bleepingcomputer | Technologies

Telegram-канал bleepingcomputer - BleepingComputer

1132

Latest news and stories from BleepingComputer.com From a bleeping computer to a working computer.

Subscribe to a channel

BleepingComputer

Microsoft fixes Windows Smart App Control zero-day exploited since 2018

​Microsoft has fixed a Windows Smart App Control and SmartScreen flaw that has been exploited in attacks as a zero-day since at least 2018. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-smart-app-control-zero-day-exploited-since-2018/

Читать полностью…

BleepingComputer

Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws

Today is Microsoft's September 2024 Patch Tuesday, which includes security updates for 79 flaws, including four actively exploited and one publicly disclosed zero-days. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-september-2024-patch-tuesday-fixes-4-zero-days-79-flaws/

Читать полностью…

BleepingComputer

Microsoft to start force-upgrading Windows 22H2 systems next month

Microsoft announced that Windows 11 installs reaching the end of support next month, on October 8, will be force-upgraded to Windows 11 23H2. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-start-force-upgrading-windows-22h2-systems-next-month/

Читать полностью…

BleepingComputer

Flipper Zero releases Firmware 1.0 after three years of development

After three years of development, the Flipper Zero team has announced the release of the first major firmware version for the portable, customizable digital hacking device. [...]

https://www.bleepingcomputer.com/news/hardware/flipper-zero-releases-firmware-10-after-three-years-of-development/

Читать полностью…

BleepingComputer

Critical SonicWall SSLVPN bug exploited in ransomware attacks

Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims' networks. [...]

https://www.bleepingcomputer.com/news/security/critical-sonicwall-sslvpn-bug-exploited-in-ransomware-attacks/

Читать полностью…

BleepingComputer

Chinese hackers use new data theft malware in govt attacks

New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET to download payloads and steal information from breached networks. [...]

https://www.bleepingcomputer.com/news/security/chinese-hackers-use-new-data-theft-malware-in-govt-attacks/

Читать полностью…

BleepingComputer

Meta fixes easily bypassed WhatsApp ‘View Once’ privacy feature

A privacy flaw in WhatsApp, an instant messenger with over 2 billion users worldwide, is being exploited by attackers to bypass the app's "View once" feature and view messages again. [...]

https://www.bleepingcomputer.com/news/security/meta-fixes-easily-bypassed-whatsapp-view-once-privacy-feature/

Читать полностью…

BleepingComputer

How to defend against brute force and password spray attacks

While not very sophisticated, brute force password attacks pose a significant threat to an organization's security. Learn more from Specops Software about these types of attacks and how to defend against them. [...]

https://www.bleepingcomputer.com/news/security/how-to-defend-against-brute-force-and-password-spray-attacks/

Читать полностью…

BleepingComputer

Sextortion scam now use your "cheating" spouse’s name as a lure

A new variant of the ongoing sextortion email scams is now targeting spouses, saying that their husband or wife is cheating on them, with links to the alleged proof. [...]

https://www.bleepingcomputer.com/news/security/sextortion-scam-now-use-your-cheating-spouses-name-as-a-lure/

Читать полностью…

BleepingComputer

Transport for London staff faces systems disruptions after cyberattack

​Transport for London, the city's public transportation agency, revealed today that its staff has limited access to systems and email due to measures implemented in response to a Sunday cyberattack. [...]

https://www.bleepingcomputer.com/news/security/transport-for-london-staff-faces-systems-disruptions-after-cyberattack/

Читать полностью…

BleepingComputer

Microsoft Office 2024 to disable ActiveX controls by default

​After Office 2024 launches in October, Microsoft will disable ActiveX controls by default in Word, Excel, PowerPoint, and Visio client apps. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-office-2024-to-disable-activex-controls-by-default/

Читать полностью…

BleepingComputer

SonicWall SSLVPN access control flaw is now exploited in attacks

SonicWall is warning that a recently fixed access control flaw tracked as CVE-2024-40766 in SonicOS is now "potentially" exploited in attacks, urging admins to apply patches as soon as possible. [...]

https://www.bleepingcomputer.com/news/security/sonicwall-sslvpn-access-control-flaw-is-now-exploited-in-attacks/

Читать полностью…

BleepingComputer

Microsoft removes revenge porn from Bing search using new tool

Microsoft announced today that it has partnered with StopNCII to proactively remove harmful intimate images and videos from Bing using digital hashes people create from their sensitive media. [...]

https://www.bleepingcomputer.com/news/security/microsoft-removes-revenge-porn-from-bing-search-using-new-tool/

Читать полностью…

BleepingComputer

LiteSpeed Cache bug exposes 6 million WordPress sites to takeover attacks

Yet, another critical severity vulnerability has been discovered in LiteSpeed Cache, a caching plugin for speeding up user browsing in over 6 million WordPress sites. [...]

https://www.bleepingcomputer.com/news/security/litespeed-cache-bug-exposes-6-million-wordpress-sites-to-takeover-attacks/

Читать полностью…

BleepingComputer

Veeam warns of critical RCE flaw in Backup & Replication software

Veeam has released security updates for several of its products as part of a single September 2024 security bulletin that addresses 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One. [...]

https://www.bleepingcomputer.com/news/security/veeam-warns-of-critical-rce-flaw-in-backup-and-replication-software/

Читать полностью…

BleepingComputer

Windows 11 KB5043076 cumulative update released with 19 changes

Microsoft has released the mandatory Windows 11 23H2 KB5043076 cumulative update to fix security vulnerabilities and make 19 improvements. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5043076-cumulative-update-released-with-19-changes/

Читать полностью…

BleepingComputer

Wix.com to block Russian users starting September 12

Wix.com has announced it will stop providing services to Russian users on September 12, 2024, with all accounts from Russia, including free and premium, to be blocked and their websites taken down. [...]

https://www.bleepingcomputer.com/news/legal/wixcom-to-block-russian-users-starting-september-12/

Читать полностью…

BleepingComputer

Navigating Endpoint Privilege Management: Insights for CISOs and Admins

Understanding endpoint privilege management is key to defending organizations from advanced attacks. Learn more from ThreatLocker on using endpoint privilege management to better secure your org's systems. [...]

https://www.bleepingcomputer.com/news/security/navigating-endpoint-privilege-management-insights-for-cisos-and-admins/

Читать полностью…

BleepingComputer

NoName ransomware gang deploying RansomHub malware in recent attacks

The NoName ransomware gang has been trying to build a reputation for more than three years targeting small and medium-sized businesses worldwide with its encryptors and may now be working as a RansomHub affiliate. [...]

https://www.bleepingcomputer.com/news/security/noname-ransomware-gang-deploying-ransomhub-malware-in-recent-attacks/

Читать полностью…

BleepingComputer

Quad7 botnet targets more SOHO and VPN routers, media servers

The Quad7 botnet is expanding its targeting scope with the addition of new clusters and custom implants that now also target Zyxel VPN appliances and Ruckus wireless routers. [...]

https://www.bleepingcomputer.com/news/security/quad7-botnet-targets-more-soho-and-vpn-routers-media-servers/

Читать полностью…

BleepingComputer

Highline Public Schools closes schools following cyberattack

Highline Public Schools, a K-12 district in Washington state, has shut down all schools and canceled school activities after its technology systems were compromised in a cyberattack. [...]

https://www.bleepingcomputer.com/news/security/highline-public-schools-closes-schools-following-cyberattack/

Читать полностью…

BleepingComputer

Payment gateway data breach affects 1.7 million credit card owners

Payment gateway provider Slim CD has disclosed a data breach that compromised credit card and personal data belonging to almost 1.7 million individuals. [...]

https://www.bleepingcomputer.com/news/security/payment-gateway-data-breach-affects-17-million-credit-card-owners/

Читать полностью…

BleepingComputer

Progress LoadMaster vulnerable to 10/10 severity RCE flaw

Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. [...]

https://www.bleepingcomputer.com/news/security/progress-loadmaster-vulnerable-to-10-10-severity-rce-flaw/

Читать полностью…

BleepingComputer

New RAMBO attack steals data using RAM in air-gapped computers

A novel side-channel attack dubbed  "RAMBO" (Radiation of Air-gapped Memory Bus for Offense) generates electromagnetic radiation from a device's RAM to send data from air-gapped computers. [...]

https://www.bleepingcomputer.com/news/security/new-rambo-attack-steals-data-using-ram-in-air-gapped-computers/

Читать полностью…

BleepingComputer

Car rental giant Avis discloses data breach impacting customers

American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information. [...]

https://www.bleepingcomputer.com/news/security/car-rental-giant-avis-discloses-data-breach-impacting-customers/

Читать полностью…

BleepingComputer

SpyAgent Android malware steals your crypto recovery phrases from images

A new Android malware named SpyAgent uses optical character recognition (OCR) technology to steal cryptocurrency wallet recovery phrases from screenshots stored on the mobile device. [...]

https://www.bleepingcomputer.com/news/security/spyagent-android-malware-steals-your-crypto-recovery-phrases-from-images/

Читать полностью…

BleepingComputer

Apache fixes critical OFBiz remote code execution vulnerability

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers. [...]

https://www.bleepingcomputer.com/news/security/apache-fixes-critical-ofbiz-remote-code-execution-vulnerability/

Читать полностью…

BleepingComputer

Russian military hackers linked to critical infrastructure attacks

The United States and its allies have linked a group of Russian hackers (tracked as Cadet Blizzard and Ember Bear) behind global critical infrastructure attacks to Unit 29155 of Russia's Main Directorate of the General Staff of the Armed Forces (also known as GRU). [...]

https://www.bleepingcomputer.com/news/security/us-and-allies-link-russian-military-hackers-behind-critical-infrastructure-attacks-to-gru-unit-29155/

Читать полностью…

BleepingComputer

Musician charged with $10M streaming royalties fraud using AI and bots

North Carolina musician Michael Smith was indicted for collecting over $10 million in royalty payments from Spotify, Amazon Music, Apple Music, and YouTube Music using AI-generated songs streamed by thousands of bots in a massive streaming fraud scheme. [...]

https://www.bleepingcomputer.com/news/security/musician-charged-with-10m-streaming-royalties-fraud-using-ai-and-bots/

Читать полностью…

BleepingComputer

Fake OnlyFans cybercrime tool infects hackers with malware

Hackers are targeting other hackers with a fake OnlyFans tool that claims to help steal accounts but instead infects threat actors with the Lumma stealer information-stealing malware. [...]

https://www.bleepingcomputer.com/news/security/fake-onlyfans-cybercrime-tool-infects-hackers-with-malware/

Читать полностью…
Subscribe to a channel