bleepingcomputer | Technologies

Telegram-канал bleepingcomputer - BleepingComputer

1132

Latest news and stories from BleepingComputer.com From a bleeping computer to a working computer.

Subscribe to a channel

BleepingComputer

Former IT employee gets 2.5 years for wiping 180 virtual servers

A former quality assurance employee of National Computer Systems (NCS) was sentenced to two years and eight months in prison for reportedly deleting 180 virtual servers after being fired. [...]

https://www.bleepingcomputer.com/news/security/former-it-employee-gets-25-years-for-wiping-180-virtual-servers/

Читать полностью…

BleepingComputer

Scattered Spider hackers switch focus to cloud apps for data theft

The Scattered Spider gang has started to steal data from software-as-a-service (SaaS) applications and establish persistence through creating new virtual machines. [...]

https://www.bleepingcomputer.com/news/security/scattered-spider-hackers-switch-focus-to-cloud-apps-for-data-theft/

Читать полностью…

BleepingComputer

Microsoft delays Windows Recall amid privacy and security concerns

Microsoft is delaying the release of its AI-powered Windows Recall feature to test and secure it further before releasing it in a public preview on Copilot+ PCs. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-delays-windows-recall-amid-privacy-and-security-concerns/

Читать полностью…

BleepingComputer

Ascension hacked after employee downloaded malicious file

Ascension, one of the largest U.S. healthcare systems, revealed that a May 2024 ransomware attack was caused by an employee who downloaded a malicious file onto a company device. [...]

https://www.bleepingcomputer.com/news/security/ascension-hacked-after-employee-downloaded-malicious-file/

Читать полностью…

BleepingComputer

Toronto District School Board hit by a ransomware attack

The Toronto District School Board (TDSB) is warning that it suffered a ransomware attack on its software testing environment and is now investigating whether any personal information was exposed. [...]

https://www.bleepingcomputer.com/news/security/toronto-district-school-board-hit-by-a-ransomware-attack/

Читать полностью…

BleepingComputer

Exploit for Veeam Recovery Orchestrator auth bypass available, patch now

A proof-of-concept (PoC) exploit for a critical Veeam Recovery Orchestrator authentication bypass vulnerability tracked as CVE-2024-29855 has been released, elevating the risk of being exploited in attacks. [...]

https://www.bleepingcomputer.com/news/security/exploit-for-veeam-recovery-orchestrator-auth-bypass-available-patch-now/

Читать полностью…

BleepingComputer

Phishing emails abuse Windows search protocol to push malicious scripts

A new phishing campaign uses HTML attachments that abuse the Windows search protocol (search-ms URI) to push batch files hosted on remote servers that deliver malware. [...]

https://www.bleepingcomputer.com/news/security/phishing-emails-abuse-windows-search-protocol-to-push-malicious-scripts/

Читать полностью…

BleepingComputer

Google warns of actively exploited Pixel firmware zero-day

Google has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been exploited in targeted attacks as a zero-day. [...]

https://www.bleepingcomputer.com/news/security/google-warns-of-actively-exploited-pixel-firmware-zero-day/

Читать полностью…

BleepingComputer

New phishing toolkit uses PWAs to steal login credentials

A new phishing kit has been released that allows red teamers and cybercriminals to create progressive web Apps (PWAs) that display convincing corporate login forms to steal credentials. [...]

https://www.bleepingcomputer.com/news/security/new-phishing-toolkit-uses-pwas-to-steal-login-credentials/

Читать полностью…

BleepingComputer

Microsoft deprecates Windows DirectAccess, recommends Always On VPN

Microsoft has announced that the DirectAccess remote access solution is now deprecated and will be removed in a future release of Windows, recommending companies migrate to the 'Always On VPN' for enhanced security and continued support. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-deprecates-windows-directaccess-recommends-always-on-vpn/

Читать полностью…

BleepingComputer

Black Basta ransomware gang linked to Windows zero-day attacks

The Cardinal cybercrime group (Storm-1811, UNC4394), who are the main operators of the Black Basta ransomware, is suspected of exploiting a Windows privilege escalation vulnerability, CVE-2024-26169, before a fix was made available. [...]

https://www.bleepingcomputer.com/news/security/black-basta-ransomware-gang-linked-to-windows-zero-day-attacks/

Читать полностью…

BleepingComputer

JetBrains warns of IntelliJ IDE bug exposing GitHub access tokens

JetBrains warned customers to patch a critical vulnerability that impacts users of its IntelliJ integrated development environment (IDE) apps and exposes GitHub access tokens. [...]

https://www.bleepingcomputer.com/news/security/jetbrains-warns-of-intellij-ide-bug-exposing-github-access-tokens/

Читать полностью…

BleepingComputer

Windows 10 KB5039211 update released with new feature, 12 fixes

Microsoft has released the KB5039211 cumulative update for Windows 10 21H2 and Windows 10 22H2 with 12 changes, including a Snipping Tool feature that allows you to edit Android photos in Windows. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5039211-update-released-with-new-feature-12-fixes/

Читать полностью…

BleepingComputer

City of Cleveland shuts down IT systems after cyberattack

The City of Cleveland, Ohio, is currently dealing with a cyberattack that has forced it to take citizen-facing services offline, including the public offices and facilities at Erieview and the City Hall. [...]

https://www.bleepingcomputer.com/news/security/city-of-cleveland-shuts-down-it-systems-after-cyberattack/

Читать полностью…

BleepingComputer

New Warmcookie Windows backdoor pushed via fake job offers

A never-before-seen Windows malware named 'Warmcookie' is distributed through fake job offer phishing campaigns to breach corporate networks. [...]

https://www.bleepingcomputer.com/news/security/new-warmcookie-windows-backdoor-pushed-via-fake-job-offers/

Читать полностью…

BleepingComputer

Microsoft removes Copilot app ‘incorrectly’ added on Windows PCs

Microsoft says it removed a Copilot app that was "incorrectly" added to Windows 10 and Windows 11 systems in April due to buggy Microsoft Edge updates. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-removes-copilot-app-incorrectly-added-on-windows-pcs/

Читать полностью…

BleepingComputer

Insurance giant Globe Life investigating web portal breach

American financial services holding company Globe Life says attackers may have accessed consumer and policyholder data after breaching one of its web portals. [...]

https://www.bleepingcomputer.com/news/security/insurance-giant-globe-life-investigating-web-portal-breach/

Читать полностью…

BleepingComputer

Truist Bank confirms breach after stolen data shows up on hacking forum

Leading U.S. commercial bank Truist confirmed its systems were breached in an October 2023 cyberattack after a threat actor posted some of the company's data for sale on a hacking forum. [...]

https://www.bleepingcomputer.com/news/security/truist-bank-confirms-data-breach-after-stolen-data-shows-up-on-hacking-forum/

Читать полностью…

BleepingComputer

New York Times warns freelancers of GitHub repo data breach

The New York Times notified an undisclosed number of contributors that some of their sensitive personal information was stolen and leaked after its GitHub repositories were breached in January 2024. [...]

https://www.bleepingcomputer.com/news/security/new-york-times-warns-freelancers-of-github-repo-data-breach/

Читать полностью…

BleepingComputer

Panera warns of employee data breach after March ransomware attack

U.S. food chain giant Panera Bread is notifying employees of a data breach after unknown threat actors stole their sensitive personal information in a March ransomware attack. [...]

https://www.bleepingcomputer.com/news/security/panera-warns-of-employee-data-breach-after-march-ransomware-attack/

Читать полностью…

BleepingComputer

YouTube tests harder-to-block server-side ad injection in videos

YouTube reportedly now injects ads directly into video streams to make it more difficult for ad blockers to block advertisements. [...]

https://www.bleepingcomputer.com/news/google/youtube-tests-harder-to-block-server-side-ad-injection-in-videos/

Читать полностью…

BleepingComputer

AWS adds passkeys support, warns root users must enable MFA

Amazon Web Services (AWS) has introduced FIDO2 passkeys as a new method for multi-factor authentication (MFA) to enhance account security and usability. [...]

https://www.bleepingcomputer.com/news/security/aws-adds-passkeys-support-warns-root-users-must-enable-mfa/

Читать полностью…

BleepingComputer

CISA warns of criminals impersonating its employees in phone calls

Today, the Cybersecurity and Infrastructure Security Agency (CISA) warned that criminals are impersonating its employees in phone calls and attempting to deceive potential victims into transferring money. [...]

https://www.bleepingcomputer.com/news/security/cisa-warns-of-criminals-impersonating-its-employees-in-phone-calls/

Читать полностью…

BleepingComputer

Life360 says hacker tried to extort them after Tile data breach

Safety and location services company Life360 says it was the target of an extortion attempt after a threat actor breached and stole sensitive information from a Tile customer support platform. [...]

https://www.bleepingcomputer.com/news/security/life360-says-hacker-tried-to-extort-them-after-tile-data-breach/

Читать полностью…

BleepingComputer

Police arrest Conti and LockBit ransomware crypter specialist

The Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by antivirus software and conducting at least one attack himself. [...]

https://www.bleepingcomputer.com/news/security/police-arrest-conti-and-lockbit-ransomware-crypter-specialist/

Читать полностью…

BleepingComputer

New Windows Server KB5039227 and KB5039217 updates fix LSASS crashes

Microsoft has released the Windows Server 2022 KB5039227 and Windows Server 2019 KB5039217 cumulative updates with security fixes and fixes for a variety of bugs. [...]

https://www.bleepingcomputer.com/news/microsoft/new-windows-server-kb5039227-and-kb5039217-updates-fix-lsass-crashes/

Читать полностью…

BleepingComputer

Windows 11 KB5039212 update released with 37 changes, fixes

Microsoft is rolling out the KB5039212 cumulative update for Windows 11 version 23H3 with thirty-seven improvements and changes, including better drag-and-drop support in the File Explorer address bar. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5039212-update-released-with-37-changes-fixes/

Читать полностью…

BleepingComputer

Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs

Today is Microsoft's June 2024 Patch Tuesday, which includes security updates for 51 flaws, eighteen remote code execution flaws, and one publicly disclosed zero-day vulnerability. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-june-2024-patch-tuesday-fixes-51-flaws-18-rces/

Читать полностью…

BleepingComputer

Chinese hackers breached 20,000 FortiGate systems worldwide

The Dutch Military Intelligence and Security Service (MIVD) warned today that the impact of a Chinese cyber-espionage campaign unveiled earlier this year is "much larger than previously known." [...]

https://www.bleepingcomputer.com/news/security/chinese-hackers-breached-20-000-fortigate-systems-worldwide/

Читать полностью…

BleepingComputer

TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers

The TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577 remote code execution vulnerability in PHP to deliver webshells and execute the encryptor payload on target systems. [...]

https://www.bleepingcomputer.com/news/security/tellyouthepass-ransomware-exploits-recent-php-rce-flaw-to-breach-servers/

Читать полностью…
Subscribe to a channel