Security News > 2024 > February

A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package,...

The grand finale of the week of LockBit leaks was slated to expose the real identity of LockBitSupp - the alias of the gang's public spokesperson - but the reveal has fallen short of expectations. Members of the global infosec community were gearing up for a mammoth revelation today following a week of incredible insights into the LockBit operation, but were left underwhelmed by authorities who in the end revealed very little.

Bob February 23, 2024 11:47 AM. I actually gave a presentation recently where I pointed out that it is inevitable that AI will be used to carry out attacks that change by the nanosecond, and that's going to be happening sooner than later. We currently find ourselves in the early stages of a brand new arms race.

U-Haul has started informing customers that a hacker used stolen account credentials to access an internal system for dealers and team members to track customer reservations. The breach exposed customer records that include personal information but payment details have not been impacted.

Identity and Access Management is all about establishing the identity of a user and verifying that the user has the right to access certain applications and types of information. According to Gartner's definition, "Identity and Access Management is a security and business discipline that includes multiple technologies and business processes to help the right people or machines to access the right assets at the right time for the right reasons, while keeping unauthorized access and fraud at bay."

Webinar Dealing with the double trouble of relentless cyber threats and regular technology refresh cycles can stretch already overworked security practitioners. Multi cloud might bring flexibility, but it can also increase the risk of misconfiguration and malicious attacks for example.

Microsoft's Windows Photos app now has its own generative erase tool that enables users to replace unwanted objects with AI-generated content. This feature is rolling out to Windows Insiders in all channels today, including systems running Windows 10 in the Release Preview Channel.

Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI)...

The Federal Trade Commission will require software provider Avast to pay $16.5 million and prohibit the company from selling or licensing any web browsing data for advertising purposes to settle charges that the company and its subsidiaries sold such information to third parties after promising that its products would protect consumers from online tracking. From 2014 to 2020, Jumpshot sold browsing information that Avast had collected from consumers to a variety of clients including advertising, marketing and data analytics companies and data brokers, according to the complaint.

US healthcare giant UnitedHealth Group announced that its subsidiary Optum suffered a cyberattack by "Nation-state" hackers on the Change Healthcare platform, forcing the company to shut down IT systems and various services.Its subsidiary, Optum Solutions, operates the Change Healthcare platform, which is the largest payment exchange platform between doctors, pharmacies, healthcare providers, and patients in the US healthcare system.