1132
Latest news and stories from BleepingComputer.com From a bleeping computer to a working computer.
Over 3,000 GitHub accounts used by malware distribution service
Threat actors known as 'Stargazer Goblin' have created a malware Distribution-as-a-Service (DaaS) from over 3,000 fake accounts on GitHub that push information-stealing malware. [...]
https://www.bleepingcomputer.com/news/security/over-3-000-github-accounts-used-by-malware-distribution-service/
Microsoft fixes bug behind Windows 10 Connected Cache delivery issues
Microsoft has fixed a known Windows 10 update issue that broke Microsoft Connected Cache (MCC) node discovery on enterprise networks. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-behind-windows-10-connected-cache-delivery-issues/
Google Chrome now warns about risky password-protected archives
Google Chrome now warns when downloading risky password-protected files and provides improved alerts with more information about potentially malicious downloaded files. [...]
https://www.bleepingcomputer.com/news/google/google-chrome-now-warns-about-risky-password-protected-archives/
Hot topics: Can’t-miss sessions at Mandiant’s 2024 mWISE event
Now that the mWISE 2024 session catalog is out, it's time to take a closer look at the topics. Learn more from @mWISEConference about the three hottest tracks in this year's conference. [...]
https://www.bleepingcomputer.com/news/security/hot-topics-cant-miss-sessions-at-mandiants-2024-mwise-event/
BreachForums v1 database leak is an OPSEC test for hackers
The entire database for the notorious BreachForums v1 hacking forum was released on Telegram Tuesday night, exposing a treasure trove of data, including members' information, private messages, cryptocurrency addresses, and every post on the forum. [...]
https://www.bleepingcomputer.com/news/security/breachforums-v1-database-leak-is-an-opsec-test-for-hackers/
Hamster Kombat’s 250 million players targeted in malware attacks
Threat actors are taking advantage of the massive popularity of the Hamster Kombat game, targeting players with fake Android and Windows software that install spyware and information-stealing malware. [...]
https://www.bleepingcomputer.com/news/security/hamster-kombats-250-million-players-targeted-in-android-windows-malware-attacks/
DeFi exchange dYdX v3 website hacked in DNS hijack attack
Decentralized finance (DeFi) crypto exchange dYdX announced on Tuesday that the website for its older v3 trading platform has been compromised. [...]
https://www.bleepingcomputer.com/news/security/defi-exchange-dydx-v3-website-hacked-in-dns-hijack-attack/
FrostyGoop malware attack cut off heat in Ukraine during winter
Russian-linked malware was used in a January 2024 cyberattack to cut off the heating of over 600 apartment buildings in Lviv, Ukraine, for two days during sub-zero temperatures. [...]
https://www.bleepingcomputer.com/news/security/frostygoop-malware-attack-cut-off-heat-in-ukraine-during-winter/
Fake CrowdStrike repair manual pushes new infostealer malware
CrowdStrike is warning that a fake recovery manual to repair Windows devices is installing a new information-stealing malware called Daolpu. [...]
https://www.bleepingcomputer.com/news/security/fake-crowdstrike-repair-manual-pushes-new-daolpu-infostealer-malware/
Google rolls back decision to kill third-party cookies in Chrome
Google has scrapped its plan to kill third-party cookies in Chrome and will instead introduce a new browser experience to allows users to limit how these cookies are used. [...]
https://www.bleepingcomputer.com/news/security/google-rolls-back-decision-to-kill-third-party-cookies-in-chrome/
New Play ransomware Linux version targets VMware ESXi VMs
Play ransomware is the latest ransomware gang to start deploying a dedicated Linux locker for encrypting VMware ESXi virtual machines. [...]
https://www.bleepingcomputer.com/news/security/new-play-ransomware-linux-version-targets-vmware-esxi-vms/
Telegram zero-day allowed sending malicious Android APKs as videos
A Telegram for Android zero-day vulnerability dubbed 'EvilVideo' allowed attackers to send malicious Android APK payloads disguised as video files. [...]
https://www.bleepingcomputer.com/news/security/telegram-zero-day-allowed-sending-malicious-android-apks-as-videos/
End-user cybersecurity errors that can cost you millions
An innocent mistake can lead to a corporate nightmare. Learn from Specops Software about five of the most frequent cybersecurity blunders that can let attackers breach a network. [...]
https://www.bleepingcomputer.com/news/security/end-user-cybersecurity-errors-that-can-cost-you-millions/
Microsoft releases Windows repair tool to remove CrowdStrike driver
Microsoft has released a custom WinPE recovery tool to find and remove the faulty CrowdStrike update that crashed an estimated 8.5 million Windows devices on Friday. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-repair-tool-to-remove-crowdstrike-driver/
UK arrests suspected Scattered Spider hacker linked to MGM attack
UK police have arrested a 17-year-old boy suspected of being involved in the 2023 MGM Resorts ransomware attack and a member of the Scattered Spider hacking collective. [...]
https://www.bleepingcomputer.com/news/security/uk-arrests-suspected-scattered-spider-hacker-linked-to-mgm-attack/
Docker fixes critical 5-year old authentication bypass flaw
Docker has issued security updates to address a critical vulnerability impacting certain versions of Docker Engine that could allow an attacker to bypass authorization plugins (AuthZ) under certain circumstances. [...]
https://www.bleepingcomputer.com/news/security/docker-fixes-critical-5-year-old-authentication-bypass-flaw/
KnowBe4 mistakenly hires North Korean hacker, faces infostealer attack
American cybersecurity company KnowBe4 says a person it recently hired as a Principal Software Engineer turned out to be a North Korean state actor who attempted to install information-stealing on its devices. [...]
https://www.bleepingcomputer.com/news/security/knowbe4-mistakenly-hires-north-korean-hacker-faces-infostealer-attack/
CrowdStrike: 'Content Validator' bug let faulty update pass checks
CrowdStrike released a Preliminary Post Incident Review (PIR) on the faulty Falcon update explaining that a bug allowed bad data to pass its Content Validator and cause millions of Windows systems to crash on July 19, 2024. [...]
https://www.bleepingcomputer.com/news/security/crowdstrike-content-validator-bug-let-faulty-update-pass-checks/
Windows July security updates send PCs into BitLocker recovery
Microsoft warned that some Windows devices will boot into BitLocker recovery after installing the July 2024 Windows security updates. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-july-security-updates-send-pcs-into-bitlocker-recovery/
Chinese hackers deploy new Macma macOS backdoor version
The Chinese hacking group tracked as 'Evasive Panda' was spotted using new versions of the Macma backdoor and the Nightdoor Windows malware. [...]
https://www.bleepingcomputer.com/news/security/evasive-panda-hackers-deploy-new-macma-macos-backdoor-version/
Windows 10 KB5040525 fixes WDAC issues causing app failures, memory leak
Microsoft has released the July 2024 preview update for Windows 10, version 22H2, with fixes for Windows Defender Application Control (WDAC) issues causing app crashes and system memory exhaustion. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5040525-fixes-wdac-issues-causing-app-failures-memory-leak/
BreachForums v1 hacking forum data leak exposes members’ info
The private member information of the BreachForums v1 hacking forum from 2022 has been leaked online, allowing threat actors and researchers to gain insight into its users. [...]
https://www.bleepingcomputer.com/news/security/breachforums-v1-hacking-forum-data-leak-exposes-members-info/
Verizon to pay $16 million in TracFone data breach settlement
Verizon Communications has agreed to a $16,000,000 settlement with the Federal Communications Commission (FCC) in the U.S. concerning three data breach incidents its wholly-owned subsidiary, TracFone Wireless, suffered after its acquisition in 2021. [...]
https://www.bleepingcomputer.com/news/security/verizon-to-pay-16-million-in-tracfone-data-breach-settlement/
Greece’s Land Registry agency breached in wave of 400 cyberattacks
The Land Registry agency in Greece has announced that it suffered a limited-scope data breach following a wave of 400 cyberattacks targeting its IT infrastructure over the last week. [...]
https://www.bleepingcomputer.com/news/security/greeces-land-registry-agency-breached-in-wave-of-400-cyberattacks/
US sanctions Russian hacktivists who breached water facilities
The US government has imposed sanctions on two Russian cybercriminals for cyberattacks targeting critical infrastructure. [...]
https://www.bleepingcomputer.com/news/security/us-sanctions-russian-hacktivists-who-breached-water-facilities/
Police infiltrates, takes down DigitalStress DDoS-for-hire service
DDoS-for-hire service DigitalStress was taken down on July 2 in a joint law enforcement operation led by the United Kingdom's National Crime Agency (NCA). [...]
https://www.bleepingcomputer.com/news/security/police-infiltrates-takes-down-digitalstress-ddos-for-hire-service/
Los Angeles Superior Court shuts down after ransomware attack
The largest trial court in the United States, the Superior Court of Los Angeles County, closed all 36 courthouse locations on Monday to restore systems affected by a Friday ransomware attack. [...]
https://www.bleepingcomputer.com/news/security/los-angeles-superior-court-shuts-down-after-ransomware-attack/
Spain arrests three for using DDoSia hacktivist platform
The Spanish authorities have arrested three individuals for using DDoSia, a distributed denial of service platform operated by pro-Russian hacktivists, to conduct DDoS attacks against governments and organizations in NATO countries. [...]
https://www.bleepingcomputer.com/news/security/spain-arrests-three-for-using-ddosia-hacktivist-platform/
Fake CrowdStrike updates target companies with malware, data wipers
Threat actors are exploiting the massive business disruption from CrowdStrike's glitchy update on Friday to target companies with data wipers and remote access tools. [...]
https://www.bleepingcomputer.com/news/security/fake-crowdstrike-updates-target-companies-with-malware-data-wipers/
Microsoft confirms CrowdStrike update also hit Windows 365 PCs
Microsoft says the faulty CrowdStrike Falcon update, which caused widespread outages by crashing Windows systems worldwide, also resulted in Windows 365 Cloud PCs getting stuck in reboot loops, rendering them unusable. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-365-cloud-pcs-stuck-restarting-after-crowdstrike-update/