UK confirms Ministry of Defence payroll data exposed in data breach (www.bleepingcomputer.com)
UK confirms Ministry of Defence payroll data exposed in data breach (www.bleepingcomputer.com)
The UK Government confirmed today that a threat actor recently breached the country’s Ministry of Defence and gained access to part of the Armed Forces payment network.
BetterHelp to pay $7.8 million to 800,000 in health data sharing settlement (www.bleepingcomputer.com)
BetterHelp has agreed to pay $7.8 million in a settlement agreement with the U.S. Federal Trade Commission (FTC) over allegations of misusing and sharing consumer health data for advertising purposes.
DocGo discloses cyberattack after hackers steal patient health data (www.bleepingcomputer.com)
Mobile medical care firm DocGo confirmed it suffered a cyberattack after threat actors breached its systems and stole patient health data.
Massive webshop fraud ring steals credit cards from 850,000 people (www.bleepingcomputer.com)
A massive network of 75,000 fake online shops called ‘BogusBazaar’ tricked over 850,000 people in the US and Europe into making purchases, allowing the criminals to steal credit card information and attempt to process an estimated $50 million in fake orders.
LockBit ransomware admin identified, sanctioned in US, UK, Australia (www.bleepingcomputer.com)
The FBI, UK National Crime Agency, and Europol have unveiled sweeping indictments and sanctions against the admin of the LockBit ransomware operation, with the identity of the Russian threat actor revealed for the first time.
Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw (www.bleepingcomputer.com)
Nearly 52,000 internet-exposed Tinyproxy instances are vulnerable to CVE-2023-49606, a recently disclosed critical remote code execution (RCE) flaw.
Hackers exploit LiteSpeed Cache flaw to create WordPress admins (www.bleepingcomputer.com)
Hackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of the websites.
City of Wichita shuts down IT network after ransomware attack (www.bleepingcomputer.com)
The City of Wichita, Kansas, disclosed it was forced to shut down portions of its network after suffering a weekend ransomware attack.
Android bug leaks DNS queries even when VPN kill switch is enabled (www.bleepingcomputer.com)
Finland warns of Android malware attacks breaching bank accounts (www.bleepingcomputer.com)
Iranian hackers pose as journalists to push backdoor malware (www.bleepingcomputer.com)
Finland warns of Android malware attacks breaching bank accounts (www.bleepingcomputer.com)
cross-posted from: lemmy.zip/post/14903482...
Finland warns of Android malware attacks breaching bank accounts (www.bleepingcomputer.com)
Finland warns of Android malware attacks breaching bank accounts (www.bleepingcomputer.com)
Finland’s Transport and Communications Agency (Traficom) has issued a warning about an ongoing Android malware campaign targeting banking accounts.
Iranian hackers pose as journalists to push backdoor malware (www.bleepingcomputer.com)
The Iranian state-backed threat actor tracked as APT42 is employing social engineering attacks, including posing as journalists, to breach corporate networks and cloud environments of Western and Middle Eastern targets.
Google rolls back reCaptcha update to fix Firefox issues (www.bleepingcomputer.com)
Microsoft won't fix Windows 0x80070643 errors, manual fix required (www.bleepingcomputer.com)
20240520 UPDATE: I just ran winupdate on an ancient win10 surface and after the same 643 error two more times, and running through all the available updates, it’s now reporting I’m up to date. yippee....
Microsoft warns of "Dirty Stream" attack impacting Android apps (www.bleepingcomputer.com)
Fake job interviews target developers with new Python backdoor (www.bleepingcomputer.com)
Android bug can leak DNS traffic with VPN kill switch enabled (www.bleepingcomputer.com)
A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the “Always-on VPN” feature was enabled with the “Block connections without VPN” option.
Millions of Docker repos found pushing malware, phishing sites (www.bleepingcomputer.com)
DropBox says hackers stole customer data, auth secrets from eSignature service (www.bleepingcomputer.com)
CEO who sold fake Cisco devices to US military gets 6 years in prison (www.bleepingcomputer.com)
Onur Aksoy, the CEO of a group of companies controlling multiple online storefronts, was sentenced to six and a half years in prison for selling $100 million worth of counterfeit Cisco network equipment to government, health, education, and military organizations worldwide.