Security News > 2024 > February

NordPass offers both Free and Premium versions. Learn about the differences and features of each version to determine which one is right for you.

In the case of Proton VPN, we compare the free version to its premium version known as Proton VPN Plus. For a more in-depth analysis, read our full review of Proton VPN. Visit Proton VPN. Feature comparison: Proton VPN Free vs. Proton VPN Plus Number of servers.

More than 130 petitions seeking access to push notification metadata have been filed in US courts, according to a Washington Post investigation - a finding that underscores the lack of privacy protection available to users of mobile devices. Foreign governments may also demand push notification metadata from Apple, Google, third-party push services, or app developers for their own criminal investigations or political persecutions.

The Golden Corral American restaurant chain disclosed a data breach after attackers behind an August cyberattack stole the personal information of over 180,000 people. "On or about August 15, 2023, Golden Corral experienced a data security incident that caused a temporary disruption to our corporate operations," Golden Corral said.

The Biden Administration has asked a court, rather than Congress, to renew controversial warrantless surveillance powers used by American intelligence and due to expire within weeks. US Senator Ron Wyden railed at the US Department of Justice's decision to seek a year-long extension of Section 702 of the Foreign Intelligence Surveillance Act, which is set to end in mid-April unless Congress reauthorizes it.

A new Linux variant of the Bifrost remote access trojan employs several novel evasion techniques, including the use of a deceptive domain that was made to appear as part of VMware. The analysis of the latest Bitfrost samples by Unit 42 researchers has uncovered several interesting updates that enhance the malware's operational and evasion capabilities.

Brave Software is the next company to jump into AI, announcing a new privacy-preserving AI assistant called "Leo" is rolling out on the Android version of its browser through the latest release, version 1.63. Brave says its AI assistant stands out for its ability to provide high-quality, relevant answers with fewer errors, thanks to leveraging several advanced large-language models like Mixtral 8x7B, Claude Instant, and Llama 2 13B, with Mixtral set as the default for its multilingual capabilities and superior performance.

The U.S. Cybersecurity and Infrastructure Security Agency revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to maintain root persistence even after performing factory resets. The authoring organizations encourage network defenders to assume that user and service account credentials stored within the affected Ivanti VPN appliances are likely compromised, hunt for malicious activity on their networks using the detection methods and indicators of compromise within this advisory, run Ivanti's most recent external ICT, and apply available patching guidance provided by Ivanti as version updates become available.

The U.S. Cybersecurity and Infrastructure Security Agency revealed today that attackers who breached Ivanti appliances using one of multiple actively exploited vulnerabilities can maintain root persistence even after performing factory resets. CISA found that the Ivanti ICT failed to detect compromise while investigating multiple hacking incidents involving hacked Ivanti appliances.

Microsoft has released the optional KB5034843 Preview cumulative update for Windows 10 22H2 with an updated sharing experience and eight other fixes or changes. As with all new Windows 10 updates, this is primarily a maintenance release, with most fixes in this update relating to enterprise services, such as Azure, Remote Desktop, and Windows Hello for Business.