Security News > 2023 > February

Our systems have detected unusual traffic from your computer network. This page appears when Google automatically detects requests coming from your computer network which appear to be in violation of the Terms of Service.

The U.S. Cybersecurity and Infrastructure Security Agency is urging organizations and individuals to increase their cyber vigilance, as Russia's military invasion of Ukraine officially enters one year. "CISA assesses that the United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord on February 24, 2023, the anniversary of Russia's 2022 invasion of Ukraine," the agency said.

Last year, Microsoft announced automatic attack disruption capabilities in Microsoft 365 Defender, its enterprise defense suite. On Wednesday, it announced that these capabilities will now help organizations disrupt two common attack scenarios: BEC and human-operated ransomware attacks.

Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectable backdoor into a classifier.

The next major version of the privacy-focused Brave browser will start blocking annoyances like "Open in app" prompts and will feature better protections against pool-party attacks. Brave will now block this annoyance starting version 1.49 for Windows and Android, allowing users to browse the web without unexpected interruptions.

An investigation into data safety labels for Android apps available on the Google Play Store has uncovered "Serious loopholes" that allow apps to provide misleading or outright false information. The study, conducted by the Mozilla Foundation as part of its *Privacy Not Included initiative, compared the privacy policies and labels of the 20 most popular paid apps and the 20 most popular free apps on the app marketplace.

The Amsterdam cybercrime police team has arrested three men for ransomware activity that generated €2.5 million from extorting small and large organizations in multiple countries. The extortion involved threats of leaking the data or destroying the company's digital infrastructure.

The European Commission on Thursday banned the use of the TikTok short video app on corporate devices and on the personal devices of employees enrolled in the commission's mobile device management service. The commission's statement cites the need to protect staff from a rising number of cyber threats but fails to explain while TikTok was singled out.

The automatic attack disruption functionality aimed at corporate security operation centers uses millions of data points and signals to identify active malware campaigns - including ransomware - and take steps to automatically isolate the device under attack from the network and to suspended accounts compromised by the attackers. The software and cloud services giant has now expanded the public preview of the automatic attack disruption capability to cover business email compromise and human-operated ransomware attacks.

Although ransomware's share of incidents declined only slightly from 2021 to 2022, defenders were more successful detecting and preventing ransomware, according to IBM. Despite this, attackers continued to innovate with the report showing the average time to complete a ransomware attack dropped from 2 months down to less than 4 days. "The shift towards detection and response has allowed defenders to disrupt adversaries earlier in the attack chain - tempering ransomware's progression in the short term," said Charles Henderson, Head of IBM Security X-Force.