Bleeping Computer Cyber Security | Website Cyber Security

QNAP pulls buggy QTS firmware causing widespread NAS issues
by Sergiu Gatlan on November 22, 2024 at 8:49 pm
QNAP has pulled a recently released firmware update after widespread customer reports that it’s breaking connectivity and, in some cases, locking users out of their devices. […]
Hackers breach US firm over Wi-Fi from Russia in ‘Nearest Neighbor Attack’
by Bill Toulas on November 22, 2024 at 7:33 pm
Russian state hackers APT28 (Fancy Bear/Forest Blizzard/Sofacy) breached a U.S. company through its enterprise WiFi network while being thousands of miles away, by leveraging a novel technique called “nearest neighbor attack.” […]
Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs
by Sergiu Gatlan on November 22, 2024 at 6:00 pm
Microsoft announced today that its controversial AI-powered Recall feature is finally rolling out to Windows Insiders in the Dev Channel using Snapdragon-powered Copilot+ PCs. […]
Windows 11 KB5046740 update released with 14 changes and fixes
by Sergiu Gatlan on November 21, 2024 at 9:00 pm
Microsoft has released the November 2024 preview cumulative update for Windows 11 24H2, with 14 improvements and fixes for multiple issues, including some affecting File Explorer, the Clipboard history, and secondary displays. […]
Chinese hackers target Linux with new WolfsBane malware
by Bill Toulas on November 21, 2024 at 8:06 pm
A new Linux backdoor called ‘WolfsBane’ has been discovered, believed to be a port of Windows malware used by the Chinese ‘Gelsemium’ hacking group. […]
Over 2,000 Palo Alto firewalls hacked using recently patched bugs
by Sergiu Gatlan on November 21, 2024 at 7:46 pm
Hackers have already compromised thousands of Palo Alto Networks firewalls in attacks exploiting two recently patched zero-day vulnerabilities. […]
Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls
by Sergiu Gatlan on November 21, 2024 at 6:58 pm
Microsoft has confirmed that, since November 12, some Windows 10 users have been unable to update or uninstall packaged applications like Microsoft Teams. […]
CISA says BianLian ransomware now focuses only on data theft
by Bill Toulas on November 21, 2024 at 6:38 pm
The BianLian ransomware operation has shifted its tactics, becoming primarily a data theft extortion group, according to an updated advisory from the U.S. Cybersecurity & Infrastructure Security Agency, the FBI, and the Australian Cyber Security Centre. […]
Microsoft disrupts ONNX phishing-as-a-service infrastructure
by Sergiu Gatlan on November 21, 2024 at 5:00 pm
Microsoft has seized 240 domains used by customers of ONNX, a phishing-as-a-service (PhaaS) platform, to target companies and individuals across the United States and worldwide since at least 2017. […]
US seizes PopeyeTools cybercrime marketplace, charges administrators
by Bill Toulas on November 21, 2024 at 3:44 pm
The U.S. has seized the cybercrime website ‘PopeyeTools’ and unsealed charges against three of its administrators, Abdul Ghaffar, Abdul Sami, and Javed Mirza, for selling stolen data. […]
Fortinet VPN design flaw hides successful brute-force attacks
by Ionut Ilascu on November 21, 2024 at 2:38 pm
A design flaw in the Fortinet VPN server’s logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of compromised logins. […]
Now BlueSky hit with crypto scams as it crosses 20 million users
by Ax Sharma on November 21, 2024 at 10:28 am
As users are flocking to BlueSky from social media platforms like X/Twitter, so are threat actors. BleepingComputer has spotted cryptocurrency scams popping up on BlueSky just as the decentralized microblogging service surpassed 20 million users this week. […]