BleepingComputer.com: Cybersecurity News.

"Microsoft Edge is getting a 'darker' dark mode theme."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 30 July 2023, 1334 UTC.  Content provided by "BleepingComputer.com."

Source:  https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Microsoft Edge is getting a 'darker' dark mode theme

  • Microsoft has quietly announced an enhancement to the Edge browser's dark mode, making it even darker.

  • Bazan Group Israel
     

Israel's largest oil refinery website offline amid cyber attack claims

  • Website of Israel's largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group's cyber systems.

  • Key Decryptor Unlock
     

Linux version of Abyss Locker ransomware targets VMware ESXi servers

Browser developers push back on Google's “web DRM” WEI API

  • Google's plans to introduce the Web Environment Integrity (WEI) API on Chrome has been met with fierce backlash from internet software developers, drawing criticism for limiting user freedom and undermining the core principles of the open web.

  • Twitter X upside down rename rebrand
     

Apple rejects new name 'X' for Twitter iOS app because... rules

  • Mr. Musk may have successfully pushed Twitter's new name and logo, 'X', and even made the vanity domain x.com redirect to the social media website, but that's not to say, the Mathematical double-struck letter will fit the bill everywhere. Apple's App Store can't accept Twitter iOS app's new name due to minimum character requirements

  • CISA
     

CISA: New Submarine malware found on hacked Barracuda ESG appliances

  • CISA says new malware known as Submarine was used to backdoor Barracuda ESG (Email Security Gateway) appliances on federal agencies' networks by exploiting a now-patched zero-day bug.

  • Apple
     

Apple says new App Store API rules will limit user fingerprinting

  • Starting this fall, Apple has announced that developers will be required to provide a reason for using certain APIs that can collect information from their apps' users.

  • Financial Fraud steal theft money
     

The Week in Ransomware - July 28th 2023 - New extortion tactics

  • With ransom payments declining, ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims.

  • Ivanti
     

Ivanti patches new zero-day exploited in Norwegian govt attacks

  • Ivanti has fixed another vulnerability in the Endpoint Manager Mobile software (formerly MobileIron Core), exploited as a zero-day to breach the IT systems of a dozen ministries in Norway.

  • Twitter X rebranding
     

Twitter's rebranding to 'X' triggers Microsoft Edge security alert

  • Microsoft Edge web browser has been displaying security warnings after Twitter changed its name to 'X'. It's got to do with a security feature dubbed 'Progressive Web App Icon change', designed to keep users safe during app icon or name changes.

  • CISA
     

CISA warns of breach risks from IDOR web app vulnerabilities

  • CISA warned today of the significant breach risks linked to insecure direct object reference (IDOR) vulnerabilities impacting web applications in a joint advisory with the Australian Cyber Security Centre (ACSC) and U.S. National Security Agency (NSA).

  • Android
     

New Android malware uses OCR to steal credentials from images

  • Two new Android malware families named 'CherryBlos' and 'FakeTrade' were discovered on Google Play, aiming to steal cryptocurrency credentials and funds or conduct scams.

  • Hawaii Community College
     

Hawai'i Community College pays ransomware gang to prevent data leak

  • The HawaiĘ»i Community College has admitted that it paid a ransom to ransomware actors to prevent the leaking of stolen data of approximately 28,000 people.

  • Hacker Bitcoin
     

CoinsPaid blames Lazarus hackers for theft of $37,300,000 in crypto

  • Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in the theft of $37,200,000 worth of cryptocurrency.

  • Hacker smiley
     

BreachForums database and private chats for sale in hacker data breach

  • While consumers are usually the ones worried about their information being exposed in data breaches, it's now the hacker's turn, as the notorious Breached cybercrime forum's database is up for sale and member data shared with Have I Been Pwned.

  • Zimbra
     

Zimbra patches zero-day vulnerability exploited in XSS attacks

  • Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers.

VIEW MORE

Comments

Popular posts from this blog

The Cyberwire Daily Briefing

BleepingComputer.com

SecurityWeek Briefing