1132
Latest news and stories from BleepingComputer.com From a bleeping computer to a working computer.
Hackers breach ISP to poison software updates with malware
A Chinese hacking group tracked as StormBamboo has compromised an undisclosed internet service provider (ISP) to poison automatic software updates with malware. [...]
https://www.bleepingcomputer.com/news/security/hackers-breach-isp-to-poison-software-updates-with-malware/
Google Chrome bug breaks drag and drop from Downloads bubble
A recent Google Chrome update has broken the drag-and-drop feature in the Downloads bubble that previously allowed you to drag and drop downloaded files onto any website or tab in the browser. [...]
https://www.bleepingcomputer.com/news/google/google-chrome-bug-breaks-drag-and-drop-from-downloads-bubble/
Fake AI editor ads on Facebook push password-stealing malware
A Facebook malvertising campaign targets users searching for AI image editing tools and steals their credentials by tricking them into installing fake apps that mimic legitimate software. [...]
https://www.bleepingcomputer.com/news/security/fake-ai-editor-ads-on-facebook-push-password-stealing-malware/
DuckDuckGo blocked in Indonesia over porn, gambling search results
Privacy-focused search engine DuckDuckGo has been blocked in Indonesia by its government after citizens reportedly complained about pornographic and online gambling content in its search results. [...]
https://www.bleepingcomputer.com/news/security/duckduckgo-blocked-in-indonesia-over-porn-gambling-search-results/
Twilio kills off Authy for desktop, forcibly logs out all users
Twilio has finally killed off its Authy for Desktop application, forcibly logging users out of the desktop application. [...]
https://www.bleepingcomputer.com/news/security/twilio-kills-off-authy-for-desktop-forcibly-logs-out-all-users/
StackExchange abused to spread malicious PyPi packages as answers
Threat actors uploaded malicious Python packages to the PyPI repository and promoted them through the StackExchange online question and answer platform. [...]
https://www.bleepingcomputer.com/news/security/stackexchange-abused-to-spread-malicious-pypi-packages-as-answers/
UK takes down major 'Russian Coms' caller ID spoofing platform
The United Kingdom's National Crime Agency (NCA) has shut down Russian Coms, a major caller ID spoofing platform used by hundreds of criminals to make over 1.8 million scam calls. [...]
https://www.bleepingcomputer.com/news/security/uk-takes-down-russian-comms-caller-id-spoofing-platform-used-to-scam-170-000-people/
Cencora confirms patient health info stolen in February attack
Pharmaceutical giant Cencora has confirmed that patients' protected health information and personally identifiable information (PII) was exposed in a February cyberattack. [...]
https://www.bleepingcomputer.com/news/security/cencora-confirms-patient-health-info-stolen-in-february-attack/
Credit card users get mysterious shopify-charge.com charges
People worldwide report seeing mysterious $1 or $0 charges from Shopify-charge.com appearing on their credit card bills, even when they did not attempt to purchase anything. [...]
https://www.bleepingcomputer.com/news/security/credit-card-users-get-mysterious-shopify-chargecom-charges/
OneBlood's virtual machines encrypted in ransomware attack
OneBlood, a large not-for-profit blood center that serves hospitals and patients in the United States, is dealing with an IT systems outage caused by a ransomware attack. [...]
https://www.bleepingcomputer.com/news/security/onebloods-virtual-machines-encrypted-in-ransomware-attack/
Google ads push fake Google Authenticator site installing malware
Google has fallen victim to its own ad platform, allowing threat actors to create fake Google Authenticator ads that push the DeerStealer information-stealing malware. [...]
https://www.bleepingcomputer.com/news/security/google-ads-push-fake-google-authenticator-site-installing-malware/
New Android malware wipes your device after draining bank accounts
A new Android malware that researchers call 'BingoMod' can wipe devices after successfully stealing money from the victims' bank accounts using the on-device fraud technique. [...]
https://www.bleepingcomputer.com/news/security/new-android-malware-wipes-your-device-after-draining-bank-accounts/
Microsoft says massive Azure outage was caused by DDoS attack
Microsoft confirmed today that a nine-hour outage on Tuesday that took down and disrupted multiple Microsoft 365 and Azure services worldwide was triggered by a distributed denial-of-service (DDoS) attack. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-says-massive-azure-outage-was-caused-by-ddos-attack/
Dark Angels ransomware receives record-breaking $75 million ransom
A Fortune 50 company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz. [...]
https://www.bleepingcomputer.com/news/security/dark-angels-ransomware-receives-record-breaking-75-million-ransom/
Black Basta ransomware switches to more evasive custom malware
The Black Basta ransomware gang has shown resilience and an ability to adapt to a constantly shifting space, using new custom tools and tactics to evade detection and spread throughout a network. [...]
https://www.bleepingcomputer.com/news/security/black-basta-ransomware-switches-to-more-evasive-custom-malware/
US sues TikTok for violating children privacy protection laws
The U.S. Department of Justice has filed a lawsuit against social media platform TikTok and its parent company, ByteDance, alleging widespread violations of children's privacy laws. [...]
https://www.bleepingcomputer.com/news/security/us-sues-tiktok-for-violating-children-privacy-protection-laws/
Google Chrome warns uBlock Origin may soon be disabled
Google Chrome is now encouraging uBlock Origin users who have updated to the latest version to switch to other ad blockers before Manifest v2 extensions are disabled [...]
https://www.bleepingcomputer.com/news/google/google-chrome-warns-ublock-origin-may-soon-be-disabled/
Cryptonator seized for laundering ransom payments, stolen crypto
U.S. and German law enforcement seized the domain of the crypto wallet platform Cryptonator, used by ransomware gangs, darknet marketplaces, and other illicit services, and indicted its operator. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/cryptonator-seized-for-laundering-ransom-payments-stolen-crypto/
CrowdStrike sued by investors over massive global IT outage
Cybersecurity company CrowdStrike has been sued by investors who say it provided false claims about its Falcon platform after a bad security update led to a massive global IT outage causing the stock price to tumble almost 38%. [...]
https://www.bleepingcomputer.com/news/legal/crowdstrike-sued-by-investors-over-massive-global-it-outage/
Tech support scam ring leader gets 7 years in prison, $6M fine
The leader of a tech support fraud scheme was sentenced to seven years in prison after tricking at least 6,500 victims and generating more than $6 million. [...]
https://www.bleepingcomputer.com/news/legal/tech-support-scam-ring-leader-gets-7-years-in-prison-6m-fine/
Hackers abuse free TryCloudflare to deliver remote access malware
Researchers are warning of threat actors increasingly abusing the Cloudflare Tunnel service in malware campaigns that usually deliver remote access trojans (RATs). [...]
https://www.bleepingcomputer.com/news/security/hackers-abuse-free-trycloudflare-to-deliver-remote-access-malware/
Sitting Ducks DNS attacks let hackers hijack over 35,000 domains
Threat actors have hijacked more than 35,000 registered domains in so-called Sitting Ducks attacks that allow claiming a domain without having access to the owner's account at the DNS provider or registrar. [...]
https://www.bleepingcomputer.com/news/security/sitting-ducks-dns-attacks-let-hackers-hijack-over-35-000-domains/
FBI warns of scammers posing as crypto exchange employees
The Federal Bureau of Investigation (FBI) warns of scammers posing as employees of cryptocurrency exchanges to steal funds from unsuspecting victims. [...]
https://www.bleepingcomputer.com/news/security/fbi-warns-of-scammers-posing-as-crypto-exchange-employees/
DigiCert to delay cert revocations for critical infrastructure
DigiCert urges critical infrastructure operators to request a delay if they cannot reissue their certificates, as required by an ongoing certificate mass-revocation process announced on Tuesday. [...]
https://www.bleepingcomputer.com/news/security/digicert-to-delay-cert-revocations-for-critical-infrastructure/
CISA and FBI: DDoS attacks won’t impact US election integrity
CISA and the FBI said today that Distributed Denial of Service (DDoS) attacks targeting election infrastructure will, at most, hinder public access to information but will have no impact on the integrity or security of the 2024 U.S. general election processes. [...]
https://www.bleepingcomputer.com/news/security/cisa-and-fbi-ddos-attacks-wont-impact-us-election-integrity/
World leading silver producer Fresnillo discloses cyberattack
Fresnillo PLC, the world's largest silver producer and a top global producer of gold, copper, and zinc, said attackers gained access to data stored on its systems during a recent cyberattack. [...]
https://www.bleepingcomputer.com/news/security/world-leading-silver-producer-fresnillo-discloses-cyberattack/
Fraud ring pushes 600+ fake web shops via Facebook ads
A malicious fraud campaign dubbed "ERIAKOS" promotes more than 600 fake web shops through Facebook advertisements to steal visitors' personal and financial information. [...]
https://www.bleepingcomputer.com/news/security/fraud-ring-pushes-600-plus-fake-web-shops-via-facebook-ads/
Massive SMS stealer campaign infects Android devices in 113 countries
A malicious campaign targeting Android devices worldwide utilizes thousands of Telegram bots to infect devices with SMS-stealing malware and steal one-time 2FA passwords (OTPs) for over 600 services. [...]
https://www.bleepingcomputer.com/news/security/massive-sms-stealer-campaign-infects-android-devices-in-113-countries/
CISA warns of VMware ESXi bug exploited in ransomware attacks
CISA has ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their servers against a VMware ESXi authentication bypass vulnerability exploited in ransomware attacks. [...]
https://www.bleepingcomputer.com/news/security/cisa-warns-of-vmware-esxi-bug-exploited-in-ransomware-attacks/
Google Chrome adds app-bound encryption to block infostealer malware
Google Chrome has added app-bound encryption for better cookie protection on Windows systems and improved defenses against information-stealing malware attacks. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-adds-app-bound-encryption-to-block-infostealer-malware/