Fake Browser Updates Targeting Mac Systems With Infostealer

A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts warn.

https://www.darkreading.com/attacks-brea...nfostealer

Hack The Box Launches 5th Annual University CTF Competition



https://www.darkreading.com/careers-and-...ompetition

Malware dev says they can revive expired Google auth cookies


The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts. [...]


https://www.bleepingcomputer.com/news/se...h-cookies/

Microsoft now rolling out Copilot to Windows 10 devices


Microsoft is now rolling out the Copilot AI assistant to eligible non-managed systems enrolled in the Windows Insider program and running Windows 10 22H2 Home and Pro editions. [...]


https://www.bleepingcomputer.com/news/mi...0-devices/

Open-source Blender project battling DDoS attacks since Saturday


Blender has confirmed that recent site outages have been caused by ongoing DDoS (distributed denial of service) attacks that started on Saturday. [...]


https://www.bleepingcomputer.com/news/se...-saturday/

The Black Friday 2023 Security, IT, VPN, & Antivirus Deals


Black Friday 2023 is here, and great deals are live in computer security, software, online courses, system admin services, antivirus, and VPN software. [...]


https://www.bleepingcomputer.com/news/se...rus-deals/

New botnet malware exploits two zero-days to infect NVRs and routers


A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices. [...]


https://www.bleepingcomputer.com/news/se...d-routers/

Microsoft: Lazarus hackers breach CyberLink in supply chain attack


Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers to push malware in a supply chain attack targeting potential victims worldwide. [...]


https://www.bleepingcomputer.com/news/se...in-attack/

Welltok data breach exposes data of 8.5 million US patients


Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. [...]


https://www.bleepingcomputer.com/news/se...-patients/

Windows Hello auth bypassed on Microsoft, Dell, Lenovo laptops


Security researchers bypassed Windows Hello fingerprint authentication on Dell Inspiron, Lenovo ThinkPad, and Microsoft Surface Pro X laptops in attacks exploiting security flaws found in the embedded fingerprint sensors. [...]


https://www.bleepingcomputer.com/news/se...o-laptops/