Bleepingcomputer.com: Cybersecurity News

Google Search poisoned with torrent sites via Data Studio.

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 18 November 2022, 1440 UTC.  Content supplied by "Bleepingcomputer.com."

Source:  https://www.bleepingcomputer.com/

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRobers).

Google Search results poisoned with torrent sites via Data Studio

  • Threat actors are abusing Google's Looker Studio (formerly Google Data Studio) to boost search engine rankings for their illicit websites that promote spam, torrents, and pirated content.

  • Coder Programmer
     

Learn coding fundamentals with this $40 master class in C

  • The 2023 Premium C Programming Developer Bundle bundle includes more than 80 hours of tutorials and exercises. It's now available for $40, a price that's hundreds of dollars off the combined MSRP.

    • BLEEPINGCOMPUTER DEALS
    •  
    • NOVEMBER 18, 2022
    •  
    • 07:27 AM
    •  
    • Comment Count 0
  • Atlassian
     

Atlassian fixes critical command injection bug in Bitbucket Server

  • Atlassian has released updates to address critical-severity updates in its centralized identity management platform, Crowd Server and Data Center, and in Bitbucket Server and Data Center, the company's solution for Git repository management.

  • Phishing
     

Phishing kit impersonates well-known brands to target US shoppers

  • A sophisticated phishing kit has been targeting North Americans since mid-September, using lures focused on holidays like Labor Day and Halloween.

  • Windows
     

Microsoft fixes Windows Kerberos auth issues in emergency updates

  • Microsoft has released optional out-of-band (OOB) updates to fix a known issue triggering Kerberos sign-in failures and other authentication problems on enterprise Windows domain controllers after installing cumulative updates released during November's Patch Tuesday.

  • Bitcoin
     

Previously unidentified ARCrypter ransomware expands worldwide

  • A previously unknown 'ARCrypter' ransomware that compromised key organizations in Latin America is now expanding its attacks worldwide.

  • Hive ransomware
     

FBI: Hive ransomware extorted $100M from over 1,300 victims

  • The Federal Bureau of Investigation (FBI) said today that the notorious Hive ransomware gang has successfully extorted roughly $100 million from over a thousand companies since June 2021.

  • Microsoft Office
     

Get Microsoft Office and 50 hours training in this $60 bundle deal

  • Right now, you can get all 12 classes plus MS Office Professional for Windows for $59, which saves you hundreds off the combined MSRP.

    • BLEEPINGCOMPUTER DEALS
    •  
    • NOVEMBER 17, 2022
    •  
    • 02:11 PM
    •  
    • Comment Count 0
  • Qbot QakBot
     

QBot phishing abuses Windows Control Panel EXE to infect devices

  • Phishing emails distributing the QBot malware are using a DLL hijacking flaw in the Windows 10 Control Panel to infect computers, likely as an attempt to evade detection by security software.

  • F5
     

F5 fixes two remote code execution flaws in BIG-IP, BIG-IQ

  • F5 has released hotfixes for its BIG-IP and BIG-IQ products, addressing two high-severity flaws allowing attackers to perform unauthenticated remote code execution (RCE) on vulnerable endpoints.

  • Microsoft
     

Microsoft urges devs to migrate away from .NET Core 3.1 ASAP

  • Microsoft has urged developers still using the long-term support (LTS) release of .NET Core 3.1 to migrate to the latest .NET Core versions until it reaches the end of support (EOS) next month.

  • Z-Library
     

U.S. charges Russian suspects with operating Z-Library e-Book site

  • Anton Napolsky (33) and Valeriia Ermakova (27), two Russian nationals, were charged with intellectual property crimes linked to Z-Library, a pirate online eBook repository.

  • Score early Black Friday savings on CleanMyMac in this limited time deal
     

Score early Black Friday savings on CleanMyMac in this limited time deal

  • A one-year subscription for one Mac, as mentioned, is just $24.99 for a very limited time. Also available are subscriptions for two Macs for just $39.99, and for five Macs that's just $59.99 — Great options for businesses that may use more than one machine. 

    • BLEEPINGCOMPUTER DEALS
    •  
    • NOVEMBER 17, 2022
    •  
    • 07:14 AM
    •  
    • Comment Count 0
  • Windows 10
     

Microsoft fixes bug behind Windows 10 freezes, desktop issues

  • Microsoft has resolved a known issue triggering errors and temporarily causing the taskbar and desktop to disappear on Windows 10 systems.

  • DDoS Denial of Service
     

Updated RapperBot malware targets game servers in DDoS attacks

  • The Mirai-based botnet 'RapperBot' has re-emerged via a new campaign that infects IoT devices for DDoS (Distributed Denial of Service) attacks against game servers.

  • Police arrest
     

Suspected Zeus cybercrime ring leader ‘Tank’ arrested by Swiss police

  • Vyacheslav Igorevich Penchukov, also known as Tank and one of the leaders of the notorious JabberZeus cybercrime gang, was arrested in Geneva last month.

  • iPad Air
     

Go refurbished and save hundreds on this 16GB iPad Air

  • While supplies last, this space gray 16GB Apple iPad Air is available fully refurbished for $105.99 - a savings of more than 75% off the original MSRP.

    • BLEEPINGCOMPUTER DEALS
    •  
    • NOVEMBER 16, 2022
    •  
    • 02:05 PM
    •  
    • Comment Count 0
  • Twitter
     

Twitter source code indicates end-to-end encrypted DMs are coming

  • Twitter is reportedly working on finally adding end-to-end encryption (E2EE) for direct messages (DMs) exchanged between users on the social media platform.

  • Hacker cybersecurity
     

US govt: Iranian hackers breached federal agency using Log4Shell exploit

  • The FBI and CISA revealed in a joint advisory published today that an unnamed Iranian-backed threat group hacked a Federal Civilian Executive Branch (FCEB) organization to deploy XMRig cryptomining malware.

VIEW MORE

Comments

Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.