BleepingComputer

2021-03-03 01:41:50 Microsoft fixes actively exploited Exchange zero-day bugs, patch now

Microsoft has released emergency out-of-band security updates for Microsoft Exchange that fix four zero-day vulnerabilities actively exploited in targeted attacks. [...]

https://www.bleepingcomputer.com/news/security/microsoft-fixes-actively-exploited-exchange-zero-day-bugs-patch-now/ Open / Comment

2021-03-03 01:18:27 Google fixes second actively exploited Chrome zero-day bug this year

Google has fixed an actively exploited zero-day vulnerability in the Chrome 89.0.4389.72 version released today, March 2nd, 2021, to the Stable desktop channel for Windows, Mac, and Linux users. [...]

https://www.bleepingcomputer.com/news/security/google-fixes-second-actively-exploited-chrome-zero-day-bug-this-year/ Open / Comment

2021-03-03 00:16:41 Payroll giant PrismHR outage likely caused by ransomware attack

Leading payroll company PrismHR is suffering a massive outage after suffering a cyberattack this weekend that looks like a ransomware attack from conversations with customers. [...]

https://www.bleepingcomputer.com/news/security/payroll-giant-prismhr-outage-likely-caused-by-ransomware-attack/ Open / Comment

2021-03-02 21:17:33 Malaysia Airlines discloses a nine-year-long data breach

​Malaysia Airlines has suffered a data breach spanning nine years that exposed the personal information of members in its Enrich frequent flyer program. [...]

https://www.bleepingcomputer.com/news/security/malaysia-airlines-discloses-a-nine-year-long-data-breach/ Open / Comment

2021-03-02 21:17:33 SolarWinds reports $3.5 million in expenses from supply-chain attack

SolarWinds has reported expenses of $3.5 million from last year's supply-chain attack, including costs related to incident investigation and remediation. [...]

https://www.bleepingcomputer.com/news/security/solarwinds-reports-35-million-in-expenses-from-supply-chain-attack/ Open / Comment

2021-03-02 19:15:30 Oxfam Australia confirms data breach after stolen info sold online

Oxfam Australia has confirmed a data breach after suffering a cyberattack and their donor databases put up for sale on a hacker forum in January. [...]

https://www.bleepingcomputer.com/news/security/oxfam-australia-confirms-data-breach-after-stolen-info-sold-online/ Open / Comment

2021-03-02 17:16:25 Microsoft announces Windows Server 2022 with new security features

Microsoft says that Windows Server 2022 will come with security improvements and will bring Secured-core to the Windows Server platform for added protection against a wide range of threats.  [...]

https://www.bleepingcomputer.com/news/security/microsoft-announces-windows-server-2022-with-new-security-features/ Open / Comment

2021-03-02 15:18:28 Malicious NPM packages target Amazon, Slack with new dependency attacks

Threat actors are targeting Amazon, Zillow, Lyft, and Slack NodeJS apps using the new 'Dependency Confusion' vulnerability to steal Linux/Unix password files and open reverse shells back to the attackers. [...]

https://www.bleepingcomputer.com/news/security/malicious-npm-packages-target-amazon-slack-with-new-dependency-attacks/ Open / Comment

2021-03-02 02:13:20 Working Windows and Linux Spectre exploits found on VirusTotal

Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal. [...]

https://www.bleepingcomputer.com/news/security/working-windows-and-linux-spectre-exploits-found-on-virustotal/ Open / Comment

2021-03-02 01:44:08 European e-ticketing platform Ticketcounter extorted in data breach

A Dutch e-Ticketing platform has suffered a data breach after a database was stolen from an unsecured staging server. [...]

https://www.bleepingcomputer.com/news/security/european-e-ticketing-platform-ticketcounter-extorted-in-data-breach/ Open / Comment