Category: Bleeping Computer

Kucoin
24
Apr
2023

KuCoin’s Twitter account hacked to promote crypto scam

KuCoin’s Twitter account was hacked, allowing attackers to promote a fake giveaway scam that led to the theft of over…

APC UPS in a server rack
24
Apr
2023

APC warns of critical unauthenticated RCE flaws in UPS software

APC’s Easy UPS Online Monitoring Software is vulnerable to unauthenticated arbitrary remote code execution, allowing hackers to take over devices…

Microsoft 365
24
Apr
2023

Microsoft 365 search outage affects Outlook, Teams, and SharePoint

Microsoft is investigating an ongoing issue preventing some customers from using the search functionality across multiple Microsoft 365 services. The…

Yellow Pages Canada
24
Apr
2023

Yellow Pages Canada confirms cyber attack as Black Basta leaks data

Yellow Pages Group, a Canadian directory publisher has confirmed to BleepingComputer that it has been hit by a cyber attack. Black…

DNS
23
Apr
2023

Decoy Dog malware toolkit found after analyzing 70 billion DNS queries

A new enterprise-targeting malware toolkit called ‘Decoy Dog’ has been discovered after inspecting anomalous DNS traffic that is distinctive from…

Hackers can breach networks using data on resold corporate routers
23
Apr
2023

Hackers can breach networks using data on resold corporate routers

Enterprise-level network equipment on the secondary market hide sensitive data that hackers could use to breach corporate environments or to…

Bumblebee over fire
22
Apr
2023

Google ads push BumbleBee malware used by ransomware gangs

The enterprise-targeting Bumblebee malware is distributed through Google Ads and SEO poisoning that promote popular software like Zoom, Cisco AnyConnect,…

Evil hacker
22
Apr
2023

EvilExtractor malware activity spikes in Europe and the U.S.

Researchers are seeing a rise in attacks spreading the EvilExtractor data theft tool, used to steal users’ sensitive data in…

GitHub
22
Apr
2023

GitHub now allows enabling private vulnerability reporting at scale

GitHub announced that private vulnerability reporting is now generally available and can be enabled at scale, on all repositories belonging…

macOS logo with storms in the background
21
Apr
2023

The Week in Ransomware – April 21st 2023

A lot of news broke this week related to ransomware, with the discovery of LockBit testing macOS encryptors to an…

Power lines
21
Apr
2023

Critical infrastructure also hit by supply chain attack behind 3CX breach

The X_Trader software supply chain attack that led to last month’s 3CX breach has also impacted at least several critical…

Google Cloud Platform
21
Apr
2023

GhostToken GCP flaw let attackers backdoor Google accounts

Google has addressed a Cloud Platform (GCP) security vulnerability impacting all users and allowing attackers to backdoor their accounts using…