Discord Adopts Temporary CDN Links To Prevent Malware

After inadvertently becoming the vector to spread malware several times, Discord has devised a strategy…

Discord Adopts Temporary CDN Links To Prevent Malware on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses.

Cybercrime service bypasses Android security to install malware


A new dropper-as-a-service (DaaS) named 'SecuriDropper' has emerged, using a method that bypasses Android 13's 'Restricted Settings' to install malware on devices and grant them access to the Accessibility Services. [...]


https://www.bleepingcomputer.com/news/se...l-malware/

QNAP warns of critical command injection flaws in QTS OS, apps


QNAP Systems published security advisories for two critical command injection vulnerabilities that impact multiple versions of the QTS operating system and applications on its network-attached storage (NAS) devices. [...]


https://www.bleepingcomputer.com/news/se...s-os-apps/

TellYouThePass ransomware joins Apache ActiveMQ RCE attacks


Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution (RCE) vulnerability previously exploited as a zero-day. [...]


https://www.bleepingcomputer.com/news/se...e-attacks/

US sanctions Russian who laundered money for Ryuk ransomware affiliate


The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned Russian national Ekaterina Zhdanova for laundering millions in cryptocurrency for various individuals, including ransomware actors. [...]


https://www.bleepingcomputer.com/news/se...affiliate/

Critical Atlassian Confluence bug exploited in Cerber ransomware attacks


Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber ransomware. [...]


https://www.bleepingcomputer.com/news/se...e-attacks/

Microsoft will roll out MFA-enforcing policies for admin portal access


Microsoft will roll out Conditional Access policies requiring multifactor authentication from administrators when signing into Microsoft admin portals such as Microsoft Entra, Microsoft 365, Exchange, and Azure. [...]


https://www.bleepingcomputer.com/news/mi...al-access/

Hackers exploit Looney Tunables Linux bug, steal cloud creds


The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. [...]


https://www.bleepingcomputer.com/news/se...oud-creds/

Veeam warns of critical bugs in Veeam ONE monitoring platform

Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical. [...]


https://www.bleepingcomputer.com/news/se...-platform/

Board of GM's Cruise hires law firm to review regulatory responses

<p>Cruise's board has hired law firm Quinn Emanuel to review Cruise management's responses to regulators investigating the Oct. 2 accident, and technology consultancy Exponent to review Cruise's technology.</p>

https://www.autonews.com/mobility-report...-responses