Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
Microsoft Defender adds detection of unsecure Wi-Fi networks
Microsoft Defender now automatically detects and notifies users with a Microsoft 365 Personal or Family subscription when they’re connected to unsecured Wi-Fi networks. The Defender privacy protection feature (also known as Defender VPN) protects your privacy and security when connected to public Wi-Fi or an untrusted network, where your data and identity could be exposed […]
JPCERT shares Windows Event Log tips to detect ransomware attacks
Japan’s Computer Emergency Response Center (JPCERT/CC) has shared tips on detecting different ransomware gang’s attacks based on entries in Windows Event Logs, providing timely detection of ongoing attacks before they spread too far into a network. JPCERT/CC says the technique can be valuable when responding to ransomware attacks, and identifying the attack vector among various […]
Media giant AFP hit by cyberattack impacting news delivery services
Global news agency AFP (Agence France-Presse) is warning that it suffered a cyberattack on Friday, which impacted IT systems and content delivery services for its partners. The news organization says the attack does not impact news coverage worldwide but has impacted some client services. AFP’s IT staff is working with France’s cybersecurity agency (ANSSI) to […]
Windows 11 KB5043145 update is causing crashes with a blue or green screen
Microsoft has confirmed that Windows 11 KB5043145 update is causing PCs to crash. The issue seems quite similar to a problem that affected users who had installed the July 2024 Security Updates. For those unaware, Microsoft released the KB5043145 update last week, as an optional update. Well, it’s technically a preview update. Anyway, it shipped with a bunch […]
Critical flaw in NVIDIA Container Toolkit allows full host takeover
A critical vulnerability in NVIDIA Container Toolkit impacts all AI applications in a cloud or on-premise environment that rely on it to access GPU resources. The security issue is tracked as CVE-2024-0132 and allows an adversary to perform container escape attacks and gain full access to the host system, where they could execute commands or exfiltrate sensitive information. […]
CISA: Hackers target industrial systems using “unsophisticated methods”
CISA warned today of threat actors trying to breach critical infrastructure networks by targeting Internet-exposed industrial devices using “unsophisticated” methods like brute force attacks and default credentials. According to the cybersecurity agency, these ongoing attacks targeting critical infrastructure OT and ICS devices are also impacting water and wastewater systems. OT devices integrate hardware and software and […]
Ireland fines Meta €91 million for storing passwords in plaintext
The Data Protection Commission (DPC) in Ireland has fined Meta Platforms Ireland Limited (MPIL) €91 million ($100 million) for storing in plaintext passwords of hundreds of millions of users. The incident occurred in 2019. At the time, Meta disclosed it publicly and notified DPC, which initiated an investigation into the tech giant’s practices for storing […]
Embargo ransomware escalates attacks to cloud environments
Microsoft warns that ransomware threat actor Storm-0501 has recently switched tactics and now targets hybrid cloud environments, expanding its strategy to compromise all victim assets. The threat actor first emerged in 2021 as a ransomware affiliate for the Sabbath ransomware operation. Later they started to deploy file-encrypting malware from Hive, BlackCat, LockBit, and Hunters International gangs. […]
Progress urges admins to patch critical WhatsUp Gold bugs ASAP
Progress Software warned customers to patch multiple critical and high-severity vulnerabilities in its WhatsUp Gold network monitoring tool as soon as possible. However, even though it released WhatsUp Gold 24.0.1, which addressed the issues last Friday and published an advisory on Tuesday, the company has yet to provide any details regarding these flaws. “The WhatsUp Gold team […]
Iranian hackers charged for ‘hack-and-leak’ plot to influence election
The U.S. Department of Justice unsealed an indictment charging three Iranian hackers with a “hack-and-leak” campaign that aimed to influence the 2024 U.S. presidential election. Iranian nationals Masoud Jalili, Seyyed Ali Aghamiri, and Yaser Balaghi worked for Iran’s Islamic Revolutionary Guard Corps (IRGC) to hack the accounts of current and former U.S. officials, individuals linked […]