New BugSleep malware implant deployed in MuddyWater attacks
Image: MidjourneyThe Iranian-backed MuddyWatter hacking group has partially switched to using a new custom-tailored malware implant to steal files and run commands on compromised systems.…
Category: Bleeping Computer
MuddyWater hackers deploy new BugSleep backdoor malware in attacks
The Iranian-backed MuddyWatter hacking group has partially switched to using a new custom-tailored malware to steal files and run commands on compromised systems. Dubbed BugSleep, this…
Detecting Living Off The Land attacks with Wazuh
Cyber attackers constantly improve their tactics to evade detection and achieve malicious objectives, making it important for organizations to develop better detection and response strategies.…
Facebook ads for Windows desktop themes push info-stealing malware
Cybercriminals use Facebook business pages and advertisements to promote fake Windows themes that infect unsuspecting users with the SYS01 password-stealing malware. Trustwave researchers who observed the…
Microsoft shares temp fix for Windows 11 Photos not launching
Microsoft has provided a temporary workaround for a known issue preventing the Microsoft Photos app from launching on some Windows 11 systems. The company says…
SEXi ransomware rebrands to APT INC, continues VMware ESXi attacks
The SEXi ransomware operation, known for targeting VMware ESXi servers, has rebranded under the name APT INC and has targeted numerous organizations in recent attacks.…
June Windows Server updates break Microsoft 365 Defender features
Microsoft has confirmed that Windows Server updates from last month’s Patch Tuesday break some Microsoft 365 Defender features that use the network data reporting service. Redmond describes…
Microsoft fixes bug causing Windows Update automation issues
Microsoft has resolved a known issue caused by the June 2024 KB5039302 preview update, causing update problems when using Windows Update automation scripts on Windows…
Hackers use PoC exploits in attacks 22 minutes after release
Threat actors are quick to weaponize available proof-of-concept (PoC) exploits in actual attacks, sometimes as quickly as 22 minutes after exploits are made publicly available.…
Banks in Singapore to phase out one-time passwords in 3 months
The Monetary Authority of Singapore (MAS) has announced a new requirement impacting all major retail banks in the country to phase out the use of…
Massive AT&T data breach exposes call logs of 109 million customers
AT&T is warning of a massive data breach where threat actors stole the call logs for approximately 109 million customers, or nearly all of its…
Netgear warns users to patch auth bypass, XSS router flaws
Image: MidjourneyNetgear warned customers to update their devices to the latest available firmware, which patches stored cross-site scripting (XSS) and authentication bypass vulnerabilities in several…