GitLab affected by GitHub-style CDN flaw allowing malware hosting: BleepingComputer recently reported how a GitHub flaw, or possibly a design decision ...
bleepingcomputer.com/news/security/gitlab-affected-by-github-style-cdn-flaw-allowing-malware-hosting/
MITRE says state hackers breached its network via Ivanti zero-days: The MITRE Corporation says a state-backed hacking group breached its systems in January 2024 ...
bleepingcomputer.com/news/security/mitre-says-state-hackers-breached-its-network-via-ivanti-zero-days/
GitHub comments abused to push malware via Microsoft repo URLs: A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute ...
bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/
Malware dev lures child exploiters into honeytrap to extort them: You rarely root for a cybercriminal, but a new malware campaign targeting child exploiters ...
bleepingcomputer.com/news/security/malware-dev-lures-child-exploiters-into-honeytrap-to-extort-them/
Microsoft: APT28 hackers exploit Windows flaw reported by NSA: Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler ...
bleepingcomputer.com/news/security/microsoft-apt28-hackers-exploit-windows-flaw-reported-by-nsa/
22,500 Palo Alto firewalls "possibly vulnerable" to ongoing attacks: Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely ...
bleepingcomputer.com/news/security/22-500-palo-alto-firewalls-possibly-vulnerable-to-ongoing-attacks/
Russian Sandworm hackers targeted 20 critical orgs in Ukraine: Russian hacker group Sandworm aimed to disrupt operations at around 20 critical infrastructure ...
bleepingcomputer.com/news/security/russian-sandworm-hackers-targeted-20-critical-orgs-in-ukraine/
Ransomware payments drop to record low of 28% in Q1 2024: Ransomware actors have had a rough start this year, as stats from cybersecurity firm Coveware show that ...
bleepingcomputer.com/news/security/ransomware-payments-drop-to-record-low-of-28-percent-in-q1-2024/
HelloKitty ransomware rebrands, releases CD Projekt and Cisco data: An operator of the HelloKitty ransomware operation announced they changed the name to ...
bleepingcomputer.com/news/security/hellokitty-ransomware-rebrands-releases-cd-projekt-and-cisco-data/
PuTTY SSH client flaw allows recovery of cryptographic private keys: A vulnerability tracked as CVE-2024-31497 in PuTTY 0.68 through 0.80 could potentially allow ...
bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/
United Nations agency investigates ransomware attack, data theft: The United Nations Development Programme (UNDP) is investigating a cyberattack after threat ...
bleepingcomputer.com/news/security/united-nations-agency-investigates-ransomware-attack-claimed-by-8Base-gang/
UnitedHealth: Change Healthcare cyberattack caused $872 million loss: UnitedHealth Group reported an $872 million impact on its Q1 earnings due to the ransomware ...
bleepingcomputer.com/news/security/unitedhealth-change-healthcare-cyberattack-caused-872-million-loss/
Critical Forminator plugin flaw impacts over 300k WordPress sites: The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows ...
bleepingcomputer.com/news/security/critical-forminator-plugin-flaw-impacts-over-300k-wordpress-sites/
Palo Alto Networks zero-day exploited since March to backdoor firewalls: Suspected state-sponsored hackers have been exploiting an unpatched zero-day in Palo ...
bleepingcomputer.com/news/security/palo-alto-networks-zero-day-exploited-since-march-to-backdoor-firewalls/
FBI: Akira ransomware raked in $42 million from 250+ victims: The Akira ransomware operation has breached the networks of over 250 organizations and raked in ...
bleepingcomputer.com/news/security/fbi-akira-ransomware-raked-in-42-million-from-250-plus-victims/
Cisco warns of large-scale brute-force attacks against VPN services: Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH ...
bleepingcomputer.com/news/security/cisco-warns-of-large-scale-brute-force-attacks-against-vpn-services/
Fake cheat lures gamers into spreading infostealer malware: A new info-stealing malware linked to Redline poses as a game cheat called 'Cheat Lab ...
bleepingcomputer.com/news/security/fake-cheat-lures-gamers-into-spreading-infostealer-malware/
CrushFTP warns users to patch exploited zero-day “immediately”: CrushFTP warned customers today in a private memo of an actively exploited zero-day vulnerability ...
bleepingcomputer.com/news/security/crushftp-warns-users-to-patch-exploited-zero-day-immediately/
Palo Alto Networks fixes zero-day exploited to backdoor firewalls: Palo Alto Networks has started releasing hotfixes for a zero-day vulnerability that has been ...
bleepingcomputer.com/news/security/palo-alto-networks-fixes-zero-day-exploited-to-backdoor-firewalls/
Frontier Communications shuts down systems after cyberattack: American telecom provider Frontier Communications is restoring systems after a cybercrime group ...
bleepingcomputer.com/news/security/frontier-communications-shuts-down-systems-after-cyberattack/
LabHost phishing service with 40,000 domains disrupted, 37 arrested: The LabHost phishing-as-a-service (PhaaS) platform has been disrupted in a year-long global ...
bleepingcomputer.com/news/security/labhost-phishing-service-with-40-000-domains-disrupted-37-arrested/
Russian Sandworm hackers pose as hacktivists in water utility breaches: The Sandworm hacking group associated with Russian military intelligence has been hiding ...
bleepingcomputer.com/news/security/russian-sandworm-hackers-pose-as-hacktivists-in-water-utility-breaches/
Apple's iPhone notification you don't want to get: Apple sends out warnings multiple times a year to individuals it believes are the target of spyware attacks.
businessinsider.com/apple-iphone-spyware-attack-alert-2024-4
Cybercriminals pose as LastPass staff to hack password vaults: LastPass is warning of a malicious campaign targeting its users with the CryptoChameleon phishing ...
bleepingcomputer.com/news/security/cybercriminals-pose-as-lastpass-staff-to-hack-password-vaults/
Ransomware gang starts leaking alleged stolen Change Healthcare data: The RansomHub extortion gang has begun leaking what they claim is corporate and patient ...
bleepingcomputer.com/news/security/ransomware-gang-starts-leaking-alleged-stolen-change-healthcare-data/
Exploit released for Palo Alto PAN-OS bug used in attacks, patch now: Exploit code is now available for a maximum severity and actively exploited vulnerability ...
bleepingcomputer.com/news/security/exploit-released-for-palo-alto-pan-os-bug-used-in-attacks-patch-now/
T-Mobile, Verizon workers get texts offering $300 for SIM swaps: Criminals are now texting T-Mobile and Verizon employees on their personal and work phones ...
bleepingcomputer.com/news/security/t-mobile-verizon-workers-get-texts-offering-300-for-sim-swaps/
Microsoft will limit Exchange Online bulk emails to fight spam: Microsoft has announced plans to fight spam by imposing a daily Exchange Online bulk email limit ...
bleepingcomputer.com/news/microsoft/microsoft-will-limit-exchange-online-bulk-emails-to-fight-spam/
Start mastering ethical hacking with $1,000 off this training bundle: Malicious actors are proliferating even as the risks are growing across the board ...
bleepingcomputer.com/offer/deals/start-mastering-ethical-hacking-with-1-000-off-this-training-bundle/
New SteganoAmor attacks use steganography to target 320 orgs globally - @billtoulas www.bleepingcomputer.com/news/security/new-steganoamor-attacks-use-steganography-to-target-320-orgs-globally/ www.bleepingcomputer.com/news/security/new-steganoamor-attacks-use-steganography-to-target-320-orgs-globally/
840-bed hospital in France postpones procedures after cyberattack: The Hospital Simone Veil in Cannes (CHC-SV) has announced that it was targeted by a ...
bleepingcomputer.com/news/security/chc-sv-hospital-in-france-postpones-procedures-after-cyberattack/
Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks: Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability ...
bleepingcomputer.com/news/security/palo-alto-networks-warns-of-pan-os-firewall-zero-day-used-in-attacks/
Microsoft: New Copilot app added by Edge doesn’t collect data: Microsoft says the new Copilot app, added by recent Edge updates to the list of installed Windows ...
bleepingcomputer.com/news/microsoft/microsoft-new-copilot-app-added-by-edge-doesnt-collect-data/
Moldovan charged for operating botnet used to push ransomware: The U.S. Justice Department charged Moldovan national Alexander Lefterov, the owner and operator ...
bleepingcomputer.com/news/security/moldovan-charged-for-operating-botnet-used-to-push-ransomware/
Roku warns 576,000 accounts hacked in new credential stuffing attacks: Roku warns that 576,000 accounts were hacked in new credential stuffing attacks after ...
bleepingcomputer.com/news/security/roku-warns-576-000-accounts-hacked-in-new-credential-stuffing-attacks/
Quick Glance: Roku Discovers New Hacking Incident Affecting 576,000 Users
- Roku has uncovered a wider hacking effort using logins exposed in unrelated breaches. The company has now turned on two-factor authentication for all user accounts.
- A second hacking incident ensnared 'approximately 576,000 additional accounts,' as the company wrote in a blog post on Friday.
- The hackers are using stolen email addresses and password combinations from other sites to access Roku's login page and check if users are reusing the same login credentials across multiple services.
- Roku has reset the passwords for affected users and activated two-factor authentication for all user accounts, regardless of whether they were impacted or not.
Hackers hijack OpenMetadata apps in Kubernetes cryptomining attacks: In an ongoing Kubernetes cryptomining campaign, attackers target OpenMetadata workloads ...
bleepingcomputer.com/news/security/hackers-hijack-openmetadata-apps-in-kubernetes-cryptomining-attacks/
Multiple botnets exploiting one-year-old TP-Link flaw to hack routers: At least six distinct botnet malware operations are hunting for TP-Link Archer AX21 ...
bleepingcomputer.com/news/security/multiple-botnets-exploiting-one-year-old-tp-link-flaw-to-hack-routers/
Firebird RAT creator and seller arrested in the U.S. and Australia: A joint police operation between the Australian Federal Police (AFP) and the FBI has led to ...
bleepingcomputer.com/news/security/firebird-rat-creator-and-seller-arrested-in-the-us-and-australia/
FIN7 targets American automaker’s IT staff in phishing attacks: The financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing ...
bleepingcomputer.com/news/security/fin7-targets-american-automakers-it-staff-in-phishing-attacks/
Preparing for IT exams? This library of study guides is now under $30: With this deal, you get lifetime access to the library of 10 study guides on desktop and ...
bleepingcomputer.com/offer/deals/preparing-for-it-exams-this-library-of-study-guides-is-now-under-30/
Chipmaker Nexperia confirms breach after ransomware gang leaks data: Dutch chipmaker Nexperia confirmed late last week that hackers breached its network in March ...
bleepingcomputer.com/news/security/chipmaker-nexperia-confirms-breach-after-ransomware-gang-leaks-data/
Notepad++ needs your help in "parasite website" shutdown: The Notepad++ project is seeking the public's help in taking down a copycat website ...
bleepingcomputer.com/news/security/notepad-plus-plus-needs-your-help-in-parasite-website-shutdown/
Google to crack down on third-party YouTube apps that block ads: YouTube announced yesterday that third-party applications that block ads while watching YouTube ...
bleepingcomputer.com/news/google/google-to-crack-down-on-third-party-youtube-apps-that-block-ads/
Telegram fixes Windows app zero-day caused by file extension typo: Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used ...
bleepingcomputer.com/news/security/telegram-fixes-windows-app-zero-day-caused-by-file-extension-typo/
Daixin ransomware gang claims attack on Omni Hotels: The Daixin Team ransomware gang claimed a recent cyberattack on Omni Hotels & Resorts and is now threatening ...
bleepingcomputer.com/news/security/daixin-ransomware-gang-claims-attack-on-omni-hotels/
With two exceptions: Germans give Corona policy a good report: Mask requirements, vaccinations, curfews: Hardly a day goes by during the corona pandemic without ...
n-tv.de/politik/Deutsche-stellen-Corona-Politik-ein-gutes-Zeugnis-aus-article24891927.html
DuckDuckGo launches a premium Privacy Pro VPN service: DuckDuckGo has launched a new paid-for 3-in-1 subscription service called 'Privacy Pro ...
bleepingcomputer.com/news/security/duckduckgo-launches-a-premium-privacy-pro-vpn-service/
SoumniBot malware exploits Android bugs to evade detection: A new Android banking malware named 'SoumniBot' is using a less common obfuscation approach ...
bleepingcomputer.com/news/security/soumnibot-malware-exploits-android-bugs-to-evade-detection/
LastPass: Hackers targeted employee in failed deepfake CEO call: LastPass revealed this week that threat actors targeted one of its employees in a voice phishing ...
bleepingcomputer.com/news/security/lastpass-hackers-targeted-employee-in-failed-deepfake-ceo-call/
Medium bans AI-generated content from its paid Partner Program: Medium is banning AI-generated content from its paid Partner program, notifying users that the ...
bleepingcomputer.com/news/technology/medium-bans-ai-generated-content-from-its-paid-partner-program/
OpenTable won't add first names, photos to old reviews after backlash: OpenTable has reversed its decision to show members' first names and profile ...
bleepingcomputer.com/news/security/opentable-wont-add-first-names-photos-to-old-reviews-after-backlash/
AT&T now says data breach impacted 51 million customers: AT&T is sending data breach notifications to 51 million former and current customers ...
bleepingcomputer.com/news/security/atandt-now-says-data-breach-impacted-51-million-customers/
Over 90,000 LG Smart TVs may be exposed to remote attacks: Security researchers at Bitdefender have discovered four vulnerabilities impacting multiple versions ...
bleepingcomputer.com/news/security/over-90-000-lg-smart-tvs-may-be-exposed-to-remote-attacks/
CISA makes its "Malware Next-Gen" analysis system publicly available: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a ...
bleepingcomputer.com/news/security/cisa-makes-its-malware-next-gen-analysis-system-publicly-available/
Ivanti warns of critical flaws in its Avalanche MDM solution: Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device ...
bleepingcomputer.com/news/security/ivanti-warns-of-critical-flaws-in-its-avalanche-mdm-solution/
Cerebral to pay $7 million settlement in Facebook pixel data leak case: The U.S. Federal Trade Commission has reached a settlement with telehealth firm Cerebral ...
bleepingcomputer.com/news/security/cerebral-to-pay-7-million-settlement-in-facebook-pixel-data-leak-case/
Google ad impersonates Whales Market to push wallet drainer malware: A legitimate-looking Google Search advertisement for the crypto trading platform ...
bleepingcomputer.com/news/security/google-ad-impersonates-whales-market-to-push-wallet-drainer-malware/
Crypto miner arrested for skipping on $3.5 million in cloud server bills: The U.S. Department of Justice has announced the arrest and indictment of Charles O ...
bleepingcomputer.com/news/security/crypto-miner-arrested-for-skipping-on-35-million-in-cloud-server-bills/
Get work organized with $230 off Microsoft Project Professional 2021: Project management is increasingly a central job skill, and professional tools make it ...
bleepingcomputer.com/offer/deals/get-work-organized-with-230-off-microsoft-project-professional-2021/
Malicious PowerShell script pushing malware looks AI-written: A threat actor is using a PowerShell script that was likely created with the help of an artificial ...
bleepingcomputer.com/news/security/malicious-powershell-script-pushing-malware-looks-ai-written/
FBI warns of massive wave of road toll SMS phishing attacks: On Friday, the Federal Bureau of Investigation warned of a massive ongoing wave of SMS phishing ...
bleepingcomputer.com/news/security/fbi-warns-of-massive-wave-of-road-toll-sms-phishing-attacks/
Microsoft fixes two Windows zero-days exploited in malware attacks: Microsoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 ...
bleepingcomputer.com/news/microsoft/microsoft-fixes-two-windows-zero-days-exploited-in-malware-attacks/
Critical Rust flaw enables Windows command injection attacks: Threat actors can exploit a security vulnerability in the Rust standard library to target Windows ...
bleepingcomputer.com/news/security/critical-rust-flaw-enables-windows-command-injection-attacks/
Microsoft lifts Windows 11 block on some Intel systems after 2 years: Microsoft has finally lifted a compatibility hold blocking Windows 11 upgrades on systems ...
bleepingcomputer.com/news/microsoft/microsoft-lifts-windows-11-block-on-some-intel-systems-after-2-years/
GMER - the art of exposing Windows rootkits in kernel mode: 📌 Chapters: Introduction Some basic terms Howto Exploring Win11 disk subsystem Set up a secure ...
artemonsecurity.blogspot.com/2024/04/gmer-art-of-exposing-windows-rootkits.html
Frontier also circulated an internal memo this week saying that a network outage took down its wholesale sites and multiple applications on Tuesday morning at ... Show more
CISA says Sisense hack impacts critical infrastructure orgs: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating the recent breach ...
bleepingcomputer.com/news/security/cisa-says-sisense-hack-impacts-critical-infrastructure-orgs/
Microsoft now testing app ads in Windows 11's Start menu: Microsoft has started testing ads in the Windows 11 Start menu, a new experiment the company says ...
bleepingcomputer.com/news/microsoft/microsoft-now-testing-app-ads-in-windows-11s-start-menu/
Former AT&T customers get $6.3 million in data throttling refunds: The Federal Trade Commission (FTC) is sending out $6,300,000 in partial refunds to 267 ...
bleepingcomputer.com/news/mobile/former-atandt-customers-get-63-million-in-data-throttling-refunds/
Malicious Visual Studio projects on GitHub push Keyzetsu malware: Threat actors are abusing GitHub automation features and malicious Visual Studio projects to ...
bleepingcomputer.com/news/security/malicious-visual-studio-projects-on-github-push-keyzetsu-malware/
Reusing passwords: The hidden cost of convenience : Password reuse might seem like a small problem — but it can have far-reaching consequences for an ...
bleepingcomputer.com/news/security/reusing-passwords-the-hidden-cost-of-convenience/
Save $230 off Microsoft Visio Professional 2021 in this flash sale: Visualizing data pulls out the most important aspects of it. This instant download of ...
bleepingcomputer.com/offer/deals/save-230-off-microsoft-visio-professional-2021-in-this-flash-sale/
Get started in ethical hacking with $98 off this training bootcamp: Ethical hacking helps you go on the offensive against digital crooks. Learn how it works with ...
bleepingcomputer.com/offer/deals/get-started-in-ethical-hacking-with-98-off-this-training-bootcamp/
Microsoft Office LTSC 2024 preview available for Windows, Mac: A preview of Microsoft Office LTSC 2024, a volume-licensed and perpetual version of Office for ...
bleepingcomputer.com/news/microsoft/microsoft-office-ltsc-2024-preview-available-for-windows-mac/
Optics giant Hoya hit with $10 million ransomware demand: A recent cyberattack on Hoya Corporation was conducted by the 'Hunters International' ...
bleepingcomputer.com/news/security/optics-giant-hoya-hit-with-10-million-ransomware-demand/
Home Depot confirms third-party data breach exposed employee info: Home Depot has confirmed that it suffered a data breach after one of its SaaS vendors ...
bleepingcomputer.com/news/security/home-depot-confirms-third-party-data-breach-exposed-employee-info/
Google rolls out new Find My Device network to Android devices: Google is rolling out an upgraded Find My Device network to Android devices in the United States ...
bleepingcomputer.com/news/google/google-rolls-out-new-find-my-device-network-to-android-devices/
Over 92,000 exposed D-Link NAS devices have a backdoor account: A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw ...
bleepingcomputer.com/news/security/over-92-000-exposed-d-link-nas-devices-have-a-backdoor-account/
New to NewsWall?
Sign up now to get your own personalized news!
Trending topics