Saturday, December 21, 2024

BleepingComputer.com

"New FlowerStorm Microsoft publishing service fills void left by Rockstar2FA."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 21 December 2024, 1822 UTC.

Content and Source:   https://www.bleepingcomputer.com/

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Latest Articles

New FlowerStorm Microsoft phishing service fills void left by Rockstar2FA

  • A new Microsoft 365 phishing-as-a-service platform called "FlowerStorm" is growing in popularity, filling the void left behind by the sudden shutdown of the Rockstar2FA cybercrime service.

  • Cybersecurity ethical hacking penetration testing
     
    Deals

Get job training as an ethical hacker in this $45.99 course deal

  • The Masters in Cyber Security Certification Bundle is designed to provide that edge, offering advanced, hands-on training to aspiring tech workers. All course materials are available for life for $45.99 (reg. $135). 

    • BleepingComputer Deals
      •  
    • December 21, 2024
      •  
    • 08:09 AM
      •  
    • Comment Count 0
  • Google Chrome
     
    Google, Software

Google Chrome uses AI to analyze pages in new scam detection feature

  • Google is using artificial intelligence to power a new Chrome scam protection feature that analyzes brands and the intent of pages as you browse the web.

  • Hackers cryptocurrency
     
    Security, CryptoCurrency

Malicious Rspack, Vant packages published using stolen NPM tokens

  • Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers.

  • LockBit
     
    Security

US charges Russian-Israeli as suspected LockBit ransomware coder

  • The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group.

  • Sophos
     
    Security

Sophos discloses critical Firewall remote code execution flaw

  • Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices.

  • Krispy Kreme
     
    Security

Krispy Kreme breach, data theft claimed by Play ransomware gang

  • The Play ransomware gang has claimed responsibility for a cyberattack that impacted the business operations of the U.S. doughnut chain Krispy Kreme in November.

  • Hacking security Cybersecurity
     
    Deals

Kickstart your ethical hacking career with 9 in-depth courses

  • This penetration testing and ethical hacking bundle offers nine expert-led courses to help you build a strong foundation in ethical hacking and penetration testing. Perfect for aspiring cybersecurity professionals, this bundle covers everything from coding to IoT pentesting, on sale for $49.99.

    • BleepingComputer Deals
      •  
    • December 20, 2024
      •  
    • 07:19 AM
      •  
    • Comment Count 0
  • Ascension
     
    Security, Healthcare

Ascension: Health data of 5.6 million stolen in ransomware attack

  • ​Ascension, one of the largest private U.S. healthcare systems, is notifying nearly 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation.

  • Pirate TV streaming
     
    Security

Massive live sports piracy ring with 812 million yearly visits taken offline

  • ​The Alliance for Creativity and Entertainment (ACE) has taken down one of the world's largest live sports streaming piracy rings, with over 821 million visits last year.

  • Hacker prison
     
    Security

Romanian Netwalker ransomware affiliate sentenced to 20 years in prison

  • ​Daniel Christian Hulea, a Romanian man charged for his involvement in NetWalker ransomware attacks, was sentenced to 20 years in prison after pleading guilty to computer fraud conspiracy and wire fraud conspiracy in June.

  • Android Trojan
     
    Security, Hardware

BadBox malware botnet infects 192,000 Android devices despite disruption

  • The BadBox Android malware botnet has grown to over 192,000 infected devices worldwide despite a recent sinkhole operation that attempted to disrupt the operation in Germany.

  • Microsoft 365
     
    Microsoft

Microsoft 365 users hit by random product deactivation errors

  • ​Microsoft is investigating a known issue randomly triggering "Product Deactivated" errors for customers using Microsoft 365 Office apps.

  • CompTia
     
    Deals

The holiday gift trains you in CompTIA certifications for $29.97

  • Studying for and passing CompTIA certifications exam might just get a foot in the door at an entry-level cybersecurity job, and this prep bundle is now only $29.97 (reg. $299) for three more days.

    • BleepingComputer Deals
      •  
    • December 19, 2024
      •  
    • 02:08 PM
      •  
    • Comment Count 0
  • Android
     
    Security

Android malware found on Amazon Appstore disguised as health app

  • A malicious Android spyware application named 'BMI CalculationVsn' was discovered on the Amazon Appstore, masquerading as a simple health tool but stealing data from infected devices in the background.

  • Juniper Networks
     
    Security

Juniper warns of Mirai botnet scanning for Session Smart routers

  • Juniper Networks has warned customers of Mirai malware attacks scanning the Internet for Session Smart routers using default credentials.

  • Windows 11
     
    Microsoft

Windows 11 24H2 upgrades blocked on some PCs due to audio issues

  • Microsoft has added another Windows 11 24H2 upgrade block for systems with Dirac audio improvement software due to compatibility issues breaking sound output.

  • Fortinet
     
    Security

Fortinet warns of FortiWLM bug giving hackers admin privileges

  • Fortinet has disclosed a critical vulnerability in Fortinet Wireless Manager (FortiWLM) that allows remote attackers to take over devices by executing unauthorized code or commands through specially crafted web requests.

  • Windows 11
     
    Microsoft

Microsoft says Auto HDR causes game freezes on Windows 11 24H2

  • Microsoft is now blocking Windows 11 24H2 upgrades on systems with Auto HDR enabled due to a compatibility issue that causes game freezes.

  • BeyondTrust
     
    Security

BeyondTrust says hackers breached Remote Support SaaS instances

  • Privileged access management company BeyondTrust suffered a cyberattack in early December after threat actors breached some of its Remote Support SaaS instances.

at
Labels:

No comments:

Post a Comment

Please leave a comment about our recent post.

Subscribe to: Post Comments (Atom)

Security Affairs.

"A flaw in the W3 Total Cache plugin exposes hundreds of thousands of wordpress sites to attacks." Views expressed in this cyberse...

  • The Cyberwire Daily Briefing
    "Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters ...
  • Cyber War News Today.
    "International Defence Cooperation:  A key to regional stability." Views expressed in this cybersecurity, cyber espionage, and cyb...
  • SecurityWeek Briefing
    "New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the report...