dhs-employees-jailed-for-stealing-data-of-200k-us-govt-workers/
BleepingComputer
DHS employees jailed for stealing data of 200K U.S. govt workers
Three former Department of Homeland Security (DHS) employees were sentenced to prison for stealing proprietary U.S. government software and databases containing the personal data of 200,000 federal employees.
βRansomware payments drop to record low as victims refuse to pay
The number of ransomware victims paying ransom demands has dropped to a record low of 29% in the final quarter of 2023, according to ransomware negotiation firm Coveware. [...]
https://www.bleepingcomputer.com/news/security/ransomware-payments-drop-to-record-low-as-victims-refuse-to-pay/
The number of ransomware victims paying ransom demands has dropped to a record low of 29% in the final quarter of 2023, according to ransomware negotiation firm Coveware. [...]
https://www.bleepingcomputer.com/news/security/ransomware-payments-drop-to-record-low-as-victims-refuse-to-pay/
BleepingComputer
Ransomware payments drop to record low as victims refuse to pay
The number of ransomware victims paying ransom demands has dropped to a record low of 29% in the final quarter of 2023, according to ransomware negotiation firm Coveware.
β€2π2π1π€1
βFBI: Tech support scams now use couriers to collect victims' money
βToday, the FBI warned about courier services being used to collect money and valuables from victims of tech support and government impersonation scams. [...]
https://www.bleepingcomputer.com/news/security/fbi-tech-support-scams-now-use-couriers-to-collect-victims-money/
βToday, the FBI warned about courier services being used to collect money and valuables from victims of tech support and government impersonation scams. [...]
https://www.bleepingcomputer.com/news/security/fbi-tech-support-scams-now-use-couriers-to-collect-victims-money/
BleepingComputer
FBI: Tech support scams now use couriers to collect victims' money
βToday, the FBI warned about courier services being used to collect money and valuables from victims of tech support and government impersonation scams.
βMicrosoft says Outlook apps canβt connect to Outlook.com
Microsoft is investigating an issue that prevents Outlook and other email clients from connecting when using an Outlook.com account. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-says-outlook-apps-cant-connect-to-outlookcom/
Microsoft is investigating an issue that prevents Outlook and other email clients from connecting when using an Outlook.com account. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-says-outlook-apps-cant-connect-to-outlookcom/
BleepingComputer
Microsoft says Outlook apps canβt connect to Outlook.com
Microsoft is investigating an issue that prevents Outlook and other email clients from connecting when using an Outlook.com account.
βEnergy giant Schneider Electric hit by Cactus ransomware attack
Energy management and automation giant Schneider Electric suffered a Cactus ransomware attack leading to the theft of corporate data, according to people familiar with the matter. [...]
https://www.bleepingcomputer.com/news/security/energy-giant-schneider-electric-hit-by-cactus-ransomware-attack/
Energy management and automation giant Schneider Electric suffered a Cactus ransomware attack leading to the theft of corporate data, according to people familiar with the matter. [...]
https://www.bleepingcomputer.com/news/security/energy-giant-schneider-electric-hit-by-cactus-ransomware-attack/
BleepingComputer
Energy giant Schneider Electric hit by Cactus ransomware attack
Energy management and automation giant Schneider Electric suffered a Cactus ransomware attack leading to the theft of corporate data, according to people familiar with the matter.
π₯΄1
β45k Jenkins servers exposed to RCE attacks using public exploits
Researchers found roughly 45,000 Jenkins instances exposed online that are vulnerable to CVE-2023-23897, a critical remote code execution (RCE) flaw for which multiple public proof-of-concept (PoC) exploits are in circulation. [...]
https://www.bleepingcomputer.com/news/security/45k-jenkins-servers-exposed-to-rce-attacks-using-public-exploits/
Researchers found roughly 45,000 Jenkins instances exposed online that are vulnerable to CVE-2023-23897, a critical remote code execution (RCE) flaw for which multiple public proof-of-concept (PoC) exploits are in circulation. [...]
https://www.bleepingcomputer.com/news/security/45k-jenkins-servers-exposed-to-rce-attacks-using-public-exploits/
BleepingComputer
45k Jenkins servers exposed to RCE attacks using public exploits
Researchers found roughly 45,000 Jenkins instances exposed online that are vulnerable to CVE-2024-23897, a critical remote code execution (RCE) flaw for which multiple public proof-of-concept (PoC) exploits are in circulation.