Nation-state hackers are targeting COVID-19 response orgs
Organizations involved in international COVID-19 responses, healthcare, and essential services are actively targeted by government-backed hacking groups according to a joint advisory issued today by cyber-security agencies from the US and the UK. [...]
https://www.bleepingcomputer.com/news/security/nation-state-hackers-are-targeting-covid-19-response-orgs/
Organizations involved in international COVID-19 responses, healthcare, and essential services are actively targeted by government-backed hacking groups according to a joint advisory issued today by cyber-security agencies from the US and the UK. [...]
https://www.bleepingcomputer.com/news/security/nation-state-hackers-are-targeting-covid-19-response-orgs/
BleepingComputer
Nation-state hackers are targeting COVID-19 response orgs
Organizations involved in international COVID-19 responses, healthcare, and essential services are actively targeted by government-backed hacking groups according to a joint advisory issued today by cyber-security agencies from the US and the UK.
Game patch gives hackers access to development content on Amazon S3
A security flaw in patches from game developer Naughty Dog allowed hackers access to unreleased content from the upcoming The Last of Us Part II that was stored in an Amazon S3 bucket. [...]
https://www.bleepingcomputer.com/news/security/game-patch-gives-hackers-access-to-development-content-on-amazon-s3/
A security flaw in patches from game developer Naughty Dog allowed hackers access to unreleased content from the upcoming The Last of Us Part II that was stored in an Amazon S3 bucket. [...]
https://www.bleepingcomputer.com/news/security/game-patch-gives-hackers-access-to-development-content-on-amazon-s3/
BleepingComputer
Game patch gives hackers access to development content on Amazon S3
A security flaw in patches from game developer Naughty Dog allowed hackers access to unreleased content from the upcoming The Last of Us Part II that was stored in an Amazon S3 bucket.
InfinityBlack hacker group dismantled by European authorities
Europol announced today that Polish and Swiss law enforcement authorities dismantled the 'InfinityBlack' hacker group after arresting five of its members in Poland on April 29, 2020. [...]
https://www.bleepingcomputer.com/news/security/infinityblack-hacker-group-dismantled-by-european-authorities/
Europol announced today that Polish and Swiss law enforcement authorities dismantled the 'InfinityBlack' hacker group after arresting five of its members in Poland on April 29, 2020. [...]
https://www.bleepingcomputer.com/news/security/infinityblack-hacker-group-dismantled-by-european-authorities/
BleepingComputer
InfinityBlack hacker group dismantled by European authorities
Europol announced today that Polish and Swiss law enforcement authorities dismantled the 'InfinityBlack' hacker group after arresting five of its members in Poland on April 29, 2020.
Microsoft launches IoT-focused bounty program with $100K awards
Microsoft announced today the launch of a new IoT-focused research program with awards of up to $100,000 for vulnerabilities found by security researchers in the Azure Sphere IoT security solution. [...]
https://www.bleepingcomputer.com/news/security/microsoft-launches-iot-focused-bounty-program-with-100k-awards/
Microsoft announced today the launch of a new IoT-focused research program with awards of up to $100,000 for vulnerabilities found by security researchers in the Azure Sphere IoT security solution. [...]
https://www.bleepingcomputer.com/news/security/microsoft-launches-iot-focused-bounty-program-with-100k-awards/
BleepingComputer
Microsoft launches IoT-focused bounty program with $100K awards
Microsoft announced today the launch of a new IoT-focused research program with awards of up to $100,000 for vulnerabilities found by security researchers in the Azure Sphere IoT security solution.
Toll Group hit by ransomware a second time, deliveries affected
The Toll Group has suffered its second ransomware cyberattack in three months, with the latest one conducted by the operators of the Nefilim Ransomware. [...]
https://www.bleepingcomputer.com/news/security/toll-group-hit-by-ransomware-a-second-time-deliveries-affected/
The Toll Group has suffered its second ransomware cyberattack in three months, with the latest one conducted by the operators of the Nefilim Ransomware. [...]
https://www.bleepingcomputer.com/news/security/toll-group-hit-by-ransomware-a-second-time-deliveries-affected/
BleepingComputer
Toll Group hit by ransomware a second time, deliveries affected
The Toll Group has suffered its second ransomware cyberattack in three months, with the latest one conducted by the operators of the Nefilim Ransomware.
Microsoft releases May Office updates with fixes for auth issues
Microsoft released the May 2020 non-security Microsoft Office updates with fixes for several issues and performance improvements to Windows Installer (MSI) editions of Office 2016 and Office 2013. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-may-office-updates-with-fixes-for-auth-issues/
Microsoft released the May 2020 non-security Microsoft Office updates with fixes for several issues and performance improvements to Windows Installer (MSI) editions of Office 2016 and Office 2013. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-may-office-updates-with-fixes-for-auth-issues/
BleepingComputer
Microsoft releases May Office updates with fixes for auth issues
Microsoft released the May 2020 non-security Microsoft Office updates with fixes for several issues and performance improvements to Windows Installer (MSI) editions of Office 2016 and Office 2013.
Cyber volunteers release blocklists for 26,000 COVID-19 threats
The COVID-19 Cyber Threat Coalition has released a block list of known URLs and domain names associated with Coronavirus-themed scams, phishing attacks, and malware threats. [...]
https://www.bleepingcomputer.com/news/security/cyber-volunteers-release-blocklists-for-26-000-covid-19-threats/
The COVID-19 Cyber Threat Coalition has released a block list of known URLs and domain names associated with Coronavirus-themed scams, phishing attacks, and malware threats. [...]
https://www.bleepingcomputer.com/news/security/cyber-volunteers-release-blocklists-for-26-000-covid-19-threats/
BleepingComputer
Cyber volunteers release blocklists for 26,000 COVID-19 threats
The COVID-19 Cyber Threat Coalition has released a block list of known URLs and domain names associated with Coronavirus-themed scams, phishing attacks, and malware threats.
Massive campaign targets 900,000 WordPress sites in a week
Hackers have launched a massive attack against more than 900,000 WordPress sites seeking to redirect visitors to malvertising sites or plant a backdoor if an administrator is logged in. [...]
https://www.bleepingcomputer.com/news/security/massive-campaign-targets-900-000-wordpress-sites-in-a-week/
Hackers have launched a massive attack against more than 900,000 WordPress sites seeking to redirect visitors to malvertising sites or plant a backdoor if an administrator is logged in. [...]
https://www.bleepingcomputer.com/news/security/massive-campaign-targets-900-000-wordpress-sites-in-a-week/
BleepingComputer
Massive campaign targets 900,000 WordPress sites in a week
Hackers have launched a massive attack against more than 900,000 WordPress sites seeking to redirect visitors to malvertising sites or plant a backdoor if an administrator is logged in.
SAP announces security issues in cloud-based products
German software maker SAP announced on Monday that it started to fix security issues identified in several of its cloud-based products. [...]
https://www.bleepingcomputer.com/news/security/sap-announces-security-issues-in-cloud-based-products/
German software maker SAP announced on Monday that it started to fix security issues identified in several of its cloud-based products. [...]
https://www.bleepingcomputer.com/news/security/sap-announces-security-issues-in-cloud-based-products/
BleepingComputer
SAP announces security issues in cloud-based products
German software maker SAP announced on Monday that it started to fix security issues identified in several of its cloud-based products.
Critical Citrix ShareFile bugs could give access to private files
Citrix has fixed three vulnerabilities in multiple versions of ShareFile storage zone controllers that could be exploited without authentication for access to private data areas. [...]
https://www.bleepingcomputer.com/news/security/critical-citrix-sharefile-bugs-could-give-access-to-private-files/
Citrix has fixed three vulnerabilities in multiple versions of ShareFile storage zone controllers that could be exploited without authentication for access to private data areas. [...]
https://www.bleepingcomputer.com/news/security/critical-citrix-sharefile-bugs-could-give-access-to-private-files/
BleepingComputer
Critical Citrix ShareFile bugs could give access to private files
Citrix has fixed three vulnerabilities in multiple versions of ShareFile storage zone controllers that could be exploited without authentication for access to private data areas.
Hacker sells 22 million Unacademy user records after data breach
Online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users. [...]
https://www.bleepingcomputer.com/news/security/hacker-sells-22-million-unacademy-user-records-after-data-breach/
Online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users. [...]
https://www.bleepingcomputer.com/news/security/hacker-sells-22-million-unacademy-user-records-after-data-breach/
BleepingComputer
Hacker sells 22 million Unacademy user records after data breach
Online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users.
Hackers use website favicon to camouflage credit card skimmer
Hackers have created and used a fake icon portal to host and load a JavaScript web skimmer camouflaged as a favicon onto compromised e-commerce portals to steal their customers' credit card and personal information. [...]
https://www.bleepingcomputer.com/news/security/hackers-use-website-favicon-to-camouflage-credit-card-skimmer/
Hackers have created and used a fake icon portal to host and load a JavaScript web skimmer camouflaged as a favicon onto compromised e-commerce portals to steal their customers' credit card and personal information. [...]
https://www.bleepingcomputer.com/news/security/hackers-use-website-favicon-to-camouflage-credit-card-skimmer/
BleepingComputer
Hackers use website favicon to camouflage credit card skimmer
Hackers have created and used a fake icon portal to host and load a JavaScript web skimmer camouflaged as a favicon onto compromised e-commerce portals to steal their customers' credit card and personal information.
Windows 10 Build 19624 released with Windows Update fixes
Microsoft has released Windows 10 Build 19624 to the Fast ring with fixes for issues affecting the Windows Update service that can lead to errors and prevent updates from properly being installed. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-build-19624-released-with-windows-update-fixes/
Microsoft has released Windows 10 Build 19624 to the Fast ring with fixes for issues affecting the Windows Update service that can lead to errors and prevent updates from properly being installed. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-build-19624-released-with-windows-update-fixes/
BleepingComputer
Windows 10 Build 19624 released with Windows Update fixes
Microsoft has released Windows 10 Build 19624 to the Fast ring with fixes for issues affecting the Windows Update service that can lead to errors and prevent updates from properly being installed.
Large scale Snake Ransomware campaign targets healthcare, more
The operators of the Snake Ransomware have launched a worldwide campaign of cyberattacks that have infected numerous businesses and at least one health care organization over the last few days. [...]
https://www.bleepingcomputer.com/news/security/large-scale-snake-ransomware-campaign-targets-healthcare-more/
The operators of the Snake Ransomware have launched a worldwide campaign of cyberattacks that have infected numerous businesses and at least one health care organization over the last few days. [...]
https://www.bleepingcomputer.com/news/security/large-scale-snake-ransomware-campaign-targets-healthcare-more/
BleepingComputer
Large scale Snake Ransomware campaign targets healthcare, more
The operators of the Snake Ransomware have launched a worldwide campaign of cyberattacks that have infected numerous businesses and at least one health care organization over the last few days.
Cisco Webex phishing uses fake cert errors to steal credentials
A highly convincing series of phishing attacks are using fake certificate error warnings with graphics and formatting lifted from Cisco Webex emails to steal users' account credentials. [...]
https://www.bleepingcomputer.com/news/security/cisco-webex-phishing-uses-fake-cert-errors-to-steal-credentials/
A highly convincing series of phishing attacks are using fake certificate error warnings with graphics and formatting lifted from Cisco Webex emails to steal users' account credentials. [...]
https://www.bleepingcomputer.com/news/security/cisco-webex-phishing-uses-fake-cert-errors-to-steal-credentials/
BleepingComputer
Cisco Webex phishing uses fake cert errors to steal credentials
A highly convincing series of phishing attacks are using fake certificate error warnings with graphics and formatting lifted from Cisco Webex emails to steal users' account credentials.
Hacker claims to have breached Microsoft's GitHub private repos
A hacker has claimed to have hacked into Microsoft's GitHub account and downloaded over 500GB of 'Private' repositories, BleepingComputer has learned. [...]
https://www.bleepingcomputer.com/news/security/hacker-claims-to-have-breached-microsofts-github-private-repos/
A hacker has claimed to have hacked into Microsoft's GitHub account and downloaded over 500GB of 'Private' repositories, BleepingComputer has learned. [...]
https://www.bleepingcomputer.com/news/security/hacker-claims-to-have-breached-microsofts-github-private-repos/
BleepingComputer
Microsoft's GitHub account allegedly hacked, 500GB stolen
A hacker has claimed to have hacked into Microsoft's GitHub account and downloaded over 500GB of 'Private' repositories, BleepingComputer has learned.
SilverTerrier BEC scammers target US govt healthcare agencies
Government healthcare agencies, COVID-19 response organizations, and medical research facilities from across the globe were the targets of Business Email Compromise (BEC) phishing campaigns coordinated by multiple Nigerian BEC actors during the last three months. [...]
https://www.bleepingcomputer.com/news/security/silverterrier-bec-scammers-target-us-govt-healthcare-agencies/
Government healthcare agencies, COVID-19 response organizations, and medical research facilities from across the globe were the targets of Business Email Compromise (BEC) phishing campaigns coordinated by multiple Nigerian BEC actors during the last three months. [...]
https://www.bleepingcomputer.com/news/security/silverterrier-bec-scammers-target-us-govt-healthcare-agencies/
BleepingComputer
SilverTerrier BEC scammers target US govt healthcare agencies
Government healthcare agencies, COVID-19 response organizations, and medical research facilities from across the globe were the targets of Business Email Compromise (BEC) phishing campaigns coordinated by multiple Nigerian BEC actors during the last threeβ¦
New βAria-bodyβ backdoor gets advanced hackers βback in the spy game
An APT group running cyber-espionage campaigns since at least 2010 has been operating stealthily over the past five years. They deliver a new backdoor called Aria-body and use victims' infrastructure to carry attacks against other targets. [...]
https://www.bleepingcomputer.com/news/security/new-aria-body-backdoor-gets-advanced-hackers-back-in-the-spy-game/
An APT group running cyber-espionage campaigns since at least 2010 has been operating stealthily over the past five years. They deliver a new backdoor called Aria-body and use victims' infrastructure to carry attacks against other targets. [...]
https://www.bleepingcomputer.com/news/security/new-aria-body-backdoor-gets-advanced-hackers-back-in-the-spy-game/
BleepingComputer
New "Aria-body" backdoor gets advanced hackers back in the spy game
An APT group running cyber-espionage campaigns since at least 2010 has been operating stealthily over the past five years. They deliver a new backdoor called Aria-body and use victims' infrastructure to carry attacks against other targets.
Critical WordPress plugin bug lets hackers take over 1M sites
Hackers are actively exploiting two security vulnerabilities in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins with the end goal of remote executing arbitrary code and fully compromise unpatched targets. [...]
https://www.bleepingcomputer.com/news/security/critical-wordpress-plugin-bug-lets-hackers-take-over-1m-sites/
Hackers are actively exploiting two security vulnerabilities in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins with the end goal of remote executing arbitrary code and fully compromise unpatched targets. [...]
https://www.bleepingcomputer.com/news/security/critical-wordpress-plugin-bug-lets-hackers-take-over-1m-sites/
BleepingComputer
Critical WordPress plugin bug lets hackers take over 1M sites
Hackers are actively exploiting two security vulnerabilities in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins with the end goal of remote executing arbitrary code and fully compromise unpatched targets.
Microsoft Teams call drops on desktop caused by iOS bug
Microsoft urges users not to update their Microsoft Teams iOS client to the latest version as it comes with a bug that causes intermittent call drops on the desktop client after answering if logged in with the same account. [...]
https://www.bleepingcomputer.com/news/security/microsoft-teams-call-drops-on-desktop-caused-by-ios-bug/
Microsoft urges users not to update their Microsoft Teams iOS client to the latest version as it comes with a bug that causes intermittent call drops on the desktop client after answering if logged in with the same account. [...]
https://www.bleepingcomputer.com/news/security/microsoft-teams-call-drops-on-desktop-caused-by-ios-bug/
BleepingComputer
Microsoft Teams call drops on desktop caused by iOS bug
Microsoft urges users not to update their Microsoft Teams iOS client to the latest version as it comes with a bug that causes intermittent call drops on the desktop client after answering if logged in with the same account.