Security News > 2023 > October
Ace Hardware appears to have been the latest organization to succumb to a cyberattack, judging by its website and a message from CEO John Venhuizen. In a note sent to Ace retailers this week, Venhuizen said: "On Sunday morning, we detected a cybersecurity incident that is impacting the majority of our IT systems. As a result of this incident, many of our key operating systems, including ACENET, our Warehouse Management Systems, the Ace Retailer Mobile Assistant, Hot Sheets, Invoices, Ace Rewards and the Care Center's phone system, have been interrupted or suspended."
Windows 11 23H2 started rolling out in September to Insiders enrolled in the Release Preview Channel for enterprise testing, and it has the same servicing branch and code base as Windows 11 22H2. "As Windows 11, version 23H2 shares the same code base and servicing branch as Windows 11, version 22H2, we will deliver this feature update using servicing technology, providing a fast installation experience," said John Cable, Microsoft VP for Windows Servicing and Delivery.Windows 11 23H2 was expected to ship with numerous new features, but Microsoft decided to instead release them as part of the Windows 11 22H2 'Moment 4' update.
"Ransomware is an issue that knows no borders. And as long as there's money flowing to ransomware criminals the problem will continue to grow," Neuberger told reporters on Monday. Data from NCC Group revealed a total of 514 ransomware attacks in September, surpassing March 2023's record of 459 incidents after a wave of Clop's Fortra GoAnywhere data theft attacks.
Samsung has unveiled a new security feature called 'Auto Blocker' as part of the One UI 6 update, offering enhanced malware protection on Galaxy devices. Auto Blocker is an opt-in security feature that prevents the side-loading of risky apps downloaded from outside the Galaxy Store and Google Play.
The FTC ultimately reduced this to 500, but said it would likely only lead to the additional reporting of a small number of incidents a year - around 5 percent more that would, by the FTC's estimates, affect 155 extra organizations. The 500-consumer cutoff broadly aligns with state laws around data breach reporting in the US. California, for example, requires similar disclosures to be made in the event that 500 state residents are affected by a breach, whereas the cutoff is set at 1,000 individuals in Alabama.
A threat actor that security researchers call Prolific Puma has been providing link shortening services to cybercriminals for at least four years while keeping a sufficiently low profile to...
Canada has banned the use of Kaspersky security products and Tencent's WeChat app on mobile devices used by government employees, citing network and national security concerns."The Chief Information Officer of Canada determined that WeChat and Kaspersky suite of applications present an unacceptable level of risk to privacy and security."
A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild integration to execute code and install malware stealthily. The latest NuGet campaign was spotted by ReversingLabs on October 15, 2023, utilizing different typosquatting packages to install malware.
Internet, phone lines, websites, and more went down on Saturday morning The British Library has confirmed to The Register that a "cyber incident" is the cause of a "major" multi-day IT outage.…
The threat actor known as Arid Viper (aka APT-C-23, Desert Falcon, or TAG-63) has been attributed as behind an Android spyware campaign targeting Arabic-speaking users with a counterfeit dating...