ExpressVPN bug has been leaking some DNS requests for years


ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed the domains users were visiting to configured DNS servers. [...]


https://www.bleepingcomputer.com/news/se...for-years/

Ransomware attack forces 21 Romanian hospitals to go offline


At least 21 hospitals in Romania were knocked offline after a ransomware attack took down their healthcare management system. [...]


https://www.bleepingcomputer.com/news/se...o-offline/

Free Rhysida ransomware decryptor for Windows exploits RNG flaw


South Korean researchers have publicly disclosed an encryption flaw in the Rhysida ransomware encryptor, allowing the creation of a Windows decryptor to recover files for free. [...]


https://www.bleepingcomputer.com/news/se...-rng-flaw/

Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor


Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. [...]


https://www.bleepingcomputer.com/news/se...-backdoor/

CISA: Roundcube email server bug now exploited in attacks


CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks. [...]


https://www.bleepingcomputer.com/news/se...n-attacks/

Ongoing Microsoft Azure account hijacking campaign targets executives


A phishing campaign detected in late November 2023 has compromised hundreds of user accounts in dozens of Microsoft Azure environments, including those of senior executives. [...]


https://www.bleepingcomputer.com/news/se...xecutives/

Microsoft tests Windows 11 ‘Super Resolution’ AI-upscaling for gamers


Microsoft is testing a new "Automatic Super Resolution" AI-assisted upscaling feature that increases the video and image quality of supported games while also making them run more smoothly. [...]


https://www.bleepingcomputer.com/news/mi...or-gamers/

FCC orders telecom carriers to report PII data breaches within 30 days


Starting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by FCC's updated data breach reporting requirements. [...]


https://www.bleepingcomputer.com/news/se...n-30-days/

FBI seizes Warzone RAT infrastructure, arrests malware vendor


The FBI dismantled the Warzone RAT malware operation, seizing infrastructure and arresting two individuals associated with the cybercrime operation. [...]


https://www.bleepingcomputer.com/news/se...re-vendor/

Bank of America warns customers of data breach after vendor hack

Bank of America is warning customers of a data breach exposing their personal information after one of its service providers was hacked last year. [...]


https://www.bleepingcomputer.com/news/se...ndor-hack/