The Week in Ransomware – September 8th 2023
It started as a slow ransomware news week but slowly picked up pace with the Department of Justice announcing indictments on TrickBot and Conti operations…
Category: Bleeping Computer
Notepad++ 8.5.7 released with fixes for four security vulnerabilities
Notepad++ version 8.5.7 has been released with fixes for multiple buffer overflow zero-days, with one marked as potentially leading to code execution by tricking users…
Ragnar Locker claims attack on Israel’s Mayanei Hayeshua hospital
The Ragnar Locker ransomware gang has claimed responsibility for an attack on Israel’s Mayanei Hayeshua hospital, threatening to leak 1 TB of data allegedly stolen…
Dymocks Booksellers suffers data breach impacting 836k customers
Dymocks Booksellers is warning customers their personal information was exposed in a data breach after the company’s database was shared on hacking forums. Dymocks is…
Cisco warns of VPN zero-day exploited by ransomware gangs
Cisco is warning of a zero-day vulnerability in its Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) that is actively exploited by…
Microsoft Paint in Windows 11 gets a background removal tool
Microsoft is rolling out a new version of the Paint application on Windows 11 Insider builds that can remove the background from any picture with…
Google is enabling Chrome real-time phishing protection for everyone
Google announced today that it is deprecating the standard Google Chrome Safe Browsing feature and moving everyone to its Enhanced Safe Browsing feature in the…
CISA warns of critical Apache RocketMQ bug exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added to its catalog of known exploited vulnerabilities (KEV) a critical–severity issue tracked as CVE-2023-33246 that…
Iranian hackers breach US aviation org via Zoho, Fortinet bugs
Image: Midjourney State-backed hacking groups have breached a U.S. aeronautical organization using exploits targeting critical Zoho and Fortinet vulnerabilities, a joint advisory published by CISA,…
Apple zero-click iMessage exploit used to infect iPhones with spyware
Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain to deploy…
Cisco BroadWorks impacted by critical authentication bypass flaw
A critical vulnerability impacting the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow remote attackers to forge credentials and bypass…
Google Looker Studio abused in cryptocurrency phishing attacks
Cybercriminals are abusing Google Looker Studio to create counterfeit cryptocurrency phishing websites that phish digital asset holders, leading to account takeovers and financial losses. Google’s…