bleepingcomputer | Technologies

Telegram-канал bleepingcomputer - BleepingComputer

1132

Latest news and stories from BleepingComputer.com From a bleeping computer to a working computer.

Subscribe to a channel

BleepingComputer

Halliburton cyberattack linked to RansomHub ransomware gang

The RansomHub ransomware gang is behind the recent cyberattack on oil and gas services giant Halliburton, which disrupted the company's IT systems and business operations. [...]

https://www.bleepingcomputer.com/news/security/halliburton-cyberattack-linked-to-ransomhub-ransomware-gang/

Читать полностью…

BleepingComputer

Fake Palo Alto GlobalProtect used as lure to backdoor enterprises

Threat actors target Middle Eastern organizations with malware disguised as the legitimate Palo Alto GlobalProtect Tool that can steal data and execute remote PowerShell commands to infiltrate internal networks further. [...]

https://www.bleepingcomputer.com/news/security/fake-palo-alto-globalprotect-used-as-lure-to-backdoor-enterprises/

Читать полностью…

BleepingComputer

Malware exploits 5-year-old zero-day to infect end-of-life IP cameras

The Corona Mirai-based malware botnet is spreading through a 5-year-old remote code execution (RCE) zero-day in AVTECH IP cameras, which have been discontinued for years and will not receive a patch. [...]

https://www.bleepingcomputer.com/news/security/malware-exploits-5-year-old-zero-day-to-infect-end-of-life-ip-cameras/

Читать полностью…

BleepingComputer

South Korean hackers exploited WPS Office zero-day to deploy malware

The South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS Office to install the SpyGlace backdoor on East Asian targets. [...]

https://www.bleepingcomputer.com/news/security/apt-c-60-hackers-exploited-wps-office-zero-day-to-deploy-spyglace-malware/

Читать полностью…

BleepingComputer

US offers $2.5 million reward for hacker linked to Angler Exploit Kit

The U.S. Department of State and the Secret Service have announced a reward of $2,500,000 for information leading to Belarusian national Volodymyr Kadariya (Владимир Кадария) for cybercrime activities. [...]

https://www.bleepingcomputer.com/news/legal/us-offers-25-million-reward-for-hacker-linked-to-angler-exploit-kit/

Читать полностью…

BleepingComputer

New Tickler malware used to backdoor US govt, defense orgs

The APT33 Iranian hacking group has used new Tickler malware to backdoor the networks of organizations in the government, defense, satellite, oil and gas sectors in the United States and the United Arab Emirates. [...]

https://www.bleepingcomputer.com/news/security/new-tickler-malware-used-to-backdoor-us-govt-defense-orgs/

Читать полностью…

BleepingComputer

Google increases Chrome bug bounty rewards up to $250,000

Google has more than doubled payouts for Google Chrome security flaws reported through its Vulnerability Reward Program, with the maximum possible reward for a single bug now exceeding $250,000. [...]

https://www.bleepingcomputer.com/news/google/google-increases-chrome-bug-bounty-rewards-up-to-250-000/

Читать полностью…

BleepingComputer

DICK’s Sporting Goods says confidential data exposed in cyberattack

DICK'S Sporting Goods, the largest chain of sporting goods retail stores in the United States, disclosed that sensitive information was exposed in a cyberattack detected last Wednesday. [...]

https://www.bleepingcomputer.com/news/security/dicks-sporting-goods-says-confidential-data-exposed-in-cyberattack/

Читать полностью…

BleepingComputer

BlackSuit ransomware stole data of 950,000 from software vendor

Young Consulting is sending data breach notifications to 954,177 people who had their information exposed in a BlackSuit ransomware attack on April 10, 2024. [...]

https://www.bleepingcomputer.com/news/security/blacksuit-ransomware-stole-data-of-950-000-from-software-vendor/

Читать полностью…

BleepingComputer

Windows 11 KB5041587 update adds sharing to Android devices

Microsoft has released the optional KB5041587 preview cumulative update for Windows 11 23H2 and 22H2, which adds sharing to Android devices and fixes multiple File Explorer issues. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5041587-update-adds-sharing-to-android-devices/

Читать полностью…

BleepingComputer

Malware infiltrates Pidgin messenger’s official plugin repository

The Pidgin messaging app removed the ScreenShareOTR plugin from its official third-party plugin list after it was discovered that it was used to install keyloggers, information stealers, and malware commonly used to gain initial access to corporate networks. [...]

https://www.bleepingcomputer.com/news/security/malware-infiltrates-pidgin-messengers-official-plugin-repository/

Читать полностью…

BleepingComputer

Park’N Fly notifies 1 million customers of data breach

Park'N Fly is warning that a data breach exposed the personal and account information of 1 million customers in Canada after hackers breached its network. [...]

https://www.bleepingcomputer.com/news/security/parkn-fly-notifies-1-million-customers-of-data-breach/

Читать полностью…

BleepingComputer

Microsoft Sway abused in massive QR code phishing campaign

​A massive QR code phishing campaign abused Microsoft Sway, a cloud-based tool for creating online presentations, to host landing pages to trick Microsoft 365 users into handing over their credentials. [...]

https://www.bleepingcomputer.com/news/security/microsoft-sway-abused-in-massive-qr-code-phishing-campaign/

Читать полностью…

BleepingComputer

Patelco notifies 726,000 customers of ransomware data breach

Patelco Credit Union warns customers it suffered a data breach after personal data was stolen in a RansomHub ransomware attack earlier this year. [...]

https://www.bleepingcomputer.com/news/security/patelco-notifies-726-000-customers-of-ransomware-data-breach/

Читать полностью…

BleepingComputer

Uber fined $325 million for moving driver data from Europe to US

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, AP) has imposed a fine of  €290,000,000 ($325 million) on Uber Technologies Inc. and Uber B.V. over GDPR violations. [...]

https://www.bleepingcomputer.com/news/legal/uber-fined-325-million-for-moving-driver-data-from-europe-to-us/

Читать полностью…

BleepingComputer

FBI: RansomHub ransomware breached 210 victims since February

​Since surfacing in February 2024, RansomHub ransomware affiliates have breached over 200 victims from a wide range of critical U.S. infrastructure sectors. [...]

https://www.bleepingcomputer.com/news/security/fbi-ransomhub-ransomware-breached-210-victims-since-february/

Читать полностью…

BleepingComputer

Windows 10 KB5041582 update released with 5 changes and fixes

​Microsoft has released the August 2024 preview update for Windows 10, version 22H2, with fixes for issues causing system freezes and memory leaks. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5041582-update-released-with-5-changes-and-fixes/

Читать полностью…

BleepingComputer

Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors

The Russian state-sponsored APT29 hacking group has been observed using the same iOS and Android exploits created by commercial spyware vendors in a series of cyberattacks between November 2023 and July 2024. [...]

https://www.bleepingcomputer.com/news/security/russian-apt29-hackers-use-ios-chrome-exploits-created-by-spyware-vendors/

Читать полностью…

BleepingComputer

Employee arrested for locking Windows admins out of 254 servers in extortion plot

A former core infrastructure engineer at an industrial company headquartered in Somerset County, New Jersey, was arrested after locking Windows admins out of 254 servers in a failed extortion plot targeting his employer. [...]

https://www.bleepingcomputer.com/news/security/employee-arrested-for-locking-windows-admins-out-of-254-servers-in-extortion-plot/

Читать полностью…

BleepingComputer

PoorTry Windows driver evolves into a full-featured EDR wiper

The malicious PoorTry kernel-mode Windows driver used by multiple ransomware gangs to turn off Endpoint Detection and Response (EDR) solutions has evolved into an EDR wiper, deleting files crucial for the operation of security solutions and making restoration harder. [...]

https://www.bleepingcomputer.com/news/security/poortry-windows-driver-evolves-into-a-full-featured-edr-wiper/

Читать полностью…

BleepingComputer

Iranian hackers work with ransomware gangs to extort breached orgs

An Iran-based hacking group known as Pioneer Kitten is breaching defense, education, finance, and healthcare organizations across the United States and working with affiliates of several ransomware operations to extort the victims. [...]

https://www.bleepingcomputer.com/news/security/iranian-hackers-work-with-ransomware-gangs-to-extort-breached-orgs/

Читать полностью…

BleepingComputer

Fortra fixes critical FileCatalyst Workflow hardcoded password issue

Fortra is warning of a critical hardcoded password flaw in FileCatalyst Workflow that could allow attackers unauthorized access to an internal database to steal data and gain administrator privileges. [...]

https://www.bleepingcomputer.com/news/security/fortra-fixes-critical-filecatalyst-workflow-hardcoded-password-issue/

Читать полностью…

BleepingComputer

It's down to the wire—but you don’t have to miss mWISE

For just a few days, the mWise cybersecurity conference is rolling back registration pricing to the Early Bird rate. Hurry, sale ends Wednesday, September 4. Learn more from mWISE Conference on how to get this discount. [...]

https://www.bleepingcomputer.com/news/security/its-down-to-the-wire-but-you-dont-have-to-miss-mwise/

Читать полностью…

BleepingComputer

US Marshals Service disputes ransomware gang's breach claims

The U.S. Marshals Service (USMS) denies its systems were breached by the Hunters International ransomware gang after being listed as a new victim on the cybercrime group's leak site on Monday. [...]

https://www.bleepingcomputer.com/news/security/us-marshals-service-disputes-ransomware-gangs-breach-claims/

Читать полностью…

BleepingComputer

Notion exits Russia and will terminate accounts in September

Notion has announced it will exit the Russian market and is terminating all workspaces and accounts identified linked to users in the country. [...]

https://www.bleepingcomputer.com/news/software/notion-exits-russia-and-will-terminate-accounts-in-september/

Читать полностью…

BleepingComputer

Windows Downdate tool lets you 'unpatch' Windows systems

SafeBreach security researcher Alon Leviev has released his Windows Downdate tool, which can be used for downgrade attacks that reintroduce old vulnerabilities in up-to-date Windows 10, Windows 11, and Windows Server systems. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-downdate-tool-lets-you-unpatch-windows-systems/

Читать полностью…

BleepingComputer

How to identify unknown assets while pen testing

External Attack Surface Management (EASM) coupled with Penetration Testing as a Service (PTaaS) can help find those blind spots and hidden assets exposed on your network. Learn more from Outpost24 about how combining EASM and PTaaS can help reveal these hidden pitfalls. [...]

https://www.bleepingcomputer.com/news/security/how-to-identify-unknown-assets-while-pen-testing/

Читать полностью…

BleepingComputer

Google tags a tenth Chrome zero-day as exploited this year

Today, Google revealed that it patched the tenth zero-day exploited in the wild in 2024 by attackers or security researchers during hacking contests. [...]

https://www.bleepingcomputer.com/news/security/google-tags-a-tenth-chrome-zero-day-as-exploited-this-year/

Читать полностью…

BleepingComputer

Microsoft: Exchange Online mistakenly tags emails as malware

Microsoft is investigating an Exchange Online false positive issue causing emails containing images to be wrongly tagged as malicious and sent to quarantine. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-online-mistakenly-tags-emails-as-malware/

Читать полностью…

BleepingComputer

Versa fixes Director zero-day vulnerability exploited in attacks

Versa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an unrestricted file upload flaw in the Versa Director GUI. [...]

https://www.bleepingcomputer.com/news/security/versa-fixes-director-zero-day-vulnerability-exploited-in-attacks/

Читать полностью…
Subscribe to a channel