The U.S. Federal Trade Commission (FTC) will order Avast to pay $16.5 million and ban the company from selling the users’ web browsing data or licensing it for advertising purposes. […]
Category Archives: Security
Auto Added by WPeMatico
LockBit ransomware developers were secretly building a new version of their file encrypting malware, dubbed LockBit-NG-Dev – likely a future LockBit 4.0, when law enforcement took down the cybercriminal’s infrastructure earlier this week. […]
22
Feb
Feb
A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign espionage campaigns to the nation’s burgeoning and highly competitive cybersecurity […]
Five vulnerabilities have been discovered in the Joomla content management system that could be leveraged to execute arbitrary code on vulnerable websites. […]
Microsoft has expanded free Purview Audit logging capabilities for all U.S. federal agencies six months after disclosing that Chinese hackers stole U.S. government emails undetected in an Exchange Online breach between May and June 2023. […]
Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban. […]
Two Chinese nationals face 20 years in prison after being caught and convicted of submitting over 5,000 fake iPhones worth more than $3 million to Apple with the goal of having them replaced with genuine devices. […]
21
Feb
Feb
For years, cybersecurity experts have been warning organizations of the importance of identity and access management processes — including password management and protection against compromise of multifactor authentication — to secure IT assets. A new report from IBM, released Wednesday, suggests failure to do that is increasingly costing firms badly. Abusing valid accounts was in […]
A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally on the victim infrastructure. […]
CISA, the FBI, and the Environmental Protection Agency (EPA) shared a list of defense measures U.S. water utilities should implement to better defend their systems against cyberattacks […]