BleepingComputer.com: Latest Cybersecurity News

"Clop, Lockbit ransomware group behind PaperCut server attacks."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 27 April 2023, 1350 UTC.  Content provided by "BleepingComputer.com."

Source:   https://www.bleepingcomputer.com/ ("BleepingComputer.com).

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

• 
   
  SECURITY

  Clop, LockBit ransomware gangs behind PaperCut server attacks

  ​Microsoft has attributed recent attacks on PaperCut servers to the Clop and LockBit ransomware operations, which used the vulnerabilities to steal corporate data.

  • LAWRENCE ABRAMS
   
  • APRIL 26, 2023
   
  • 07:28 PM
   
  •  0
• 
   
  SECURITY, LEGAL

  Ukrainian arrested for selling data of 300M people to Russians

  The Ukrainian cyber police have arrested a 36-year-old man from the city of Netishyn for selling the personal data and sensitive information of over 300 million people, citizens of Ukraine, and various European countries.

  • BILL TOULAS
   
  • APRIL 26, 2023
   
  • 05:35 PM
   
  •  2
• 
   
  GOOGLE, SECURITY

  Google will add End-to-End encryption to Google Authenticator

  Google is bringing end-to-end encryption to Google Authenticator cloud backups after researchers warned users against synchronizing 2FA codes with their Google accounts.

  • LAWRENCE ABRAMS
   
  • APRIL 26, 2023
   
  • 05:11 PM
   
  •  2
• 
   
  SECURITY

  PrestaShop fixes bug that lets any backend user delete databases

  The open-source e-commerce platform PrestaShop has released a new version that addresses a critical-severity vulnerability allowing any back-office user to write, update, or delete SQL databases regardless of their permissions.

  • BILL TOULAS
   
  • APRIL 26, 2023
   
  • 03:30 PM
   
  •  0
• 
   
  SECURITY

  Cisco discloses XSS zero-day flaw in server management tool

  Cisco disclosed today a zero-day vulnerability in the company's Prime Collaboration Deployment (PCD) software that can be exploited for cross-site scripting attacks.

  • SERGIU GATLAN
   
  • APRIL 26, 2023
   
  • 02:51 PM
   
  •  0
• 
   
  SECURITY

  Tencent QQ users hacked in mysterious malware attack, says ESET

  The Chinese APT hacking group known as 'Evasive Panda' are behind a mysterious attack that distributed the MsgBot malware as part of an automatic update for the Tencent QQ messaging app.

  • BILL TOULAS
   
  • APRIL 26, 2023
   
  • 02:16 PM
   
  •  0
• 
   
  SECURITY

  Google disrupts the CryptBot info-stealing malware operation

  Google is taking down malware infrastructure linked to the Cryptbot info stealer after suing those using it to infect Google Chrome users and steal their data.

  • SERGIU GATLAN
   
  • APRIL 26, 2023
   
  • 12:46 PM
   
  •  0
• 
   
  SECURITY

  Thousands of Apache Superset servers exposed to RCE attacks

  Apache Superset is vulnerable to authentication bypass and remote code execution at default configurations, allowing attackers to potentially access and modify data, harvest credentials, and execute commands.

  • BILL TOULAS
   
  • APRIL 26, 2023
   
  • 11:52 AM
   
  •  0
• 
   
  MICROSOFT

  Microsoft rolls out Phone Link for iOS to all Windows 11 users

  Microsoft is rolling out Phone Link for iOS to all Windows 11 and iPhone users, with the rollout expected to complete by mid-May. 

  • SERGIU GATLAN
   
  • APRIL 26, 2023
   
  • 11:44 AM
   
  •  0
• 
   
  MICROSOFT

  Microsoft removes LSA Protection from Windows settings to fix bug

  Microsoft has fixed a known issue triggering Windows Security warnings that Local Security Authority (LSA) Protection is off by removing the feature's UI from settings.

  • SERGIU GATLAN
   
  • APRIL 26, 2023
   
  • 11:27 AM
   
  •  1
• 
   
  SECURITY

  Chinese hackers use new Linux malware variants for espionage

  Hackers are deploying new Linux malware variants in cyberespionage attacks, such as a new PingPull variant and a previously undocumented backdoor tracked as 'Sword2033.' 

  • BILL TOULAS
   
  • APRIL 26, 2023
   
  • 06:00 AM
   
  •  1
• 
   
  MICROSOFT

  New Microsoft 365 outage causes Exchange Online connectivity issues

  Microsoft is investigating ongoing Microsoft 365 issues preventing some Exchange Online customers from accessing their mailboxes.

  • SERGIU GATLAN
   
  • APRIL 25, 2023
   
  • 04:47 PM
   
  •  2
• 
   
  SECURITY

  VMware fixes critical zero-day exploit chain used at Pwn2Own

  VMware has released security updates to address zero-day vulnerabilities that could be chained to gain code execution systems running unpatched versions of the company's Workstation and Fusion software hypervisors.

  • SERGIU GATLAN
   
  • APRIL 25, 2023
   
  • 02:33 PM
   
  •  0
• 
   
  MICROSOFT

  Windows 10 KB5025297 preview update released with 10 fixes

  Microsoft has released the optional KB5025297 Preview cumulative update for Windows 10 22H2, with eighteen fixes or changes.

  • LAWRENCE ABRAMS
   
  • APRIL 25, 2023
   
  • 02:26 PM
   
  •  0
• 
   
  MICROSOFT

  Windows 11 KB5025305 adds prioritized Windows updates setting

  Microsoft has released the optional April 2023 non-security cumulative updates for all editions of Windows 11 22H2 with a new option to prioritize non-security and feature Windows updates.

  • SERGIU GATLAN
   
  • APRIL 25, 2023
   
  • 01:44 PM
   
  •  0
• 
   
  SECURITY, HARDWARE

  New SLP bug can lead to massive 2,200x DDoS amplification attacks

  A new reflective Denial-of-Service (DoS) amplification vulnerability in the Service Location Protocol (SLP) allows threat actors to launch massive denial-of-service attacks with 2,200X amplification.

  • BILL TOULAS
   
  • APRIL 25, 2023
   
  • 11:26 AM
   
  •  0

• 1
 
• 2
 
• 3
 
• 4
 
• 5
 

VIEW MORE