State hackers turn to massive ORB proxy networks to evade detection (www.bleepingcomputer.com)
Northern Ireland police faces £750k fine after exposing staff info (www.bleepingcomputer.com)
UK’s Information Commissioner Office (ICO) has announced the intention to impose a fine of £750,000 ($954,000) on the Police Service of Northern Ireland (PSNI) for exposing the entire workforce’s personal details by inadvertently publishing a spreadsheet file online.
LockBit says they stole data in London Drugs ransomware attack (www.bleepingcomputer.com)
cross-posted from: lemmy.zip/post/15967176...
LockBit says they stole data in London Drugs ransomware attack (www.bleepingcomputer.com)
Today, the LockBit ransomware gang claimed they were behind the April cyberattack on Canadian pharmacy chain London Drugs and is now threatening to publish stolen data online after allegedly failed negotiations.
Intercontinental Exchange to pay $10M SEC penalty over VPN breach (www.bleepingcomputer.com)
Western Sydney University data breach exposed student data (www.bleepingcomputer.com)
Western Sydney University (WSU) has notified students and academic staff about a data breach after threat actors breached its Microsoft 365 and Sharepoint environment.
New BiBi Wiper version also destroys the disk partition table (www.bleepingcomputer.com)
A new version of the BiBi Wiper malware is now deleting the disk partition table to make data restoration harder, extending the downtime for targeted victims.
Critical Fluent Bit flaw impacts all major cloud providers (www.bleepingcomputer.com)
A critical Fluent Bit vulnerability that can be exploited in denial-of-service and remote code execution attacks impacts all major cloud providers and many technology giants.
Windows 11 Recall AI feature will record everything you do on your PC (www.bleepingcomputer.com)
Microsoft has announced a new AI-powered feature for Windows 11 called ‘Recall,’ which records everything you do on your PC and lets you search through your historical activities.
OmniVision discloses data breach after 2023 ransomware attack (www.bleepingcomputer.com)
The California-based imaging sensors manufacturer OmniVision is warning of a data breach after the company suffered a Cactus ransomware attack last year.
Zoom adds post-quantum end-to-end encryption to video meetings (www.bleepingcomputer.com)
Zoom has announced the global availability of post-quantum end-to-end encryption (E2EE) for Zoom Meetings, with Zoom Phone and Zoom Rooms to follow soon.
American Radio Relay League cyberattack takes Logbook of the World offline (www.bleepingcomputer.com)
cross-posted from: infosec.pub/post/12513834...
QNAP QTS zero-day in Share feature gets public RCE exploit (www.bleepingcomputer.com)
An extensive security audit of QNAP QTS, the operating system for the company’s NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed.
Ransomware gang targets Windows admins via PuTTy, WinSCP malvertising (www.bleepingcomputer.com)
A ransomware operation targets Windows system administrators by taking out Google ads to promote fake download sites for Putty and WinSCP.
American Radio Relay League cyberattack takes Logbook of the World offline (www.bleepingcomputer.com)
The American Radio Relay League (ARRL) warns it suffered a cyberattack, which disrupted its IT systems and online operations, including email and the Logbook of the World.
American Radio Relay League cyberattack takes Logbook of the World offline (www.bleepingcomputer.com)
cross-posted from: infosec.pub/post/12513834...
Banking malware Grandoreiro returns after police disruption (www.bleepingcomputer.com)
The banking trojan “Grandoreiro” is spreading in a large-scale phishing campaign in over 60 countries, targeting customer accounts of roughly 1,500 banks.
Microsoft to start enforcing Azure multi-factor authentication in July (www.bleepingcomputer.com)
Starting in July, Microsoft will begin gradually enforcing multi-factor authentication (MFA) for all users signing into Azure to administer resources.
US arrests suspects behind $73M ‘pig butchering’ laundering scheme (www.bleepingcomputer.com)
The U.S. Department of Justice charged two suspects for allegedly leading a crime ring that laundered at least $73 million from cryptocurrency investment scams, also known as “pig butchering.”
Norway recommends replacing SSL VPN to prevent breaches (www.bleepingcomputer.com)
The Norwegian National Cyber Security Centre (NCSC) recommends replacing SSLVPN/WebVPN solutions with alternatives due to the repeated exploitation of related vulnerabilities in edge network devices to breach corporate networks.
Russian hackers use new Lunar malware to breach a European govt's agencies (www.bleepingcomputer.com)
Kimsuky hackers deploy new Linux backdoor in attacks on South Korea (www.bleepingcomputer.com)
Google patches third exploited Chrome zero-day in a week (www.bleepingcomputer.com)
Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week.
Nissan North America data breach impacts over 53,000 employees (www.bleepingcomputer.com)
Nissan North America (Nissan) suffered a data breach last year when a threat actor targeted the company’s external VPN and shut down systems to receive a ransom.