Month: November 2024
The new ‘Helldown’ ransomware operation is believed to target vulnerabilities in Zyxel firewalls to breach corporate networks, allowing them to steal data and encrypt devices. French cybersecurity firm Sekoia is reporting this with medium confidence based on recent observations of Helldown attacks. Although not among the major players in the ransomware space, Helldown has quickly…
Read More
What if the biggest threat to your privacy wasn’t some hacker in a hoodie—but a spy trained to infiltrate your life? Former FBI operative Eric O’Neill, the man who took down spy Robert Hanssen, explains how digital spies target us, offering along the way real-world tips to protect ourselves in a world where everyone’s a…
Read MoreCISA released one Industrial Control Systems (ICS) advisory on November 19, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. Source link lol
Read More
The Ngioweb botnet, which supplies most of the 35,000 bots in the cybercriminal NSOCKS proxy service, is being disrupted as security companies block traffic to and from the two networks. Following an investigation of more than one year, researchers identified the complete architecture and traffic of the Ngioweb botnet proxy server, which was first observed in…
Read More
Windows 365 Link, Security Exposure Management and a new post-CrowdStrike faulty update initiative are among the big announcements. Microsoft’s Windows 365 Link devices. Security Exposure Management becoming generally available. And a new initiative to make improvements following the faulty CrowdStrike update in July. These are among the biggest news in devices and security coming out…
Read More
Microsoft is working on a new Windows “Quick Machine Recovery” feature that will allow IT administrators to use Windows Update “targeted fixes” to remotely fix systems rendered unbootable. This new feature is part of a new Windows Resiliency Initiative launched in response to a widespread July 2024 outage caused by a buggy CrowdStrike Falcon update…
Read More
The U.S. Department of Justice is reportedly seeking a judge to potentially force Google to sell off Google Chrome, the world’s most popular internet browser. In a move that could shake up $88 billion Google and its cloud business, Google Cloud, the U.S. Department of Justice is reportedly seeking to ask a judge to force…
Read More
Volt Typhoon, a state-sponsored actor linked to the People’s Republic of China, has consistently targeted U.S. critical infrastructure with the intent to maintain persistent access. Tenable Research examines the tactics, techniques and procedures of this threat actor. Background The cyberthreat landscape is always evolving, with security teams continuously facing new threats and attacks from a…
Read More
Increased activity from the state-sponsored threat group Volt Typhoon raises concerns about the cybersecurity of U.S. critical infrastructure. Here’s how you can identify potential exposures and attack paths. Recent activity from the state-sponsored group Volt Typhoon, from the People’s Republic of China (PRC), has prompted federal agencies — including the Cybersecurity and Infrastructure Security Agency…
Read More
Microsoft has shared more details about the new Windows 11 administrator protection security feature, which is available in preview and uses Windows Hello authentication prompts to block access to critical system resources. First introduced last month in a preview build for Windows 11 Insiders in the Canary Channel, admin protection is designed to “protect free…
Read More