Skip to main content

BleepingComputer.com

"Fake ransomware gang targets U.S. orgs with empty data leak threats."

Views expressed in this cybersecurity, cybercrime update are those of the reportes and correspondents.  Accessed on 02 April 2023, 1340 UTC.  Content supplied by "BleepingComputer.com."

Source:  https://www.bleepingcomputer.com/ (Latest cybersecurity, cybercrime news from "BleepingComputer.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts

https://www.hawaiicybersecurityjournal.net

https://paper.li/RussellRoberts

Fake ransomware gang targets U.S. orgs with empty data leak threats

  • Fake extortionists are piggybacking on data breaches and ransomware incidents, threatening U.S. companies with publishing or selling allegedly stolen data unless they get paid.

  • Dish Network
     

DISH slapped with multiple lawsuits after ransomware cyber attack

  • Dish Network has been slapped with multiple class action lawsuits after it suffered a ransomware incident that was behind the company's multi-day "network outage." The legal actions aim to recover losses faced by DISH investors who were adversely affected by what has been dubbed a "securities fraud." 

  • Twitter
     

Twitter open-sources recommendation algorithm code

  • Twitter announced on Friday that it's open-sourcing the code behind the recommendation algorithm the platform uses to select the contents of the users' For You timeline.

  • Hacker smiley
     

15 million public-facing services vulnerable to CISA KEV flaws

  • Over 15 million publicly facing services are susceptible to at least one of the 896 vulnerabilities listed in CISA's KEV (known exploitable vulnerabilities) catalog.

  • WordPress
     

Hackers exploit bug in Elementor Pro WordPress plugin with 11M installs

  • Hackers are actively exploiting a high-severity vulnerability in the popular Elementor Pro WordPress plugin used by over eleven million websites.

  • Windows
     

10-year-old Windows bug with 'opt-in' fix exploited in 3CX attack

  • A 10-year-old Windows vulnerability is still being exploited in attacks to make it appear that executables are legitimately signed, with the fix from Microsoft still "opt-in" after all these years. Even worse, the fix is removed after upgrading to Windows 11.

  • Consumer lender TMX discloses data breach impacting 4.8 million people
     

Consumer lender TMX discloses data breach impacting 4.8 million people

  • TMX Finance and its subsidiaries TitleMax, TitleBucks, and InstaLoan have collectively disclosed a data breach that exposed the personal data of 4,822,580 customers.

  • Hacker
     

Winter Vivern hackers exploit Zimbra flaw to steal NATO emails

  • A Russian hacking group tracked as TA473, aka 'Winter Vivern,' has been actively exploiting vulnerabilities in unpatched Zimbra endpoints since February 2023 to steal the emails of NATO officials, governments, military personnel, and diplomats.

  • Microsoft OneNote
     

Microsoft OneNote will block 120 dangerous file extensions

  • Microsoft has shared more information on what types of malicious embedded files OneNote will soon block to defend users against ongoing phishing attacks pushing malware.

  • Arrested handcuffs
     

Ukrainian cyberpolice busts fraud gang that stole $4.3 million

  • Ukraine's cyberpolice has arrested members of a fraud gang that stole roughly $4,300,000 from over a thousand victims across the EU.

  • CISA
     

CISA orders agencies to patch bugs exploited to drop spyware

  • The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies today to patch a set of security vulnerabilities exploited as zero-days in recent attacks to install commercial spyware on mobile devices.

  • Robot Hacker
     

Realtek and Cacti flaws now actively exploited by malware botnets

  • Multiple malware botnets actively target Cacti and Realtek vulnerabilities in campaigns detected between January and March 2023, spreading ShellBot and Moobot malware.

  • Windows 11 HDR
     

Microsoft testing adaptive brightness on more Windows 11 devices

  • Microsoft says the new Windows 11 preview build rolling out today will allow Insiders to test the company's adaptive brightness feature on more systems.

  • Bing Chat
     

Bing search results hijacked via misconfigured Microsoft app

  • A misconfigured Microsoft application allowed anyone to log in and modify Bing.com search results in real-time, as well as inject XSS attacks to potentially breach the accounts of Office 365 users.

  • purplefox
     

New AlienFox toolkit steals credentials for 18 cloud services

  • A new modular toolkit called 'AlienFox' allows threat actors to scan for misconfigured servers to steal authentication secrets and credentials for cloud-based email services.

VIEW MORE

Comments

Popular posts from this blog

Cyber War News Today.

"International Defence Cooperation:  A key to regional stability." Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 15 December 2024, 0134 UTC. Content and Source:   https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Cyber War News Monitoring Get by    Email    •     RSS Published on  Dec 13, 2024 The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 13.3% WILMINGTON, DE, UNITED STATES, December 13, 2024 /⁨EINPresswire.com⁩/ -- According to the report, The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 1...

SecurityWeek Briefing

"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controvers...

The Cyberwire Daily Briefing

"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deplo...