BleepingComputer.com

"New Latrodectas Malware replaces IceID in network breaches."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 05 April 2024, 1346 UTC.

Content and Source:  https://www.bleepingcomputer.com/BleepingComputer.com.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Get ready for the CISSP exam with an extra 20% off this course bundle

  • The CISSP certification is a boost to any cybersecurity worker's resume. This set of eight CISSP courses helps you prepare for it for $31.99, $382 off the $424 MSRP with code SECURE20 at checkout now through 11:59pm PST on April 7th.

    • BLEEPINGCOMPUTER DEALS
    •  
    • APRIL 05, 2024
    •  
    • 07:16 AM
    •  
    • Comment Count 0
  • Malware
     

New Latrodectus malware replaces IcedID in network breaches

  • A relatively new malware called Latrodectus is believed to be an evolution of the IcedID loader, seen in malicious email campaigns since November 2023.

  • Malware Phishing
     

Visa warns of new JSOutProx malware variant targeting financial orgs

  • Visa is warning about a spike in detections for a new version of the JsOutProx malware targeting financial institutions and their customers.

  • Outlook
     

Microsoft fixes Outlook security alerts bug caused by December updates

  • Microsoft has fixed an issue that triggers erroneous Outlook security alerts when opening .ICS calendar files after installing the December 2023 Outlook Desktop security updates

  • switch
     

Get five different IT exam prep services for an extra 20% off

  • Exam prep and skills training are the rocket fuel for IT careers. Get yourself ready for launch with this bundle of five IT training services for $39.99, $2708 off the $2748 MSRP with code SECURE20 at checkout, now through 11:59pm PST on April 7th.

    • BLEEPINGCOMPUTER DEALS
    •  
    • APRIL 04, 2024
    •  
    • 02:11 PM
    •  
    • Comment Count 0
  • Hoya
     

Hoya’s optics production and orders disrupted by cyberattack

  • Hoya Corporation, one of the largest global manufacturers of optical products, says a "system failure" caused servers at some of its production plants and business divisions to go offline on Saturday.

  • US cancer center data breach exposes info of 827,000 patients
     

US cancer center data breach exposes info of 827,000 patients

  • Cancer treatment and research center City of Hope is warning that a data breach exposed the sensitive information of over 820,000 patients.

  • Cyberattack ddos network cybersecurity
     

New HTTP/2 DoS attack can crash web servers with a single connection

  • Newly discovered HTTP/2 protocol vulnerabilities called "CONTINUATION Flood" can lead to denial of service (DoS) attacks, crashing web servers with a single TCP connection in some implementations.

  • The Biggest Takeaways from Recent Malware Attacks
     
    SPONSORED CONTENT

The Biggest Takeaways from Recent Malware Attacks

  • Recent high-profile malware attacks teach us lessons on limiting malware risks at organizations. Learn more from Blink Ops about what these attacks taught us.

  • AdGuard Home
     

Save an extra 20% off of AdGuard VPN's data privacy tools

  • VPNs help keep your data safe, everywhere you go and whatever network you use. Get peace of mind with five years of AdGuard VPN for $39.99, $319 off the $359 MSRP with code SECURE20 at checkout, now through 11:59pm PST on April 7th.

    • BLEEPINGCOMPUTER DEALS
    •  
    • APRIL 04, 2024
    •  
    • 07:17 AM
    •  
    • Comment Count 0
  • Microsoft
     

Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack

  • The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled its 2023 Exchange Online attack, warning that the company needs to do better at securing data and be more truthful about how threat actors stole an Azure signing key.

  • SurveyLama
     

SurveyLama data breach exposes info of 4.4 million users

  • Data breach alerting service Have I Been Pwned (HIBP) warns that SurveyLama suffered a data breach in February 2024, which exposed the sensitive data of 4.4 million users.

  • Omni Hotels
     

Omni Hotels confirms cyberattack behind ongoing IT outage

  • Omni Hotels & Resorts has confirmed a cyberattack caused a nationwide IT outage that is still affecting its locations.

  • Datacenter Hacker
     

Hosting firm's VMware ESXi servers hit by new SEXi ransomware

  • Chilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted the company's VMware ESXi servers and backups.

  • Kansas City
     

Jackson County in state of emergency after ransomware attack

  • Jackson County, Missouri, is in a state of emergency after a ransomware attack took down some county services on Tuesday.

  • State Department
     

US State Department investigates alleged theft of government data

  • The U.S. Department of State is investigating claims of a cyber incident after a threat actor leaked documents allegedly stolen from a government contractor.

  • WordPress
     

Critical flaw in LayerSlider WordPress plugin impacts 1 million sites

  • A premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prioritize applying security updates for the plugin.

  • Hacking security
     

Build your ethical hacking skills with an extra 20% off this bundle

  • White-hat hacking training refines your cybersecurity skills and helps you go on the offense against thieves and attackers. These 10 ethical hacking training courses show you how to do it for $31.99, $78 off the $110 MSRP with code SECURE20 at checkout, now through 11:59pm PST April 7th.

    • BLEEPINGCOMPUTER DEALS
    •  
    • APRIL 03, 2024
    •  
    • 02:09 PM
    •  
    • Comment Count 0
  • Ivanti
     

Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks

  • IT security software company Ivanti has released patches to fix multiple security vulnerabilities impacting its Connect Secure and Policy Secure gateways.

  • Google Chrome
     

Google fixes one more Chrome zero-day exploited at Pwn2Own

  • Google has fixed another zero-day vulnerability in the Chrome browser, which was exploited by security researchers during the Pwn2Own hacking contest last month.

VIEW MORE

Comments

Popular posts from this blog

BleepingComputer.com

The Cyberwire Daily Briefing

SecurityWeek Briefing