BleepingComputer.com

"Hacker arrested for cryptojacking 1 million virtual servers."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 13 January 2024, 2127 UTC.

Content and Source:  https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please click link or scroll down to read your selections.

Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

Hacker arrested for cryptojacking 1 million virtual servers

  • A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency. 

  • PowerShell
     
    DEALS

Automate Windows with $58 off this Powershell course bundle

  • Scripting is a powerful tool for Windows users, regardless of their skill level. This six-course PowerShell training series shows you how to get more from Windows for $19.99, $58 off the $78 MSRP.

    • BLEEPINGCOMPUTER DEALS
      •  
    • JANUARY 13, 2024
      •  
    • 08:12 AM
      •  
    • Comment Count 0
  • The Week in Ransomware - January 12th 2024 - Targeting homeowners' data
     
    SECURITY

The Week in Ransomware - January 12th 2024 - Targeting homeowners' data

  • Mortgage lenders and related companies are becoming popular targets of ransomware gangs, with four companies in this sector recently attacked.

  • SharePoint
     
    SECURITY, MICROSOFT

CISA: Critical Microsoft SharePoint bug now actively exploited

  • CISA warns that attackers are now exploiting a critical Microsoft SharePoint privilege escalation vulnerability that can be chained with another critical bug for remote code execution.

  • GitLab
     
    SECURITY

GitLab warns of critical zero-click account hijacking vulnerability

  • GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction.

  • Juniper
     
    SECURITY

Juniper warns of critical RCE bug in its firewalls and switches

  • Juniper Networks has released security updates to fix a critical pre-auth remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches.

  • Ivanti
     
    SECURITY

Ivanti Connect Secure zero-days exploited to deploy custom malware

  • Hackers have been exploiting the two zero-day vulnerabilities in Ivanti Connect Secure disclosed this week since early December to deploy multiple families of custom malware for espionage purposes.

  • Microsoft Office
     
    DEALS

Start the new year with $200 off Microsoft Office for Windows or Mac

  • Get Microsoft Office Home & Business 2019 for Mac for $29.97 from StackCommerce through the end of January 14th, 2024.

    • BLEEPINGCOMPUTER DEALS
      •  
    • JANUARY 12, 2024
      •  
    • 07:19 AM
      •  
    • Comment Count 0
  • T-Mobile
     
    TECHNOLOGY

Major T-Mobile outage takes down account access, mobile app

  • A major T-Mobile outage is preventing customers from logging into their accounts and using the company's mobile app.

  • Framework
     
    SECURITY

Framework discloses data breach after accountant gets phished

  • Framework Computer disclosed a data breach exposing the personal information of an undisclosed number of customers after Keating Consulting Group, its accounting service provider, fell victim to a phishing attack.

  • Hacker
     
    SECURITY

Over 150k WordPress sites at takeover risk via vulnerable plugin

  • Two vulnerabilities impacting the POST SMTP Mailer WordPress plugin, an email delivery tool used by 300,000 websites, could help attackers take complete control of a site authentication.

  • Halara
     
    SECURITY

Halara probes breach after hacker leaks data for 950,000 people

  • Popular athleisure clothing brand Halara is investigating a data breach after the alleged data of almost 950,000 customers was leaked on a hacking forum.

  • Windows 11
     
    MICROSOFT

Microsoft testing Windows 11 USB 80Gbps support, Copilot on login

  • Microsoft is now testing support for the USB4 Version 2.0 specification in Windows 11, enabling transfer speeds of up to 80 Gbps over USB Type-C cables.

  • Bitwarden
     
    SECURITY

Bitwarden adds passkey support to log into web password vaults

  • The open-source Bitwarden password manager has announced that all users can now log in to their web vaults using a passkey instead of the standard username and password pairs.

  • Cybersecurity Lock World
     
    DEALS

Sharpen your white-hat skills with $260 off a ethical hacking course

  • Cybersecurity is a pillar of IT work. This seven-course bundle shows you how to use ethical hacking to protect your networks and data for $39.99, $260 off the $300 MSRP.

    • BLEEPINGCOMPUTER DEALS
      •  
    • JANUARY 11, 2024
      •  
    • 02:08 PM
      •  
    • Comment Count 0
  • Windows
     
    MICROSOFT, SECURITY

Microsoft shares script to update Windows 10 WinRE with BitLocker fixes

  • Microsoft has released a PowerShell script to automate updating the Windows Recovery Environment (WinRE) partition in order to fix CVE-2024-20666, a vulnerability that allowed for BitLocker encryption bypass.

  • WordPress
     
    SECURITY

New Balada Injector campaign infects 6,700 WordPress sites

  • A new Balada Injector campaign launched in mid-December has infected over 6,700 WordPress websites using a vulnerable version of the Popup Builder campaign.

  • Hacker ransomware
     
    SECURITY

Finland warns of Akira ransomware wiping NAS and tape backup devices

  • The Finish National Cybersecurity Center (NCSC-FI) is informing of increased Akira ransomware activity in December, targeting companies in the country and wiping backups.

  • Costco
     
    DEALS

Get this Costco Gold Star Membership and a digital Costco Shop Card for $60

  • Get this Costco 1-Year Gold Star Membership + $20 Digital Costco Shop Card* on sale for just $60 for a limited time only. 

    • BLEEPINGCOMPUTER DEALS
      •  
    • JANUARY 11, 2024
      •  
    • 07:14 AM
      •  
    • Comment Count 0
  • Mandiant
     
    SECURITY, CRYPTOCURRENCY

Mandiant's X account hacked by crypto Drainer-as-a-Service gang

  • Cybersecurity firm and Google subsidiary Mandiant says its Twitter/X account was hijacked last week by a Drainer-as-a-Service (DaaS) gang in what it described as "likely a brute force password attack."

VIEW MORE

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deploys ne
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2024 Cybersecurity Essentials Bundl
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controversial ‘Airp
Read more