SonicWall warns customers to reset credentials after breach
SonicWall warned customers today to reset credentials after their firewall configuration backup files were exposed in a security breach that impacted MySonicWall accounts. After detecting…
Category: Bleeping Computer
Dissecting Evolving Threat Actor Techniques
By John Hammond, Alden Schmidt, Lindsey Welch During the past fifteen business days, Huntress analysts have observed increased threat activity involving several notable techniques. One…
Office 2016 and Office 2019 reach end of support next month
Microsoft reminded customers again this week that Office 2016 and Office 2019 will reach the end of extended support in less than 30 days, on…
Microsoft and Cloudflare disrupt massive RaccoonO365 phishing service
Microsoft and Cloudflare have disrupted a massive Phishing-as-a-Service (PhaaS) operation, known as RaccoonO365, that helped cybercriminals steal thousands of Microsoft 365 credentials. In early September…
BreachForums hacking forum admin resentenced to three years in prison
Conor Brian Fitzpatrick, the 22-year-old behind the notorious BreachForums hacking forum, was resentenced today to three years in prison after a federal appeals court overturned…
Microsoft rolls out Copilot Chat to Microsoft 365 Office apps
Microsoft is rolling out Copilot Chat to Word, Excel, PowerPoint, Outlook, and OneNote for paying Microsoft 365 business customers. Copilot Chat (short for Microsoft 365…
Google nukes 224 Android malware apps behind massive ad fraud campaign
A massive Android ad fraud operation dubbed “SlopAds” was disrupted after 224 malicious applications on Google Play were used to generate 2.3 billion ad requests per…
Self-propagating supply chain attack hits 187 npm packages
Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack, with a malicious self-propagating payload to infect other packages. The coordinated…
WMIC will be removed after Windows 11 25H2 upgrade
Microsoft has announced that the Windows Management Instrumentation Command-line (WMIC) tool will be removed after upgrading to Windows 11 25H2 and later. WMIC is a legacy built-in…
Your browser is the breach — securing the modern web edge
The web browser has quietly become one of the most critical components of enterprise infrastructure—and one of the most dangerous. On September 29th at 12:00…
Your Secret Weapon for Security
When one person on your IT team is VMware certified, that’s a win. But when your entire team is certified? That’s a force multiplier for…
New FileFix attack uses steganography to drop StealC malware
A newly discovered FileFix social engineering attack impersonates Meta account suspension warnings to trick users into unknowingly installing the StealC infostealer malware. FileFix is a…