ArcaneDoor hackers exploit Cisco zero-days to breach govt networks: Cisco warned today that a state-backed hacking group has been exploiting two zero-day ...
bleepingcomputer.com/news/security/arcanedoor-hackers-exploit-cisco-zero-days-to-breach-govt-networks/
Reddit down in major outage blocking access to web, mobile apps: Reddit is investigating a major outage blocking users worldwide from accessing the social ...
bleepingcomputer.com/news/technology/reddit-down-in-major-outage-blocking-access-to-web-mobile-apps/
Quick Glance: Innovative Advertising Strategies on Reddit
- Reddit recently introduced an innovative ad format aimed at selling products to Reddit users.
- Through Reddit's Dynamic Product Ads, users are automatically shown ads based on their previous interactions with products on the advertiser's website or on Reddit.
- In a blog post, Reddit emphasized its clear focus on ad sales and the natural commercial aspect of the Reddit community.
- The introduction of Dynamic Product Ads is a step in Reddit's strategy to expand its advertising business and drive growth.
WP Automatic WordPress plugin hit by millions of SQL injection attacks: Hackers have started to target a critical severity vulnerability in the WP Automatic ...
bleepingcomputer.com/news/security/wp-automatic-wordpress-plugin-hit-by-millions-of-sql-injection-attacks/
UnitedHealth confirms it paid ransomware gang to stop data leak: The UnitedHealth Group has confirmed that it paid a ransom to cybercriminals to protect ...
bleepingcomputer.com/news/security/unitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak/
Fake job interviews target developers with new Python backdoor: A new campaign tracked as "Dev Popper" is targeting software developers with fake job ...
bleepingcomputer.com/news/security/fake-job-interviews-target-developers-with-new-python-backdoor/
Kaiser Permanente: Data breach may impact 13.4 million patients: Healthcare service provider Kaiser Permanente disclosed a data security incident that may impact ...
bleepingcomputer.com/news/security/kaiser-permanente-data-breach-may-impact-134-million-patients/
New Brokewell malware takes over Android devices, steals data: Security researchers have discovered a new Android banking trojan they named Brokewell that can ...
bleepingcomputer.com/news/security/new-brokewell-malware-takes-over-android-devices-steals-data/
GitLab affected by GitHub-style CDN flaw allowing malware hosting: BleepingComputer recently reported how a GitHub flaw, or possibly a design decision ...
bleepingcomputer.com/news/security/gitlab-affected-by-github-style-cdn-flaw-allowing-malware-hosting/
Researchers sinkhole PlugX malware server with 2.5 million unique IPs: Researchers have sinkholed a command and control server for a variant of the PlugX malware ...
bleepingcomputer.com/news/security/researchers-sinkhole-plugx-malware-server-with-25-million-unique-ips/
MITRE says state hackers breached its network via Ivanti zero-days: The MITRE Corporation says a state-backed hacking group breached its systems in January 2024 ...
bleepingcomputer.com/news/security/mitre-says-state-hackers-breached-its-network-via-ivanti-zero-days/
Telegram is down with "Connecting" error: Telegram users are currently experiencing issues worldwide, with users unable to use the website and mobile ...
bleepingcomputer.com/news/technology/telegram-is-down-with-connecting-error/
GitHub comments abused to push malware via Microsoft repo URLs: A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute ...
bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/
Malware dev lures child exploiters into honeytrap to extort them: You rarely root for a cybercriminal, but a new malware campaign targeting child exploiters ...
bleepingcomputer.com/news/security/malware-dev-lures-child-exploiters-into-honeytrap-to-extort-them/
Quick Glance: Malware Developer Targets Child Exploiters with Extortion Trap
- Since 2012, threat actors have been creating various types of malware and ransomware that pretend to be government agencies warning infected Windows users that they were viewing CSAM.
- Some malware families pretended to demand fines for viewing CSAM, such as Harasom, Urausy, and the Reveton trojans.
- A new malware called 'CryptVPN' targets those actively seeking child pornography by creating a fake website impersonating UsenetClub.
- The malware changes the target's wallpaper to an extortion demand and leaves a ransom note on the desktop with a Bitcoin extortion address of $500.
Microsoft: APT28 hackers exploit Windows flaw reported by NSA: Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler ...
bleepingcomputer.com/news/security/microsoft-apt28-hackers-exploit-windows-flaw-reported-by-nsa/
US imposes visa bans on 13 spyware makers and their families: The Department of State has started imposing visa restrictions on mercenary spyware makers and ...
bleepingcomputer.com/news/security/us-imposes-visa-bans-on-13-spyware-makers-and-their-families/
Over 1,400 CrushFTP servers vulnerable to actively exploited bug: Over 1,400 CrushFTP servers exposed online were found vulnerable to attacks currently ...
bleepingcomputer.com/news/security/over-1-400-crushftp-servers-vulnerable-to-actively-exploited-bug/
Windows 11 now comes with its own adware: It used to be that you could pay for a retail version of Windows 11 and expect it to be ad-free ...
engt.co/4a71C2d
Ring customers get $5.6 million in privacy breach settlement: The Federal Trade Commission is sending $5.6 million in refunds to Ring users whose private video ...
bleepingcomputer.com/news/security/ring-customers-get-56-million-in-privacy-breach-settlement/
Microsoft releases Exchange hotfixes for security update issues: Microsoft has released hotfix updates to address multiple known issues impacting Exchange ...
bleepingcomputer.com/news/microsoft/microsoft-releases-exchange-hotfixes-for-security-update-issues/
22,500 Palo Alto firewalls "possibly vulnerable" to ongoing attacks: Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely ...
bleepingcomputer.com/news/security/22-500-palo-alto-firewalls-possibly-vulnerable-to-ongoing-attacks/
LA County Health Services: Patients' data exposed in phishing attack: The L.A. County's Department of Health Services, the second-largest public health ...
bleepingcomputer.com/news/security/la-county-health-services-patients-data-exposed-in-phishing-attack/
Russian Sandworm hackers targeted 20 critical orgs in Ukraine: Russian hacker group Sandworm aimed to disrupt operations at around 20 critical infrastructure ...
bleepingcomputer.com/news/security/russian-sandworm-hackers-targeted-20-critical-orgs-in-ukraine/
Ransomware payments drop to record low of 28% in Q1 2024: Ransomware actors have had a rough start this year, as stats from cybersecurity firm Coveware show that ...
bleepingcomputer.com/news/security/ransomware-payments-drop-to-record-low-of-28-percent-in-q1-2024/
Google Meet opens client-side encrypted calls to non Google users: Google is updating the client-side encryption mechanism for Google Meet to allow external ...
bleepingcomputer.com/news/security/google-meet-opens-client-side-encrypted-calls-to-non-google-users/
CoralRaider attacks use CDN cache to push info-stealer malware: A threat actor has been using a content delivery network cache to store information-stealing ...
bleepingcomputer.com/news/security/coralraider-attacks-use-cdn-cache-to-push-info-stealer-malware/
Synlab Italia suspends operations following ransomware attack - @billtoulas Synlab Italia suspends operations following ransomware attack Synlab Italia suspends operations following ransomware attack
Hackers hijack antivirus updates to drop GuptiMiner malware: North Korean hackers have been exploiting the updating mechanism of the eScan antivirus to ...
bleepingcomputer.com/news/security/hackers-hijack-antivirus-updates-to-drop-guptiminer-malware/
HelloKitty ransomware rebrands, releases CD Projekt and Cisco data: An operator of the HelloKitty ransomware operation announced they changed the name to ...
bleepingcomputer.com/news/security/hellokitty-ransomware-rebrands-releases-cd-projekt-and-cisco-data/
Microsoft pulls fix for Outlook bug behind ICS security alerts: Microsoft reversed the fix for an Outlook bug causing erroneous security warnings after ...
bleepingcomputer.com/news/microsoft/microsoft-pulls-fix-for-outlook-bug-unexpected-ICS-warnings-after-December-security-updates/
Maximum severity Flowmon bug has a public exploit, patch now: Proof-of-concept exploit code has been released for a top-severity security vulnerability in ...
bleepingcomputer.com/news/security/maximum-severity-flowmon-bug-has-a-public-exploit-patch-now/
PuTTY SSH client flaw allows recovery of cryptographic private keys: A vulnerability tracked as CVE-2024-31497 in PuTTY 0.68 through 0.80 could potentially allow ...
bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/
Train for Microsoft certifications with $350 off this course bundle: If you work in IT, you're working with Microsoft. This 11-course Microsoft exam prep ...
bleepingcomputer.com/offer/deals/train-for-microsoft-certifications-with-350-off-this-course-bundle/
United Nations agency investigates ransomware attack, data theft: The United Nations Development Programme (UNDP) is investigating a cyberattack after threat ...
bleepingcomputer.com/news/security/united-nations-agency-investigates-ransomware-attack-claimed-by-8Base-gang/
UnitedHealth: Change Healthcare cyberattack caused $872 million loss: UnitedHealth Group reported an $872 million impact on its Q1 earnings due to the ransomware ...
bleepingcomputer.com/news/security/unitedhealth-change-healthcare-cyberattack-caused-872-million-loss/
Critical Forminator plugin flaw impacts over 300k WordPress sites: The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows ...
bleepingcomputer.com/news/security/critical-forminator-plugin-flaw-impacts-over-300k-wordpress-sites/
Palo Alto Networks zero-day exploited since March to backdoor firewalls: Suspected state-sponsored hackers have been exploiting an unpatched zero-day in Palo ...
bleepingcomputer.com/news/security/palo-alto-networks-zero-day-exploited-since-march-to-backdoor-firewalls/
FBI: Akira ransomware raked in $42 million from 250+ victims: The Akira ransomware operation has breached the networks of over 250 organizations and raked in ...
bleepingcomputer.com/news/security/fbi-akira-ransomware-raked-in-42-million-from-250-plus-victims/
Cisco warns of large-scale brute-force attacks against VPN services: Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH ...
bleepingcomputer.com/news/security/cisco-warns-of-large-scale-brute-force-attacks-against-vpn-services/
US charges Samourai cryptomixer founders for laundering $100 million: Keonne Rodriguez and William Lonergan Hill have been charged by the U.S ...
bleepingcomputer.com/news/security/us-charges-samourai-cryptomixer-founders-for-laundering-100-million/
CrushFTP warns users to patch exploited zero-day “immediately”: CrushFTP warned customers today in a private memo of an actively exploited zero-day vulnerability ...
bleepingcomputer.com/news/security/crushftp-warns-users-to-patch-exploited-zero-day-immediately/
Fake cheat lures gamers into spreading infostealer malware: A new info-stealing malware linked to Redline poses as a game cheat called 'Cheat Lab ...
bleepingcomputer.com/news/security/fake-cheat-lures-gamers-into-spreading-infostealer-malware/
Palo Alto Networks fixes zero-day exploited to backdoor firewalls: Palo Alto Networks has started releasing hotfixes for a zero-day vulnerability that has been ...
bleepingcomputer.com/news/security/palo-alto-networks-fixes-zero-day-exploited-to-backdoor-firewalls/
Frontier Communications shuts down systems after cyberattack: American telecom provider Frontier Communications is restoring systems after a cybercrime group ...
bleepingcomputer.com/news/security/frontier-communications-shuts-down-systems-after-cyberattack/
LabHost phishing service with 40,000 domains disrupted, 37 arrested: The LabHost phishing-as-a-service (PhaaS) platform has been disrupted in a year-long global ...
bleepingcomputer.com/news/security/labhost-phishing-service-with-40-000-domains-disrupted-37-arrested/
Russian Sandworm hackers pose as hacktivists in water utility breaches: The Sandworm hacking group associated with Russian military intelligence has been hiding ...
bleepingcomputer.com/news/security/russian-sandworm-hackers-pose-as-hacktivists-in-water-utility-breaches/
Apple's iPhone notification you don't want to get: Apple sends out warnings multiple times a year to individuals it believes are the target of spyware attacks.
businessinsider.com/apple-iphone-spyware-attack-alert-2024-4
Cybercriminals pose as LastPass staff to hack password vaults: LastPass is warning of a malicious campaign targeting its users with the CryptoChameleon phishing ...
bleepingcomputer.com/news/security/cybercriminals-pose-as-lastpass-staff-to-hack-password-vaults/
Ransomware gang starts leaking alleged stolen Change Healthcare data: The RansomHub extortion gang has begun leaking what they claim is corporate and patient ...
bleepingcomputer.com/news/security/ransomware-gang-starts-leaking-alleged-stolen-change-healthcare-data/
Exploit released for Palo Alto PAN-OS bug used in attacks, patch now: Exploit code is now available for a maximum severity and actively exploited vulnerability ...
bleepingcomputer.com/news/security/exploit-released-for-palo-alto-pan-os-bug-used-in-attacks-patch-now/
DPRK hacking groups breach South Korean defense contractors: The National Police Agency in South Korea issued an urgent warning today about North Korean hacking ...
bleepingcomputer.com/news/security/dprk-hacking-groups-breach-south-korean-defense-contractors/
T-Mobile, Verizon workers get texts offering $300 for SIM swaps: Criminals are now texting T-Mobile and Verizon employees on their personal and work phones ...
bleepingcomputer.com/news/security/t-mobile-verizon-workers-get-texts-offering-300-for-sim-swaps/
Microsoft will limit Exchange Online bulk emails to fight spam: Microsoft has announced plans to fight spam by imposing a daily Exchange Online bulk email limit ...
bleepingcomputer.com/news/microsoft/microsoft-will-limit-exchange-online-bulk-emails-to-fight-spam/
Start mastering ethical hacking with $1,000 off this training bundle: Malicious actors are proliferating even as the risks are growing across the board ...
bleepingcomputer.com/offer/deals/start-mastering-ethical-hacking-with-1-000-off-this-training-bundle/
New SteganoAmor attacks use steganography to target 320 orgs globally - @billtoulas New SteganoAmor attacks use steganography to target 320 orgs globally New SteganoAmor attacks use steganography to target 320 orgs globally
840-bed hospital in France postpones procedures after cyberattack: The Hospital Simone Veil in Cannes (CHC-SV) has announced that it was targeted by a ...
bleepingcomputer.com/news/security/chc-sv-hospital-in-france-postpones-procedures-after-cyberattack/
Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks: Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability ...
bleepingcomputer.com/news/security/palo-alto-networks-warns-of-pan-os-firewall-zero-day-used-in-attacks/
Save money and the planet with $140+ off this refurbished Surface laptop: This refurbished Microsoft Surface 4 laptop, packed with security features and ...
bleepingcomputer.com/offer/deals/save-money-and-the-planet-with-140-plus-off-this-refurbished-surface-laptop/
Microsoft: New Copilot app added by Edge doesn’t collect data: Microsoft says the new Copilot app, added by recent Edge updates to the list of installed Windows ...
bleepingcomputer.com/news/microsoft/microsoft-new-copilot-app-added-by-edge-doesnt-collect-data/
Moldovan charged for operating botnet used to push ransomware: The U.S. Justice Department charged Moldovan national Alexander Lefterov, the owner and operator ...
bleepingcomputer.com/news/security/moldovan-charged-for-operating-botnet-used-to-push-ransomware/
The GitHub file upload feature can also be abused with images and videos, but those files are stored under the /assets/ path instead ... Show more
Roku warns 576,000 accounts hacked in new credential stuffing attacks: Roku warns that 576,000 accounts were hacked in new credential stuffing attacks after ...
bleepingcomputer.com/news/security/roku-warns-576-000-accounts-hacked-in-new-credential-stuffing-attacks/
Quick Glance: Roku Discovers New Hacking Incident Affecting 576,000 Users
- Roku has uncovered a wider hacking effort using logins exposed in unrelated breaches. The company has now turned on two-factor authentication for all user accounts.
- A second hacking incident ensnared 'approximately 576,000 additional accounts,' as the company wrote in a blog post on Friday.
- The hackers are using stolen email addresses and password combinations from other sites to access Roku's login page and check if users are reusing the same login credentials across multiple services.
- Roku has reset the passwords for affected users and activated two-factor authentication for all user accounts, regardless of whether they were impacted or not.
Hackers hijack OpenMetadata apps in Kubernetes cryptomining attacks: In an ongoing Kubernetes cryptomining campaign, attackers target OpenMetadata workloads ...
bleepingcomputer.com/news/security/hackers-hijack-openmetadata-apps-in-kubernetes-cryptomining-attacks/
Multiple botnets exploiting one-year-old TP-Link flaw to hack routers: At least six distinct botnet malware operations are hunting for TP-Link Archer AX21 ...
bleepingcomputer.com/news/security/multiple-botnets-exploiting-one-year-old-tp-link-flaw-to-hack-routers/
A one-year Sam's Club membership is only $14 now: Make your monthly budget last by getting more of your shopping done under one roof. For a limited time ...
bleepingcomputer.com/offer/deals/a-one-year-sams-club-membership-is-only-14-now/
Firebird RAT creator and seller arrested in the U.S. and Australia: A joint police operation between the Australian Federal Police (AFP) and the FBI has led to ...
bleepingcomputer.com/news/security/firebird-rat-creator-and-seller-arrested-in-the-us-and-australia/
Preparing for IT exams? This library of study guides is now under $30: With this deal, you get lifetime access to the library of 10 study guides on desktop and ...
bleepingcomputer.com/offer/deals/preparing-for-it-exams-this-library-of-study-guides-is-now-under-30/
FIN7 targets American automaker’s IT staff in phishing attacks: The financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing ...
bleepingcomputer.com/news/security/fin7-targets-american-automakers-it-staff-in-phishing-attacks/
Chipmaker Nexperia confirms breach after ransomware gang leaks data: Dutch chipmaker Nexperia confirmed late last week that hackers breached its network in March ...
bleepingcomputer.com/news/security/chipmaker-nexperia-confirms-breach-after-ransomware-gang-leaks-data/
Save money with over $40 off this refurbished Lenovo tower: Get this refurbished Lenovo ThinkCentre M910Q Tower with Windows 10 for $179.99 (reg. $223).
bleepingcomputer.com/offer/deals/save-money-with-over-40-off-this-refurbished-lenovo-tower/
Google to crack down on third-party YouTube apps that block ads: YouTube announced yesterday that third-party applications that block ads while watching YouTube ...
bleepingcomputer.com/news/google/google-to-crack-down-on-third-party-youtube-apps-that-block-ads/
Telegram fixes Windows app zero-day caused by file extension typo: Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used ...
bleepingcomputer.com/news/security/telegram-fixes-windows-app-zero-day-caused-by-file-extension-typo/
Daixin ransomware gang claims attack on Omni Hotels: The Daixin Team ransomware gang claimed a recent cyberattack on Omni Hotels & Resorts and is now threatening ...
bleepingcomputer.com/news/security/daixin-ransomware-gang-claims-attack-on-omni-hotels/
With two exceptions: Germans give Corona policy a good report: Mask requirements, vaccinations, curfews: Hardly a day goes by during the corona pandemic without ...
n-tv.de/politik/Deutsche-stellen-Corona-Politik-ein-gutes-Zeugnis-aus-article24891927.html
DuckDuckGo launches a premium Privacy Pro VPN service: DuckDuckGo has launched a new paid-for 3-in-1 subscription service called 'Privacy Pro ...
bleepingcomputer.com/news/security/duckduckgo-launches-a-premium-privacy-pro-vpn-service/
SoumniBot malware exploits Android bugs to evade detection: A new Android banking malware named 'SoumniBot' is using a less common obfuscation approach ...
bleepingcomputer.com/news/security/soumnibot-malware-exploits-android-bugs-to-evade-detection/
LastPass: Hackers targeted employee in failed deepfake CEO call: LastPass revealed this week that threat actors targeted one of its employees in a voice phishing ...
bleepingcomputer.com/news/security/lastpass-hackers-targeted-employee-in-failed-deepfake-ceo-call/
Medium bans AI-generated content from its paid Partner Program: Medium is banning AI-generated content from its paid Partner program, notifying users that the ...
bleepingcomputer.com/news/technology/medium-bans-ai-generated-content-from-its-paid-partner-program/
OpenTable won't add first names, photos to old reviews after backlash: OpenTable has reversed its decision to show members' first names and profile ...
bleepingcomputer.com/news/security/opentable-wont-add-first-names-photos-to-old-reviews-after-backlash/
Upgrade your workstation with MS Office Pro for less than $70: Get this lifetime license to Microsoft Office Pro 2021 for $55.99 (reg. $219) ...
bleepingcomputer.com/offer/deals/upgrade-your-workstation-with-ms-office-pro-for-less-than-70/
New to NewsWall?
Sign up now to get your own personalized news!
Trending topics