Tech News
General news about the tech industry, trends, and major events.
Windows 11 24H2 preview brings new taskbar features
Windows 11 taskbar is testing a new feature that helps you understand the current power state of your laptop’s battery, including showing the battery percentage directly on the taskbar. Microsoft is testing the feature in Windows 11 24H2 Build 26120.3000, which is rolling out in the Dev Channel. As shown in the screenshot above, the battery icon […]
Hackers steal $85 million worth of cryptocurrency from Phemex
The Phemex crypto exchange suffered a massive security breach on Thursday where threat actors stole over $85 million worth of cryptocurrency. Following the Thursday cyberattack, the cryptocurrency exchange immediately suspended deposits and withdrawals and published proof of reserves for transparency. According to Phemex’s CEO, Federico Variola, the incident only impacted hot wallets while cold wallets […]
Microsoft Teams phishing attack alerts coming to everyone next month
Microsoft reminded Microsoft 365 admins that its new brand impersonation protection feature for Teams Chat will be available for all customers by mid-February 2025. Once enabled, it will display alerts when detecting phishing attacks targeting organizations that have enabled external Teams access (which allows threat actors to message any user from external domains). The company […]
Clone2Leak attacks exploit Git flaws to steal credentials
A set of three distinct but related attacks, dubbed ‘Clone2Leak,’ can leak credentials by exploiting how Git and its credential helpers handle authentication requests. The attack can compromise passwords and access tokens in GitHub Desktop, Git LFS, GitHub CLI/Codespaces, and the Git Credential Manager. The flaws that make ‘Clone2Leak’ possible were discovered by Japanese researcher RyotaK […]
UnitedHealth now says 190 million impacted by 2024 data breach
UnitedHealth has revealed that 190 million Americans had their personal and healthcare data stolen in the Change Healthcare ransomware attack, nearly doubling the previously disclosed figure. In October, UnitedHealth reported to the US Department of Health and Human Services Office for Civil Rights that the attack affected 100 million people. However, as first reported by TechCrunch, UnitedHealth […]
Ransomware gang uses SSH tunnels for stealthy VMware ESXi access
Ransomware actors targeting ESXi bare metal hypervisors are leveraging SSH tunneling to persist on the system while remaining undetected. VMware ESXi appliances have a critical role in virtualized environments as they can run on a single physical server multiple virtual machines of an organization. They are largely unmonitored and have been a target for hackers looking to […]
TalkTalk investigates breach after data for sale on hacking forum
UK telecommunications company TalkTalk is investigating a third-party supplier data breach after a threat actor began selling alleged customer data on a hacking forum. “As part of our regular security monitoring, given our ongoing focus on protecting customers’ personal data, we were made aware of unexpected access to, and misuse of, one of our third-party […]
PayPal to pay $2 million settlement over 2022 data breach
New York State has announced a $2,000,000 settlement with PayPal over charges it failed to comply with the state’s cybersecurity regulations, leading to a 2022 data breach. The Department of Financial Services (DFS) action says that threat actors took advantage of security gaps in PayPal’s systems to conduct credential stuffing attacks that provided access to sensitive […]
Zyxel warns of bad signature update causing firewall boot loops
Zyxel is warning that a bad security signature update is causing critical errors for USG FLEX or ATP Series firewalls, including putting the device into a boot loop. “We’ve found an issue affecting a few devices that may cause reboot loops, ZySH daemon failures, or login access problems,” warns a new Zyxel advisory. “The system LED may also […]
Microsoft to deprecate WSUS driver synchronization in 90 days
Microsoft has reminded Windows administrators that driver synchronization in Windows Server Update Services (WSUS) will be deprecated on April 18, 90 days from now. The company first announced the deprecation in June 2024, when it also encouraged customers to adopt its newer cloud-based driver services. “If you’re using driver synchronization updates via Windows Server Update Services […]