1131
Latest news and stories from BleepingComputer.com From a bleeping computer to a working computer.
New attack leaks VPN traffic using rogue DHCP servers
A new attack dubbed "TunnelVision" can route traffic outside a VPN's encryption tunnel, allowing attackers to snoop on unencrypted traffic while maintaining the appearance of a secure VPN connection. [...]
https://www.bleepingcomputer.com/news/security/new-tunnelvision-attack-leaks-vpn-traffic-using-rogue-dhcp-servers/
BetterHelp to pay $7.8 million to 800,000 in health data sharing settlement
BetterHelp has agreed to pay $7.8 million in a settlement agreement with the U.S. Federal Trade Commission (FTC) over allegations of misusing and sharing consumer health data for advertising purposes. [...]
https://www.bleepingcomputer.com/news/security/betterhelp-to-pay-78-million-to-800-000-in-health-data-sharing-settlement/
Google Chrome is getting native support for YouTube-like video chapters
Google is adding a new feature to Google Chrome that allows publishers to add video chapters to videos embedded on websites, similar to how chapters work on YouTube. [...]
https://www.bleepingcomputer.com/news/google/google-chrome-is-getting-native-support-for-youtube-like-video-chapters/
City of Wichita shuts down IT network after ransomware attack
The City of Wichita, Kansas, disclosed it was forced to shut down portions of its network after suffering a weekend ransomware attack. [...]
https://www.bleepingcomputer.com/news/security/city-of-wichita-shuts-down-it-network-after-ransomware-attack/
Lockbit's seized site comes alive to tease new police announcements
The NCA, FBI, and Europol have revived a seized LockBit ransomware data leak site to hint at new information being revealed by law enforcement this Tuesday. [...]
https://www.bleepingcomputer.com/news/security/lockbits-seized-site-comes-alive-to-tease-new-police-announcements/
Iranian hackers pose as journalists to push backdoor malware
The Iranian state-backed threat actor tracked as APT42 is employing social engineering attacks, including posing as journalists, to breach corporate networks and cloud environments of Western and Middle Eastern targets. [...]
https://www.bleepingcomputer.com/news/security/iranian-hackers-pose-as-journalists-to-push-backdoor-malware/
NSA warns of North Korean hackers exploiting weak DMARC email policies
The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conformance (DMARC) policies to mask spearphishing attacks. [...]
https://www.bleepingcomputer.com/news/security/nsa-warns-of-north-korean-hackers-exploiting-weak-dmarc-email-policies/
NATO and EU condemn Russia's cyberattacks against Germany, Czechia
NATO and the European Union, with international partners, formally condemned a long-term cyber espionage campaign against European countries conducted by the Russian threat group APT28. [...]
https://www.bleepingcomputer.com/news/security/nato-and-eu-condemn-russias-cyberattacks-against-germany-czechia/
CEO who sold fake Cisco devices to US military gets 6 years in prison
Onur Aksoy, the CEO of a group of companies controlling multiple online storefronts, was sentenced to six and a half years in prison for selling $100 million worth of counterfeit Cisco network equipment to government, health, education, and military organizations worldwide. [...]
https://www.bleepingcomputer.com/news/security/ceo-who-sold-fake-cisco-devices-to-us-military-gets-6-years-in-prison/
CISA urges software devs to weed out path traversal vulnerabilities
CISA and the FBI urged software companies today to review their products and eliminate path traversal security vulnerabilities before shipping. [...]
https://www.bleepingcomputer.com/news/security/cisa-urges-software-devs-to-weed-out-path-traversal-vulnerabilities/
Microsoft warns of "Dirty Stream" attack impacting Android apps
Microsoft has highlighted a novel attack dubbed "Dirty Stream," which could allow malicious Android apps to overwrite files in another application's home directory, potentially leading to arbitrary code execution and secrets theft. [...]
https://www.bleepingcomputer.com/news/security/microsoft-warns-of-dirty-stream-attack-impacting-android-apps/
Microsoft won't fix Windows 0x80070643 errors, manual fix required
Microsoft has confirmed that it won't provide an automated fix for a known issue causing 0x80070643 errors when installing recent Windows Recovery Environment (WinRE) updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-wont-fix-windows-0x80070643-errors-manual-fix-required/
HPE Aruba Networking fixes four critical RCE flaws in ArubaOS
HPE Aruba Networking has issued its April 2024 security advisory detailing critical remote code execution (RCE) vulnerabilities impacting multiple versions of ArubaOS, its proprietary network operating system. [...]
https://www.bleepingcomputer.com/news/security/hpe-aruba-networking-fixes-four-critical-rce-flaws-in-arubaos/
US govt warns of pro-Russian hacktivists targeting water facilities
The US government is warning that pro-Russian hacktivists are seeking out and hacking into unsecured operational technology (OT) systems used to disrupt critical infrastructure operations. [...]
https://www.bleepingcomputer.com/news/security/us-govt-warns-of-pro-russian-hacktivists-targeting-water-facilities/
French hospital CHC-SV refuses to pay LockBit extortion demand
The Hôpital de Cannes - Simone Veil (CHC-SV) in France announced it received a ransom demand from the Lockbit 3.0 ransomware gang, saying they refuse to pay the ransom. [...]
https://www.bleepingcomputer.com/news/security/french-hospital-chc-sv-refuses-to-pay-lockbit-extortion-demand/
Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw
Nearly 52,000 internet-exposed Tinyproxy instances are vulnerable to CVE-2023-49606, a recently disclosed critical remote code execution (RCE) flaw. [...]
https://www.bleepingcomputer.com/news/security/over-50-000-tinyproxy-servers-vulnerable-to-critical-rce-flaw/
LockBit ransomware admin identified, sanctioned in US, UK, Australia
The FBI, UK National Crime Agency, and Europol have unveiled sweeping indictments and sanctions against the admin of the LockBit ransomware operation, with the identity of the Russian threat actor revealed for the first time. [...]
https://www.bleepingcomputer.com/news/security/lockbit-ransomware-admin-identified-sanctioned-in-us-uk-australia/
Microsoft tests using MT/s for memory speed in Windows 11 Task Manager
Microsoft is testing showing memory speeds as MT/s (mega-transfers per second) rather than MHz (megahertz) in the Windows 11 Task Manager. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-tests-using-mt-s-for-memory-speed-in-windows-11-task-manager/
Get ahead in cybersecurity with $145 off a training course bundle
Cybersecurity is everyone's concern, and for IT workers, a key skill on their resume. This five-course exam prep bundle helps you get more advanced credentials for $49.99, $145 off the $195 MSRP. [...]
https://www.bleepingcomputer.com/news/security/get-ahead-in-cybersecurity-with-145-off-a-training-course-bundle/
Finland warns of Android malware attacks breaching bank accounts
Finland's Transport and Communications Agency (Traficom) has issued a warning about an ongoing Android malware campaign targeting banking accounts. [...]
https://www.bleepingcomputer.com/news/security/finland-warns-of-android-malware-attacks-breaching-bank-accounts/
Android bug can leak DNS traffic with VPN kill switch enabled
A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option. [...]
https://www.bleepingcomputer.com/news/security/android-bug-can-leak-dns-traffic-with-vpn-kill-switch-enabled/
Google rolls back reCaptcha update to fix Firefox issues
Google has rolled back a recent release of its reCaptcha captcha script after a bug caused the service to no longer work on Firefox for Windows. [...]
https://www.bleepingcomputer.com/news/security/google-rolls-back-recaptcha-update-to-fix-firefox-issues/
Microsoft rolls out passkey auth for personal Microsoft accounts
Microsoft announced that Windows users can now log into their Microsoft consumer accounts using a passkey, allowing users to authenticate using password-less methods such as Windows Hello, FIDO2 security keys, biometric data (facial scans or fingerprints), or device PINs. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-passkey-auth-for-personal-microsoft-accounts/
Bitwarden launches new MFA Authenticator app for iOS, Android
Bitwarden, the creator of the popular open-source password manager, has just launched a new authenticator app called Bitwarden Authenticator, which is available for iOS and Android devices. [...]
https://www.bleepingcomputer.com/news/software/bitwarden-launches-new-mfa-authenticator-app-for-ios-android/
Police shuts down 12 fraud call centres, arrests 21 suspects
Law enforcement shut down 12 phone fraud call centers in Albania, Bosnia and Herzegovina, Kosovo, and Lebanon, behind thousands of scam calls daily. [...]
https://www.bleepingcomputer.com/news/security/police-shuts-down-12-fraud-call-centres-arrests-21-suspects/
REvil hacker behind Kaseya ransomware attack gets 13 years in prison
Yaroslav Vasinskyi, a Ukrainian national, was sentenced to 13 years and seven months in prison and ordered to pay $16 million in restitution for his involvement in the REvil ransomware operation. [...]
https://www.bleepingcomputer.com/news/security/revil-hacker-behind-kaseya-ransomware-attack-gets-13-years-in-prison/
Cybersecurity consultant arrested after allegedly extorting IT firm
A former cybersecurity consultant was arrested for allegedly attempting to extort a publicly traded IT company by threatening to disclose confidential and proprietary data unless they paid him $1,500,000. [...]
https://www.bleepingcomputer.com/news/legal/cybersecurity-consultant-arrested-after-allegedly-extorting-it-firm/
DropBox says hackers stole customer data, auth secrets from eSignature service
Cloud storage firm DropBox says hackers breached production systems for its DropBox Sign eSignature platform and gained access to authentication tokens, MFA keys, hashed passwords, and customer information. [...]
https://www.bleepingcomputer.com/news/security/dropbox-says-hackers-stole-customer-data-auth-secrets-from-esignature-service/
Panda Restaurants discloses data breach after corporate systems hack
Panda Restaurant Group, the parent company of Panda Express, Panda Inn, and Hibachi-San, disclosed a data breach after attackers compromised its corporate systems in March and stole the personal information of an undisclosed number of individuals. [...]
https://www.bleepingcomputer.com/news/security/panda-restaurants-discloses-a-data-breach-after-corporate-systems-hack/
CISA says GitLab account takeover bug is actively exploited in attacks
CISA warned today that attackers are actively exploiting a maximum-severity GitLab vulnerability that allows them to take over accounts via password resets. [...]
https://www.bleepingcomputer.com/news/security/cisa-says-gitlab-account-takeover-bug-is-actively-exploited-in-attacks/