ByA Windows 10 20H2 cumulative update released to Insiders on the 'Release' channel leaked that the next feature updated will be 21H1.When Microsoft releases new feature updates, it typically alternates between releasing them as a full-featured update or a small enablement package, which simply turns on dormant features already built into Windows 10.As the and was distributed as an enablement package, the thought was the Windows 10 21H1 would be released as a full feature update.Unfortunately, Microsoft has been very quiet about its upcoming servicing plans for Windows 10, including the...…ByA Windows 10 20H2 cumulative update released to Insiders on the 'Release' channel leaked that the next feature updated will be 21H1.When Microsoft releases new feature updates, it typically alternates between releasing them as a full-featured update or a small enablement package, which simply turns on dormant features already built into Windows 10.As the and was distributed as an enablement package, the thought was the Windows 10 21H1 would be released as a full feature update.Unfortunately, Microsoft has been very quiet about its upcoming servicing plans for Windows 10, including the...WW…

ByIntel disclosed on Thursday that unknown threat actors stole an infographic containing info on the company's fourth-quarter and full-year 2020 financial results.The data was part of Intel's yet unpublished quarterly earnings the company was planning to publish and file with the U.S. Securities and Exchange Commission after the stock market closed on Thursday.However, after discovering the incident and finding that the stolen info was being shared outside the company, Intel published the quarterly earnings report minutes before the market's closure."We are investigating reports that...…ByIntel disclosed on Thursday that unknown threat actors stole an infographic containing info on the company's fourth-quarter and full-year 2020 financial results.The data was part of Intel's yet unpublished quarterly earnings the company was planning to publish and file with the U.S. Securities and Exchange Commission after the stock market closed on Thursday.However, after discovering the incident and finding that the stolen info was being shared outside the company, Intel published the quarterly earnings report minutes before the market's closure."We are investigating reports that...WW…

ByBonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information.Bonobos started as an online men's clothing store but later expanded to sixty locations to try on clothes before purchasing them. Walmart bought Bonobos in 2017 for $300 million to sells its clothing on their Jet.com site.Last weekend, a threat actor known as ShinyHunters, who is notorious for hacking online services and selling stolen databases, posted the full Bonobos database to a free hacker forum.This leaked database is a monstrous 70 GB SQL file containing various...…ByBonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information.Bonobos started as an online men's clothing store but later expanded to sixty locations to try on clothes before purchasing them. Walmart bought Bonobos in 2017 for $300 million to sells its clothing on their Jet.com site.Last weekend, a threat actor known as ShinyHunters, who is notorious for hacking online services and selling stolen databases, posted the full Bonobos database to a free hacker forum.This leaked database is a monstrous 70 GB SQL file containing various...WW…

☰×ByA stolen database containing the email addresses, names, and passwords of more than 77 million records of Nitro PDF service users was leaked today for free.The 14GB leaked database contains 77,159,696 records with users' email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses, and other system-related information.The database has also been which allows users to check if their info has also been compromised in this data breach and leaked on the Internet.Nitro is an application that helps create, edit, and sign PDFs and digital documents, an app that...…☰×ByA stolen database containing the email addresses, names, and passwords of more than 77 million records of Nitro PDF service users was leaked today for free.The 14GB leaked database contains 77,159,696 records with users' email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses, and other system-related information.The database has also been which allows users to check if their info has also been compromised in this data breach and leaked on the Internet.Nitro is an application that helps create, edit, and sign PDFs and digital documents, an app that...WW…

ByThe ongoing analysis of the SolarWinds supply-chain attack uncovered a fourth malicious tool that researchers call Raindrop and was used for distribution across computers on the victim network.The hackers used Raindrop to deliver a Cobalt Strike beacon to select victims that were of interest and which had already been compromised through the trojanized SolarWinds Orion update.There are currently four pieces of malware identified in the SolarWinds cyberattack, believed to be the work of a :Symantec researchers found the new Raindrop malware on machines compromised through the SolarWinds...…ByThe ongoing analysis of the SolarWinds supply-chain attack uncovered a fourth malicious tool that researchers call Raindrop and was used for distribution across computers on the victim network.The hackers used Raindrop to deliver a Cobalt Strike beacon to select victims that were of interest and which had already been compromised through the trojanized SolarWinds Orion update.There are currently four pieces of malware identified in the SolarWinds cyberattack, believed to be the work of a :Symantec researchers found the new Raindrop malware on machines compromised through the SolarWinds...WW…

ByVulnerabilities found in multiple video conferencing mobile applications allowed attackers to listen to users' surroundings without permission before the person on the other end picked up the calls.The bugs were found in the Signal, Google Duo, Facebook Messenger, JioChat, and Mocha messaging apps and are now all fixed.However, before being patched, they made it possible to force targeted devices to transmit audio to the attackers' devices without the need of gaining code execution."I investigated the signalling state machines of seven video conferencing applications and found five...…ByVulnerabilities found in multiple video conferencing mobile applications allowed attackers to listen to users' surroundings without permission before the person on the other end picked up the calls.The bugs were found in the Signal, Google Duo, Facebook Messenger, JioChat, and Mocha messaging apps and are now all fixed.However, before being patched, they made it possible to force targeted devices to transmit audio to the attackers' devices without the need of gaining code execution."I investigated the signalling state machines of seven video conferencing applications and found five...WW…

ByThe OpenWRT forum, a large community of enthusiasts of alternative, open-source operating systems for routers, announced a data breach.Forum administrators posted the announcement in a high-visibility area, explaining what happened and the risks to users stemming from exposing their data.The attack occurred on Saturday, around 04:00 (GMT), when an unauthorized third party gained admin access to and copied a list with details about forum users and related statistical information.The intruder used the account of an OpenWRT administrator. The intruder used the account of an OpenWRT...…ByThe OpenWRT forum, a large community of enthusiasts of alternative, open-source operating systems for routers, announced a data breach.Forum administrators posted the announcement in a high-visibility area, explaining what happened and the risks to users stemming from exposing their data.The attack occurred on Saturday, around 04:00 (GMT), when an unauthorized third party gained admin access to and copied a list with details about forum users and related statistical information.The intruder used the account of an OpenWRT administrator. The intruder used the account of an OpenWRT...WW…

ByAttackers are using the normally harmless Windows Finger command to download and install a malicious backdoor on victims' devices.The 'Finger' command is a utility that originated in Linux/Unix operating systems that allows a local user to retrieve a list of users on a remote machine or information about a particular remote user. In addition to Linux, Windows includes a finger.exe command that performs the same functionality.To execute the Finger command, a user would enter finger [user]@[remote_host]. For example, finger bleeping@www.bleepingcomputer.com.In September, we reported that...…ByAttackers are using the normally harmless Windows Finger command to download and install a malicious backdoor on victims' devices.The 'Finger' command is a utility that originated in Linux/Unix operating systems that allows a local user to retrieve a list of users on a remote machine or information about a particular remote user. In addition to Linux, Windows includes a finger.exe command that performs the same functionality.To execute the Finger command, a user would enter finger [user]@[remote_host]. For example, finger bleeping@www.bleepingcomputer.com.In September, we reported that...WW…

ByThe privacy-focused search engine DuckDuckGo continues to grow rapidly as the company reached 102M daily search queries for the first time in January. is a search engine that builds its search index using its DuckDuckBot crawler, indexing WikiPedia, and through partners like Bing. The search engine does not use any data from Google.What makes DuckDuckGo stand out is that they do not track your searches to build a user profile or share any personal or identifying data with third-party companies, including ad networks."Each time you search on DuckDuckGo, you have a blank search history, as...…ByThe privacy-focused search engine DuckDuckGo continues to grow rapidly as the company reached 102M daily search queries for the first time in January. is a search engine that builds its search index using its DuckDuckBot crawler, indexing WikiPedia, and through partners like Bing. The search engine does not use any data from Google.What makes DuckDuckGo stand out is that they do not track your searches to build a user profile or share any personal or identifying data with third-party companies, including ad networks."Each time you search on DuckDuckGo, you have a blank search history, as...WW…

BySignal users are currently experiencing issues around the world, with users unable to send and receive messages. When attempting to send messages via Signal, users are seeing loading screen and error message "502".According to and user reports, Signal is currently experiencing an outage in the U.S, Europe, and other parts of the world. The problem was first reported at 10:09 AM EST.For now, Signal users will have to wait until the company has resolved the issue.Update 2: Signal is now back online.Update 1: On the , Signal has acknowledged the reports and they're trying to restore service...…BySignal users are currently experiencing issues around the world, with users unable to send and receive messages. When attempting to send messages via Signal, users are seeing loading screen and error message "502".According to and user reports, Signal is currently experiencing an outage in the U.S, Europe, and other parts of the world. The problem was first reported at 10:09 AM EST.For now, Signal users will have to wait until the company has resolved the issue.Update 2: Signal is now back online.Update 1: On the , Signal has acknowledged the reports and they're trying to restore service...WW…

ByThreat actors are hacking verified Twitter accounts in an Elon Musk cryptocurrency giveaway scam that has recently become widely active.There is nothing new about cryptocurrency scams on Twitter, especially ones pretending to be giveaways from Elon Musk. In 2018, scammers raked in $180,000 using a  promoted on Twitter.Over the past week, security researcher MalwareHunterTeam has seen an uptick in verified Twitter accounts hacked in a scam promoting another fake Elon Musk cryptocurrency giveaway.These accounts will reply to tweets, like Elon Musk's below, and promote a scam where Musk is...…ByThreat actors are hacking verified Twitter accounts in an Elon Musk cryptocurrency giveaway scam that has recently become widely active.There is nothing new about cryptocurrency scams on Twitter, especially ones pretending to be giveaways from Elon Musk. In 2018, scammers raked in $180,000 using a  promoted on Twitter.Over the past week, security researcher MalwareHunterTeam has seen an uptick in verified Twitter accounts hacked in a scam promoting another fake Elon Musk cryptocurrency giveaway.These accounts will reply to tweets, like Elon Musk's below, and promote a scam where Musk is...WW…

ByAn unpatched zero-day in Microsoft Windows 10 allows attackers to corrupt an NTFS-formatted hard drive with a one-line command.In multiple tests by BleepingComputer, this one-liner can be delivered hidden inside a Windows shortcut file, a ZIP archive, batch files, or various other vectors to trigger hard drive errors that corrupt the filesystem index instantly.In August 2020, October 2020, and finally this week, infosec researcher  drew attention to an NTFS vulnerability impacting Windows 10 that has not been fixed.When exploited, this vulnerability can be triggered by a single-line...…ByAn unpatched zero-day in Microsoft Windows 10 allows attackers to corrupt an NTFS-formatted hard drive with a one-line command.In multiple tests by BleepingComputer, this one-liner can be delivered hidden inside a Windows shortcut file, a ZIP archive, batch files, or various other vectors to trigger hard drive errors that corrupt the filesystem index instantly.In August 2020, October 2020, and finally this week, infosec researcher  drew attention to an NTFS vulnerability impacting Windows 10 that has not been fixed.When exploited, this vulnerability can be triggered by a single-line...WW…

ByA website named 'SolarLeaks' is selling data they claim was stolen from companies confirmed to have been breached in the SolarWinds attack.Last month, it was disclosed that network management company that led to a supply chain attack affecting 18,000 customers.According to a , this attack was "likely" conducted by a Russian state-sponsored hacking group who wanted to  from its victims.Today, a solarleaks[.]net website was launched that claims to be selling the stolen data from Microsoft, Cisco, FireEye, and SolarWinds. All of these companies are known to have been breached during the...…ByA website named 'SolarLeaks' is selling data they claim was stolen from companies confirmed to have been breached in the SolarWinds attack.Last month, it was disclosed that network management company that led to a supply chain attack affecting 18,000 customers.According to a , this attack was "likely" conducted by a Russian state-sponsored hacking group who wanted to  from its victims.Today, a solarleaks[.]net website was launched that claims to be selling the stolen data from Microsoft, Cisco, FireEye, and SolarWinds. All of these companies are known to have been breached during the...WW…

ByThe European Medicines Agency (EMA) today revealed that some of the Pfizer/BioNTech COVID-19 vaccine data stolen from its servers in December was leaked online.EMA is a decentralized agency responsible for reviewing and approving COVID-19 vaccines, as well as for evaluating, monitoring, and supervising any new medicines introduced to the EU."The ongoing investigation of the cyberattack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines belonging to third parties have been leaked on the internet," EMA said today. "Necessary action is...…ByThe European Medicines Agency (EMA) today revealed that some of the Pfizer/BioNTech COVID-19 vaccine data stolen from its servers in December was leaked online.EMA is a decentralized agency responsible for reviewing and approving COVID-19 vaccines, as well as for evaluating, monitoring, and supervising any new medicines introduced to the EU."The ongoing investigation of the cyberattack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines belonging to third parties have been leaked on the internet," EMA said today. "Necessary action is...WW…

ByThe source code for the ChastityLock ransomware that targeted male users of a specific adult toy is now publicly available for research purposes.Users of the Bluetooth-controlled  chastity device were targets of an attack with this malware last year after security researchers found a vulnerability in the toy that allowed locking it remotely.Qiui Cellmante is a connected sex toy with a companion app to control its locking/unlocking via Bluetooth that is typically managed by someone else than the person wearing the device.In October 2020, researchers at  about a serious vulnerability that...…ByThe source code for the ChastityLock ransomware that targeted male users of a specific adult toy is now publicly available for research purposes.Users of the Bluetooth-controlled  chastity device were targets of an attack with this malware last year after security researchers found a vulnerability in the toy that allowed locking it remotely.Qiui Cellmante is a connected sex toy with a companion app to control its locking/unlocking via Bluetooth that is typically managed by someone else than the person wearing the device.In October 2020, researchers at  about a serious vulnerability that...WW…

ByNetworking device maker Ubiquiti has announced a security incident that may have exposed its customers' data.Ubiquiti is a very popular networking device manufacturer best known for its UniFi line of wired and wireless network products and a cloud management platform.Today, Ubiquiti began emailing customers to change their passwords and enable 2FA after an attacker hacked their systems hosted at a third-party cloud provider."We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider. We have no indication that...…ByNetworking device maker Ubiquiti has announced a security incident that may have exposed its customers' data.Ubiquiti is a very popular networking device manufacturer best known for its UniFi line of wired and wireless network products and a cloud management platform.Today, Ubiquiti began emailing customers to change their passwords and enable 2FA after an attacker hacked their systems hosted at a third-party cloud provider."We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider. We have no indication that...WW…

ByA newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December.This multi-platform malware also has worm capabilities that allow it to spread to other systems by brute-forcing public-facing services (i.e., MySQL, Tomcat, Jenkins and WebLogic) with weak passwords  security researcher Avigayil Mechtinger.The attackers behind this campaign have been actively updating the worm's capabilities through its command-and-control (C2) server since it was first spotted which hints at an actively...…ByA newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December.This multi-platform malware also has worm capabilities that allow it to spread to other systems by brute-forcing public-facing services (i.e., MySQL, Tomcat, Jenkins and WebLogic) with weak passwords  security researcher Avigayil Mechtinger.The attackers behind this campaign have been actively updating the worm's capabilities through its command-and-control (C2) server since it was first spotted which hints at an actively...WW…

ByA data breach broker is selling the allegedly stolen user records for twenty-six companies on a hacker forum, BleepingComputer has learned.When threat actors and hacking groups breach a company and steal their user databases, they commonly work with data breach brokers who market and sell the data for them. Brokers will then create posts on hacker forums and dark web marketplaces to market the stolen data.Last Friday, a data broker began selling the combined total of 368.8 million stolen user records for twenty-six companies on a hacker forum.Of these twenty-six companies, only eight are...…ByA data breach broker is selling the allegedly stolen user records for twenty-six companies on a hacker forum, BleepingComputer has learned.When threat actors and hacking groups breach a company and steal their user databases, they commonly work with data breach brokers who market and sell the data for them. Brokers will then create posts on hacker forums and dark web marketplaces to market the stolen data.Last Friday, a data broker began selling the combined total of 368.8 million stolen user records for twenty-six companies on a hacker forum.Of these twenty-six companies, only eight are...WW…

ByT-Mobile has announced a data breach exposing customers' proprietary network information (CPNI), including phone numbers and call records.Starting yesterday, T-Mobile began texting customers that a "security incident" exposed their account's information.According to T-Mobile, its security team recently discovered "malicious, unauthorized access" to their systems. After bringing in a cybersecurity firm to perform an investigation, T-Mobile found that threat actors gained access to the telecommunications information generated by customers, known as CPNI.The information exposed in this...…ByT-Mobile has announced a data breach exposing customers' proprietary network information (CPNI), including phone numbers and call records.Starting yesterday, T-Mobile began texting customers that a "security incident" exposed their account's information.According to T-Mobile, its security team recently discovered "malicious, unauthorized access" to their systems. After bringing in a cybersecurity firm to perform an investigation, T-Mobile found that threat actors gained access to the telecommunications information generated by customers, known as CPNI.The information exposed in this...WW…

ByWeak credentials and login protections come with the risk of swatting for owners of connected devices with video and voice capabilities, warns the U.S. Federal Bureau of Investigation (FBI).In a recent spate of swatting attacks, perpetrators have hijacked smart gadgets to watch or live stream the bad joke unfolding and engage the responding officers.Swatting originates from prank calls to emergency services. It aims to generate a response from law enforcement and the S.W.A.T. (special weapons and tactics) team against a target.In many cases, swatting is driven by revenge, especially among...…ByWeak credentials and login protections come with the risk of swatting for owners of connected devices with video and voice capabilities, warns the U.S. Federal Bureau of Investigation (FBI).In a recent spate of swatting attacks, perpetrators have hijacked smart gadgets to watch or live stream the bad joke unfolding and engage the responding officers.Swatting originates from prank calls to emergency services. It aims to generate a response from law enforcement and the S.W.A.T. (special weapons and tactics) team against a target.In many cases, swatting is driven by revenge, especially among...WW…

ByThe NetGalley book promotion site has suffered a data breach that allowed threat actors to access a database with members' personal information.NetGalley is a website that allows authors and publishers to promote digital review copies of their books (galleys) to book advocates, influential readers, and industry professionals in the hopes that they will recommend the books to their audience.On Monday, December 21st, NetGalley's website was hacked and defaced. After further investigations, it was determined that the threat actors also accessed a backup for the site's database containing...…ByThe NetGalley book promotion site has suffered a data breach that allowed threat actors to access a database with members' personal information.NetGalley is a website that allows authors and publishers to promote digital review copies of their books (galleys) to book advocates, influential readers, and industry professionals in the hopes that they will recommend the books to their audience.On Monday, December 21st, NetGalley's website was hacked and defaced. After further investigations, it was determined that the threat actors also accessed a backup for the site's database containing...WW…

ByA threat actor has leaked the stolen email and mailing addresses for Ledger cryptocurrency wallet users on a hacker forum for free.Ledger is a hardware cryptocurrency wallet that is used to store, manage, and sell cryptocurrency. The funds held in these wallets are secured using a 24-word recovery phrase and an optional secret passphrase that only the owner knows.In June 2020,  after a website vulnerability allowed threat actors to access customers' contact details.Today, a threat actor has shared an archive containing two files named 'All Emails (Subscription).txt' and 'Ledger Orders...…ByA threat actor has leaked the stolen email and mailing addresses for Ledger cryptocurrency wallet users on a hacker forum for free.Ledger is a hardware cryptocurrency wallet that is used to store, manage, and sell cryptocurrency. The funds held in these wallets are secured using a 24-word recovery phrase and an optional secret passphrase that only the owner knows.In June 2020,  after a website vulnerability allowed threat actors to access customers' contact details.Today, a threat actor has shared an archive containing two files named 'All Emails (Subscription).txt' and 'Ledger Orders...WW…

BySince the SolarWinds supply chain attack was disclosed last Sunday, there has been a whirlwind of news, technical details, and analysis released about the hack.Because the amount of information that was released in such a short time is definitely overwhelming, we have published this as a roundup of this week's SolarWinds news.The information is distilled into a format that will hopefully explain the attack, who its victims are, and what we know to this point.While we learned of SolarWind's attack on December 13th, the first disclosure of its consequence was made on December 8th when...…BySince the SolarWinds supply chain attack was disclosed last Sunday, there has been a whirlwind of news, technical details, and analysis released about the hack.Because the amount of information that was released in such a short time is definitely overwhelming, we have published this as a roundup of this week's SolarWinds news.The information is distilled into a format that will hopefully explain the attack, who its victims are, and what we know to this point.While we learned of SolarWind's attack on December 13th, the first disclosure of its consequence was made on December 8th when...WW…

ByThe global Google services outage yesterday was caused by the company's Identity Management System failing after a bug restricted its storage space.This from accessing Gmail, YouTube, Google Drive, Google Maps, Google Calendar, and other Google services.During the outage, users could not send emails via Gmail mobile apps or receive email via POP3 for desktop clients. Also, YouTube visitors were seeing an error message stating, "There was a problem with the server (503) - Tap to retry."According to a tweet and a Google status report, the outage was caused by the company's automated...…ByThe global Google services outage yesterday was caused by the company's Identity Management System failing after a bug restricted its storage space.This from accessing Gmail, YouTube, Google Drive, Google Maps, Google Calendar, and other Google services.During the outage, users could not send emails via Gmail mobile apps or receive email via POP3 for desktop clients. Also, YouTube visitors were seeing an error message stating, "There was a problem with the server (503) - Tap to retry."According to a tweet and a Google status report, the outage was caused by the company's automated...WW…

ByThe City of Independence, Missouri, suffered a ransomware attack last week that continues to disrupt the city's services.At the beginning of the month, Independence suffered a ransomware attack that forced them to shut down their IT system as they recovered from the attack."The City of Independence recently experienced an event that resulted in technical difficulties and disruption to multiple services. It appears that these disruptions are the result of a ransomware event that was discovered and stopped before it could infect the full City network,"  City of Independence City Manager...…ByThe City of Independence, Missouri, suffered a ransomware attack last week that continues to disrupt the city's services.At the beginning of the month, Independence suffered a ransomware attack that forced them to shut down their IT system as they recovered from the attack."The City of Independence recently experienced an event that resulted in technical difficulties and disruption to multiple services. It appears that these disruptions are the result of a ransomware event that was discovered and stopped before it could infect the full City network,"  City of Independence City Manager...WW…