Hackers abuse QEMU to covertly tunnel network traffic in cyberattacks
Malicious actors were detected abusing the open-source hypervisor platform QEMU as a tunneling tool in a cyberattack against a large company. QEMU is a free…
Category: Bleeping Computer
BlackCat ransomware shuts down in exit scam, blames the “feds”
The BlackCat ransomware gang is pulling an exit scam, trying to shut down and run off with affiliates’ money by pretending the FBI seized their…
ScreenConnect flaws exploited to drop new ToddleShark malware
The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a new malware variant dubbed ToddleShark.…
Exploit available for new critical TeamCity auth bypass bug, patch now
A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control of the server with administrative…
Hackers steal Windows NTLM authentication hashes in phishing attacks
The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager (NTLM) authentication hashes to perform account hijacks. TA577…
American Express credit cards exposed in third-party data breach
3/4/24: Article updated with further clarification from American Express that it was a merchant processor who was hacked, not one of their service providers. American…
BlackCat ransomware turns off servers amid claim they stole $22 million ransom
The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the…
Apple blames Spotify for $1.95 billion fine over “abusive” App store rules
The European Commission has fined Apple €1.8 billion, or approximately $1.95 million, for allegedly abusing its market dominance in music streaming app distribution to prevent…
American Express credit cards exposed in vendor data breach
American Express is warning customers that credit cards were exposed in a third-party data breach after one of its service providers was hacked. In a…
Ukraine claims it hacked Russian Ministry of Defense servers
The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense claims that it breached the servers of the Russian Ministry of Defense (Minoborony) and stole…
North Korea hacks two South Korean chip firms to steal engineering data
The National Intelligence Service (NIS) in South Korea warns that North Korean hackers target domestic semiconductor manufacturers in cyber espionage attacks. NIS says these attacks…
Content farm impersonates 60+ major news outlets, like BBC, CNN, CNBC
BleepingComputer has discovered a content farm operating some 60+ domains named after popular media outlets, including the BBC, CNBC, CNN, Forbes, Huffington Post, Reuters, The…