Colorado Department of Higher Education warns of massive data breach
The Colorado Department of Higher Education (CDHE) discloses a massive data breach impacting students, past students, and teachers after suffering a ransomware attack in June.…
Category: Bleeping Computer
The Week in Ransomware – August 4th 2023
Ransomware gangs continue to prioritize targeting VMware ESXi servers, with almost every active ransomware gang creating custom Linux encryptors for this purpose. This week, BleepingComputer…
Microsoft fixes flaw after being called irresponsible by Tenable CEO
Microsoft fixed a security flaw in the Power Platform Custom Connectors feature that let unauthenticated attackers access cross-tenant applications and Azure customers’ sensitive data after being…
New PaperCut critical bug exposes unpatched servers to RCE attacks
PaperCut recently fixed a critical security vulnerability in its NG/MF print management software that allows unauthenticated attackers to gain remote code execution on unpatched Windows…
FBI warns of scammers posing as NFT devs to steal your crypto
The FBI warned today of fraudsters posing as Non-Fungible Token (NFT) developers to prey upon NFT enthusiasts and steal their cryptocurrency and NFT assets. In…
Microsoft kills Cortana in Windows 11 preview, long live AI!
Microsoft has officially begun killing off Cortana as the company moves its focus towards integrating ChatGPT and AI into Windows 11. In June, Microsoft announced…
Google explains how Android malware slips onto Google Play Store
The Google Cloud security team acknowledged a common tactic known as versioning used by malicious actors to slip malware on Android devices after evading the Google…
Extended warranty robocallers fined $300 million after 5 billion scam calls
The Federal Communications Commission (FCC) has announced a record-breaking $299,997,000 fine imposed on an international network of companies for placing five billion robocalls to more…
music searches, pages, account signups not working
Spotify users are reporting the music streaming service to be down in the last hour. Spotify team is currently investigating the cause. Music searches, pages, account…
Fake VMware vConnector package on PyPI targets IT pros
A malicious package that mimics the VMware vSphere connector module ‘vConnector’ was uploaded on the Python Package Index (PyPI) under the name ‘VMConnect,’ targeting IT…
New Microsoft Azure AD CTS feature can be abused for lateral movement
Microsoft’s new Azure Active Directory Cross-Tenant Synchronization (CTS) feature, introduced in June 2023, has created a new potential attack surface that might allow threat actors…
Chrome malware Rilide targets enterprise users via PowerPoint guides
The malicious Rilide Stealer Chrome browser extension has returned in new campaigns targeting crypto users and enterprise employees to steal credentials and crypto wallets. Rilide…