Category: Kamban

Antivirus company Avast have discovered a weakness in the cryptographic scheme of the DoNex ransomware family and released a decryptor so victims can recover their files for free. The company says it has been working with law enforcement to privately provide the decryptor to DoNex ransomware victims since March 2024. Cybersecurity vendors commonly distribute decryptors in…

Microsoft reminded customers today that multiple editions of Windows 11, version 22H2, will reach the end of servicing (EOS) in three months, on October 8, 2024. This applies to Windows 11 22H2 Home, Pro, Pro Education, and Pro for Workstations editions released on September 20, 2022. “The upcoming October 2024 security update, to be released…

Microsoft has finally released a spell check and autocorrect feature in Notepad for all Windows 11 users, forty-one years after the program was introduced in 1983. The new features have been tested by Windows Insiders since March but have started to roll out to all Windows 11 users over the past couple of days. With…

Apple has removed 25 virtual private network (VPN) apps from the Russian App Store at the request of Roskomnadzor, Russia’s telecommunications watchdog. Roskomnadzor confirmed to Interfax that the order targets multiple apps (including NordVPN, Proton VPN, Red Shield VPN, Planet VPN, Hidemy.Name VPN, Le VPN, and PIA VPN) used to gain access to content tagged…

A remote code execution vulnerability in the Ghostscript document conversion toolkit, widely used on Linux systems, is currently being exploited in attacks. Ghostscript comes pre-installed on many Linux distributions and is used by various document conversion software, including ImageMagick, LibreOffice, GIMP, Inkscape, Scribus, and the CUPS printing system. Tracked as CVE-2024-29510, this format string vulnerability…

A new advanced persistent threat (APT) group named CloudSorcerer abuses public cloud services to steal data from Russian government organizations in cyberespionage attacks. Kaspersky security researchers discovered the cyberespionage group in May 2024. They report that CloudSorcerer uses custom malware that uses legitimate cloud services for command and control (C2) operations and data storage. Kaspersky…

Roblox announced late last week that it suffered a data breach impacting attendees of the 2022, 2023, and 2024 Roblox Developer Conference attendees. Roblox is an online gaming and game creation platform popular among younger audiences that design, create, and share games with a large community of over 200 million active users. The company hosts…

https://videos.tenable.com/watch/m8EtzyMKC32EeEbrxMEZyz Source link lol

E-commerce platform Shopify denies it suffered a data breach after a threat actor began selling customer data they claim was stolen from the company’s network. “Shopify systems have not experienced a security incident,” Shopify told BleepingComputer. “The data loss reported was caused by a third-party app. The app developer intends to notify affected customers.” This statement…

Europol is proposing solutions to avoid challenges posed by privacy-enhancing technologies in Home Routing that hinder law enforcement’s ability to intercept communications during criminal investigations. The agency has previously highlighted in its Digital Challenges series that law enforcement problem of end-to-end encryption on communication platforms is a hurdle when it comes to collecting admissible evidence. The case…