BleepingComputer.com

"Magnet Goblin hackers use 1-day flaws to drop custom Linux malware."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 March 2024, 1422 UTC.

Content and Source:  https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

• 
   
  DEALS

Get started with Microsoft Azure with an extra 20% off this training bundle

• Cloud computing should be part of your skill set. These nine courses on Microsoft Azure add those skills to your resume for $31.99, $85 off the $117 MSRP with code ENJOY20 at checkout, only available now through 11:59pm PST on March 10th.

  • BLEEPINGCOMPUTER DEALS
   
  • MARCH 10, 2024
   
  • 08:12 AM
   
  •  0
• 
   
  SECURITY

Magnet Goblin hackers use 1-day flaws to drop custom Linux malware

• A financially motivated hacking group named Magnet Goblin uses various 1-day vulnerabilities to breach public-facing servers and deploy custom malware on Windows and Linux systems.

  • BILL TOULAS
   
  • MARCH 09, 2024
   
  • 10:08 AM
   
  •  1
• 
   
  DEALS

Advance your career with over $70 off this cybersecurity analyst training bundle

• Cybersecurity becomes a more pressing problem every day. These eight cybersecurity analyst training classes helps you meet those challenges for $23.99, 75% off the $96 MSRP when you use our sitewide sale code ENJOY20 at checkout, only active now through the end of March 10th.

  • BLEEPINGCOMPUTER DEALS
   
  • MARCH 09, 2024
   
  • 08:14 AM
   
  •  0
• 
   
  SECURITY

The Week in Ransomware - March 8th 2024 - Waiting for the BlackCat rebrand

• We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government.

  • LAWRENCE ABRAMS
   
  • MARCH 08, 2024
   
  • 05:25 PM
   
  •  1
• 
   
  SECURITY

Critical Fortinet flaw may impact 150,000 exposed devices

• Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows executing code without authentication.

  • IONUT ILASCU
   
  • MARCH 08, 2024
   
  • 03:37 PM
   
  •  1
• 
   
  SECURITY

QNAP warns of critical auth bypass flaw in its NAS devices

• QNAP warns of vulnerabilities in its NAS software products, including QTS, QuTS hero, QuTScloud, and myQNAPcloud, that could allow attackers to access devices.

  • BILL TOULAS
   
  • MARCH 08, 2024
   
  • 03:03 PM
   
  •  0
• 
   
  SECURITY, HEALTHCARE, TECHNOLOGY

UnitedHealth brings some Change Healthcare pharmacy services back online

• Optum's Change Healthcare has started to bring systems back online after suffering a crippling BlackCat ransomware attack last month that led to widespread disruption to the US healthcare system.

  • BILL TOULAS
   
  • MARCH 08, 2024
   
  • 12:54 PM
   
  •  0
• 
   
  MICROSOFT, SECURITY

Microsoft says Russian hackers breached its systems, accessed source code

• Microsoft says the Russian 'Midnight Blizzard' hacking group recently accessed some of its internal systems and source code repositories using authentication secrets stolen during a January cyberattack.

  • LAWRENCE ABRAMS
   
  • MARCH 08, 2024
   
  • 10:31 AM
   
  •  2
• 
   
  DEALS

Save an extra 20% off this super-sized ethical hacking training bundle

• Ethical hacking is an increasingly important job skill as threats to networks multiply. These 18 white-hat training courses teach you how to use it for $36.79, $1061 off the $1098 MSRP with code ENJOY20 at checkout, but only through 11:59pm PST on March 10th.

  • BLEEPINGCOMPUTER DEALS
   
  • MARCH 08, 2024
   
  • 07:09 AM
   
  •  0
• 
   
  SECURITY

CISA, NSA share best practices for securing cloud services

• The NSA and the Cybersecurity and Infrastructure Security Agency (CISA) have released five joint cybersecurity bulletins containing on best practices for securing a cloud environment.

  • LAWRENCE ABRAMS
   
  • MARCH 07, 2024
   
  • 06:05 PM
   
  •  0
• 
   
  SECURITY

Switzerland: Play ransomware leaked 65,000 government documents

• The National Cyber Security Centre (NCSC) of Switzerland has released a report on its analysis of a data breach following a ransomware attack on Xplain, disclosing that the incident impacted thousands of sensitive Federal government files.

  • BILL TOULAS
   
  • MARCH 07, 2024
   
  • 03:27 PM
   
  •  0
• 
   
  DEALS

Protect yourself from malicious ads with $269 off an AdGuard bundle

• The right tools can keep the internet convenient and safe. This three-year AdGuard subscription bundle gives you the software you need for $23.99, $269 off the $293 MSRP with our storewide discount code ENJOY20 at checkout, running now through the end of March 10th.

  • BLEEPINGCOMPUTER DEALS
   
  • MARCH 07, 2024
   
  • 02:09 PM
   
  •  0
• 
   
  MICROSOFT

Windows 10 KB5001716 update fails with 0x80070643 errors, how to fix

• Microsoft is pushing out a Windows 10 KB5001716 update used to improve Windows Update that is ironically failing to install, showing 0x80070643 errors.

  • LAWRENCE ABRAMS
   
  • MARCH 07, 2024
   
  • 01:00 PM
   
  •  10
• 
   
  SECURITY, TECHNOLOGY

MiTM phishing attack can let attackers unlock and steal a Tesla

• Researchers demonstrated how they could conduct a Man-in-the-Middle (MiTM) phishing attack to compromise Tesla accounts, unlocking cars, and starting them. The attack works on the latest Tesla app, version 4.30.6, and Tesla software version 11.1 2024.2.7.

  • BILL TOULAS
   
  • MARCH 07, 2024
   
  • 12:07 PM
   
  •  10
• 
   
  SECURITY

AnyCubic fixes exploited 3D printer zero day flaw with new firmware

• AnyCubic has released new Kobra 2 firmware to fix a zero-day vulnerability exploited last month to print security warnings on 3D printers worldwide.

  • LAWRENCE ABRAMS
   
  • MARCH 07, 2024
   
  • 11:10 AM
   
  •  0
• 
   
  GOOGLE, ARTIFICIAL INTELLIGENCE, LEGAL

Google engineer caught stealing AI tech secrets for Chinese firms

• The U.S. Department of Justice (DoJ) has announced the unsealing of an indictment against Linwei (Leon) Ding, 38, a former software engineer at Google, suspected of stealing Google AI trade secrets for Chinese companies.

  • BILL TOULAS
   
  • MARCH 07, 2024
   
  • 09:56 AM
   
  •  0
• 
   
  SECURITY

FBI: U.S. lost record $12.5 billion to online crime in 2023

• FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which recorded a 22% increase in reported losses compared to 2022, amounting to a record of $12.5 billion.

  • BILL TOULAS
   
  • MARCH 07, 2024
   
  • 07:53 AM
   
  •  1
• 
   
  DEALS

Enhance your commute with a refurbished MacBook Air for over $750 off

• A Mac offers a lightweight user experience, in every sense of the word, ideal for a commute. Get a refurbished MacBook Air for $345.99, $763 off the $1109 MSRP.

  • BLEEPINGCOMPUTER DEALS
   
  • MARCH 07, 2024
   
  • 07:16 AM
   
  •  0
• 
   
  SECURITY

PetSmart warns of credential stuffing attacks trying to hack accounts

• Pet retail giant PetSmart is warning some customers their passwords were reset due to an ongoing credential stuffing attack attempting to breach accounts.

  • LAWRENCE ABRAMS
   
  • MARCH 06, 2024
   
  • 07:25 PM
   
  •  0
• 
   
  SECURITY

Critical TeamCity flaw now widely exploited to create admin accounts

• Hackers have started to exploit the critical-severity authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises, which JetBrains addressed in an update on Monday.

  • IONUT ILASCU
   
  • MARCH 06, 2024
   
  • 07:19 PM
   
  •  0

• 1
 
• 2
 
• 3
 
• 4
 
• 5
 

VIEW MORE