“Bitcoin Queen” gets 11 years in prison for $7.3 billion Bitcoin scam
A Chinese woman known as the “Bitcoin Queen” was sentenced in London to 11 years and eight months in jail for laundering Bitcoin from a £5.5…
Category: Bleeping Computer
How a CPU spike led to uncovering a RansomHub ransomware attack
Varonis recently helped a customer who observed a spike in CPU activity on a server in their environment, where a shallow review of the device…
GlobalLogic warns 10,000 employees of data theft after Oracle breach
GlobalLogic, a provider of digital engineering services part of the Hitachi group, is notifying over 10,000 current and former employees that their data was stolen…
SAP fixes hardcoded credentials flaw in SQL Anywhere Monitor
SAP has released its November security updates that address multiple security vulnerabilities, including a maximum severity flaw in the non-GUI variant of the SQL Anywhere Monitor…
Modern Patch Management – Strategies to patch faster with less risk
Unpatched vulnerabilities continue to top the list of root causes in major security breaches, and yet, most organizations still struggle to fix them fast enough.…
APT37 hackers abuse Google Find Hub in Android data-wiping attacks
North Korean hackers are abusing Google’s Find Hub tool to track the GPS location of their targets and remotely reset Android devices to factory settings. The…
Mozilla Firefox gets new anti-fingerprinting defenses
Mozilla announced a major privacy upgrade in Firefox 145 that reduces even more the number of users vulnerable to digital fingerprinting. The new protections will…
Quantum Route Redirect PhaaS targets Microsoft 365 users worldwide
A new phishing automation platform named Quantum Route Redirect is using around 1,000 domains to steal Microsoft 365 users’ credentials. The kit comes pre-configured with phishing domains…
Yanluowang initial access broker pleaded guilty to ransomware attacks
A Russian national will plead guilty to acting as an initial access broker (IAB) for Yanluowang ransomware attacks that targeted at least eight U.S. companies between…
CISA orders feds to patch Samsung zero-day used in spyware attacks
CISA ordered U.S. federal agencies today to patch a critical Samsung vulnerability that has been exploited in zero-day attacks to deploy LandFall spyware on devices…
Yanluowang initial access broker to plead guilty to ransomware attacks
A Russian national will plead guilty to acting as an initial access broker (IAB) for Yanluowang ransomware attacks that targeted at least eight U.S. companies between…
Popular JavaScript library expr-eval vulnerable to RCE flaw
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted…