Security News > 2023 > October

Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for sale on BreachForums earlier this month. The attacker claims to have stolen source code for D-Link's D-View network management software, along with millions of entries containing personal information of customers and employees, including details on the company's CEO. The stolen data allegedly includes names, emails, addresses, phone numbers, account registration dates, and the users' last sign-in dates.

Every operating system should be appropriately secured, especially end-user workstations, which often contain or permit access to company data and upon which most employee job duties are based. Here is a checklist from TechRepublic Premium for getting the maximum security protection out of your Windows 10 deployments.

The Android 'SpyNote' malware was observed in attacks targeting Italy using a fake 'IT-alert' public alert service that infected visitors with the information-stealing malware. The APK file installs SpyNote malware on the device, granting it permission to use Accessibility services, which enable the attackers to perform a wide range of dangerous and invasive actions on the compromised device.

Sonatype's 9th annual State of the Software Supply Chain also covers regulations and how AI could help developers protect organizations from security risks. Attacks on software supply chains increased dramatically in 2023, with an increase of 200% compared to 2022, according to Sonatype's new report.

As Australian organisations and government departments continue to struggle with IT resourcing, a new wave of collaboration potentially represents the solution. Collaboration allows departments to address challenges together.

In what's the latest evolution of threat actors abusing legitimate infrastructure for nefarious ends, new findings show that nation-state hacking groups have entered the fray in leveraging the...

Two critical security flaws discovered in the open-source CasaOS personal cloud software could be successfully exploited by attackers to achieve arbitrary code execution and take over susceptible...

Microsoft has fixed a known issue affecting Outlook for Microsoft 365 users since June and causing slow starts and freezes as if Offline Outlook Data Files were syncing right after launch. Error messages appeared, stating, "Cannot start Microsoft Outlook. Cannot open the Outlook window. The set of folders cannot be opened. The attempt to log on to Microsoft Exchange has failed."

We'll explore why password reuse is such a huge problem and discuss the best way to mitigate the risks associated with compromised passwords. The Password Reuse Problem and How to Mitigate It. The problem of reusing passwords is massive and one of the biggest ways cybercriminals can hack into multiple accounts associated with a single user.

Video game publisher/digital distribution company Valve is forcing developers who publish games on its Steam platform to "Validate" new builds with a confirmation code received via SMS. The Steam SMS confirmation requirement. Valve sent out notices last month to select users to inform them that they may have been infected with malware after playing a specific game via Steam.