Category: Bleeping Computer

FBI
07
Mar
2024

U.S. lost record $12.5 billion to online crime in 2023

FBI’s Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which recorded a 22% increase in reported…

Share: X : U.S. lost record $12.5 billion to online crime in 2023Facebook : U.S. lost record $12.5 billion to online crime in 2023Linkedin : U.S. lost record $12.5 billion to online crime in 2023Reddit : U.S. lost record $12.5 billion to online crime in 2023Telegram : U.S. lost record $12.5 billion to online crime in 2023WhatsApp : U.S. lost record $12.5 billion to online crime in 2023Email : U.S. lost record $12.5 billion to online crime in 2023
Hacker
07
Mar
2024

TeamCity auth bypass bug exploited to mass-generate admin accounts

Hackers have started to exploit the critical-severity authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises, which JetBrains addressed in an update…

Share: X : TeamCity auth bypass bug exploited to mass-generate admin accountsFacebook : TeamCity auth bypass bug exploited to mass-generate admin accountsLinkedin : TeamCity auth bypass bug exploited to mass-generate admin accountsReddit : TeamCity auth bypass bug exploited to mass-generate admin accountsTelegram : TeamCity auth bypass bug exploited to mass-generate admin accountsWhatsApp : TeamCity auth bypass bug exploited to mass-generate admin accountsEmail : TeamCity auth bypass bug exploited to mass-generate admin accounts
Puppies looking at a laptop
07
Mar
2024

PetSmart warns of credential stuffing attacks trying to hack accounts

Pet retail giant PetSmart is warning some customers their passwords were reset due to an ongoing credential stuffing attack attempting…

Share: X : PetSmart warns of credential stuffing attacks trying to hack accountsFacebook : PetSmart warns of credential stuffing attacks trying to hack accountsLinkedin : PetSmart warns of credential stuffing attacks trying to hack accountsReddit : PetSmart warns of credential stuffing attacks trying to hack accountsTelegram : PetSmart warns of credential stuffing attacks trying to hack accountsWhatsApp : PetSmart warns of credential stuffing attacks trying to hack accountsEmail : PetSmart warns of credential stuffing attacks trying to hack accounts
Over 40,000 admin portal accounts use
07
Mar
2024

Hacked WordPress sites use visitors’ browsers to hack other sites

Hackers are conducting widescale attacks on WordPress sites to inject scripts that force visitors’ browsers to bruteforce passwords for other…

Share: X : Hacked WordPress sites use visitors’ browsers to hack other sitesFacebook : Hacked WordPress sites use visitors’ browsers to hack other sitesLinkedin : Hacked WordPress sites use visitors’ browsers to hack other sitesReddit : Hacked WordPress sites use visitors’ browsers to hack other sitesTelegram : Hacked WordPress sites use visitors’ browsers to hack other sitesWhatsApp : Hacked WordPress sites use visitors’ browsers to hack other sitesEmail : Hacked WordPress sites use visitors’ browsers to hack other sites
Hackers impersonate U.S. government agencies in BEC attacks
07
Mar
2024

Hackers impersonate U.S. government agencies in BEC attacks

A gang of hackers specialized in business email compromise (BEC) attacks and tracked as TA4903 has been impersonating various U.S….

Share: X : Hackers impersonate U.S. government agencies in BEC attacksFacebook : Hackers impersonate U.S. government agencies in BEC attacksLinkedin : Hackers impersonate U.S. government agencies in BEC attacksReddit : Hackers impersonate U.S. government agencies in BEC attacksTelegram : Hackers impersonate U.S. government agencies in BEC attacksWhatsApp : Hackers impersonate U.S. government agencies in BEC attacksEmail : Hackers impersonate U.S. government agencies in BEC attacks
Canada cyber
06
Mar
2024

Canada’s anti-money laundering agency offline after cyberattack

The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) has announced that a “cyber incident” forced it to take…

Share: X : Canada’s anti-money laundering agency offline after cyberattackFacebook : Canada’s anti-money laundering agency offline after cyberattackLinkedin : Canada’s anti-money laundering agency offline after cyberattackReddit : Canada’s anti-money laundering agency offline after cyberattackTelegram : Canada’s anti-money laundering agency offline after cyberattackWhatsApp : Canada’s anti-money laundering agency offline after cyberattackEmail : Canada’s anti-money laundering agency offline after cyberattack
Duvel says it has "more than enough" beer after ransomware attack
06
Mar
2024

Duvel says it has “more than enough” beer after ransomware attack

Duvel Moortgat Brewery was hit by a ransomware attack late last night, bringing to a halt the beer production in…

Share: X : Duvel says it has “more than enough” beer after ransomware attackFacebook : Duvel says it has “more than enough” beer after ransomware attackLinkedin : Duvel says it has “more than enough” beer after ransomware attackReddit : Duvel says it has “more than enough” beer after ransomware attackTelegram : Duvel says it has “more than enough” beer after ransomware attackWhatsApp : Duvel says it has “more than enough” beer after ransomware attackEmail : Duvel says it has “more than enough” beer after ransomware attack
VMware
06
Mar
2024

VMware fixes critical sandbox escape flaws in ESXi, Workstation, and Fusion

VMware released security updates to fix critical sandbox escape vulnerabilities in VMware ESXi, Workstation, Fusion, and Cloud Foundation products, allowing…

Share: X : VMware fixes critical sandbox escape flaws in ESXi, Workstation, and FusionFacebook : VMware fixes critical sandbox escape flaws in ESXi, Workstation, and FusionLinkedin : VMware fixes critical sandbox escape flaws in ESXi, Workstation, and FusionReddit : VMware fixes critical sandbox escape flaws in ESXi, Workstation, and FusionTelegram : VMware fixes critical sandbox escape flaws in ESXi, Workstation, and FusionWhatsApp : VMware fixes critical sandbox escape flaws in ESXi, Workstation, and FusionEmail : VMware fixes critical sandbox escape flaws in ESXi, Workstation, and Fusion
Hackers cryptocurrency
06
Mar
2024

Hackers target Docker, Hadoop, Redis, Confluence with new Golang malware

Hackers are targeting misconfigured servers running Apache Hadoop YARN, Docker, Confluence, or Redis with new Golang-based malware that automates the…

Share: X : Hackers target Docker, Hadoop, Redis, Confluence with new Golang malwareFacebook : Hackers target Docker, Hadoop, Redis, Confluence with new Golang malwareLinkedin : Hackers target Docker, Hadoop, Redis, Confluence with new Golang malwareReddit : Hackers target Docker, Hadoop, Redis, Confluence with new Golang malwareTelegram : Hackers target Docker, Hadoop, Redis, Confluence with new Golang malwareWhatsApp : Hackers target Docker, Hadoop, Redis, Confluence with new Golang malwareEmail : Hackers target Docker, Hadoop, Redis, Confluence with new Golang malware
Shark
06
Mar
2024

ScreenConnect flaws exploited to drop new ToddlerShark malware

The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a…

Share: X : ScreenConnect flaws exploited to drop new ToddlerShark malwareFacebook : ScreenConnect flaws exploited to drop new ToddlerShark malwareLinkedin : ScreenConnect flaws exploited to drop new ToddlerShark malwareReddit : ScreenConnect flaws exploited to drop new ToddlerShark malwareTelegram : ScreenConnect flaws exploited to drop new ToddlerShark malwareWhatsApp : ScreenConnect flaws exploited to drop new ToddlerShark malwareEmail : ScreenConnect flaws exploited to drop new ToddlerShark malware
Specops Password Security
06
Mar
2024

Passwords are Costing Your Organization Money

Passwords play a critical role in most organizations’ security. But they can also represent a significant expense. From the countless…

Share: X : Passwords are Costing Your Organization MoneyFacebook : Passwords are Costing Your Organization MoneyLinkedin : Passwords are Costing Your Organization MoneyReddit : Passwords are Costing Your Organization MoneyTelegram : Passwords are Costing Your Organization MoneyWhatsApp : Passwords are Costing Your Organization MoneyEmail : Passwords are Costing Your Organization Money
NSA encryption
06
Mar
2024

NSA shares zero-trust guidance to limit adversaries on the network

  The National Security Agency is sharing new guidance to help organizations limit an adversary’s movement on the internal network…

Share: X : NSA shares zero-trust guidance to limit adversaries on the networkFacebook : NSA shares zero-trust guidance to limit adversaries on the networkLinkedin : NSA shares zero-trust guidance to limit adversaries on the networkReddit : NSA shares zero-trust guidance to limit adversaries on the networkTelegram : NSA shares zero-trust guidance to limit adversaries on the networkWhatsApp : NSA shares zero-trust guidance to limit adversaries on the networkEmail : NSA shares zero-trust guidance to limit adversaries on the network