Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Over 1 Million IoT Devices Infected by BADBOX 2.0 Malware

2025-06-06
Over 1 Million IoT Devices Infected by BADBOX 2.0 Malware

The FBI warns that over 1 million home internet-connected devices have been infected by the BADBOX 2.0 malware campaign, turning consumer electronics into residential proxies for malicious activities. The botnet, primarily found on Chinese-made Android smart TVs and other IoT devices, infects devices either through pre-installed malware or malicious apps. BADBOX 2.0 capabilities include residential proxy networks, ad fraud, and credential stuffing. Despite previous disruption attempts by German authorities, the botnet rapidly resurfaced, spreading across 222 countries and territories, impacting Brazil and the US most significantly. A joint operation by HUMAN, Google, and others disrupted the botnet again, but users are advised to remain vigilant, avoid unofficial app stores, and keep their devices updated.

Read more
(www.bleepingcomputer.com)
Tech

Adidas Suffers Another Data Breach: Customer Data Stolen

2025-05-27
Adidas Suffers Another Data Breach: Customer Data Stolen

Sporting giant Adidas has announced another data breach affecting its customers. Attackers compromised a third-party customer service provider, stealing some customer data. Adidas assures that payment information and passwords were not compromised. This is the latest in a series of data breaches for Adidas, following previous incidents involving customers in Turkey, South Korea, and its US website. Adidas has launched an investigation and notified authorities, but the exact number of affected individuals and further details remain undisclosed, raising fresh concerns about data security.

Read more
(www.bleepingcomputer.com)
Tech Adidas

Moscow's Mandatory Tracking App for Foreign Nationals

2025-05-22
Moscow's Mandatory Tracking App for Foreign Nationals

A new Russian law mandates that all foreign nationals in the Moscow region install a tracking app. This app collects residence location, fingerprints, facial photographs, and real-time geolocation data. While presented as a crime-fighting measure targeting migrant crime, the law has sparked privacy concerns. Critics argue it violates Russia's constitutional right to privacy and may deter potential labor migrants. The mass-surveillance experiment runs until September 2029, with potential expansion nationwide if deemed successful.

Read more
(www.bleepingcomputer.com)
Tech

FBI Warns of AI-Powered Voice Phishing Targeting US Officials

2025-05-16
FBI Warns of AI-Powered Voice Phishing Targeting US Officials

The FBI issued a warning about cybercriminals using AI-generated audio deepfakes to impersonate high-ranking US officials in voice phishing attacks since April. Attackers employ smishing and vishing tactics, sending text and AI-generated voice messages to build rapport before tricking victims into clicking malicious links. This compromises accounts, granting access to contact information of other officials, leading to further social engineering attacks for sensitive data theft or fund transfers. This follows previous warnings and incidents highlighting the increasing use of sophisticated deepfakes in cybercrime.

Read more
(www.bleepingcomputer.com)
Tech

Microsoft Teams to Block Meeting Screenshots for Enhanced Security

2025-05-10
Microsoft Teams to Block Meeting Screenshots for Enhanced Security

Microsoft is rolling out a new Teams feature in July 2025 to prevent users from capturing screenshots of sensitive information shared during meetings. This functionality will be available on Windows and Mac desktops, and iOS and Android mobile apps. Unsupported platforms will default to audio-only mode. While screenshots are blocked, users could still capture sensitive information by taking photos. This mirrors a recent similar feature introduced by Meta for WhatsApp. Microsoft also plans to release additional Teams features, including audio summaries of meeting transcripts.

Read more
(www.bleepingcomputer.com)
Tech Screenshot Prevention

20-Year-Old Botnet Taking Down Thousands of Routers Crushed

2025-05-10
20-Year-Old Botnet Taking Down Thousands of Routers Crushed

Law enforcement agencies have dismantled a massive botnet that operated for two decades, infecting thousands of routers worldwide and creating two residential proxy networks: Anyproxy and 5socks. Four individuals from Russia and Kazakhstan were indicted for their roles in operating and profiting from these illegal services, raking in over $46 million. The botnet exploited vulnerabilities in outdated routers, providing anonymity for various cybercrimes including ad fraud and DDoS attacks. The takedown, a joint operation involving the US, Netherlands, Thailand and others, highlights the growing global cooperation in combating cybercrime.

Read more
(www.bleepingcomputer.com)
Tech

Pearson Education Giant Suffers Massive Data Breach

2025-05-09
Pearson Education Giant Suffers Massive Data Breach

Global education giant Pearson experienced a significant cyberattack resulting in the theft of a large amount of corporate data and customer information. Attackers exploited an exposed GitLab Personal Access Token (PAT) to breach Pearson's developer environment, gaining access to credentials for cloud platforms like AWS, Google Cloud, and Snowflake. This allowed them to steal terabytes of data, including customer information, financial data, and source code. While Pearson claims the stolen data was mostly "legacy data," they refuse to provide specifics, raising concerns. The incident highlights the critical need to secure .git/config files and avoid embedding credentials in remote URLs.

Read more
(www.bleepingcomputer.com)
Tech

SK Telecom Data Breach: 25 Million Users Offered Free SIM Replacements

2025-04-29
SK Telecom Data Breach: 25 Million Users Offered Free SIM Replacements

South Korea's largest mobile carrier, SK Telecom, experienced a USIM data breach affecting potentially 25 million users. While names and financial information were not compromised, the breach poses a risk of SIM swapping attacks. SK Telecom is offering free SIM card replacements, but due to limited inventory, only 6 million replacements are available until May. Enhanced fraud detection systems are in place, and users are encouraged to pre-book online replacements.

Read more
(www.bleepingcomputer.com)
Tech SIM swapping

Windows Security Update Creates Vulnerability: 'inetpub' Folder Blocks Future Updates

2025-04-27
Windows Security Update Creates Vulnerability: 'inetpub' Folder Blocks Future Updates

A recent Windows security update introduced a new vulnerability. The update creates an 'inetpub' folder, intended to fix CVE-2025-21204. However, security researcher Kevin Beaumont discovered that this folder can be abused. By creating a junction pointing to another file, attackers can prevent future Windows updates from installing, resulting in a 0x800F081F error. Microsoft is aware of the issue but currently rates it as medium severity and doesn't plan to immediately fix it.

Read more
(www.bleepingcomputer.com)
Tech Windows security update

Critical Apache Parquet RCE Vulnerability Discovered (CVE-2025-30065)

2025-04-06
Critical Apache Parquet RCE Vulnerability Discovered (CVE-2025-30065)

A critical remote code execution (RCE) vulnerability (CVE-2025-30065), with a CVSS score of 10.0, has been found in Apache Parquet versions up to and including 1.15.0. Attackers can exploit this flaw by using specially crafted Parquet files to gain control of systems. This affects a wide range of big data platforms, including Hadoop, AWS, and is used by companies like Netflix and Uber. Version 1.15.1 patches this issue; immediate upgrade is recommended. While no active exploitation has been reported, the risk is high due to the severity and widespread use of Parquet.

Read more
(www.bleepingcomputer.com)
Tech RCE vulnerability Big Data Security

Microsoft's AI Copilot Uncovers 20 Zero-Day Vulnerabilities in Bootloaders

2025-04-05
Microsoft's AI Copilot Uncovers 20 Zero-Day Vulnerabilities in Bootloaders

Microsoft's AI-powered Security Copilot unearthed 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders. These flaws, ranging from buffer overflows and integer overflows to side-channel attacks, could allow attackers to bypass security protections and execute arbitrary code, potentially installing stealthy bootkits. While exploitation may require physical access, the possibility remains a concern. Patches have been released; users are urged to update immediately.

Read more
(www.bleepingcomputer.com)
Tech

Easy Bypass for Windows 11's Microsoft Account Requirement

2025-04-03
Easy Bypass for Windows 11's Microsoft Account Requirement

Microsoft is pushing for Microsoft account usage in Windows 11, but a newly discovered trick makes bypassing it easy. Previously, Microsoft removed the 'BypassNRO.cmd' script, but registry edits still worked. Now, a simpler method exists: during Windows 11 setup, press Shift+F10 to open a command prompt, type "start ms-cxh:localonly", and press Enter to create a local account, skipping the Microsoft account login. This method, being directly integrated into the system, is likely harder for Microsoft to remove than the previous script-based approach.

Read more
(www.bleepingcomputer.com)
Development Local Account

Critical Ubuntu User Namespace Bypass Exploits Discovered

2025-03-29
Critical Ubuntu User Namespace Bypass Exploits Discovered

Qualys researchers have uncovered three critical security bypasses in Ubuntu 23.10 and 24.04's unprivileged user namespace restrictions. These bypasses, leveraging the aa-exec tool, busybox shell, and LD_PRELOAD technique, allow local attackers to create user namespaces with full administrative privileges, potentially exploiting kernel vulnerabilities. Canonical acknowledges these as limitations of their AppArmor defense, not vulnerabilities, and recommends administrative hardening steps such as enabling kernel.apparmor_restrict_unprivileged_unconfined=1 to mitigate the risks.

Read more
(www.bleepingcomputer.com)
Development

Microsoft's New Office Startup Booster: Faster Loading, But With a Catch

2025-03-27
Microsoft's New Office Startup Booster: Faster Loading, But With a Catch

Microsoft is rolling out a new Windows scheduled task called 'Startup Boost' in May to speed up Office app loading. This background task preloads performance enhancements but only runs on systems with 8GB RAM and 5GB free disk space, disabling automatically in Energy Saver mode. Users can disable it in Office settings, but the Office installer re-enables it with each update. While designed to improve launch times, its automatic re-enablement might annoy some users.

Read more
(www.bleepingcomputer.com)
Development Windows Scheduled Task

Oracle Cloud Breach: 6 Million User Data Allegedly Compromised

2025-03-26
Oracle Cloud Breach: 6 Million User Data Allegedly Compromised

Cybersecurity firm BleepingComputer reports a hacker claiming to have breached Oracle Cloud servers, stealing authentication data for 6 million users. Oracle denies a breach, but BleepingComputer has confirmed the validity of data samples from multiple affected companies. The hacker released databases, LDAP data, and over 140,000 allegedly compromised domains. Investigations suggest exploitation of a vulnerability (CVE-2021-35587) in Oracle Fusion Middleware 11g. Despite Oracle's denial, evidence points to a significant security lapse, raising concerns about Oracle Cloud security.

Read more
(www.bleepingcomputer.com)
Tech Cybersecurity Vulnerability

Urgent: Update Your Firefox Browser Before March 14th!

2025-03-13
Urgent: Update Your Firefox Browser Before March 14th!

Mozilla is urging Firefox users to update their browsers to version 128 or later (or ESR 115.13 or later) before March 14th, 2025, to avoid significant security risks. A critical root certificate is expiring, rendering add-ons unusable and potentially exposing users to malicious add-ons, fraudulent websites, and compromised password alerts. Failure to update could lead to severe performance issues and security vulnerabilities. The update affects Windows, Android, Linux, and macOS users, but not iOS. While older versions might still function, Mozilla strongly advises updating for optimal security and performance.

Read more
(www.bleepingcomputer.com)
Tech

Windows Update Bricking USB Printers: Random Text Mayhem

2025-03-13
Windows Update Bricking USB Printers: Random Text Mayhem

Microsoft has acknowledged that recent Windows updates (KB5050092 and later, released since January 29th, 2025) are causing some dual-mode USB printers (supporting both USB Print and IPP over USB) to print random gibberish. This includes network commands and unusual characters. Windows 10 22H2 and Windows 11 22H2/23H2 are affected; Windows 11 24H2 is not. Microsoft has fixed this via Known Issue Rollback (KIR), and the fix will also automatically roll out in a future update. For enterprise environments, IT admins need to install and configure specific group policies to resolve the issue on affected devices.

Read more
(www.bleepingcomputer.com)
Hardware Windows Update USB Printer

Massive ESP32 Chip Flaw: Undocumented Backdoor Found in Over 1 Billion Devices

2025-03-08
Massive ESP32 Chip Flaw: Undocumented Backdoor Found in Over 1 Billion Devices

Researchers have uncovered a critical vulnerability in the widely used ESP32 microchip, affecting over a billion devices. 29 undocumented commands act as a backdoor, enabling attackers to spoof trusted devices, access data without authorization, pivot to other network devices, and establish persistent access. This vulnerability poses significant risks to IoT security, particularly when combined with existing root access or malicious firmware. The discovery, made by Tarlogic Security using a newly developed cross-platform Bluetooth driver, highlights the importance of comprehensive security testing in widely deployed hardware. Espressif, the manufacturer, has yet to publicly comment.

Read more
(www.bleepingcomputer.com)
Tech Backdoor Vulnerability

Urgent: CISA Warns of Actively Exploited Cisco and Windows Vulnerabilities

2025-03-04
Urgent: CISA Warns of Actively Exploited Cisco and Windows Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive warning federal agencies about actively exploited vulnerabilities in Cisco and Windows systems. CVE-2023-20118 affects Cisco RV series VPN routers, allowing remote code execution. CVE-2018-8639, a Windows elevation of privilege flaw, also enables arbitrary code execution. CISA added these to its Known Exploited Vulnerabilities catalog, mandating remediation by March 23rd for federal agencies. This highlights the critical need for prompt patching to mitigate sophisticated cyberattacks.

Read more
(www.bleepingcomputer.com)
Tech system security

Australia Bans Kaspersky Lab Products Over Security Concerns

2025-02-27
Australia Bans Kaspersky Lab Products Over Security Concerns

The Australian government has banned all Kaspersky Lab products and web services from its systems, citing unacceptable security risks related to foreign interference, espionage, and sabotage. Kaspersky denies these allegations, claiming the ban lacks specific evidence and is politically motivated. This follows similar bans in the US, Germany, and Canada, reflecting a broader trend of Western nations restricting Kaspersky's access to government systems.

Read more
(www.bleepingcomputer.com)
Tech Kaspersky

WinRAR 7.10 Released: Dark Mode and Enhanced Privacy

2025-02-21
WinRAR 7.10 Released: Dark Mode and Enhanced Privacy

WinRAR 7.10 has been released, boasting numerous improvements including larger memory pages for performance boosts, a much-requested dark mode, and a redesigned settings interface. A standout feature is its enhanced privacy controls. Users can now fine-tune how information from the Mark-of-the-Web (MoTW) is propagated, with a default setting that only retains the security zone value, stripping potentially revealing URLs and IP addresses from extracted files. While this might impact digital forensics, it's a welcome addition for privacy-conscious users.

Read more
(www.bleepingcomputer.com)
Hardware

Brave Browser's New Custom Scriptlets: Take Control of Your Browsing Experience

2025-02-11
Brave Browser's New Custom Scriptlets: Take Control of Your Browsing Experience

Brave Browser version 1.75 introduces 'custom scriptlets' for desktop users, allowing advanced users to inject their own JavaScript into websites for deep customization. Similar to Tampermonkey and Greasemonkey, this feature enables users to create scripts modifying website functionality. Initially developed for debugging Brave's ad blocker, its value led to its release. Custom scriptlets enhance privacy, security, and usability by blocking trackers, customizing appearance, and improving accessibility. However, caution is advised as untrusted scripts pose risks. The feature is located in `brave://settings/shields/filters` and requires enabling 'Developer mode'.

Read more
(www.bleepingcomputer.com)
Development Brave Browser Custom Scriptlets

Apple Patches Zero-Day Vulnerability Used in Sophisticated Attacks

2025-02-10
Apple Patches Zero-Day Vulnerability Used in Sophisticated Attacks

Apple has released emergency security updates to address a zero-day vulnerability (CVE-2025-24200) exploited in targeted, sophisticated attacks. The vulnerability could bypass USB Restricted Mode on locked devices, potentially allowing data extraction. This mode was designed to prevent forensic software from accessing data on locked iOS devices. Apple urges users to update immediately to mitigate potential ongoing attacks. This incident highlights the importance of regular software updates and mobile device security.

Read more
(www.bleepingcomputer.com)
Tech Apple security update zero-day vulnerability iOS security

Massive Healthcare Data Breach at Medusind Impacts 360,000+

2025-02-02
Massive Healthcare Data Breach at Medusind Impacts 360,000+

Medusind, a healthcare billing provider, disclosed a data breach affecting over 360,000 individuals. The December 2023 breach exposed sensitive information including health insurance details, payment information, medical records, government IDs, and personal data. Medusind is offering two years of free identity monitoring services to affected individuals and urging them to monitor their accounts for suspicious activity. This incident follows proposed HIPAA updates by HHS aimed at bolstering healthcare cybersecurity in response to a recent surge in major data breaches.

Read more
(www.bleepingcomputer.com)
Tech

Critical Apple CPU Side-Channel Flaws Steal Browser Data

2025-01-28
Critical Apple CPU Side-Channel Flaws Steal Browser Data

Researchers have uncovered new side-channel vulnerabilities, FLOP and SLAP, in Apple's M-series and A-series processors. These flaws allow remote attackers to steal sensitive data from web browsers via malicious websites, bypassing browser sandboxing. The vulnerabilities stem from faulty speculative execution, exploiting the CPU's mispredictions to leak information like emails, location history, and more. Apple is aware and plans to address the issue, but patches aren't yet available. Disabling JavaScript is a temporary mitigation, but impacts website functionality.

Read more
(www.bleepingcomputer.com)
Tech Apple CPU Side-channel attack Security vulnerability

Pwn2Own Automotive 2025: Hackers Awarded $886,250 for 49 Zero-Days

2025-01-27
Pwn2Own Automotive 2025: Hackers Awarded $886,250 for 49 Zero-Days

The Pwn2Own Automotive 2025 hacking contest concluded with security researchers earning a total of $886,250 for discovering 49 zero-day vulnerabilities. Targets included EV chargers, car operating systems (Android Automotive OS, Automotive Grade Linux, BlackBerry QNX), and in-vehicle infotainment systems. Summoning Team's Sina Kheirkhah took home the top prize, earning $222,250 and 30.5 Master of Pwn points. The event highlighted significant security flaws in automotive software, emphasizing the ongoing need for improved security in the industry.

Read more
(www.bleepingcomputer.com)
Tech zero-day vulnerabilities

Hacker Infects 18,000 'Script Kiddies' with Fake Malware Builder

2025-01-25
Hacker Infects 18,000 'Script Kiddies' with Fake Malware Builder

A threat actor targeted low-skilled hackers, known as "script kiddies," with a fake malware builder that secretly installed a backdoor to steal data and take over computers. Security researchers at CloudSEK report that the malware infected 18,459 devices globally, mostly in Russia, the US, India, Ukraine, and Turkey. The malware, a trojanized XWorm RAT builder, was distributed through various channels including GitHub, file hosting sites, Telegram, YouTube, and websites. While many infections were cleaned via a kill switch, some remain compromised. The malware stole data like Discord tokens, system information, and location data, and allowed remote control of infected machines.

Read more
(www.bleepingcomputer.com)
Tech

North Korean Hackers Extort US Companies After Stealing Source Code

2025-01-24
North Korean Hackers Extort US Companies After Stealing Source Code

The FBI issued a warning about North Korean hackers posing as IT workers to infiltrate US companies, steal source code, and extort ransoms. These hackers use various methods, including AI face-swapping technology, to conceal their identities. After gaining access, they copy code to personal accounts and threaten to leak information for ransom. The FBI advises companies to strengthen hiring processes, limit permissions, and monitor network traffic to prevent such attacks. A joint statement from the US, South Korea, and Japan revealed that North Korean state-sponsored hacking groups stole over $659 million in cryptocurrency in 2024.

Read more
(www.bleepingcomputer.com)
Tech North Korean Hackers

Pwn2Own Automotive 2025: 16 Zero-Days Exploited on Day One

2025-01-23
Pwn2Own Automotive 2025: 16 Zero-Days Exploited on Day One

On the first day of Pwn2Own Automotive 2025, security researchers successfully exploited 16 unique zero-day vulnerabilities, earning a total of $382,750 in prize money. Fuzzware.io took the lead, hacking Autel MaxiCharger and Phoenix Contact CHARX SEC-3150 EV chargers. The competition highlighted critical vulnerabilities in EV chargers, in-vehicle infotainment systems, and car operating systems, underscoring the importance of cybersecurity in the automotive industry.

Read more
(www.bleepingcomputer.com)
Tech zero-day automotive security

US Sanctions Chinese Hacker and Firm Behind Treasury and Telecom Hacks

2025-01-17
US Sanctions Chinese Hacker and Firm Behind Treasury and Telecom Hacks

The US Treasury Department sanctioned Yin Kecheng, a Shanghai-based hacker, and Sichuan Juxinhe Network Technology Co., Ltd. for their roles in the recent breach of the Treasury Department and attacks on US telecommunication companies. Yin Kecheng, linked to China's Ministry of State Security (MSS), was involved in the Treasury Department breach, exploiting a zero-day vulnerability. Sichuan Juxinhe is associated with the Salt Typhoon hacking group, responsible for spying on high-profile targets through compromised telecom providers. The sanctions freeze their US assets and prohibit transactions with US entities. This action underscores the US commitment to combating Chinese cyber espionage.

Read more
(www.bleepingcomputer.com)
Tech sanctions hacking Sanctions Chinese Hackers
← Previous 1