X begins training Grok AI with your posts, here's how to disable
X has quietly begun training its Grok AI chat platform using members' public posts without first alerting anyone that it is doing it by default. Here's how to block Grok from using your data. [...]
https://www.bleepingcomputer.com/news/security/x-begins-training-grok-ai-with-your-posts-heres-how-to-disable/
X has quietly begun training its Grok AI chat platform using members' public posts without first alerting anyone that it is doing it by default. Here's how to block Grok from using your data. [...]
https://www.bleepingcomputer.com/news/security/x-begins-training-grok-ai-with-your-posts-heres-how-to-disable/
BleepingComputer
X begins training Grok AI with your posts, here's how to disable
X has quietly begun training its Grok AI chat platform using members' public posts without first alerting anyone that it is doing it by default. Here's how to block Grok from using your data.
💩3👍2
Windows 11 taskbar has a hidden "End Task" feature, how to turn it on
Microsoft has added a feature to Windows 11 that allows you to end tasks directly from the taskbar. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-11-taskbar-has-a-hidden-end-task-feature-how-to-turn-it-on/
Microsoft has added a feature to Windows 11 that allows you to end tasks directly from the taskbar. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-11-taskbar-has-a-hidden-end-task-feature-how-to-turn-it-on/
BleepingComputer
Windows 11 taskbar has a hidden "End Task" feature, how to turn it on
Microsoft has added a feature to Windows 11 that allows you to end tasks directly from the taskbar.
Misconfigured Selenium Grid servers abused for Monero mining
Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool for mining Monero cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/misconfigured-selenium-grid-servers-abused-for-monero-mining/
Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool for mining Monero cryptocurrency. [...]
https://www.bleepingcomputer.com/news/security/misconfigured-selenium-grid-servers-abused-for-monero-mining/
BleepingComputer
Misconfigured Selenium Grid servers abused for Monero mining
Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool for mining Monero cryptocurrency.
❤1🔥1🤯1🤡1
Proofpoint settings exploited to send millions of phishing emails daily
A massive phishing campaign dubbed "EchoSpoofing" exploited a security gap in Proofpoint's email protection service to dispatch millions of spoofed emails impersonating big entities like Disney, Nike, IBM, and Coca-Cola, to target Fortune 100 companies. [...]
https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
A massive phishing campaign dubbed "EchoSpoofing" exploited a security gap in Proofpoint's email protection service to dispatch millions of spoofed emails impersonating big entities like Disney, Nike, IBM, and Coca-Cola, to target Fortune 100 companies. [...]
https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/
BleepingComputer
Proofpoint settings exploited to send millions of phishing emails daily
A massive phishing campaign dubbed "EchoSpoofing" exploited a security gap in Proofpoint's email protection service to dispatch millions of spoofed emails impersonating big entities like Disney, Nike, IBM, and Coca-Cola, to target Fortune 100 companies.
🤡3⚡1
HealthEquity says data breach impacts 4.3 million people
HSA provider HealthEquity has determined that a cybersecurity incident disclosed earlier this month has compromised the information of 4,300,000 people. [...]
https://www.bleepingcomputer.com/news/security/healthequity-says-data-breach-impacts-43-million-people/
HSA provider HealthEquity has determined that a cybersecurity incident disclosed earlier this month has compromised the information of 4,300,000 people. [...]
https://www.bleepingcomputer.com/news/security/healthequity-says-data-breach-impacts-43-million-people/
BleepingComputer
HealthEquity says data breach impacts 4.3 million people
HSA provider HealthEquity has determined that a cybersecurity incident disclosed earlier this month has compromised the information of 4,300,000 people.
Microsoft: Ransomware gangs exploit VMware ESXi auth bypass in attacks
Microsoft warned today that ransomware gangs are actively exploiting a VMware ESXi authentication bypass vulnerability in attacks. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-ransomware-gangs-exploit-vmware-esxi-auth-bypass-in-attacks/
Microsoft warned today that ransomware gangs are actively exploiting a VMware ESXi authentication bypass vulnerability in attacks. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-ransomware-gangs-exploit-vmware-esxi-auth-bypass-in-attacks/
BleepingComputer
Microsoft: Ransomware gangs exploit VMware ESXi auth bypass in attacks
Microsoft warned today that ransomware gangs are actively exploiting a VMware ESXi authentication bypass vulnerability in attacks.
Former Avaya employee gets 4 years for $88M license piracy scheme
Three individuals who orchestrated a massive-scale pirate operation involving the sale of Avaya business telephone system software licenses worth over $88,000,000 have received imprisonment sentences. [...]
https://www.bleepingcomputer.com/news/legal/former-avaya-employee-gets-4-years-for-88m-license-piracy-scheme/
Three individuals who orchestrated a massive-scale pirate operation involving the sale of Avaya business telephone system software licenses worth over $88,000,000 have received imprisonment sentences. [...]
https://www.bleepingcomputer.com/news/legal/former-avaya-employee-gets-4-years-for-88m-license-piracy-scheme/
BleepingComputer
Former Avaya employee gets 4 years for $88M license piracy scheme
Three individuals who orchestrated a massive-scale pirate operation involving the sale of Avaya business telephone system software licenses worth over $88,000,000 have received imprisonment sentences.
🤡1
Apple iOS 18.1 Beta previews Apple Intelligence for the first time
Apple has released the iOS 18.1 Beta to developers, allowing them to test some of its upcoming AI-powered Apple Intelligence features before they are released for testing in the public previews. [...]
https://www.bleepingcomputer.com/news/apple/apple-ios-181-beta-previews-apple-intelligence-for-the-first-time/
Apple has released the iOS 18.1 Beta to developers, allowing them to test some of its upcoming AI-powered Apple Intelligence features before they are released for testing in the public previews. [...]
https://www.bleepingcomputer.com/news/apple/apple-ios-181-beta-previews-apple-intelligence-for-the-first-time/
BleepingComputer
Apple iOS 18.1 Beta previews Apple Intelligence for the first time
Apple has released the iOS 18.1 Beta to developers, allowing them to test some of its upcoming AI-powered Apple Intelligence features before they are released for testing in the public previews.
New Specula tool uses Outlook for remote code execution in Windows
Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm TrustedSec. [...]
https://www.bleepingcomputer.com/news/security/new-specula-tool-uses-outlook-for-remote-code-execution-in-windows/
Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm TrustedSec. [...]
https://www.bleepingcomputer.com/news/security/new-specula-tool-uses-outlook-for-remote-code-execution-in-windows/
BleepingComputer
New Specula tool uses Outlook for remote code execution in Windows
Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm TrustedSec.
😁2👍1🔥1
Android spyware 'Mandrake' hidden in apps on Google Play since 2022
A new version of the Android spyware 'Mandrake' has been found in five applications downloaded 32,000 times from Google Play, the platform's official app store. [...]
https://www.bleepingcomputer.com/news/security/android-spyware-mandrake-hidden-in-apps-on-google-play-since-2022/
A new version of the Android spyware 'Mandrake' has been found in five applications downloaded 32,000 times from Google Play, the platform's official app store. [...]
https://www.bleepingcomputer.com/news/security/android-spyware-mandrake-hidden-in-apps-on-google-play-since-2022/
BleepingComputer
Android spyware 'Mandrake' hidden in apps on Google Play since 2022
A new version of the Android spyware 'Mandrake' has been found in five applications downloaded 32,000 times from Google Play, the platform's official app store.
UK govt links 2021 Electoral Commission breach to Exchange server
The United Kingdom's Information Commissioner's Office (ICO) revealed today that the Electoral Commission was breached in August 2021 because it failed to patch its on-premise Microsoft Exchange Server against ProxyShell vulnerabilities. [...]
https://www.bleepingcomputer.com/news/security/uk-govt-links-2021-electoral-commission-breach-to-exchange-server/
The United Kingdom's Information Commissioner's Office (ICO) revealed today that the Electoral Commission was breached in August 2021 because it failed to patch its on-premise Microsoft Exchange Server against ProxyShell vulnerabilities. [...]
https://www.bleepingcomputer.com/news/security/uk-govt-links-2021-electoral-commission-breach-to-exchange-server/
BleepingComputer
UK govt links 2021 Electoral Commission breach to Exchange server
The United Kingdom's Information Commissioner's Office (ICO) revealed today that the Electoral Commission was breached in August 2021 because it failed to patch its on-premise Microsoft Exchange Server against ProxyShell vulnerabilities.
💩2🍌1
Microsoft 365 and Azure outage takes down multiple services
Microsoft is investigating an ongoing and widespread outage blocking access to some Microsoft 365 and Azure services. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-365-and-azure-outage-takes-down-multiple-services/
Microsoft is investigating an ongoing and widespread outage blocking access to some Microsoft 365 and Azure services. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-365-and-azure-outage-takes-down-multiple-services/
BleepingComputer
Microsoft 365 and Azure outage takes down multiple services
Microsoft is investigating an ongoing global outage blocking access to some Microsoft 365 and Azure services.
Is your password policy working? Key cybersecurity KPIs to measure
Are your password policies having a positive impact on the cybersecurity posture of your org? Learn more from Specops Software about how to align password policies with wider cybersecurity KPIs. [...]
https://www.bleepingcomputer.com/news/security/is-your-password-policy-working-key-cybersecurity-kpis-to-measure/
Are your password policies having a positive impact on the cybersecurity posture of your org? Learn more from Specops Software about how to align password policies with wider cybersecurity KPIs. [...]
https://www.bleepingcomputer.com/news/security/is-your-password-policy-working-key-cybersecurity-kpis-to-measure/
BleepingComputer
Is your password policy working? Key cybersecurity KPIs to measure
Are your password policies having a positive impact on the cybersecurity posture of your org? Learn more from Specops Software about how to align password policies with wider cybersecurity KPIs.
👍4❤2
DigiCert mass-revoking TLS certificates due to domain validation bug
DigiCert is warning that it will be mass-revoking SSL/TLS certificates due to a bug in how the company verified if a customer owned or operated a domain and requires impacted customers to reissue certificates within 24 hours. [...]
https://www.bleepingcomputer.com/news/security/digicert-mass-revoking-tls-certificates-due-to-domain-validation-bug/
DigiCert is warning that it will be mass-revoking SSL/TLS certificates due to a bug in how the company verified if a customer owned or operated a domain and requires impacted customers to reissue certificates within 24 hours. [...]
https://www.bleepingcomputer.com/news/security/digicert-mass-revoking-tls-certificates-due-to-domain-validation-bug/
BleepingComputer
DigiCert mass-revoking TLS certificates due to domain validation bug
DigiCert is warning that it will be mass-revoking SSL/TLS certificates due to a bug in how the company verified if a customer owned or operated a domain and requires impacted customers to reissue certificates within 24 hours.
Columbus investigates whether data was stolen in ransomware attack
The City of Columbus, Ohio, says it's investigating whether personal data was stolen in a ransomware attack on July 18, 2024 that disrupted the City's services. [...]
https://www.bleepingcomputer.com/news/security/columbus-investigates-whether-data-was-stolen-in-ransomware-attack/
The City of Columbus, Ohio, says it's investigating whether personal data was stolen in a ransomware attack on July 18, 2024 that disrupted the City's services. [...]
https://www.bleepingcomputer.com/news/security/columbus-investigates-whether-data-was-stolen-in-ransomware-attack/
BleepingComputer
Columbus investigates whether data was stolen in ransomware attack
The City of Columbus, Ohio, says it's investigating whether personal data was stolen in a ransomware attack on July 18, 2024 that disrupted the City's services.
😁1🙏1
Google Chrome adds app-bound encryption to block infostealer malware
Google Chrome has added app-bound encryption for better cookie protection on Windows systems and improved defenses against information-stealing malware attacks. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-adds-app-bound-encryption-to-block-infostealer-malware/
Google Chrome has added app-bound encryption for better cookie protection on Windows systems and improved defenses against information-stealing malware attacks. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-adds-app-bound-encryption-to-block-infostealer-malware/
BleepingComputer
Google Chrome adds app-bound encryption to block infostealer malware
Google Chrome has added app-bound encryption for better cookie protection on Windows systems and improved defenses against information-stealing malware attacks.
😢1
Black Basta ransomware switches to more evasive custom malware
The Black Basta ransomware gang has shown resilience and an ability to adapt to a constantly shifting space, using new custom tools and tactics to evade detection and spread throughout a network. [...]
https://www.bleepingcomputer.com/news/security/black-basta-ransomware-switches-to-more-evasive-custom-malware/
The Black Basta ransomware gang has shown resilience and an ability to adapt to a constantly shifting space, using new custom tools and tactics to evade detection and spread throughout a network. [...]
https://www.bleepingcomputer.com/news/security/black-basta-ransomware-switches-to-more-evasive-custom-malware/
BleepingComputer
Black Basta ransomware switches to more evasive custom malware
The Black Basta ransomware gang has shown resilience and an ability to adapt to a constantly shifting space, using new custom tools and tactics to evade detection and spread throughout a network.
🔥2
CISA warns of VMware ESXi bug exploited in ransomware attacks
CISA has ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their servers against a VMware ESXi authentication bypass vulnerability exploited in ransomware attacks. [...]
https://www.bleepingcomputer.com/news/security/cisa-warns-of-vmware-esxi-bug-exploited-in-ransomware-attacks/
CISA has ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their servers against a VMware ESXi authentication bypass vulnerability exploited in ransomware attacks. [...]
https://www.bleepingcomputer.com/news/security/cisa-warns-of-vmware-esxi-bug-exploited-in-ransomware-attacks/
BleepingComputer
CISA warns of VMware ESXi bug exploited in ransomware attacks
CISA has ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their servers against a VMware ESXi authentication bypass vulnerability exploited in ransomware attacks.
👍3❤1
Dark Angels ransomware receives record-breaking $75 million ransom
A Fortune 50 company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz. [...]
https://www.bleepingcomputer.com/news/security/dark-angels-ransomware-receives-record-breaking-75-million-ransom/
A Fortune 50 company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz. [...]
https://www.bleepingcomputer.com/news/security/dark-angels-ransomware-receives-record-breaking-75-million-ransom/
BleepingComputer
Dark Angels ransomware receives record-breaking $75 million ransom
A Fortune 50 company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz.
🤯4👍1
Massive SMS stealer campaign infects Android devices in 113 countries
A malicious campaign targeting Android devices worldwide utilizes thousands of Telegram bots to infect devices with SMS-stealing malware and steal one-time 2FA passwords (OTPs) for over 600 services. [...]
https://www.bleepingcomputer.com/news/security/massive-sms-stealer-campaign-infects-android-devices-in-113-countries/
A malicious campaign targeting Android devices worldwide utilizes thousands of Telegram bots to infect devices with SMS-stealing malware and steal one-time 2FA passwords (OTPs) for over 600 services. [...]
https://www.bleepingcomputer.com/news/security/massive-sms-stealer-campaign-infects-android-devices-in-113-countries/
BleepingComputer
Massive SMS stealer campaign infects Android devices in 113 countries
A malicious campaign targeting Android devices worldwide utilizes thousands of Telegram bots to infect devices with SMS-stealing malware and steal one-time 2FA passwords (OTPs) for over 600 services.