BleepingComputer.com: Cybersecurity News.

BleepingComputer.com: Cybersecurity News.

"Gamaredon hackers start stealing data 30 minutes after a breach."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents. Accessed on 16 July 2023, 1341 UTC. Content supplied by "BleepingComputer.com."

Source: https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please click link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

SECURITY

Gamaredon hackers start stealing data 30 minutes after a breach

Ukraine's Computer Emergency Response Team (CERT-UA) is warning that the Gamaredon hacking operates in rapid attacks, stealing data from breached systems in under an hour.
BILL TOULAS

JULY 15, 2023

10:07 AM

0

SECURITY

Genesis Market infrastructure and inventory sold on hacker forum

The administrators of the Genesis Market for stolen credentials announced on a hacker forum that they sold the store and a new owner would get the reins "next month."
IONUT ILASCU

JULY 14, 2023

04:29 PM

0

MICROSOFT, SECURITY

Microsoft still unsure how hackers stole Azure AD signing key

Microsoft says it still doesn't know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen organizations, including government agencies.
SERGIU GATLAN

JULY 14, 2023

04:18 PM

2

SECURITY

Rockwell warns of new APT RCE exploit targeting critical infrastructure

Rockwell Automation says a new remote code execution (RCE) exploit linked to an unnamed Advanced Persistent Threat (APT) group could be used to target unpatched ControlLogix communications modules commonly used in manufacturing, electric, oil and gas, and liquified natural gas industries.
SERGIU GATLAN

JULY 14, 2023

02:52 PM

0

TECHNOLOGY, SOFTWARE

Spotify reportedly makes users' private playlists public

In what is shaping up to be a widespread privacy controversy, Spotify has come under scrutiny following allegations by users that the music streaming service made their private playlists public without their consent.
MAYANK PARMAR

JULY 14, 2023

12:28 PM

6

SECURITY

WordPress AIOS plugin used by 1M sites logged plaintext passwords

The All-In-One Security (AIOS) WordPress security plugin, used by over a million WordPress sites, was found to be logging plaintext passwords from user login attempts to the site's database, putting account security at risk.
BILL TOULAS

JULY 14, 2023

11:55 AM

0

SECURITY

BreachForums owner Pompompurin pleads guilty to hacking charges

20-year-old Conor Brian Fitzpatrick aka Pompompurin, the owner of the notorious BreachForums (aka Breached) hacking forum, has pleaded guilty to charges of hacking and possession of child pornography.
SERGIU GATLAN

JULY 14, 2023

11:31 AM

1

SECURITY, EDUCATION

Colorado State University says data breach impacts students, staff

Colorado State University (CSU) has confirmed that the Clop ransomware operation stole sensitive personal information of current and former students and employees during the recent MOVEit Transfer data-theft attacks.
BILL TOULAS

JULY 14, 2023

10:23 AM

0

SECURITY

Shutterfly says Clop ransomware attack did not impact customer data

Shutterfly, an online retail and photography manufacturing platform, is among the latest victims hit by Clop ransomware. Over the last few months, Clop ransomware gang has been exploiting a vulnerability in the MOVEit File Transfer utility to breach hundreds of companies to steal their data and attempt extortion against them.
AX SHARMA

JULY 14, 2023

04:09 AM

0

SECURITY

AVrecon malware infects 70,000 Linux routers to build botnet

Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers and add them to a botnet designed to steal bandwidth and provide a hidden residential proxy service.
SERGIU GATLAN

JULY 14, 2023

02:35 AM

2

SECURITY, CLOUD

Cisco SD-WAN vManage impacted by unauthenticated REST API access

The Cisco SD-WAN vManage management software is impacted by a flaw that allows an unauthenticated, remote attacker to gain read or limited write permissions to the configuration of the affected instance.
BILL TOULAS

JULY 13, 2023

05:53 PM

0

GOOGLE, MOBILE, SECURITY

Google Play will enforce business checks to curb malware submissions

Google is fighting back against the constant invasion of malware on Google Play by requiring all new developer accounts registering as an organization to provide a valid D-U-N-S number before submitting apps.
BILL TOULAS

JULY 13, 2023

03:20 PM

9

MICROSOFT

Windows 11 23H2 coming this fall as a small enablement package

Microsoft announced today that the upcoming Windows 11, version 23H2, will be available in the fourth quarter of 2023 as an enablement package since it shares Windows 11 22H2's code base and servicing branch.
SERGIU GATLAN

JULY 13, 2023

02:55 PM

0

SECURITY, LINUX

Fake Linux vulnerability exploit drops data-stealing malware

Cybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware.
BILL TOULAS

JULY 13, 2023

02:28 PM

3

SECURITY

Zimbra urges admins to manually fix zero-day exploited in attacks

Zimbra urged admins today to manually fix a zero-day vulnerability actively exploited to target and compromise Zimbra Collaboration Suite (ZCS) email servers.
SERGIU GATLAN

JULY 13, 2023

01:54 PM

0
1

2

3

4

5

VIEW MORE

Comments