BleepingComputer.com

"Hackers steal data of 2 million in SQL injection, XSS attacks."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 06 February 2024, 1406 UTC.

Content and Source:  https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

• 
   
  DEALS

Save $500 on 60 hours of live cybersecurity training sessions

• If you need to get hands-on and learn how cybersecurity works, a live session is a crucial tool. This cybersecurity training series with Mohamed Atef offers the training you need for $499.99, $500 off the $1000 MSRP.

  • BLEEPINGCOMPUTER DEALS
   
  • FEBRUARY 06, 2024
   
  • 07:11 AM
   
  •  0
• 
   
  SECURITY

Hackers steal data of 2 million in SQL injection, XSS attacks

• A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site scripting (XSS) attacks.

  • BILL TOULAS
   
  • FEBRUARY 06, 2024
   
  • 02:00 AM
   
  •  0
• 
   
  MICROSOFT, SECURITY

Microsoft Outlook December updates trigger ICS security alerts

• Microsoft is investigating an issue that triggers Outlook security alerts when trying to open .ICS calendar files after installing December 2023 Patch Tuesday Office security updates.

  • SERGIU GATLAN
   
  • FEBRUARY 05, 2024
   
  • 05:03 PM
   
  •  2
• 
   
  SECURITY

US announces visa ban on those linked to commercial spyware

• Secretary of State Antony J. Blinken announced today a new visa restriction policy that will enable the Department of State to ban those linked to commercial spyware from entering the United States.

  • SERGIU GATLAN
   
  • FEBRUARY 05, 2024
   
  • 03:26 PM
   
  •  4
• 
   
  SECURITY

HPE investigates new breach after data for sale on hacking forum

• Hewlett Packard Enterprise (HPE) is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information.

  • SERGIU GATLAN
   
  • FEBRUARY 05, 2024
   
  • 01:33 PM
   
  •  0
• 
   
  SECURITY

Newest Ivanti SSRF zero-day now under mass exploitation

• An Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 is currently under mass exploitation by multiple attackers.

  • BILL TOULAS
   
  • FEBRUARY 05, 2024
   
  • 10:55 AM
   
  •  1
• 
   
  DEALS

One year of Microsoft 365 for one user is now $45 in this deal

• A Microsoft 365 one-year subscription for one user is on sale for just $44.99 (reg. $69), and you can also opt for this Microsoft 365 one-year subscription for a family or group of up to six users for just $74.99 (reg. $99). 

  • BLEEPINGCOMPUTER DEALS
   
  • FEBRUARY 05, 2024
   
  • 07:09 AM
   
  •  0
• 
   
  MICROSOFT, SECURITY

Microsoft is bringing the Linux sudo command to Windows Server

• Microsoft is bringing the Linux 'sudo' feature to Windows Server 2025, offering a new way for admins to elevate privileges for console applications.

  • LAWRENCE ABRAMS
   
  • FEBRUARY 04, 2024
   
  • 12:26 PM
   
  •  5
• 
   
  SECURITY, CLOUD

Leaky Vessels flaws allow hackers to escape Docker, runc containers

• Four vulnerabilities collectively called "Leaky Vessels" allow hackers to escape containers and access data on the underlying host operating system.

  • BILL TOULAS
   
  • FEBRUARY 04, 2024
   
  • 10:17 AM
   
  •  0
• 
   
  SECURITY

Clorox says cyberattack caused $49 million in expenses

• Clorox has confirmed that a September 2023 cyberattack has so far cost the company $49 million in expenses related to the response to the incident.

  • LAWRENCE ABRAMS
   
  • FEBRUARY 03, 2024
   
  • 04:34 PM
   
  •  0
• 
   
  GOOGLE, SECURITY

Check if you're in Google Chrome's third-party cookie phaseout test

• Google has started testing the phasing out of third-party cookies on Chrome, affecting about 1% of its users or approximately 30 million people. Learn how to check if you are part of the initial test.

  • MAYANK PARMAR
   
  • FEBRUARY 03, 2024
   
  • 02:14 PM
   
  •  3
• 
   
  SECURITY

Mastodon vulnerability allows attackers to take over accounts

• Mastodon, the free and open-source decentralized social networking platform, has fixed a critical vulnerability that allows attackers to impersonate and take over any remote account.

  • BILL TOULAS
   
  • FEBRUARY 03, 2024
   
  • 10:09 AM
   
  •  0
• 
   
  DEALS

Upgrade your cloud storage with $470 off an Internxt lifetime subscription

• Cloud storage can vastly improve hybrid work, personal file sharing, and so much more. Get 2TB of cloud storage for a lifetime from Internxt for $129.97,  $470 off the $599 MSRP, but only through February 4th.

  • BLEEPINGCOMPUTER DEALS
   
  • FEBRUARY 03, 2024
   
  • 08:53 AM
   
  •  0
• 
   
  SECURITY

The Week in Ransomware - February 2nd 2024 - No honor among thieves

• Attacks on hospitals continued this week, with ransomware operations disrupting patient care as they force organization to respond to cyberattacks.

  • LAWRENCE ABRAMS
   
  • FEBRUARY 02, 2024
   
  • 06:33 PM
   
  •  0
• 
   
  SECURITY

AnyDesk says hackers breached its production servers, reset passwords

• AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company's production systems. BleepingComputer has learned that source code and private code signing keys were stolen during the attack.

  • LAWRENCE ABRAMS
   
  • FEBRUARY 02, 2024
   
  • 05:16 PM
   
  •  9
• 
   
  SECURITY, HEALTHCARE

Lurie Children's Hospital took systems offline after cyberattack

• Lurie Children's Hospital in Chicago was forced to take IT systems offline after a cyberattack, disrupting normal operations and delaying medical care in some instances.

  • BILL TOULAS
   
  • FEBRUARY 02, 2024
   
  • 11:23 AM
   
  •  1
• 
   
  LEGAL, CRYPTOCURRENCY, SECURITY

BTC-e server admin indicted for laundering ransom payments, stolen crypto

• Aliaksandr Klimenka, a Belarusian and Cypriot national, has been indicted in the U.S. for his involvement in an international cybercrime money laundering operation.

  • BILL TOULAS
   
  • FEBRUARY 02, 2024
   
  • 10:33 AM
   
  •  0
• 
   
  LEGAL, SECURITY

Interpol operation Synergia takes down 1,300 servers used for cybercrime

• An international law enforcement operation code-named 'Synergia' has taken down over 1,300 command and control servers used in ransomware, phishing, and malware campaigns.

  • BILL TOULAS
   
  • FEBRUARY 02, 2024
   
  • 07:56 AM
   
  •  0
• 
   
  DEALS

Save $149 on this core IT certifications training course bundle

• Getting certified helps you move your IT career forward. Get ready for those exams with these eight cybersecurity and IT exam prep courses for $34.99, $149 off the $184 MSR

  • BLEEPINGCOMPUTER DEALS
   
  • FEBRUARY 02, 2024
   
  • 07:08 AM
   
  •  0
• 
   
  SECURITY

FTC orders Blackbaud to boost security after massive data breach

• Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people.

  • SERGIU GATLAN
   
  • FEBRUARY 01, 2024
   
  • 05:23 PM
   
  •  0

• 1
 
• 2
 
• 3
 
• 4
 
• 5
 

VIEW MORE