Microsoft rushes to register Autodiscover domains leaking credentials
Microsoft is rushing to register Internet domains used to steal Windows credentials sent from faulty implementations of the Microsoft Exchange Autodiscover protocol. [...]
Showing only posts by Lawrence Abrams. Show all posts.
Second farming cooperative shut down by ransomware this week
Minnesota farming supply cooperative Crystal Valley has suffered a ransomware attack, making it the second farming cooperative attacked this weekend. [...]
Microsoft Exchange Autodiscover bugs leak 100K Windows credentials
Bugs in the implementation of Microsoft Exchange's Autodiscover feature have leaked approximately 100,000 login names and passwords for Windows domains worldwide. [...]
How to fix the Windows 0x0000011b network printing error
A Windows security update released in January and now fully enforced this month is causing Windows users to experience 0x0000011b errors when printing to network printers. [...]
US farmer cooperative hit by $5.9M BlackMatter ransomware attack
U.S. farmers cooperative NEW Cooperative has suffered a BlackMatter ransomware attack demanding $5.9 million not to leak stolen data and provide a decryptor. [...]
VoIP.ms phone services disrupted by DDoS extortion attack
Threat actors are targeting voice-over-Internet provider VoIP.ms with a DDoS attack and extorting the company to stop the assault that's severely disrupting the company's operation. [...]
New "Elon Musk Club" crypto giveaway scam promoted via email
A new Elon Musk-themed cryptocurrency giveaway scam called the "Elon Musk Mutual Aid Fund" or "Elon Musk Club" is being promoted through spam email campaigns that started over the past few weeks. [...]
The Week in Ransomware - September 17th 2021 - REvil decrypted
It has been an interesting week with decryptors released, ransomware gangs continuing to rail against negotiators, and the US government expected to sanction crypto exchanges next week. [...]
U.S. to sanction crypto exchanges, wallets used by ransomware
The Biden administration is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware gangs to convert ransom payments into fiat money. [...]
New Windows security updates break network printing
Windows administrators report wide-scale network printing problems after installing this week's September 2021 Patch Tuesday security updates. [...]
Free REvil ransomware master decrypter released for past victims
A free master decryptor for the REvil ransomware operation has been released, allowing all victims encrypted before the gang disappeared to recover their files for free. [...]
Ransomware gang threatens to wipe decryption key if negotiator hired
The Grief ransomware gang is threatening to delete victim's decryption keys if they hire a negotiation firm, making it impossible to recover encrypted files. [...]
Kali Linux 2021.3 released with new pentest tools, improvements
Kali Linux 2021.3 was released yesterday by Offensive Security and includes a new set of tools, improved virtualization support, and a new OpenSSL configuration that increases the attack surface. [...]
Microsoft fixes remaining Windows PrintNightmare vulnerabilities
Microsoft has released a security update to fix the last remaining PrintNightmare zero-day vulnerabilities that allowed attackers to gain administrative privileges on Windows devices quickly. [...]
Microsoft September 2021 Patch Tuesday fixes 2 zero-days, 60 flaws
Today is Microsoft's September 2021 Patch Tuesday, and with it comes fixes for two zero-day vulnerabilities and a total of 61 flaws. [...]
Google patches 10th Chrome zero-day exploited in the wild this year
Google has released Chrome 93.0.4577.82 for Windows, Mac, and Linux to fix eleven security vulnerabilities, two of them being zero-days exploited in the wild. [...]
Apple fixes iOS zero-day used to deploy NSO iPhone spyware
Apple has released security updates to fix two zero-day vulnerabilities that have been seen exploited in the wild to attack iPhones and Macs. One is known to be used to install the Pegasus spyware on iPhones. [...]
Windows MSHTML zero-day exploits shared on hacking forums
Threat actors are sharing working Windows CVE-2021-40444 MSHTML zero-day exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks. [...]
REvil ransomware is back in full attack mode and leaking data
The REvil ransomware gang has fully returned and is once again attacking new victims and publishing stolen files on a data leak site. [...]
The Week in Ransomware - September 10th 2021 - REvil returns
This week marked the return of the notorious REvil ransomware group, who disappeared in July after conducting a massive attack using a Kaseya zero-day vulnerability. [...]
MyRepublic discloses data breach exposing government ID cards
MyRepublic Singapore has disclosed a data breach exposing the personal information of approximately 80,000 mobile subscribers. [...]
Windows MSHTML zero-day defenses bypassed as new info emerges
New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor's ultimate goal of taking over corporate networks. [...]
Ukrainian extradited for selling 2,000 stolen logins per week
The US Department of Justice has indicted a Ukrainian man for using a malware botnet to brute force computer logon credentials and then selling them on a criminal remote access marketplace. [...]
Hackers leak passwords for 500,000 Fortinet VPN accounts
A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. [...]
REvil ransomware's servers mysteriously come back online
The dark web servers for the REvil ransomware operation have suddenly turned back on after an almost two-month absence. It is unclear if this marks their ransomware gang's return or the servers being turned on by law enforcement. [...]
« newer articles | page 33 | older articles »