BleepingComputer.com

"Home Depot confirms third-party data breach exposed employee info."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 April 2024, 1353 UTC.

Content and Source:  https://www.bleepingcomputer.com/BleepingComputer.com.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Get ready for CompTIA exams with an extra 20% off this super bundle

  • Getting certified demonstrates your skills and helps guide your career choices. This 15-course CompTIA exam prep bundle can help you highlight your skills for $63.99, $521 off the $585 MSRP with code ENJOY20 at checkout now through 11:59pm PST on April 16th.

    • BLEEPINGCOMPUTER DEALS
    •  
    • APRIL 08, 2024
    •  
    • 07:12 AM
    •  
    • Comment Count 0
  • Notepad++
     

Notepad++ wants your help in "parasite website" shutdown

  • The Notepad++ project is seeking the public's help in taking down a copycat website that closely impersonates Notepad++ but is not affiliated with the project. There is some concern that it could pose security threats—for example, if it starts pushing malicious releases or spam someday either deliberately or as a result of a hijack.

  • Windows 11
     

The new features coming in Windows 11 24H2, expected this fall

  • Windows 11 24H2 is set to arrive on existing devices this fall with several new features, mostly Copilot-related improvements.

  • Home Depot
     

Home Depot confirms third-party data breach exposed employee info

  • Home Depot has confirmed that it suffered a data breach after one of its SaaS vendors mistakenly exposed a small sample of limited employee data, which could potentially be used in targeted phishing attacks.

  • Windows
     

New Windows driver blocks software from changing default web browser

  • Microsoft is now using a Windows driver to prevent users from changing the configured Windows 10 and Windows 11 default browser through software or by manually modifying the Registry.

  • Microsoft Office
     

Get Microsoft Office Pro 2021 with 20% off this instant download

  • Microsoft Office is a crucial tool for any professional. This direct download of the 2021 version of Office for Windows upgrades your laptop for $55.99, $163 off the $219 MSRP with code ENJOY20 at checkout.

    • BLEEPINGCOMPUTER DEALS
    •  
    • APRIL 07, 2024
    •  
    • 08:21 AM
    •  
    • Comment Count 0
  • Hospital
     

US Health Dept warns hospitals of hackers targeting IT help desks

  • The U.S. Department of Health and Human Services (HHS) warns that hackers are now using social engineering tactics to target IT help desks across the Healthcare and Public Health (HPH) sector.

  • D-Link
     

Over 92,000 exposed D-Link NAS devices have a backdoor account

  • A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage (NAS) device models.

  • Cybersecurity Lock World
     

Gain security skills with an extra 20% off this ethical hacking bundle

  • White-hat hacking keeps criminals from breaching systems and knowing it can advance your career. These 18 ethical hacking courses get you started for $36.79, $1061 off the $1098 MSRP with code SECURE20 at checkout, now through 11:59pm PST on April 7th.

    • BLEEPINGCOMPUTER DEALS
    •  
    • APRIL 06, 2024
    •  
    • 08:12 AM
    •  
    • Comment Count 0
  • Windows
     

Recent Windows updates break Microsoft Connected Cache delivery

  • Microsoft says Windows 10 updates released since the start of the year are breaking Microsoft Connected Cache (MCC) node discovery on enterprise networks.

  • VMware lock encrypted
     

The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack

  • Ransomware attacks targeting VMware ESXi and other virtual machine platforms are wreaking havoc among the enterprise, causing widespread disruption and loss of services.

  • Ivanti
     

New Ivanti RCE flaw may impact 16,000 exposed VPN gateways

  • Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution (RCE) flaw the vendor addressed earlier this week.

  • Windows
     

Microsoft fixes Windows Sysprep issue behind 0x80073cf2 errors

Fake Facebook MidJourney AI page promoted malware to 1.2 million people

  • Hackers are using Facebook advertisements and hijacked pages to promote fake Artificial Intelligence services, such as MidJourney, OpenAI's SORA and ChatGPT-5, and DALL-E, to infect unsuspecting users with password-stealing malware.

  • Data theft data breach hacker cyberattack
     

Acuity confirms hackers stole non-sensitive govt data from GitHub repos

  • Acuity, a federal contractor that works with U.S. government agencies, has confirmed that hackers breached its GitHub repositories and stole documents containing old and non-sensitive data.

  • Panera
     

Panera Bread week-long IT outage caused by ransomware attack

  • Panera Bread's recent week-long outage was caused by a ransomware attack, according to people familiar with the matter and emails seen by BleepingComputer.

  • Hackers airplane
     

Get ready for the CISSP exam with an extra 20% off this course bundle

  • The CISSP certification is a boost to any cybersecurity worker's resume. This set of eight CISSP courses helps you prepare for it for $31.99, $382 off the $424 MSRP with code SECURE20 at checkout now through 11:59pm PST on April 7th.

    • BLEEPINGCOMPUTER DEALS
    •  
    • APRIL 05, 2024
    •  
    • 07:16 AM
    •  
    • Comment Count 0
  • Malware
     

New Latrodectus malware replaces IcedID in network breaches

  • A relatively new malware called Latrodectus is believed to be an evolution of the IcedID loader, seen in malicious email campaigns since November 2023.

  • Malware Phishing
     

Visa warns of new JSOutProx malware variant targeting financial orgs

  • Visa is warning about a spike in detections for a new version of the JsOutProx malware targeting financial institutions and their customers.

  • Outlook
     

Microsoft fixes Outlook security alerts bug caused by December updates

  • Microsoft has fixed an issue that triggers erroneous Outlook security alerts when opening .ICS calendar files after installing the December 2023 Outlook Desktop security updates

VIEW MORE

Comments

Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.