1132
Latest news and stories from BleepingComputer.com From a bleeping computer to a working computer.
Iranian hackers work with ransomware gangs to extort breached orgs
An Iran-based hacking group known as Pioneer Kitten is breaching defense, education, finance, and healthcare organizations across the United States and working with affiliates of several ransomware operations to extort the victims. [...]
https://www.bleepingcomputer.com/news/security/iranian-hackers-work-with-ransomware-gangs-to-extort-breached-orgs/
Fortra fixes critical FileCatalyst Workflow hardcoded password issue
Fortra is warning of a critical hardcoded password flaw in FileCatalyst Workflow that could allow attackers unauthorized access to an internal database to steal data and gain administrator privileges. [...]
https://www.bleepingcomputer.com/news/security/fortra-fixes-critical-filecatalyst-workflow-hardcoded-password-issue/
It's down to the wire—but you don’t have to miss mWISE
For just a few days, the mWise cybersecurity conference is rolling back registration pricing to the Early Bird rate. Hurry, sale ends Wednesday, September 4. Learn more from mWISE Conference on how to get this discount. [...]
https://www.bleepingcomputer.com/news/security/its-down-to-the-wire-but-you-dont-have-to-miss-mwise/
US Marshals Service disputes ransomware gang's breach claims
The U.S. Marshals Service (USMS) denies its systems were breached by the Hunters International ransomware gang after being listed as a new victim on the cybercrime group's leak site on Monday. [...]
https://www.bleepingcomputer.com/news/security/us-marshals-service-disputes-ransomware-gangs-breach-claims/
Notion exits Russia and will terminate accounts in September
Notion has announced it will exit the Russian market and is terminating all workspaces and accounts identified linked to users in the country. [...]
https://www.bleepingcomputer.com/news/software/notion-exits-russia-and-will-terminate-accounts-in-september/
Windows Downdate tool lets you 'unpatch' Windows systems
SafeBreach security researcher Alon Leviev has released his Windows Downdate tool, which can be used for downgrade attacks that reintroduce old vulnerabilities in up-to-date Windows 10, Windows 11, and Windows Server systems. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-downdate-tool-lets-you-unpatch-windows-systems/
How to identify unknown assets while pen testing
External Attack Surface Management (EASM) coupled with Penetration Testing as a Service (PTaaS) can help find those blind spots and hidden assets exposed on your network. Learn more from Outpost24 about how combining EASM and PTaaS can help reveal these hidden pitfalls. [...]
https://www.bleepingcomputer.com/news/security/how-to-identify-unknown-assets-while-pen-testing/
Google tags a tenth Chrome zero-day as exploited this year
Today, Google revealed that it patched the tenth zero-day exploited in the wild in 2024 by attackers or security researchers during hacking contests. [...]
https://www.bleepingcomputer.com/news/security/google-tags-a-tenth-chrome-zero-day-as-exploited-this-year/
Microsoft: Exchange Online mistakenly tags emails as malware
Microsoft is investigating an Exchange Online false positive issue causing emails containing images to be wrongly tagged as malicious and sent to quarantine. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-online-mistakenly-tags-emails-as-malware/
Versa fixes Director zero-day vulnerability exploited in attacks
Versa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an unrestricted file upload flaw in the Versa Director GUI. [...]
https://www.bleepingcomputer.com/news/security/versa-fixes-director-zero-day-vulnerability-exploited-in-attacks/
Remote Work: A Ticking Time Bomb Waiting to be Exploited
ThreatLocker has created a list of the top 15 actions to secure an organization if employing a remote or hybrid workforce. Learn more in this free e-book from ThreatLocker. [...]
https://www.bleepingcomputer.com/news/security/remote-work-a-ticking-time-bomb-waiting-to-be-exploited/
Audit finds notable security gaps in FBI's storage media management
An audit from the Department of Justice's Office of the Inspector General (OIG) identified "significant weaknesses" in FBI's inventory management and disposal of electronic storage media containing sensitive and classified information. [...]
https://www.bleepingcomputer.com/news/security/audit-finds-notable-security-gaps-in-fbis-storage-media-management/
American Radio Relay League confirms $1 million ransom payment
The American Radio Relay League (ARRL) paid a $1 million ransom for a decryptor that helped restore systems encrypted in a May ransomware attack [...]
https://www.bleepingcomputer.com/news/security/american-radio-relay-league-confirms-1-million-ransom-payment/
New Windows 10 22H2 beta fixes memory leaks and crashes
Microsoft has released a new Windows 10 22H2 beta (KB5041582) with memory leak and crash fixes for Insiders in the Beta and Release Preview channels. [...]
https://www.bleepingcomputer.com/news/microsoft/new-windows-10-22h2-beta-fixes-memory-leaks-and-crashes/
US oil giant Halliburton confirms cyberattack behind systems shutdown
Halliburton, one of the world's largest providers of services to the energy industry, has confirmed a cyberattack that forced it to shut down some of its systems earlier this week. [...]
https://www.bleepingcomputer.com/news/security/us-oil-giant-halliburton-confirms-cyberattack-behind-systems-shutdown/
Google increases Chrome bug bounty rewards up to $250,000
Google has more than doubled payouts for Google Chrome security flaws reported through its Vulnerability Reward Program, with the maximum possible reward for a single bug now exceeding $250,000. [...]
https://www.bleepingcomputer.com/news/google/google-increases-chrome-bug-bounty-rewards-up-to-250-000/
DICK’s Sporting Goods says confidential data exposed in cyberattack
DICK'S Sporting Goods, the largest chain of sporting goods retail stores in the United States, disclosed that sensitive information was exposed in a cyberattack detected last Wednesday. [...]
https://www.bleepingcomputer.com/news/security/dicks-sporting-goods-says-confidential-data-exposed-in-cyberattack/
BlackSuit ransomware stole data of 950,000 from software vendor
Young Consulting is sending data breach notifications to 954,177 people who had their information exposed in a BlackSuit ransomware attack on April 10, 2024. [...]
https://www.bleepingcomputer.com/news/security/blacksuit-ransomware-stole-data-of-950-000-from-software-vendor/
Windows 11 KB5041587 update adds sharing to Android devices
Microsoft has released the optional KB5041587 preview cumulative update for Windows 11 23H2 and 22H2, which adds sharing to Android devices and fixes multiple File Explorer issues. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5041587-update-adds-sharing-to-android-devices/
Malware infiltrates Pidgin messenger’s official plugin repository
The Pidgin messaging app removed the ScreenShareOTR plugin from its official third-party plugin list after it was discovered that it was used to install keyloggers, information stealers, and malware commonly used to gain initial access to corporate networks. [...]
https://www.bleepingcomputer.com/news/security/malware-infiltrates-pidgin-messengers-official-plugin-repository/
Park’N Fly notifies 1 million customers of data breach
Park'N Fly is warning that a data breach exposed the personal and account information of 1 million customers in Canada after hackers breached its network. [...]
https://www.bleepingcomputer.com/news/security/parkn-fly-notifies-1-million-customers-of-data-breach/
Microsoft Sway abused in massive QR code phishing campaign
A massive QR code phishing campaign abused Microsoft Sway, a cloud-based tool for creating online presentations, to host landing pages to trick Microsoft 365 users into handing over their credentials. [...]
https://www.bleepingcomputer.com/news/security/microsoft-sway-abused-in-massive-qr-code-phishing-campaign/
Patelco notifies 726,000 customers of ransomware data breach
Patelco Credit Union warns customers it suffered a data breach after personal data was stolen in a RansomHub ransomware attack earlier this year. [...]
https://www.bleepingcomputer.com/news/security/patelco-notifies-726-000-customers-of-ransomware-data-breach/
Uber fined $325 million for moving driver data from Europe to US
The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, AP) has imposed a fine of €290,000,000 ($325 million) on Uber Technologies Inc. and Uber B.V. over GDPR violations. [...]
https://www.bleepingcomputer.com/news/legal/uber-fined-325-million-for-moving-driver-data-from-europe-to-us/
SonicWall warns of critical access control flaw in SonicOS
SonicWall's SonicOS is vulnerable to a critical access control flaw that could allow attackers to gain access unauthorized access to resources or cause the firewall to crash. [...]
https://www.bleepingcomputer.com/news/security/sonicwall-warns-of-critical-access-control-flaw-in-sonicos/
Seattle-Tacoma Airport IT systems down due to a cyberattack
The Seattle-Tacoma International Airport has confirmed that a cyberattack is likely behind the ongoing IT systems outage that disrupted reservation check-in systems and delayed flights over the weekend. [...]
https://www.bleepingcomputer.com/news/security/seattle-tacoma-airport-it-systems-down-due-to-a-cyberattack/
Stealthy 'sedexp' Linux malware evaded detection for two years
A stealthy Linux malware named 'sedexp' has been evading detection since 2022 by using a persistence technique not yet included in the MITRE ATT&CK framework. [...]
https://www.bleepingcomputer.com/news/security/stealthy-sedexp-linux-malware-evaded-detection-for-two-years/
Microsoft shares temp fix for Linux boot issues on dual-boot systems
Microsoft shared a workaround for Linux boot issues triggered by August security updates on dual-boot systems with Secure Boot enabled [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-temp-fix-for-linux-boot-issues-on-dual-boot-systems/
Hackers now use AppDomain Injection to drop CobaltStrike beacons
A wave of attacks that started in July 2024 rely on a less common technique called AppDomain Manager Injection, which can weaponize any Microsoft .NET application on Windows. [...]
https://www.bleepingcomputer.com/news/security/hackers-now-use-appdomain-injection-to-drop-cobaltstrike-beacons/
Russian laundering millions for Lazarus hackers arrested in Argentina
The federal police in Argentina (PFA) have arrested a 29-year-old Russian national in Buenos Aires, who is facing money laundering charges related to cryptocurrency proceeds of the notorious North Korean hackers' Lazarus Group.' [...]
https://www.bleepingcomputer.com/news/legal/russian-laundering-millions-for-lazarus-hackers-arrested-in-argentina/