BleepingComputer.com

"Cisco warns of password-spraying attacks targeting VPN services."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 28 March 2024, 1658 UTC.

Content and Source:  https://www.bleepingcomputer.com/BleepingComputer.com.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

• 
   
  SECURITY

Cisco warns of password-spraying attacks targeting VPN services

• Cisco has shared a set of recommendations for customers to mitigate password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices.

  • BILL TOULAS
   
  • MARCH 28, 2024
   
  • 12:37 PM
   
  •  0
• 
   
  SECURITY

  SPONSORED CONTENT

How Pentesting-as-a-Service can Reduce Overall Security Costs

• Penetration testing plays a critical role in finding application vulnerabilities before they can be exploited. Learn more from Outpost24 on the costs of Penetration-Testing-as-a-Service vs classic pentest offerings.

  • SPONSORED BY OUTPOST24
   
  • MARCH 28, 2024
   
  • 10:01 AM
   
  •  0
• 
   
  DEALS

Diagram better — Microsoft Visio Pro 2021 is $25 through April 2nd

• Through April 2nd at 11:59 PM PT only, you can get Microsoft Visio Professional 2021 for Windows on sale for just $24.97 (reg. $249) as a part of a limited-time price drop. 

  • BLEEPINGCOMPUTER DEALS
   
  • MARCH 28, 2024
   
  • 07:11 AM
   
  •  0
• 
   
  SECURITY

New Darcula phishing service targets iPhone users via iMessage

• A new phishing-as-a-service (PhaaS) named 'Darcula' uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries.

  • BILL TOULAS
   
  • MARCH 27, 2024
   
  • 06:12 PM
   
  •  0
• 
   
  MICROSOFT

Windows 11 22H2 Home and Pro get preview updates until June 26

• Microsoft reminded customers today that the Windows 11 22H2 Home and Pro editions will continue to receive non-security preview updates until June 26.

  • SERGIU GATLAN
   
  • MARCH 27, 2024
   
  • 04:44 PM
   
  •  0
• 
   
  SECURITY, GOOGLE

Google fixes Chrome zero-days exploited at Pwn2Own 2024

• Google fixed seven security vulnerabilities in the Chrome web browser on Tuesday, including two zero-days exploited during the Pwn2Own Vancouver 2024 hacking competition.

  • SERGIU GATLAN
   
  • MARCH 27, 2024
   
  • 02:44 PM
   
  •  0
• 
   
  DEALS

Price drop: Get an security and IT education for just $39.97

• Order by 4/2 to get lifetime on-demand access to all 11 courses in this bundle for just $39.97, saving $332 on the original price.

  • BLEEPINGCOMPUTER DEALS
   
  • MARCH 27, 2024
   
  • 02:11 PM
   
  •  0
• 
   
  SECURITY, HEALTHCARE

INC Ransom threatens to leak 3TB of NHS Scotland stolen data

• The INC Ransom extortion gang is threatening to publish three terabytes of data allegedly stolen after breaching the National Health Service (NHS) of Scotland.

  • BILL TOULAS
   
  • MARCH 27, 2024
   
  • 01:59 PM
   
  •  0
• 
   
  SECURITY, MICROSOFT

CISA tags Microsoft SharePoint RCE bug as actively exploited

• CISA warns that attackers are now exploiting a Microsoft SharePoint code injection vulnerability that can be chained with a critical privilege escalation flaw for pre-auth remote code execution attacks.

  • SERGIU GATLAN
   
  • MARCH 27, 2024
   
  • 12:24 PM
   
  •  0
• 
   
  CRYPTOCURRENCY, LEGAL

KuCoin charged with AML violations that let cybercriminals launder billions

• The U.S. Department of Justice (DoJ) has charged global cryptocurrency exchange KuCoin and two of its founders for failing to adhere to anti-money laundering (AML) requirements, allowing threat actors to use the platform to launder money.

  • BILL TOULAS
   
  • MARCH 27, 2024
   
  • 10:08 AM
   
  •  2
• 
   
  SECURITY

  SPONSORED CONTENT

Ransomware as a Service and the Strange Economics of the Dark Web

• Ransomware is quickly changing in 2024, with massive disruptions and large gangs shutting down. Learn from Flare how affiliate competition is changing in 2024, and what might come next.

  • SPONSORED BY FLARE
   
  • MARCH 27, 2024
   
  • 10:02 AM
   
  •  1
• 
   
  SECURITY, GOOGLE

Google: Spyware vendors behind 50% of zero-days exploited in 2023

• Google's Threat Analysis Group (TAG) and Google subsidiary Mandiant said they've observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients.

  • SERGIU GATLAN
   
  • MARCH 27, 2024
   
  • 09:00 AM
   
  •  1
• 
   
  DEALS

Speak, read, and write in a new language with $460 off Babbel

• Learning a new language broadens your mind and opens up new opportunities. A Babbel lifetime subscription gets you started on a new way to speak for $139.97, $460 off the $599 MSRP, a price only available through April 2 11:59pm PST.

  • BLEEPINGCOMPUTER DEALS
   
  • MARCH 27, 2024
   
  • 07:19 AM
   
  •  0
• 
   
  MICROSOFT

Windows 11 KB5035942 update enables Moment 5 features for everyone

• Microsoft has released the March 2024 non-security KB5035942 preview update for Windows 11 23H2, which enables Moment 5 features by default and fixes 18 known issues.

  • SERGIU GATLAN
   
  • MARCH 26, 2024
   
  • 06:28 PM
   
  •  0
• 
   
  MICROSOFT

Windows 10 KB5035941 update released with lock screen widgets

• Microsoft has released the optional KB5035941 preview cumulative update for Windows 10 22H2, introducing widgets on the lock screen, Windows Spotlight on the desktop, and 21 other fixes or changes.

  • LAWRENCE ABRAMS
   
  • MARCH 26, 2024
   
  • 06:19 PM
   
  •  2
• 
   
  SECURITY

Finland confirms APT31 hackers behind 2021 parliament breach

• The Finnish Police confirmed on Tuesday that the APT31 hacking group linked to the Chinese Ministry of State Security (MSS) was behind a breach of the country's parliament disclosed in March 2021.

  • SERGIU GATLAN
   
  • MARCH 26, 2024
   
  • 05:23 PM
   
  •  0
• 
   
  SECURITY, HARDWARE

$700 cybercrime software turns Raspberry Pi into an evasive fraud tool

• Cybercriminals are selling custom Raspberry Pi software called 'GEOBOX' on Telegram, which allows inexperienced hackers to convert the mini-computers into anonymous cyberattack tools.

  • BILL TOULAS
   
  • MARCH 26, 2024
   
  • 04:40 PM
   
  •  2
• 
   
  SECURITY

Germany warns of 17K vulnerable Microsoft Exchange servers exposed online

• The German national cybersecurity authority warned on Tuesday that it found at least 17,000 Microsoft Exchange servers in Germany exposed online and vulnerable to one or more critical security vulnerabilities.

  • SERGIU GATLAN
   
  • MARCH 26, 2024
   
  • 03:21 PM
   
  •  4
• 
   
  SECURITY, ARTIFICIAL INTELLIGENCE

Hackers exploit Ray framework flaw to breach servers, hijack resources

• A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies.

  • BILL TOULAS
   
  • MARCH 26, 2024
   
  • 02:51 PM
   
  •  0
• 
   
  DEALS

Train to become a project manager with $155 off this training bundle

• Project management is about discipline, on the individual and team level. These five project management training and exam prep courses help you marshal that discipline for $39.99, $155 off the $195 MSRP.

  • BLEEPINGCOMPUTER DEALS
   
  • MARCH 26, 2024
   
  • 02:06 PM
   
  •  0

• 1
 
• 2
 
• 3
 
• 4
 
• 5
 

VIEW MORE