Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Microsoft Denies Link Between Windows Update and SSD/HDD Failures

2025-08-30
Microsoft Denies Link Between Windows Update and SSD/HDD Failures

Users reported SSD and HDD failures and data corruption after installing August's Windows 11 24H2 security update. Microsoft investigated and found no connection between the update and the reported issues. However, they advise users with drives over 60% full to avoid writing large files. Microsoft is collaborating with storage device partners to investigate further. Affected drives reportedly include those from Corsair, SanDisk, and Kioxia, with issues primarily occurring during heavy write operations. While some drives recovered after restarting, others remained inaccessible.

Read more
(www.bleepingcomputer.com)
Tech HDD failure

FTC Warns Big Tech: Don't Sacrifice Data Security for Foreign Governments

2025-08-26
FTC Warns Big Tech: Don't Sacrifice Data Security for Foreign Governments

The FTC chairman, Andrew N. Ferguson, sent a letter to major US tech companies, including Google, Apple, and Microsoft, warning against complying with foreign government demands that weaken data security, compromise encryption, or censor content. Ferguson stressed that weakening security at a foreign government's request, especially without user notification, violates the FTC Act and exposes companies to legal action. He specifically cited the EU's Digital Services Act and the UK's Online Safety Act as examples. The FTC warns these laws undermine American users' freedom and data security, reminding companies of their obligations under the FTC Act regarding data security and privacy. The letter follows recent events like Apple's temporary removal of iCloud end-to-end encryption in the UK, which was later reversed.

Read more
(www.bleepingcomputer.com)
Tech

Colt Telecom Suffers Data Breach: Warlock Ransomware Gang Demands $200,000

2025-08-23
Colt Telecom Suffers Data Breach: Warlock Ransomware Gang Demands $200,000

UK telecommunications company Colt Technology Services has confirmed a data breach, with the Warlock ransomware gang auctioning off stolen customer data on the dark web. The gang claims to possess 1 million documents, including financial information, network architecture data, and customer details, for a price tag of $200,000. Colt has issued a security advisory and offers customers a list of leaked filenames. The attack exploited a SharePoint vulnerability, highlighting significant cybersecurity risks.

Read more
(www.bleepingcomputer.com)
Tech

Ex-Dev Imprisoned for Sabotaging Ex-Employer's Network with Kill Switch

2025-08-22
Ex-Dev Imprisoned for Sabotaging Ex-Employer's Network with Kill Switch

Davis Lu, 55, was sentenced to four years in prison for sabotaging his former employer's Windows network. After being terminated, Lu activated malicious code he'd secretly embedded, causing system crashes and locking out thousands of users via a kill switch. He also deleted encrypted data from his company laptop. The act resulted in significant financial losses for the Ohio-based company. He was found guilty of intentionally damaging protected computers and will serve three years of supervised release following his prison sentence.

Read more
(www.bleepingcomputer.com)
Development

CISA Releases Open-Source Malware Analysis Platform: Thorium

2025-08-01
CISA Releases Open-Source Malware Analysis Platform: Thorium

The Cybersecurity and Infrastructure Security Agency (CISA) has released Thorium, an open-source platform for malware and forensic analysis. Developed in partnership with Sandia National Labs, Thorium automates many tasks in cyberattack investigations, boasting impressive scalability (over 1700 jobs/second, 10 million files/hour per group). It integrates commercial, open-source, and custom tools, supporting software analysis, digital forensics, and incident response. This release follows CISA's previous initiatives, including the Eviction Strategies Tool and Malware Next-Gen analysis system, all aimed at bolstering cybersecurity defenses.

Read more
(www.bleepingcomputer.com)
Tech open-source platform

Saint Paul Hit by Crippling Cyberattack; National Guard Deployed

2025-07-30
Saint Paul Hit by Crippling Cyberattack; National Guard Deployed

Saint Paul, Minnesota's capital city, suffered a major cyberattack that disrupted online services, including online payments and some library and recreation center services. The attack, which lasted through the weekend, overwhelmed the city's and commercial cybersecurity firms' response capabilities. Governor Walz activated the National Guard's cybersecurity forces to assist in investigation and service restoration, ensuring the continuity of essential city services. This incident highlights the cybersecurity risks facing municipal infrastructure and the challenges of responding to large-scale cyberattacks.

Read more
(www.bleepingcomputer.com)
Tech National Guard

UK to Ban Ransom Payments for Public Sector and Critical Infrastructure

2025-07-23
UK to Ban Ransom Payments for Public Sector and Critical Infrastructure

The UK government plans to ban public sector and critical infrastructure organizations from paying ransoms following ransomware attacks. This includes local councils, schools, and the NHS. The ban aims to disrupt the cybercriminal business model and protect vital services. Businesses outside the ban will need to report potential ransom payments. A mandatory reporting system will aid law enforcement in tracking attackers and supporting victims. This follows a public consultation highlighting ransomware as a major national security threat, exemplified by recent attacks on organizations like Marks & Spencer and the Co-op.

Read more
(www.bleepingcomputer.com)
Tech

Qantas Data Breach Impacts 5.7 Million Customers

2025-07-11
Qantas Data Breach Impacts 5.7 Million Customers

Australian airline Qantas confirmed a data breach affecting approximately 5.7 million customers. The breach, stemming from a cyberattack on a third-party platform, exposed varying levels of personal information, including names, email addresses, and Qantas Frequent Flyer details. For some, address, date of birth, and phone numbers were also compromised. Qantas is contacting affected customers and implementing enhanced security measures. The attack bears similarities to recent attacks on other airlines, linked to the 'Scattered Spider' threat actors known for social engineering and extortion.

Read more
(www.bleepingcomputer.com)
Tech Qantas

Critical: Local Privilege Escalation Vulnerabilities Found in Linux

2025-06-23
Critical: Local Privilege Escalation Vulnerabilities Found in Linux

Two newly discovered local privilege escalation (LPE) vulnerabilities allow attackers to gain root privileges on systems running major Linux distributions. The first flaw (CVE-2025-6018) resides in the PAM framework configuration on openSUSE Leap 15 and SUSE Linux Enterprise 15, granting local attackers 'allow_active' user privileges. The second (CVE-2025-6019), found in libblockdev, allows an 'allow_active' user to gain root via the udisks daemon. Qualys TRU has developed proof-of-concept exploits, successfully achieving root on Ubuntu, Debian, Fedora, and openSUSE Leap 15. Immediate patching is crucial.

Read more
(www.bleepingcomputer.com)
Development Linux vulnerability local privilege escalation

Over 1 Million IoT Devices Infected by BADBOX 2.0 Malware

2025-06-06
Over 1 Million IoT Devices Infected by BADBOX 2.0 Malware

The FBI warns that over 1 million home internet-connected devices have been infected by the BADBOX 2.0 malware campaign, turning consumer electronics into residential proxies for malicious activities. The botnet, primarily found on Chinese-made Android smart TVs and other IoT devices, infects devices either through pre-installed malware or malicious apps. BADBOX 2.0 capabilities include residential proxy networks, ad fraud, and credential stuffing. Despite previous disruption attempts by German authorities, the botnet rapidly resurfaced, spreading across 222 countries and territories, impacting Brazil and the US most significantly. A joint operation by HUMAN, Google, and others disrupted the botnet again, but users are advised to remain vigilant, avoid unofficial app stores, and keep their devices updated.

Read more
(www.bleepingcomputer.com)
Tech

Adidas Suffers Another Data Breach: Customer Data Stolen

2025-05-27
Adidas Suffers Another Data Breach: Customer Data Stolen

Sporting giant Adidas has announced another data breach affecting its customers. Attackers compromised a third-party customer service provider, stealing some customer data. Adidas assures that payment information and passwords were not compromised. This is the latest in a series of data breaches for Adidas, following previous incidents involving customers in Turkey, South Korea, and its US website. Adidas has launched an investigation and notified authorities, but the exact number of affected individuals and further details remain undisclosed, raising fresh concerns about data security.

Read more
(www.bleepingcomputer.com)
Tech Adidas

Moscow's Mandatory Tracking App for Foreign Nationals

2025-05-22
Moscow's Mandatory Tracking App for Foreign Nationals

A new Russian law mandates that all foreign nationals in the Moscow region install a tracking app. This app collects residence location, fingerprints, facial photographs, and real-time geolocation data. While presented as a crime-fighting measure targeting migrant crime, the law has sparked privacy concerns. Critics argue it violates Russia's constitutional right to privacy and may deter potential labor migrants. The mass-surveillance experiment runs until September 2029, with potential expansion nationwide if deemed successful.

Read more
(www.bleepingcomputer.com)
Tech

FBI Warns of AI-Powered Voice Phishing Targeting US Officials

2025-05-16
FBI Warns of AI-Powered Voice Phishing Targeting US Officials

The FBI issued a warning about cybercriminals using AI-generated audio deepfakes to impersonate high-ranking US officials in voice phishing attacks since April. Attackers employ smishing and vishing tactics, sending text and AI-generated voice messages to build rapport before tricking victims into clicking malicious links. This compromises accounts, granting access to contact information of other officials, leading to further social engineering attacks for sensitive data theft or fund transfers. This follows previous warnings and incidents highlighting the increasing use of sophisticated deepfakes in cybercrime.

Read more
(www.bleepingcomputer.com)
Tech

Microsoft Teams to Block Meeting Screenshots for Enhanced Security

2025-05-10
Microsoft Teams to Block Meeting Screenshots for Enhanced Security

Microsoft is rolling out a new Teams feature in July 2025 to prevent users from capturing screenshots of sensitive information shared during meetings. This functionality will be available on Windows and Mac desktops, and iOS and Android mobile apps. Unsupported platforms will default to audio-only mode. While screenshots are blocked, users could still capture sensitive information by taking photos. This mirrors a recent similar feature introduced by Meta for WhatsApp. Microsoft also plans to release additional Teams features, including audio summaries of meeting transcripts.

Read more
(www.bleepingcomputer.com)
Tech Screenshot Prevention

20-Year-Old Botnet Taking Down Thousands of Routers Crushed

2025-05-10
20-Year-Old Botnet Taking Down Thousands of Routers Crushed

Law enforcement agencies have dismantled a massive botnet that operated for two decades, infecting thousands of routers worldwide and creating two residential proxy networks: Anyproxy and 5socks. Four individuals from Russia and Kazakhstan were indicted for their roles in operating and profiting from these illegal services, raking in over $46 million. The botnet exploited vulnerabilities in outdated routers, providing anonymity for various cybercrimes including ad fraud and DDoS attacks. The takedown, a joint operation involving the US, Netherlands, Thailand and others, highlights the growing global cooperation in combating cybercrime.

Read more
(www.bleepingcomputer.com)
Tech

Pearson Education Giant Suffers Massive Data Breach

2025-05-09
Pearson Education Giant Suffers Massive Data Breach

Global education giant Pearson experienced a significant cyberattack resulting in the theft of a large amount of corporate data and customer information. Attackers exploited an exposed GitLab Personal Access Token (PAT) to breach Pearson's developer environment, gaining access to credentials for cloud platforms like AWS, Google Cloud, and Snowflake. This allowed them to steal terabytes of data, including customer information, financial data, and source code. While Pearson claims the stolen data was mostly "legacy data," they refuse to provide specifics, raising concerns. The incident highlights the critical need to secure .git/config files and avoid embedding credentials in remote URLs.

Read more
(www.bleepingcomputer.com)
Tech

SK Telecom Data Breach: 25 Million Users Offered Free SIM Replacements

2025-04-29
SK Telecom Data Breach: 25 Million Users Offered Free SIM Replacements

South Korea's largest mobile carrier, SK Telecom, experienced a USIM data breach affecting potentially 25 million users. While names and financial information were not compromised, the breach poses a risk of SIM swapping attacks. SK Telecom is offering free SIM card replacements, but due to limited inventory, only 6 million replacements are available until May. Enhanced fraud detection systems are in place, and users are encouraged to pre-book online replacements.

Read more
(www.bleepingcomputer.com)
Tech SIM swapping

Windows Security Update Creates Vulnerability: 'inetpub' Folder Blocks Future Updates

2025-04-27
Windows Security Update Creates Vulnerability: 'inetpub' Folder Blocks Future Updates

A recent Windows security update introduced a new vulnerability. The update creates an 'inetpub' folder, intended to fix CVE-2025-21204. However, security researcher Kevin Beaumont discovered that this folder can be abused. By creating a junction pointing to another file, attackers can prevent future Windows updates from installing, resulting in a 0x800F081F error. Microsoft is aware of the issue but currently rates it as medium severity and doesn't plan to immediately fix it.

Read more
(www.bleepingcomputer.com)
Tech Windows security update

Critical Apache Parquet RCE Vulnerability Discovered (CVE-2025-30065)

2025-04-06
Critical Apache Parquet RCE Vulnerability Discovered (CVE-2025-30065)

A critical remote code execution (RCE) vulnerability (CVE-2025-30065), with a CVSS score of 10.0, has been found in Apache Parquet versions up to and including 1.15.0. Attackers can exploit this flaw by using specially crafted Parquet files to gain control of systems. This affects a wide range of big data platforms, including Hadoop, AWS, and is used by companies like Netflix and Uber. Version 1.15.1 patches this issue; immediate upgrade is recommended. While no active exploitation has been reported, the risk is high due to the severity and widespread use of Parquet.

Read more
(www.bleepingcomputer.com)
Tech RCE vulnerability Big Data Security

Microsoft's AI Copilot Uncovers 20 Zero-Day Vulnerabilities in Bootloaders

2025-04-05
Microsoft's AI Copilot Uncovers 20 Zero-Day Vulnerabilities in Bootloaders

Microsoft's AI-powered Security Copilot unearthed 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders. These flaws, ranging from buffer overflows and integer overflows to side-channel attacks, could allow attackers to bypass security protections and execute arbitrary code, potentially installing stealthy bootkits. While exploitation may require physical access, the possibility remains a concern. Patches have been released; users are urged to update immediately.

Read more
(www.bleepingcomputer.com)
Tech

Easy Bypass for Windows 11's Microsoft Account Requirement

2025-04-03
Easy Bypass for Windows 11's Microsoft Account Requirement

Microsoft is pushing for Microsoft account usage in Windows 11, but a newly discovered trick makes bypassing it easy. Previously, Microsoft removed the 'BypassNRO.cmd' script, but registry edits still worked. Now, a simpler method exists: during Windows 11 setup, press Shift+F10 to open a command prompt, type "start ms-cxh:localonly", and press Enter to create a local account, skipping the Microsoft account login. This method, being directly integrated into the system, is likely harder for Microsoft to remove than the previous script-based approach.

Read more
(www.bleepingcomputer.com)
Development Local Account

Critical Ubuntu User Namespace Bypass Exploits Discovered

2025-03-29
Critical Ubuntu User Namespace Bypass Exploits Discovered

Qualys researchers have uncovered three critical security bypasses in Ubuntu 23.10 and 24.04's unprivileged user namespace restrictions. These bypasses, leveraging the aa-exec tool, busybox shell, and LD_PRELOAD technique, allow local attackers to create user namespaces with full administrative privileges, potentially exploiting kernel vulnerabilities. Canonical acknowledges these as limitations of their AppArmor defense, not vulnerabilities, and recommends administrative hardening steps such as enabling kernel.apparmor_restrict_unprivileged_unconfined=1 to mitigate the risks.

Read more
(www.bleepingcomputer.com)
Development

Microsoft's New Office Startup Booster: Faster Loading, But With a Catch

2025-03-27
Microsoft's New Office Startup Booster: Faster Loading, But With a Catch

Microsoft is rolling out a new Windows scheduled task called 'Startup Boost' in May to speed up Office app loading. This background task preloads performance enhancements but only runs on systems with 8GB RAM and 5GB free disk space, disabling automatically in Energy Saver mode. Users can disable it in Office settings, but the Office installer re-enables it with each update. While designed to improve launch times, its automatic re-enablement might annoy some users.

Read more
(www.bleepingcomputer.com)
Development Windows Scheduled Task

Oracle Cloud Breach: 6 Million User Data Allegedly Compromised

2025-03-26
Oracle Cloud Breach: 6 Million User Data Allegedly Compromised

Cybersecurity firm BleepingComputer reports a hacker claiming to have breached Oracle Cloud servers, stealing authentication data for 6 million users. Oracle denies a breach, but BleepingComputer has confirmed the validity of data samples from multiple affected companies. The hacker released databases, LDAP data, and over 140,000 allegedly compromised domains. Investigations suggest exploitation of a vulnerability (CVE-2021-35587) in Oracle Fusion Middleware 11g. Despite Oracle's denial, evidence points to a significant security lapse, raising concerns about Oracle Cloud security.

Read more
(www.bleepingcomputer.com)
Tech Cybersecurity Vulnerability

Urgent: Update Your Firefox Browser Before March 14th!

2025-03-13
Urgent: Update Your Firefox Browser Before March 14th!

Mozilla is urging Firefox users to update their browsers to version 128 or later (or ESR 115.13 or later) before March 14th, 2025, to avoid significant security risks. A critical root certificate is expiring, rendering add-ons unusable and potentially exposing users to malicious add-ons, fraudulent websites, and compromised password alerts. Failure to update could lead to severe performance issues and security vulnerabilities. The update affects Windows, Android, Linux, and macOS users, but not iOS. While older versions might still function, Mozilla strongly advises updating for optimal security and performance.

Read more
(www.bleepingcomputer.com)
Tech

Windows Update Bricking USB Printers: Random Text Mayhem

2025-03-13
Windows Update Bricking USB Printers: Random Text Mayhem

Microsoft has acknowledged that recent Windows updates (KB5050092 and later, released since January 29th, 2025) are causing some dual-mode USB printers (supporting both USB Print and IPP over USB) to print random gibberish. This includes network commands and unusual characters. Windows 10 22H2 and Windows 11 22H2/23H2 are affected; Windows 11 24H2 is not. Microsoft has fixed this via Known Issue Rollback (KIR), and the fix will also automatically roll out in a future update. For enterprise environments, IT admins need to install and configure specific group policies to resolve the issue on affected devices.

Read more
(www.bleepingcomputer.com)
Hardware Windows Update USB Printer

Massive ESP32 Chip Flaw: Undocumented Backdoor Found in Over 1 Billion Devices

2025-03-08
Massive ESP32 Chip Flaw: Undocumented Backdoor Found in Over 1 Billion Devices

Researchers have uncovered a critical vulnerability in the widely used ESP32 microchip, affecting over a billion devices. 29 undocumented commands act as a backdoor, enabling attackers to spoof trusted devices, access data without authorization, pivot to other network devices, and establish persistent access. This vulnerability poses significant risks to IoT security, particularly when combined with existing root access or malicious firmware. The discovery, made by Tarlogic Security using a newly developed cross-platform Bluetooth driver, highlights the importance of comprehensive security testing in widely deployed hardware. Espressif, the manufacturer, has yet to publicly comment.

Read more
(www.bleepingcomputer.com)
Tech Backdoor Vulnerability

Urgent: CISA Warns of Actively Exploited Cisco and Windows Vulnerabilities

2025-03-04
Urgent: CISA Warns of Actively Exploited Cisco and Windows Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive warning federal agencies about actively exploited vulnerabilities in Cisco and Windows systems. CVE-2023-20118 affects Cisco RV series VPN routers, allowing remote code execution. CVE-2018-8639, a Windows elevation of privilege flaw, also enables arbitrary code execution. CISA added these to its Known Exploited Vulnerabilities catalog, mandating remediation by March 23rd for federal agencies. This highlights the critical need for prompt patching to mitigate sophisticated cyberattacks.

Read more
(www.bleepingcomputer.com)
Tech system security

Australia Bans Kaspersky Lab Products Over Security Concerns

2025-02-27
Australia Bans Kaspersky Lab Products Over Security Concerns

The Australian government has banned all Kaspersky Lab products and web services from its systems, citing unacceptable security risks related to foreign interference, espionage, and sabotage. Kaspersky denies these allegations, claiming the ban lacks specific evidence and is politically motivated. This follows similar bans in the US, Germany, and Canada, reflecting a broader trend of Western nations restricting Kaspersky's access to government systems.

Read more
(www.bleepingcomputer.com)
Tech Kaspersky

WinRAR 7.10 Released: Dark Mode and Enhanced Privacy

2025-02-21
WinRAR 7.10 Released: Dark Mode and Enhanced Privacy

WinRAR 7.10 has been released, boasting numerous improvements including larger memory pages for performance boosts, a much-requested dark mode, and a redesigned settings interface. A standout feature is its enhanced privacy controls. Users can now fine-tune how information from the Mark-of-the-Web (MoTW) is propagated, with a default setting that only retains the security zone value, stripping potentially revealing URLs and IP addresses from extracted files. While this might impact digital forensics, it's a welcome addition for privacy-conscious users.

Read more
(www.bleepingcomputer.com)
Hardware
← Previous 1