bleepingcomputer | Technologies

Telegram-канал bleepingcomputer - BleepingComputer

1132

Latest news and stories from BleepingComputer.com From a bleeping computer to a working computer.

Subscribe to a channel

BleepingComputer

Microsoft says massive Azure outage was caused by DDoS attack

Microsoft confirmed today that a nine-hour outage on Tuesday that took down and disrupted multiple Microsoft 365 and Azure services worldwide was triggered by a distributed denial-of-service (DDoS) attack. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-says-massive-azure-outage-was-caused-by-ddos-attack/

Читать полностью…

BleepingComputer

Dark Angels ransomware receives record-breaking $75 million ransom

A Fortune 50 company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz. [...]

https://www.bleepingcomputer.com/news/security/dark-angels-ransomware-receives-record-breaking-75-million-ransom/

Читать полностью…

BleepingComputer

Black Basta ransomware switches to more evasive custom malware

The Black Basta ransomware gang has shown resilience and an ability to adapt to a constantly shifting space, using new custom tools and tactics to evade detection and spread throughout a network. [...]

https://www.bleepingcomputer.com/news/security/black-basta-ransomware-switches-to-more-evasive-custom-malware/

Читать полностью…

BleepingComputer

Columbus investigates whether data was stolen in ransomware attack

The City of Columbus, Ohio, says it's investigating whether personal data was stolen in a ransomware attack on July 18, 2024 that disrupted the City's services. [...]

https://www.bleepingcomputer.com/news/security/columbus-investigates-whether-data-was-stolen-in-ransomware-attack/

Читать полностью…

BleepingComputer

Is your password policy working? Key cybersecurity KPIs to measure

Are your password policies having a positive impact on the cybersecurity posture of your org? Learn more from Specops Software about how to align password policies with wider cybersecurity KPIs. [...]

https://www.bleepingcomputer.com/news/security/is-your-password-policy-working-key-cybersecurity-kpis-to-measure/

Читать полностью…

BleepingComputer

UK govt links 2021 Electoral Commission breach to Exchange server

The United Kingdom's Information Commissioner's Office (ICO) revealed today that the Electoral Commission was breached in August 2021 because it failed to patch its on-premise Microsoft Exchange Server against ProxyShell vulnerabilities. [...]

https://www.bleepingcomputer.com/news/security/uk-govt-links-2021-electoral-commission-breach-to-exchange-server/

Читать полностью…

BleepingComputer

New Specula tool uses Outlook for remote code execution in Windows

Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm TrustedSec. [...]

https://www.bleepingcomputer.com/news/security/new-specula-tool-uses-outlook-for-remote-code-execution-in-windows/

Читать полностью…

BleepingComputer

Former Avaya employee gets 4 years for $88M license piracy scheme

Three individuals who orchestrated a massive-scale pirate operation involving the sale of Avaya business telephone system software licenses worth over $88,000,000 have received imprisonment sentences. [...]

https://www.bleepingcomputer.com/news/legal/former-avaya-employee-gets-4-years-for-88m-license-piracy-scheme/

Читать полностью…

BleepingComputer

HealthEquity says data breach impacts 4.3 million people

HSA provider HealthEquity has determined that a cybersecurity incident disclosed earlier this month has compromised the information of 4,300,000 people. [...]

https://www.bleepingcomputer.com/news/security/healthequity-says-data-breach-impacts-43-million-people/

Читать полностью…

BleepingComputer

Misconfigured Selenium Grid servers abused for Monero mining

Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool for mining Monero cryptocurrency. [...]

https://www.bleepingcomputer.com/news/security/misconfigured-selenium-grid-servers-abused-for-monero-mining/

Читать полностью…

BleepingComputer

X begins training Grok AI with your posts, here's how to disable

X has quietly begun training its Grok AI chat platform using members' public posts without first alerting anyone that it is doing it by default. Here's how to block Grok from using your data. [...]

https://www.bleepingcomputer.com/news/security/x-begins-training-grok-ai-with-your-posts-heres-how-to-disable/

Читать полностью…

BleepingComputer

Crypto exchange Gemini discloses third-party data breach

Cryptocurrency exchange Gemini is warning it suffered a data breach incident caused by a cyberattack at its Automated Clearing House (ACH) service provider, whose name was not disclosed. [...]

https://www.bleepingcomputer.com/news/security/crypto-exchange-gemini-discloses-third-party-data-breach/

Читать полностью…

BleepingComputer

FBCS data breach impact now reaches 4.2 million people

Debt collection agency Financial Business and Consumer Solutions (FBCS) has again increased the number of people impacted by a February data breach, now saying it affects 4.2 million people in the US. [...]

https://www.bleepingcomputer.com/news/security/fbcs-data-breach-impact-now-reaches-42-million-people/

Читать полностью…

BleepingComputer

Acronis warns of Cyber Infrastructure default password abused in attacks

​Acronis warned customers to patch a critical Cyber Infrastructure security flaw that lets attackers bypass authentication on vulnerable servers using default credentials. [...]

https://www.bleepingcomputer.com/news/security/acronis-warns-of-cyber-infrastructure-default-password-abused-in-attacks/

Читать полностью…

BleepingComputer

PKfail Secure Boot bypass lets attackers install UEFI malware

Hundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware. [...]

https://www.bleepingcomputer.com/news/security/pkfail-secure-boot-bypass-lets-attackers-install-uefi-malware/

Читать полностью…

BleepingComputer

Massive SMS stealer campaign infects Android devices in 113 countries

A malicious campaign targeting Android devices worldwide utilizes thousands of Telegram bots to infect devices with SMS-stealing malware and steal one-time 2FA passwords (OTPs) for over 600 services. [...]

https://www.bleepingcomputer.com/news/security/massive-sms-stealer-campaign-infects-android-devices-in-113-countries/

Читать полностью…

BleepingComputer

CISA warns of VMware ESXi bug exploited in ransomware attacks

CISA has ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their servers against a VMware ESXi authentication bypass vulnerability exploited in ransomware attacks. [...]

https://www.bleepingcomputer.com/news/security/cisa-warns-of-vmware-esxi-bug-exploited-in-ransomware-attacks/

Читать полностью…

BleepingComputer

Google Chrome adds app-bound encryption to block infostealer malware

Google Chrome has added app-bound encryption for better cookie protection on Windows systems and improved defenses against information-stealing malware attacks. [...]

https://www.bleepingcomputer.com/news/security/google-chrome-adds-app-bound-encryption-to-block-infostealer-malware/

Читать полностью…

BleepingComputer

DigiCert mass-revoking TLS certificates due to domain validation bug

DigiCert is warning that it will be mass-revoking SSL/TLS certificates due to a bug in how the company verified if a customer owned or operated a domain and requires impacted customers to reissue certificates within 24 hours. [...]

https://www.bleepingcomputer.com/news/security/digicert-mass-revoking-tls-certificates-due-to-domain-validation-bug/

Читать полностью…

BleepingComputer

Microsoft 365 and Azure outage takes down multiple services

Microsoft is investigating an ongoing and widespread outage blocking access to some Microsoft 365 and Azure services. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-365-and-azure-outage-takes-down-multiple-services/

Читать полностью…

BleepingComputer

Android spyware 'Mandrake' hidden in apps on Google Play since 2022

A new version of the Android spyware 'Mandrake' has been found in five applications downloaded 32,000 times from Google Play, the platform's official app store. [...]

https://www.bleepingcomputer.com/news/security/android-spyware-mandrake-hidden-in-apps-on-google-play-since-2022/

Читать полностью…

BleepingComputer

Apple iOS 18.1 Beta previews Apple Intelligence for the first time

Apple has released the iOS 18.1 Beta to developers, allowing them to test some of its upcoming AI-powered Apple Intelligence features before they are released for testing in the public previews. [...]

https://www.bleepingcomputer.com/news/apple/apple-ios-181-beta-previews-apple-intelligence-for-the-first-time/

Читать полностью…

BleepingComputer

Microsoft: Ransomware gangs exploit VMware ESXi auth bypass in attacks

Microsoft warned today that ransomware gangs are actively exploiting a VMware ESXi authentication bypass vulnerability in attacks. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-ransomware-gangs-exploit-vmware-esxi-auth-bypass-in-attacks/

Читать полностью…

BleepingComputer

Proofpoint settings exploited to send millions of phishing emails daily

A massive phishing campaign dubbed "EchoSpoofing" exploited a security gap in Proofpoint's email protection service to dispatch millions of spoofed emails impersonating big entities like Disney, Nike, IBM, and Coca-Cola, to target Fortune 100 companies. [...]

https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/

Читать полностью…

BleepingComputer

Windows 11 taskbar has a hidden "End Task" feature, how to turn it on

Microsoft has added a feature to Windows 11 that allows you to end tasks directly from the taskbar. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-taskbar-has-a-hidden-end-task-feature-how-to-turn-it-on/

Читать полностью…

BleepingComputer

WhatsApp for Windows lets Python, PHP scripts execute with no warning

A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them. [...]

https://www.bleepingcomputer.com/news/security/whatsapp-for-windows-lets-python-php-scripts-execute-with-no-warning/

Читать полностью…

BleepingComputer

Google fixes Chrome Password Manager bug that hides credentials

Google has fixed a bug in Chrome's Password Manager that caused user credentials to disappear temporarily for more than 18 hours. [...]

https://www.bleepingcomputer.com/news/google/google-fixes-chrome-password-manager-bug-that-hides-credentials/

Читать полностью…

BleepingComputer

July Windows Server updates break Remote Desktop connections

Microsoft has confirmed that July's security updates break remote desktop connections in organizations where Windows servers are configured to use the legacy RPC over HTTP protocol in the Remote Desktop Gateway. [...]

https://www.bleepingcomputer.com/news/microsoft/july-windows-server-updates-break-remote-desktop-connections/

Читать полностью…

BleepingComputer

Russian ransomware gangs account for 69% of all ransom proceeds

Russian-speaking threat actors accounted for at least 69% of all crypto proceeds linked to ransomware throughout the previous year, exceeding $500,000,000. [...]

https://www.bleepingcomputer.com/news/security/russian-ransomware-gangs-account-for-69-percent-of-all-ransom-proceeds/

Читать полностью…

BleepingComputer

Critical ServiceNow RCE flaws actively exploited to steal credentials

Threat actors are chaining together ServiceNow flaws using publicly available exploits to breach government agencies and private firms in data theft attacks. [...]

https://www.bleepingcomputer.com/news/security/critical-servicenow-rce-flaws-actively-exploited-to-steal-credentials/

Читать полностью…
Subscribe to a channel