BleepingComputer.com

"Chinese hacking groups target Russian government, IT firms."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 12 August 2024, 0001 UTC.

Content and Source:   https://www.bleepingcomputer.com/

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Chinese hacking groups target Russian government, IT firms

  • A series of targeted cyberattacks that started at the end of July 2024, targeting dozens of systems used in Russian government organizations and IT companies, are linked to Chinese hackers of the APT31 and APT 27 groups.

  • Twitter X red flare
     

Fake X content warnings on Ukraine war, earthquakes used as clickbait

  • X has always had a bot problem, but now scammers are utilizing the Ukraine war and earthquake warnings in Japan to entice users into clicking on fake content warnings and videos that lead to scam adult sites, malicious browser extensions, and shady affiliate sites.

  • Hand data data leak hacker
     

Hackers leak 2.7 billion data records with Social Security numbers

  • Almost 2.7 billion records of personal information for people in the United States were leaked on a hacking forum, exposing names, social security numbers, all known physical addresses, and possible aliases.

  • AdGuard Home
     

Say goodbye to ads forever with AdGuard's lifetime subscriptions

  • Choose AdGuard today and experience the internet the way it was meant to be: safe and fast. Whether you need protection for just yourself or your entire family, there's a plan that's perfect for you.

    • BleepingComputer Deals
    •  
    • August 11, 2024
    •  
    • 08:17 AM
    •  
    • Comment Count 0
  • Windows 11
     

Microsoft: Windows 11 22H2 reaches end of support in 60 days

  • Microsoft has reminded customers that multiple editions of Windows 11 21H2 and 22H2 will reach the end of servicing in 60 days, on October 8, 2024.

  • Credit Cards
     

WWH-Club credit card market admins arrested after cash spending spree

  • U.S. law enforcement has arrested two suspected admins of the WWH-Club stolen credit card marketplace after they went on a cash spending spree in Florida.

  • Store 1TB worth of photos and files without recurring payments
     

Store 1TB worth of photos and files without recurring payments

  • Don't worry about running out of space or subscription costs again with this lifetime subscription to 1TB of Koofr Cloud Storage is on sale for $119.97 with coupon code KOOFR40 until September 3.

    • BleepingComputer Deals
    •  
    • August 10, 2024
    •  
    • 08:12 AM
    •  
    • Comment Count 0
  • Signal
     

Russia blocks Signal for 'violating' anti-terrorism laws

  • Russia's telecommunications watchdog Roskomnadzor has restricted access to the Signal encrypted messaging service for what it describes as violations of Russian anti-terrorism and anti-extremism legislation.

  • CSC ServiceWorks
     

CSC ServiceWorks discloses data breach after 2023 cyberattack

  • ​CSC ServiceWorks, a leading provider of commercial laundry services, has disclosed a data breach after the personal information of an undisclosed number of individuals was exposed in a 2023 cyberattack.

  • AMD Ryzen
     

New AMD SinkClose flaw helps install nearly undetectable malware

  • AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring -2 privileges and install malware that becomes nearly undetectable.

  • Microsoft Office
     

Microsoft discloses unpatched Office flaw that exposes NTLM hashes

  • ​Microsoft has disclosed a high-severity vulnerability affecting Office 2016 that could expose NTLM hashes to a remote attacker.

  • Chrome flare
     

Malware force-installs Chrome extensions on 300,000 browsers, patches DLLs

  • An ongoing and widespread malware campaign force-installed malicious Google Chrome and Microsoft Edge browser extensions in over 300,000 browsers, modifying the browser's executables to hijack homepages and steal browsing history.

  • Visio
     

Turn complex data into pro quality visuals with Microsoft Visio

  • Turn your complex data into visuals that are as easy to understand as they were to make. Get Microsoft Visio 2021 Professional for Windows for $19.97.

    • BleepingComputer Deals
    •  
    • August 09, 2024
    •  
    • 07:12 AM
    •  
    • Comment Count 0
  • North Korean hackers
     

US dismantles laptop farm used by undercover North Korean IT workers

  • ​​The U.S. Justice Department arrested a Nashville man charged with helping North Korean IT workers obtain remote work at companies across the United States and operating a laptop farm they used to pose as U.S.-based individuals.

  • Cisco
     

Cisco warns of critical RCE zero-days in end of life IP phones

  • Cisco is warning of multiple critical remote code execution zero-days in the web-based management interface of the end-of-life Small Business SPA 300 and SPA 500 series IP phones.

  • Micosoft Exchange
     

Microsoft: Exchange 2016 reaches extended end of support in October

  • ​Microsoft reminded today that Exchange 2016 will reach the end of extended support next year on October 14 and shared guidance for admins who need to decommission outdated servers.

  • Apache
     

CISA warns about actively exploited Apache OFBiz RCE flaw

  • The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz.

  • Cisco
     

Exploit released for Cisco SSM bug allowing admin password changes

  • Cisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers.

  • Cybersecurity Lock World
     

Become an ethical hacker starting with this $40 course bundle deal

  • Join over 6,000 other learners who are taking the next step in their ethical hacking education. Get the All-in-One Super-Sized Ethical Hacking Bundle for $39.97.

    • BleepingComputer Deals
    •  
    • August 08, 2024
    •  
    • 02:07 PM
    •  
    • Comment Count 0
  • CISA
     

CISA warns of hackers abusing Cisco Smart Install feature

  • CISA recommends disabling the legacy Cisco Smart Install feature after seeing it abused by threat actors in recent attacks to steal sensitive data, such as system configuration files.

View More

Comments

Popular posts from this blog

SecurityWeek Briefing.

SecurityWeek Briefing.

Cyber War Newswire