1132
Latest news and stories from BleepingComputer.com From a bleeping computer to a working computer.
Hackers exploit 2018 ThinkPHP flaws to install ‘Dama’ web shells
Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama. [...]
https://www.bleepingcomputer.com/news/security/hackers-exploit-2018-thinkphp-flaws-to-install-dama-web-shells/
New Fog ransomware targets US education sector via breached VPNs
A new ransomware operation named 'Fog' launched in early May 2024, using compromised VPN credentials to breach the networks of educational organizations in the U.S. [...]
https://www.bleepingcomputer.com/news/security/new-fog-ransomware-targets-us-education-sector-via-breached-vpns/
PandaBuy pays ransom to hacker only to get extorted again
Chinese shopping platform Pandabuy told BleepingComputer it previously paid a ransom not to leak stolen data after the same threat actor began extorting the company again this week. [...]
https://www.bleepingcomputer.com/news/security/pandabuy-pays-ransom-to-hacker-only-to-get-extorted-again/
FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out
The FBI urges past victims of LockBit ransomware attacks to come forward after revealing that it has obtained over 7,000 LockBit decryption keys that they can use to recover encrypted data for free. [...]
https://www.bleepingcomputer.com/news/security/fbi-recovers-7-000-lockbit-keys-urges-ransomware-victims-to-reach-out/
Advance Auto Parts stolen data for sale after Snowflake attack
Threat actors claim to be selling 3TB of data from Advance Auto Parts, a leading automotive aftermarket parts provider, stolen after breaching the company's Snowflake account. [...]
https://www.bleepingcomputer.com/news/security/advance-auto-parts-stolen-data-for-sale-after-snowflake-attack/
Club Penguin fans breached Disney Confluence server, stole 2.5GB of data
Club Penguin fans hacked a Disney Confluence server to steal information about their favorite game but wound up walking away with 2.5 GB of internal corporate data, BleepingComputer has learned. [...]
https://www.bleepingcomputer.com/news/security/club-penguin-fans-breached-disney-confluence-server-stole-25gb-of-data/
Qilin ransomware gang linked to attack on London hospitals
A ransomware attack that hit pathology services provider Synnovis on Monday and impacted several major NHS hospitals in London has now been linked to the Qilin ransomware operation. [...]
https://www.bleepingcomputer.com/news/security/qilin-ransomware-gang-linked-to-attack-on-london-hospitals/
RansomHub extortion gang linked to now-defunct Knight ransomware
Security researchers analyzing the relatively new RansomHub ransomware-as-a-service believe that it has evoloved from the currently defunct Knight ransomware project. [...]
https://www.bleepingcomputer.com/news/security/ransomhub-extortion-gang-linked-to-now-defunct-knight-ransomware/
TikTok fixes zero-day bug used to hijack high-profile accounts
Over the past week, attackers have hijacked high-profile TikTok accounts belonging to multiple companies and celebrities, exploiting a zero-day vulnerability in the social media's direct messages feature. [...]
https://www.bleepingcomputer.com/news/security/tiktok-fixes-zero-day-bug-used-to-hijack-high-profile-accounts/
ARRL says it was hacked by an "international cyber group"
American Radio Relay League (ARRL) has shared more information about a May cyberattack that took its Logbook of the World offline and caused some members to become frustrated over the lack of information. [...]
https://www.bleepingcomputer.com/news/security/american-radio-relay-league-says-it-was-hacked-by-an-international-cyber-group/
New V3B phishing kit targets customers of 54 European banks
Cybercriminals are promoting a new phishing kit named 'V3B' on Telegram, which currently targets customers of 54 major financial institutes in Ireland, the Netherlands, Finland, Austria, Germany, France, Belgium, Greece, Luxembourg, and Italy. [...]
https://www.bleepingcomputer.com/news/security/new-v3b-phishing-kit-targets-customers-of-54-european-banks/
Major London hospitals disrupted by Synnovis cyberattack
A cyberattack affecting pathology and diagnostic services provider Synnovis has impacted healthcare services at multiple major NHS hospitals in London. [...]
https://www.bleepingcomputer.com/news/security/major-london-hospitals-disrupted-by-synnovis-cyberattack/
Collection agency FBCS ups data breach tally to 3.2 million people
Debt collection agency Financial Business and Consumer Solutions (FBCS) now says over 3.2 million people have been impacted by a data breach that occurred in February. [...]
https://www.bleepingcomputer.com/news/security/collection-agency-fbcs-ups-data-breach-tally-to-32-million-people/
Microsoft India’s X account hijacked in Roaring Kitty crypto scam
The official Microsoft India account on Twitter, with over 211,000 followers, was hijacked by cryptocurrency scammers to impersonate Roaring Kitty, the handle used by notorious meme stock trader Keith Gill. [...]
https://www.bleepingcomputer.com/news/security/microsoft-indias-x-account-hijacked-in-roaring-kitty-crypto-scam-to-push-wallet-drainers/
361 million stolen accounts leaked on Telegram added to HIBP
A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check if their accounts have been compromised. [...]
https://www.bleepingcomputer.com/news/security/361-million-stolen-accounts-leaked-on-telegram-added-to-hibp/
Ukraine says hackers abuse SyncThing data sync tool to steal data
The Computer Emergency Response Team of Ukraine (CERT-UA) reports about a new campaign dubbed "SickSync," launched by the UAC-0020 (Vermin) hacking group in attacks on the Ukrainian defense forces. [...]
https://www.bleepingcomputer.com/news/security/ukraine-says-hackers-abuse-syncthing-data-sync-tool-to-steal-data/
New Gitloker attacks wipe GitHub repos in extortion scheme
Attackers are targeting GitHub repositories, wiping their contents, and asking the victims to reach out on Telegram for more information. [...]
https://www.bleepingcomputer.com/news/security/new-gitloker-attacks-wipe-github-repos-in-extortion-scheme/
Linux version of TargetCompany ransomware focuses on VMware ESXi
Researchers observed a new Linux variant of the TargetCompany ransomware family that targets VMware ESXi environments using a custom shell script to deliver and execute payloads. [...]
https://www.bleepingcomputer.com/news/security/linux-version-of-targetcompany-ransomware-focuses-on-vmware-esxi/
Google Chrome reduced cookie requests to improve performance
Google shared details on a recently introduced Chrome feature that changes how cookies are requested, with early tests showing increased performance across all platforms. [...]
https://www.bleepingcomputer.com/news/google/google-chrome-reduced-cookie-requests-to-improve-performance/
Check-in terminals used by thousands of hotels leak guest info
Ariane Systems self check-in systems installed at thousands of hotels worldwide are vulnerable to a kiosk mode bypass flaw that could allow access to guests' personal information and the keys for other rooms. [...]
https://www.bleepingcomputer.com/news/security/check-in-terminals-used-by-thousands-of-hotels-leak-guest-info/
Chinese hacking groups team up in cyber espionage campaign
Chinese state-sponsored actors have been targeting a government agency since at least March 2023 in a cyberespionage campaign that researchers track as Crimson Palace [...]
https://www.bleepingcomputer.com/news/security/chinese-hacking-groups-team-up-in-cyber-espionage-campaign/
Kali Linux 2024.2 released with 18 new tools, Y2038 changes
Kali Linux has released version 2024.2, the first version of 2024, with eighteen new tools and fixes for the Y2038 bug. [...]
https://www.bleepingcomputer.com/news/linux/kali-linux-20242-released-with-18-new-tools-y2038-changes/
Australian mining company discloses breach after BianLian leaks data
Northern Minerals issued an announcement earlier today warning that it suffered a cybersecurity breach resulting in some of its stolen data being published on the dark web. [...]
https://www.bleepingcomputer.com/news/security/australian-mining-company-discloses-breach-after-bianlian-leaks-data/
FBI warns of fake remote work ads used for cryptocurrency fraud
Today, the FBI issued a warning about scammers using fake remote job ads to steal cryptocurrency from job seekers across the United States while posing as recruiters for legitimate companies. [...]
https://www.bleepingcomputer.com/news/security/fbi-warns-of-fake-remote-work-ads-used-for-cryptocurrency-fraud/
Microsoft announces first Windows 10 Beta build since 2021
Microsoft has reopened the Windows 10 beta channel and is asking Insiders to join or switch to receive a new beta build in the coming weeks. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-first-windows-10-beta-build-since-2021/
Zyxel issues emergency RCE patch for end-of-life NAS devices
Zyxel Networks has released an emergency security update to address three critical vulnerabilities impacting older NAS devices that have reached end-of-life. [...]
https://www.bleepingcomputer.com/news/security/zyxel-issues-emergency-rce-patch-for-end-of-life-nas-devices/
Microsoft deprecates Windows NTLM authentication protocol
Microsoft has officially deprecated NTLM authentication on Windows and Windows servers, stating that developers should transition to Kerberos or Negotiation authentication to prevent problems in the future. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-deprecates-windows-ntlm-authentication-protocol/
Data firm execs convicted for helping fraudsters target the elderly
A former senior executive and former sales manager of Epsilon Data Management LLC (Epsilon) were convicted of selling data of millions of Americans to perpetrators of mail fraud schemes. [...]
https://www.bleepingcomputer.com/news/legal/data-firm-execs-convicted-for-helping-fraudsters-target-the-elderly/
Cox fixed an API auth bypass exposing millions of modems to attacks
Cox Communications has fixed an authorization bypass vulnerability that enabled remote attackers to abuse exposed backend APIs to reset millions of modems' settings and steal customers' sensitive personal information. [...]
https://www.bleepingcomputer.com/news/security/cox-fixed-an-api-auth-bypass-exposing-millions-of-modems-to-attacks/
Azure Service Tags tagged as security risk, Microsoft disagrees
Security researchers at Tenable discovered what they describe as a high-severity vulnerability in Azure Service Tag that could allow attackers to access customers' private data. [...]
https://www.bleepingcomputer.com/news/microsoft/azure-service-tags-tagged-as-security-risk-microsoft-disagrees/