Kimsuky hackers use new custom RDP Wrapper for remote access
The North Korean hacking group known as Kimsuky was observed in recent attacks using a custom-built RDP Wrapper and proxy tools to directly access infected machines. [...]
Bleeping Computer.
Critical RCE bug in Microsoft Outlook now exploited in attacks
2 months ago
CISA warned U.S. federal agencies on Thursday to secure their systems against ongoing attacks targeting a critical Microsoft Outlook remote code execution (RCE) vulnerability. [...]
Sergiu Gatlan
Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware
2 months ago
Hackers are targeting vulnerable SimpleHelp RMM clients to create administrator accounts, drop backdoors, and potentially lay the groundwork for ransomware attacks. [...]
Bill Toulas
Critical Cisco ISE bug can let attackers run commands as root
2 months ago
Cisco has fixed two critical Identity Services Engine (ISE) vulnerabilities that can let attackers with read-only admin privileges bypass authorization and run commands as root. [...]
Sergiu Gatlan
DDoS attacks reportedly behind DayZ and Arma network outages
2 months ago
An ongoing distributed denial of service (DDoS) attack targets Bohemia Interactive's infrastructure, preventing players of DayZ and Arma Reforger from playing the games online. [...]
Bill Toulas
British engineering firm IMI discloses breach, shares no details
2 months ago
British-based engineering firm IMI plc has disclosed a security breach after unknown attackers hacked into the company's systems. [...]
Sergiu Gatlan
New Microsoft script updates Windows media with bootkit malware fixes
2 months ago
Microsoft has released a PowerShell script to help Windows users and admins update bootable media so it utilizes the new "Windows UEFI CA 2023" certificate before the mitigations of the BlackLotus UEFI bootkit are enforced later this year. [...]
Lawrence Abrams
Microsoft script updates bootable media for BlackLotus bootkit fixes
2 months ago
Microsoft has released a PowerShell script to help Windows users and admins update bootable media so it utilizes the new "Windows UEFI CA 2023" certificate before the mitigations of the BlackLotus UEFI bootkit are enforced later this year. [...]
Lawrence Abrams
Robocallers posing as FCC fraud prevention team call FCC staff
2 months ago
The FCC has proposed a $4,492,500 fine against VoIP service provider Telnyx for allegedly allowing customers to make robocalls posing as fictitious FCC "Fraud Prevention Team," by failing to comply with Know Your Customer (KYC) rules. However, Telnyx says the FCC is mistaken and denies the accusations. [...]
Sergiu Gatlan
Ransomware payments fell by 35% in 2024, totalling $813,550,000
2 months ago
Payments to ransomware actors decreased 35% year-over-year in 2024, totaling $813.55 million, down from $1.25 billion recorded in 2023. [...]
Bill Toulas
CISA orders agencies to patch Linux kernel bug exploited in attacks
2 months ago
CISA has ordered federal agencies to secure their systems within three weeks against a high-severity Linux kernel flaw actively exploited in attacks. [...]
Sergiu Gatlan
Hackers spoof Microsoft ADFS login pages to steal credentials
2 months ago
A help desk phishing campaign targets an organization's Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication (MFA) protections. [...]
Bill Toulas
AMD fixes bug that lets hackers load malicious microcode patches
2 months ago
AMD has released mitigation and firmware updates to address a high-severity vulnerability that can be exploited to load malicious CPU microcode on unpatched devices. [...]
Sergiu Gatlan
CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks
2 months ago
The US Cybersecurity & Infrastructure Security Agency (CISA) has added four vulnerabilities to its Known Exploited Vulnerabilities catalog, urging federal agencies and large organizations to apply the available security updates as soon as possible. [...]
Bill Toulas
Spain arrests suspected hacker of US and Spanish military agencies
2 months ago
The Spanish police have arrested a suspected hacker in Alicante for allegedly conducting 40 cyberattacks targeting critical public and private organizations, including the Guardia Civil, the Ministry of Defense, NATO, the US Army, and various universities. [...]
Bill Toulas
How attackers abuse S3 Bucket Namesquatting — And How to Stop Them
2 months ago
AWS S3 bucket names are global with predictable names that can be exploited in "S3 bucket namesquatting" attacks to access or hijack S3 buckets. In this article, Varonis explains how these attacks work and how you can prevent them. [...]
Sponsored by Varonis
Zyxel won’t patch newly exploited flaws in end-of-life routers
2 months ago
Zyxel has issued a security advisory about actively exploited flaws in CPE Series devices, warning that it has no plans to issue fixing patches and urging users to move to actively supported models. [...]
Bill Toulas
Crypto-stealing apps found in Apple App Store for the first time
2 months ago
A new campaign dubbed 'SparkCat' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. [...]
Bill Toulas
Google Play, Apple App Store apps caught stealing crypto wallets
2 months ago
A new campaign dubbed 'SparkCat' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. [...]
Bill Toulas
Cyber agencies share security guidance for network edge devices
2 months ago
Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging makers of network edge devices and appliances to improve forensic visibility to help defenders detect attacks and investigate breaches. [...]
Sergiu Gatlan
Checked
18 minutes 18 seconds ago
BleepingComputer - All Stories
Bleeping Computer. feed