ByA Windows 10 20H2 cumulative update released to Insiders on the 'Release' channel leaked that the next feature updated will be 21H1.When Microsoft releases new feature updates, it typically alternates between releasing them as a full-featured update or a small enablement package, which simply turns on dormant features already built into Windows 10.As the and was distributed as an enablement package, the thought was the Windows 10 21H1 would be released as a full feature update.Unfortunately, Microsoft has been very quiet about its upcoming servicing plans for Windows 10, including the...…ByA Windows 10 20H2 cumulative update released to Insiders on the 'Release' channel leaked that the next feature updated will be 21H1.When Microsoft releases new feature updates, it typically alternates between releasing them as a full-featured update or a small enablement package, which simply turns on dormant features already built into Windows 10.As the and was distributed as an enablement package, the thought was the Windows 10 21H1 would be released as a full feature update.Unfortunately, Microsoft has been very quiet about its upcoming servicing plans for Windows 10, including the...WW…

ByBonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information.Bonobos started as an online men's clothing store but later expanded to sixty locations to try on clothes before purchasing them. Walmart bought Bonobos in 2017 for $300 million to sells its clothing on their Jet.com site.Last weekend, a threat actor known as ShinyHunters, who is notorious for hacking online services and selling stolen databases, posted the full Bonobos database to a free hacker forum.This leaked database is a monstrous 70 GB SQL file containing various...…ByBonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information.Bonobos started as an online men's clothing store but later expanded to sixty locations to try on clothes before purchasing them. Walmart bought Bonobos in 2017 for $300 million to sells its clothing on their Jet.com site.Last weekend, a threat actor known as ShinyHunters, who is notorious for hacking online services and selling stolen databases, posted the full Bonobos database to a free hacker forum.This leaked database is a monstrous 70 GB SQL file containing various...WW…

ByAttackers are using the normally harmless Windows Finger command to download and install a malicious backdoor on victims' devices.The 'Finger' command is a utility that originated in Linux/Unix operating systems that allows a local user to retrieve a list of users on a remote machine or information about a particular remote user. In addition to Linux, Windows includes a finger.exe command that performs the same functionality.To execute the Finger command, a user would enter finger [user]@[remote_host]. For example, finger bleeping@www.bleepingcomputer.com.In September, we reported that...…ByAttackers are using the normally harmless Windows Finger command to download and install a malicious backdoor on victims' devices.The 'Finger' command is a utility that originated in Linux/Unix operating systems that allows a local user to retrieve a list of users on a remote machine or information about a particular remote user. In addition to Linux, Windows includes a finger.exe command that performs the same functionality.To execute the Finger command, a user would enter finger [user]@[remote_host]. For example, finger bleeping@www.bleepingcomputer.com.In September, we reported that...WW…

ByThreat actors are hacking verified Twitter accounts in an Elon Musk cryptocurrency giveaway scam that has recently become widely active.There is nothing new about cryptocurrency scams on Twitter, especially ones pretending to be giveaways from Elon Musk. In 2018, scammers raked in $180,000 using a  promoted on Twitter.Over the past week, security researcher MalwareHunterTeam has seen an uptick in verified Twitter accounts hacked in a scam promoting another fake Elon Musk cryptocurrency giveaway.These accounts will reply to tweets, like Elon Musk's below, and promote a scam where Musk is...…ByThreat actors are hacking verified Twitter accounts in an Elon Musk cryptocurrency giveaway scam that has recently become widely active.There is nothing new about cryptocurrency scams on Twitter, especially ones pretending to be giveaways from Elon Musk. In 2018, scammers raked in $180,000 using a  promoted on Twitter.Over the past week, security researcher MalwareHunterTeam has seen an uptick in verified Twitter accounts hacked in a scam promoting another fake Elon Musk cryptocurrency giveaway.These accounts will reply to tweets, like Elon Musk's below, and promote a scam where Musk is...WW…

ByA website named 'SolarLeaks' is selling data they claim was stolen from companies confirmed to have been breached in the SolarWinds attack.Last month, it was disclosed that network management company that led to a supply chain attack affecting 18,000 customers.According to a , this attack was "likely" conducted by a Russian state-sponsored hacking group who wanted to  from its victims.Today, a solarleaks[.]net website was launched that claims to be selling the stolen data from Microsoft, Cisco, FireEye, and SolarWinds. All of these companies are known to have been breached during the...…ByA website named 'SolarLeaks' is selling data they claim was stolen from companies confirmed to have been breached in the SolarWinds attack.Last month, it was disclosed that network management company that led to a supply chain attack affecting 18,000 customers.According to a , this attack was "likely" conducted by a Russian state-sponsored hacking group who wanted to  from its victims.Today, a solarleaks[.]net website was launched that claims to be selling the stolen data from Microsoft, Cisco, FireEye, and SolarWinds. All of these companies are known to have been breached during the...WW…

ByNetworking device maker Ubiquiti has announced a security incident that may have exposed its customers' data.Ubiquiti is a very popular networking device manufacturer best known for its UniFi line of wired and wireless network products and a cloud management platform.Today, Ubiquiti began emailing customers to change their passwords and enable 2FA after an attacker hacked their systems hosted at a third-party cloud provider."We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider. We have no indication that...…ByNetworking device maker Ubiquiti has announced a security incident that may have exposed its customers' data.Ubiquiti is a very popular networking device manufacturer best known for its UniFi line of wired and wireless network products and a cloud management platform.Today, Ubiquiti began emailing customers to change their passwords and enable 2FA after an attacker hacked their systems hosted at a third-party cloud provider."We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider. We have no indication that...WW…

ByA data breach broker is selling the allegedly stolen user records for twenty-six companies on a hacker forum, BleepingComputer has learned.When threat actors and hacking groups breach a company and steal their user databases, they commonly work with data breach brokers who market and sell the data for them. Brokers will then create posts on hacker forums and dark web marketplaces to market the stolen data.Last Friday, a data broker began selling the combined total of 368.8 million stolen user records for twenty-six companies on a hacker forum.Of these twenty-six companies, only eight are...…ByA data breach broker is selling the allegedly stolen user records for twenty-six companies on a hacker forum, BleepingComputer has learned.When threat actors and hacking groups breach a company and steal their user databases, they commonly work with data breach brokers who market and sell the data for them. Brokers will then create posts on hacker forums and dark web marketplaces to market the stolen data.Last Friday, a data broker began selling the combined total of 368.8 million stolen user records for twenty-six companies on a hacker forum.Of these twenty-six companies, only eight are...WW…

ByT-Mobile has announced a data breach exposing customers' proprietary network information (CPNI), including phone numbers and call records.Starting yesterday, T-Mobile began texting customers that a "security incident" exposed their account's information.According to T-Mobile, its security team recently discovered "malicious, unauthorized access" to their systems. After bringing in a cybersecurity firm to perform an investigation, T-Mobile found that threat actors gained access to the telecommunications information generated by customers, known as CPNI.The information exposed in this...…ByT-Mobile has announced a data breach exposing customers' proprietary network information (CPNI), including phone numbers and call records.Starting yesterday, T-Mobile began texting customers that a "security incident" exposed their account's information.According to T-Mobile, its security team recently discovered "malicious, unauthorized access" to their systems. After bringing in a cybersecurity firm to perform an investigation, T-Mobile found that threat actors gained access to the telecommunications information generated by customers, known as CPNI.The information exposed in this...WW…

ByThe NetGalley book promotion site has suffered a data breach that allowed threat actors to access a database with members' personal information.NetGalley is a website that allows authors and publishers to promote digital review copies of their books (galleys) to book advocates, influential readers, and industry professionals in the hopes that they will recommend the books to their audience.On Monday, December 21st, NetGalley's website was hacked and defaced. After further investigations, it was determined that the threat actors also accessed a backup for the site's database containing...…ByThe NetGalley book promotion site has suffered a data breach that allowed threat actors to access a database with members' personal information.NetGalley is a website that allows authors and publishers to promote digital review copies of their books (galleys) to book advocates, influential readers, and industry professionals in the hopes that they will recommend the books to their audience.On Monday, December 21st, NetGalley's website was hacked and defaced. After further investigations, it was determined that the threat actors also accessed a backup for the site's database containing...WW…

ByA threat actor has leaked the stolen email and mailing addresses for Ledger cryptocurrency wallet users on a hacker forum for free.Ledger is a hardware cryptocurrency wallet that is used to store, manage, and sell cryptocurrency. The funds held in these wallets are secured using a 24-word recovery phrase and an optional secret passphrase that only the owner knows.In June 2020,  after a website vulnerability allowed threat actors to access customers' contact details.Today, a threat actor has shared an archive containing two files named 'All Emails (Subscription).txt' and 'Ledger Orders...…ByA threat actor has leaked the stolen email and mailing addresses for Ledger cryptocurrency wallet users on a hacker forum for free.Ledger is a hardware cryptocurrency wallet that is used to store, manage, and sell cryptocurrency. The funds held in these wallets are secured using a 24-word recovery phrase and an optional secret passphrase that only the owner knows.In June 2020,  after a website vulnerability allowed threat actors to access customers' contact details.Today, a threat actor has shared an archive containing two files named 'All Emails (Subscription).txt' and 'Ledger Orders...WW…

BySince the SolarWinds supply chain attack was disclosed last Sunday, there has been a whirlwind of news, technical details, and analysis released about the hack.Because the amount of information that was released in such a short time is definitely overwhelming, we have published this as a roundup of this week's SolarWinds news.The information is distilled into a format that will hopefully explain the attack, who its victims are, and what we know to this point.While we learned of SolarWind's attack on December 13th, the first disclosure of its consequence was made on December 8th when...…BySince the SolarWinds supply chain attack was disclosed last Sunday, there has been a whirlwind of news, technical details, and analysis released about the hack.Because the amount of information that was released in such a short time is definitely overwhelming, we have published this as a roundup of this week's SolarWinds news.The information is distilled into a format that will hopefully explain the attack, who its victims are, and what we know to this point.While we learned of SolarWind's attack on December 13th, the first disclosure of its consequence was made on December 8th when...WW…

ByThe global Google services outage yesterday was caused by the company's Identity Management System failing after a bug restricted its storage space.This from accessing Gmail, YouTube, Google Drive, Google Maps, Google Calendar, and other Google services.During the outage, users could not send emails via Gmail mobile apps or receive email via POP3 for desktop clients. Also, YouTube visitors were seeing an error message stating, "There was a problem with the server (503) - Tap to retry."According to a tweet and a Google status report, the outage was caused by the company's automated...…ByThe global Google services outage yesterday was caused by the company's Identity Management System failing after a bug restricted its storage space.This from accessing Gmail, YouTube, Google Drive, Google Maps, Google Calendar, and other Google services.During the outage, users could not send emails via Gmail mobile apps or receive email via POP3 for desktop clients. Also, YouTube visitors were seeing an error message stating, "There was a problem with the server (503) - Tap to retry."According to a tweet and a Google status report, the outage was caused by the company's automated...WW…

ByThe City of Independence, Missouri, suffered a ransomware attack last week that continues to disrupt the city's services.At the beginning of the month, Independence suffered a ransomware attack that forced them to shut down their IT system as they recovered from the attack."The City of Independence recently experienced an event that resulted in technical difficulties and disruption to multiple services. It appears that these disruptions are the result of a ransomware event that was discovered and stopped before it could infect the full City network,"  City of Independence City Manager...…ByThe City of Independence, Missouri, suffered a ransomware attack last week that continues to disrupt the city's services.At the beginning of the month, Independence suffered a ransomware attack that forced them to shut down their IT system as they recovered from the attack."The City of Independence recently experienced an event that resulted in technical difficulties and disruption to multiple services. It appears that these disruptions are the result of a ransomware event that was discovered and stopped before it could infect the full City network,"  City of Independence City Manager...WW…

ByFoxconn electronics giant suffered a ransomware attack at a Mexican facility over the Thanksgiving weekend, where attackers stole unencrypted files before encrypting devices.Foxconn is the largest electronics manufacturing company globally, with recorded revenue of $172 billion in 2019 and over 800,000 employees worldwide. Foxconn subsidiaries include Sharp Corporation, Innolux, FIH Mobile, and Belkin.BleepingComputer has been tracking a rumored Foxconn ransomware attack that occurred over the Thanksgiving weekend.Today, the DoppelPaymer ransomware published files belonging to Foxconn NA...…ByFoxconn electronics giant suffered a ransomware attack at a Mexican facility over the Thanksgiving weekend, where attackers stole unencrypted files before encrypting devices.Foxconn is the largest electronics manufacturing company globally, with recorded revenue of $172 billion in 2019 and over 800,000 employees worldwide. Foxconn subsidiaries include Sharp Corporation, Innolux, FIH Mobile, and Belkin.BleepingComputer has been tracking a rumored Foxconn ransomware attack that occurred over the Thanksgiving weekend.Today, the DoppelPaymer ransomware published files belonging to Foxconn NA...WW…

ByA Luxottica data breach has exposed the personal and protected health information for patients of LensCrafters, Target Optical, EyeMed, and other eye care practices.Luxottica is the world's largest eyewear company with a portfolio of well-known eyeglass brands, including Ray-Ban, Oakley, Oliver Peoples, Ferrari, Michael Kors, Bulgari, Armani, Prada, Chanel, and Coach.In addition to selling eyeglasses, Luxottica also operates the EyeMed vision benefits company and partners with eye care professionals as part of their LensCrafters, Target Optical, EyeMed, and Pearle Vision retail...…ByA Luxottica data breach has exposed the personal and protected health information for patients of LensCrafters, Target Optical, EyeMed, and other eye care practices.Luxottica is the world's largest eyewear company with a portfolio of well-known eyeglass brands, including Ray-Ban, Oakley, Oliver Peoples, Ferrari, Michael Kors, Bulgari, Armani, Prada, Chanel, and Coach.In addition to selling eyeglasses, Luxottica also operates the EyeMed vision benefits company and partners with eye care professionals as part of their LensCrafters, Target Optical, EyeMed, and Pearle Vision retail...WW…

ByGitHub has issued a warning that accounts could be banned if they continue to upload content that was removed due to DMCA takedown notices.On October 23rd, 2020, for the popular video download tool called YouTube-dl after the Recording Industry Association of America, Inc. (RIAA) filed a DMCA infringement notice.This takedown was controversial, as the notice was not issued because YouTube-dl contained copyrighted material or source code, but because it allowed users to download copyrighted content.Since then,  by creating new repositories containing the YouTube-dl source code.Some of...…ByGitHub has issued a warning that accounts could be banned if they continue to upload content that was removed due to DMCA takedown notices.On October 23rd, 2020, for the popular video download tool called YouTube-dl after the Recording Industry Association of America, Inc. (RIAA) filed a DMCA infringement notice.This takedown was controversial, as the notice was not issued because YouTube-dl contained copyrighted material or source code, but because it allowed users to download copyrighted content.Since then,  by creating new repositories containing the YouTube-dl source code.Some of...WW…

By​The infamous Maze ransomware gang announced today that they have officially closed down their ransomware operation and will no longer be leaking new companies' data on their site.Last week,  that Maze had stopped encrypting new victims since the middle of September, cleaned up their data leak site, and was extorting their final victims.Today, Maze released a press release titled "The Project is closed," where they state that they are closed and any other ransomware operation that uses its name is a scam."Maze Team Project is announcing it is officially closed.All the links to out...…By​The infamous Maze ransomware gang announced today that they have officially closed down their ransomware operation and will no longer be leaking new companies' data on their site.Last week,  that Maze had stopped encrypting new victims since the middle of September, cleaned up their data leak site, and was extorting their final victims.Today, Maze released a press release titled "The Project is closed," where they state that they are closed and any other ransomware operation that uses its name is a scam."Maze Team Project is announcing it is officially closed.All the links to out...WW…

ByOffice furniture giant Steelcase has suffered a ransomware attack that forced them to shut down their network to contain the attack's spread.Steelcase is the largest office furniture manufacturer globally, with 13,000 employees and $3.7 billion in 2020.In an 8-K form filed with the Securities and Exchange Commission (SEC), Steelcase has disclosed that they were the victim of a cyberattack on October 22nd, 2020.On October 22, 2020, Steelcase Inc. (the “Company”) detected a cyberattack on its information technology systems. The Company promptly implemented a series of containment measures...…ByOffice furniture giant Steelcase has suffered a ransomware attack that forced them to shut down their network to contain the attack's spread.Steelcase is the largest office furniture manufacturer globally, with 13,000 employees and $3.7 billion in 2020.In an 8-K form filed with the Securities and Exchange Commission (SEC), Steelcase has disclosed that they were the victim of a cyberattack on October 22nd, 2020.On October 22, 2020, Steelcase Inc. (the “Company”) detected a cyberattack on its information technology systems. The Company promptly implemented a series of containment measures...WW…

ByTwitter is emailing developers stating that their API keys, access tokens, and access token secrets may have been exposed in a browser's cache.In an email seen by BleepingComputer, Twitter explains that a developer's browser may have cached the sensitive data when visiting certain pages on developer.twitter.com.Twitter has resolved the issue by not allowing this data to be cached in your browser but warned that other users who used your computer in the past might have been able to access your security tokens and API keys."Prior to the fix, if you used a public or shared computer to view...…ByTwitter is emailing developers stating that their API keys, access tokens, and access token secrets may have been exposed in a browser's cache.In an email seen by BleepingComputer, Twitter explains that a developer's browser may have cached the sensitive data when visiting certain pages on developer.twitter.com.Twitter has resolved the issue by not allowing this data to be cached in your browser but warned that other users who used your computer in the past might have been able to access your security tokens and API keys."Prior to the fix, if you used a public or shared computer to view...WW…

ByThe source code for Windows XP SP1 and other versions of the operating system was allegedly leaked online today.The leaker claims to have spent the last two months compiling a collection of leaked Microsoft source code. This 43GB collection was then released today as a torrent on the 4chan forum .Included in this torrent is the alleged source code for Windows XP and Windows Server 2003, as well as an assortment of even older versions of the operating system. The contents of the torrent include:The torrent also includes a media folder containing a bizarre collection of conspiracy theory...…ByThe source code for Windows XP SP1 and other versions of the operating system was allegedly leaked online today.The leaker claims to have spent the last two months compiling a collection of leaked Microsoft source code. This 43GB collection was then released today as a torrent on the 4chan forum .Included in this torrent is the alleged source code for Windows XP and Windows Server 2003, as well as an assortment of even older versions of the operating system. The contents of the torrent include:The torrent also includes a media folder containing a bizarre collection of conspiracy theory...WW…

ByIPG Photonics, a leading U.S. developer of fiber lasers for cutting, welding, medical use, and laser weaponry has suffered a ransomware attack that is disrupting their operations.Based out of Oxford, Massachusets, IPG Photonics has locations worldwide where they employ over 4,000 people and have a $1.3 billion revenue in 2019.The company's lasers were used as that was . This system is an experimental defensive weapon against small threats and vehicles.On Monday, BleepingComputer was contacted by a source with knowledge of the attack who told us that a ransomware attack had disrupted its...…ByIPG Photonics, a leading U.S. developer of fiber lasers for cutting, welding, medical use, and laser weaponry has suffered a ransomware attack that is disrupting their operations.Based out of Oxford, Massachusets, IPG Photonics has locations worldwide where they employ over 4,000 people and have a $1.3 billion revenue in 2019.The company's lasers were used as that was . This system is an experimental defensive weapon against small threats and vehicles.On Monday, BleepingComputer was contacted by a source with knowledge of the attack who told us that a ransomware attack had disrupted its...WW…

ByMicrosoft has announced a new feature that allows Windows 10 users running Insider builds to launch their Android apps directly in Windows 10.This feature is only supported on and allows Android to stream apps to your Windows 10 devices.To use this feature, Samsung Galaxy users must first link their device with Windows 10 using the Your Phone app.Once this is done, they can select the 'Link to Windows' button, and a list of the available apps will be displayed in Windows 10, as demonstrated below.Windows 10 users can then launch an Android app and display it in its own window that runs...…ByMicrosoft has announced a new feature that allows Windows 10 users running Insider builds to launch their Android apps directly in Windows 10.This feature is only supported on and allows Android to stream apps to your Windows 10 devices.To use this feature, Samsung Galaxy users must first link their device with Windows 10 using the Your Phone app.Once this is done, they can select the 'Link to Windows' button, and a list of the available apps will be displayed in Windows 10, as demonstrated below.Windows 10 users can then launch an Android app and display it in its own window that runs...WW…

By​Canon has suffered a ransomware attack that impacts numerous services, including Canon's email, Microsoft Teams, USA website, and other internal applications.BleepingComputer has been tracking a suspicious outage on Canon's image.canon cloud photo and video storage service resulting in the loss of data for users of their free 10GB storage feature.The  site suffered an outage on July 30th, 2020, and over six days, the site would show status updates until it went back in service yesterday, August 4th.However, the final status update was strange as it mentions that while data was lost,...…By​Canon has suffered a ransomware attack that impacts numerous services, including Canon's email, Microsoft Teams, USA website, and other internal applications.BleepingComputer has been tracking a suspicious outage on Canon's image.canon cloud photo and video storage service resulting in the loss of data for users of their free 10GB storage feature.The  site suffered an outage on July 30th, 2020, and over six days, the site would show status updates until it went back in service yesterday, August 4th.However, the final status update was strange as it mentions that while data was lost,...WW…

ByStarting at the end of July, Microsoft has begun detecting HOSTS files that block Windows 10 telemetry servers as a 'Severe' security risk.The HOSTS file is a text file located at C:\Windows\system32\driver\etc\HOSTS and can only be edited by a program with Administrator privileges.This file is used to resolve hostnames to IP addresses without using the Domain Name System (DNS).This file is commonly used to block a computer from accessing a remote site by assigning host to the 127.0.0.1 or 0.0.0.0 IP address.For example, if you add the following line to the Windows HOSTS file, it will...…ByStarting at the end of July, Microsoft has begun detecting HOSTS files that block Windows 10 telemetry servers as a 'Severe' security risk.The HOSTS file is a text file located at C:\Windows\system32\driver\etc\HOSTS and can only be edited by a program with Administrator privileges.This file is used to resolve hostnames to IP addresses without using the Domain Name System (DNS).This file is commonly used to block a computer from accessing a remote site by assigning host to the 127.0.0.1 or 0.0.0.0 IP address.For example, if you add the following line to the Windows HOSTS file, it will...WW…

ByMicrosoft Outlook is immediately crashing worldwide when users start the application, with 0xc0000005 errors displayed in the Windows Event Viewer.These crashes started occurring over the last hour, and reports are flooding in from users all over the world.Users who examined their Application event logs will see an error log stating that the OUTLOOK.EXE program has crashed with an exception code 0xc0000005.BleepingComputer has confirmed the crashes in a test, as can be seen in the image below.The full text of this error is below.Faulting application name: OUTLOOK.EXE, version:...…ByMicrosoft Outlook is immediately crashing worldwide when users start the application, with 0xc0000005 errors displayed in the Windows Event Viewer.These crashes started occurring over the last hour, and reports are flooding in from users all over the world.Users who examined their Application event logs will see an error log stating that the OUTLOOK.EXE program has crashed with an exception code 0xc0000005.BleepingComputer has confirmed the crashes in a test, as can be seen in the image below.The full text of this error is below.Faulting application name: OUTLOOK.EXE, version:...WW…