Security News > 2021 > September

The latest version of the long-term support release of Windows Server, Windows Server 2022, is now available. Windows Server 2022 is the new long-term servicing channel release of Windows Server for on-premises data centers and virtual machines.

I was analyzing one of my customer's API traffic the other day and I noticed something odd about the devices that were using the mobile application API. I found standard browsers like Firefox and Chrome hitting API endpoints that should only be touched by their mobile-application communication. On a mobile application, the development staff will create a user agent for their application.

Dell has announced new features for its ProSupport Suite IT software, and new AI-powered Trusted Device security capabilities, both of which should make businesses with large pools of remote workers take notice. "The rapid shift to remote work, increased use of cloud applications and new ways of addressing employee productivity needs have created new threat vectors at the endpoint," Dell said.

Apparent flaw allows hackers to steal money from a locked iPhone, when a Visa card is set up with Apple Pay Express Transit. Express Transit makes Apple Pay and your iPhone work a bit like a regular credit card, which doesn't need unlocking with a PIN code for low-value transactions.

Chinese-speaking cyberspies have targeted Southeast Asian governmental entities and telecommunication companies for more than a year, backdooring systems running the latest Windows 10 versions with a newly discovered rootkit. The hacking group, dubbed GhostEmperor by Kaspersky researchers who spotted it, use the Demodex rootkit, which acts as a backdoor to maintain persistence on compromised servers.

A U.S. hospital paralyzed by ransomware in 2019 will be defending itself in court in November over the death of a newborn, allegedly caused by the cyberattack. Springhill CEO Jeffrey St. Clair told the WSJ that the hospital handled the attack appropriately, staying open as "Our dedicated healthcare workers continued to care for our patients, because the patients needed us; and we, along with the independent treating physicians who exercised their privileges at the hospital, concluded it was safe to do so."

A sophisticated fraud ring, dubbed Proxy Phantom, has pushed the boundaries of credential-stuffing attacks with a dynamic account takeover technique that was flooding eCommerce merchants in the third quarter. What really set the Proxy Phantom attacks apart was the use of dynamically generated IP addresses from which it launched the campaigns.

The NSA and CISA have released a document on how to harden your VPN.

JVCKenwood has suffered a Conti ransomware attack where the threat actors claim to have stolen 1.7 TB of data and are demanding a $7 million ransom. Yesterday, JVCKenwood disclosed that servers belonging to its sales companies in Europe were breached on September 22nd, and the threat actors may have accessed data during the attack.

The British consumer champion has repeatedly argued that people are uncomfortable about the amount of data collected and stored by tech companies from online activity and gadgets in the home. Now it has changed tack and commissioned a 111-page report - Value of the Choice Requirement Remedy - that attempts to estimate the amount of money people in the UK would be prepared to pay Facebook and Google in return for greater control over how their data is collected and used.