BleepingComputer.com

"Fake ransomware gang targets U.S. orgs with empty data leak threats."

Views expressed in this cybersecurity, cybercrime update are those of the reportes and correspondents.  Accessed on 02 April 2023, 1340 UTC.  Content supplied by "BleepingComputer.com."

Source:  https://www.bleepingcomputer.com/ (Latest cybersecurity, cybercrime news from "BleepingComputer.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts

https://www.hawaiicybersecurityjournal.net

https://paper.li/RussellRoberts

LATEST ARTICLES

• 
   
  SECURITY

Fake ransomware gang targets U.S. orgs with empty data leak threats

• Fake extortionists are piggybacking on data breaches and ransomware incidents, threatening U.S. companies with publishing or selling allegedly stolen data unless they get paid.

  • IONUT ILASCU
   
  • APRIL 01, 2023
   
  • 11:59 AM
   
  •  0
• 
   
  SECURITY, LEGAL

DISH slapped with multiple lawsuits after ransomware cyber attack

• Dish Network has been slapped with multiple class action lawsuits after it suffered a ransomware incident that was behind the company's multi-day "network outage." The legal actions aim to recover losses faced by DISH investors who were adversely affected by what has been dubbed a "securities fraud." 

  • AX SHARMA
   
  • APRIL 01, 2023
   
  • 06:39 AM
   
  •  1
• 
   
  TECHNOLOGY

Twitter open-sources recommendation algorithm code

• Twitter announced on Friday that it's open-sourcing the code behind the recommendation algorithm the platform uses to select the contents of the users' For You timeline.

  • SERGIU GATLAN
   
  • MARCH 31, 2023
   
  • 04:02 PM
   
  •  0
• 
   
  SECURITY

15 million public-facing services vulnerable to CISA KEV flaws

• Over 15 million publicly facing services are susceptible to at least one of the 896 vulnerabilities listed in CISA's KEV (known exploitable vulnerabilities) catalog.

  • BILL TOULAS
   
  • MARCH 31, 2023
   
  • 03:23 PM
   
  •  0
• 
   
  SECURITY

Hackers exploit bug in Elementor Pro WordPress plugin with 11M installs

• Hackers are actively exploiting a high-severity vulnerability in the popular Elementor Pro WordPress plugin used by over eleven million websites.

  • BILL TOULAS
   
  • MARCH 31, 2023
   
  • 11:52 AM
   
  •  1
• 
   
  MICROSOFT, SECURITY

10-year-old Windows bug with 'opt-in' fix exploited in 3CX attack

• A 10-year-old Windows vulnerability is still being exploited in attacks to make it appear that executables are legitimately signed, with the fix from Microsoft still "opt-in" after all these years. Even worse, the fix is removed after upgrading to Windows 11.

  • LAWRENCE ABRAMS
   
  • MARCH 31, 2023
   
  • 10:38 AM
   
  •  7
• 
   
  SECURITY

Consumer lender TMX discloses data breach impacting 4.8 million people

• TMX Finance and its subsidiaries TitleMax, TitleBucks, and InstaLoan have collectively disclosed a data breach that exposed the personal data of 4,822,580 customers.

  • BILL TOULAS
   
  • MARCH 31, 2023
   
  • 10:18 AM
   
  •  0
• 
   
  SECURITY

Winter Vivern hackers exploit Zimbra flaw to steal NATO emails

• A Russian hacking group tracked as TA473, aka 'Winter Vivern,' has been actively exploiting vulnerabilities in unpatched Zimbra endpoints since February 2023 to steal the emails of NATO officials, governments, military personnel, and diplomats.

  • BILL TOULAS
   
  • MARCH 30, 2023
   
  • 05:56 PM
   
  •  0
• 
   
  SECURITY, MICROSOFT

Microsoft OneNote will block 120 dangerous file extensions

• Microsoft has shared more information on what types of malicious embedded files OneNote will soon block to defend users against ongoing phishing attacks pushing malware.

  • SERGIU GATLAN
   
  • MARCH 30, 2023
   
  • 05:40 PM
   
  •  5
• 
   
  SECURITY

Ukrainian cyberpolice busts fraud gang that stole $4.3 million

• Ukraine's cyberpolice has arrested members of a fraud gang that stole roughly $4,300,000 from over a thousand victims across the EU.

  • BILL TOULAS
   
  • MARCH 30, 2023
   
  • 04:29 PM
   
  •  0
• 
   
  SECURITY

CISA orders agencies to patch bugs exploited to drop spyware

• The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies today to patch a set of security vulnerabilities exploited as zero-days in recent attacks to install commercial spyware on mobile devices.

  • SERGIU GATLAN
   
  • MARCH 30, 2023
   
  • 03:52 PM
   
  •  0
• 
   
  SECURITY

Realtek and Cacti flaws now actively exploited by malware botnets

• Multiple malware botnets actively target Cacti and Realtek vulnerabilities in campaigns detected between January and March 2023, spreading ShellBot and Moobot malware.

  • BILL TOULAS
   
  • MARCH 30, 2023
   
  • 02:44 PM
   
  •  0
• 
   
  MICROSOFT

Microsoft testing adaptive brightness on more Windows 11 devices

• Microsoft says the new Windows 11 preview build rolling out today will allow Insiders to test the company's adaptive brightness feature on more systems.

  • SERGIU GATLAN
   
  • MARCH 30, 2023
   
  • 02:13 PM
   
  •  2
• 
   
  SECURITY, MICROSOFT

Bing search results hijacked via misconfigured Microsoft app

• A misconfigured Microsoft application allowed anyone to log in and modify Bing.com search results in real-time, as well as inject XSS attacks to potentially breach the accounts of Office 365 users.

  • BILL TOULAS
   
  • MARCH 30, 2023
   
  • 01:05 PM
   
  •  0
• 
   
  SECURITY, CLOUD

New AlienFox toolkit steals credentials for 18 cloud services

• A new modular toolkit called 'AlienFox' allows threat actors to scan for misconfigured servers to steal authentication secrets and credentials for cloud-based email services.

  • BILL TOULAS
   
  • MARCH 30, 2023
   
  • 06:00 AM
   
  •  0

• 1
 
• 2
 
• 3
 
• 4
 
• 5
 

VIEW MORE