BleepingComputer.com

"Kansas court confirms data theft, ransom demand after cyberattack."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 23 November 2023, 1550 UTC.

Content and Source:  https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Black Friday 2023: Get 25% off the Zero2Automated malware analysis course

  • The popular Zero2Automated malware analysis and reverse-engineering course has a Black Friday 2023 through Cyber Monday sale, where you can get 25% off sitewide, including gift certificates and courses.

  • Court gavel
     

Kansas courts confirm data theft, ransom demand after cyberattack

  • The Kansas Judicial Branch has published an update on a cybersecurity incident it suffered last month, confirming that hackers stole sensitive files containing confidential information from its systems.

  • Laptop fingerprint
     

Windows Hello auth bypassed on Microsoft, Dell, Lenovo laptops

  • Security researchers bypassed Windows Hello fingerprint authentication on Dell Inspiron, Lenovo ThinkPad, and Microsoft Surface Pro X laptops in attacks exploiting security flaws found in the embedded fingerprint sensors.

  • Data Breach
     

Welltok data breach exposes data of 8.5 million US patients

  • Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack.

  • North Korean hackers
     

Microsoft: Lazarus hackers breach CyberLink in supply chain attack

  • Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers to push malware in a supply chain attack targeting potential victims worldwide.

  • Botnet
     

New botnet malware exploits two zero-days to infect NVRs and routers

  • A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices.

  • Black Friday
     

The Black Friday 2023 Security, IT, VPN, & Antivirus Deals

  • Black Friday 2023 is here, and great deals are live in computer security, software, online courses, system admin services, antivirus, and VPN software.

  • Cyberattack ddos network cybersecurity
     

Open-source Blender project battling DDoS attacks since Saturday

  • Blender has confirmed that recent site outages have been caused by ongoing DDoS (distributed denial of service) attacks that started on Saturday.

  • AI assistant Copilot
     

Microsoft now rolling out Copilot to Windows 10 devices

  • Microsoft is now rolling out the Copilot AI assistant to eligible non-managed systems enrolled in the Windows Insider program and running Windows 10 22H2 Home and Pro editions.

  • INL
     

Hacktivists breach U.S. nuclear research lab, steal employee data

  • The Idaho National Laboratory (INL) confirms they suffered a cyberattack after 'SiegedSec' hacktivists leaked stolen human resources data online.

  • Data theft data breach hacker cyberattack
     

Malware dev says they can revive expired Google auth cookies

  • The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts.

  • Microsoft
     

Microsoft launches Defender Bounty Program with $20,000 rewards

  • Microsoft has unveiled a new bug bounty program aimed at the Microsoft Defender security platform, with rewards between $500 and $20,000.

  • AutoZone
     

Auto parts giant AutoZone warns of MOVEit data breach

  • AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks.

  • Linux
     

CISA orders federal agencies to patch Looney Tunables Linux bug

  • Today, CISA ordered U.S. federal agencies to secure their systems against an actively exploited vulnerability that lets attackers gain root privileges on many major Linux distributions.

  • Citrix Bleed
     

Citrix warns admins to kill NetScaler user sessions to block hackers

  • Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 'Citrix Bleed' vulnerability to secure vulnerable devices against attacks.

  • Hacker red map
     

DarkGate and Pikabot malware emerge as Qakbot’s successors

  • A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it the most advanced phishing campaign since the Qakbot operation was dismantled.

VIEW MORE

Comments

Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.