Security News > 2024 > February

In nearly 85% of attacks on critical sectors, compromise could have been mitigated with patching, MFA, or least-privilege principals - indicating that what the security industry historically described as "Basic security" may be harder to achieve than portrayed. Ransomware attacks on enterprises saw a nearly 12% drop last year, as larger organizations opt against paying and decrypting, in favor of rebuilding their infrastructure.

The global government affairs team at X has suspended some accounts and posts in India after receiving executive orders to do so from the country's government, backed by threat of penalties including significant fines and imprisonment. The team revealed its actions on Thursday, writing "In compliance with the orders, we will withhold these accounts and posts in India alone; however, we disagree with these actions and maintain that freedom of expression should extend to these posts." X has appealed the order and notified impacted users.

Details have emerged about a now-patched high-severity security flaw in Apple's Shortcuts app that could permit a shortcut to access sensitive information on the device without users' consent. The...

In 2023, malicious email threats bypassing secure email gateways increased by more than 100%, according to Cofense. "As we unveil the statistics from the 2024 Annual State of Email Security Report, it's evident that the email-based attack vector is evolving at an unprecedented pace going into 2024," said David Van Allen, CEO of Cofense.

There are worrying signs that 2024 will be especially volatile, as ransomware groups expand their list of targets, and explore new pressure tactics in response to increasingly effective international law enforcement efforts and the growing momentum of refuse-to-pay initiatives. Despite BEC incidents outnumbering ransomware incidents by a factor of 10, a ransomware incident is 15 times more likely than a BEC incident to lead to an incident response investigation.

To help SaaS companies attract and retain customers, Gartner identified four top priorities for software buyers in 2024. Software buyers are sensitive to price, and 31% have replaced their software because it costs too much.

The U.S. Federal Trade Commission (FTC) has hit antivirus vendor Avast with a $16.5 million fine over charges that the firm sold users' browsing data to advertisers after claiming its products...

The US regulator filed [PDF] a lengthy complaint against Avast regarding its use and alleged misuse of customer data. According to the FTC's allegations it sold browsing information collected by its parent from 2014 until Avast grounded the biz in 2020 when allegations of customer data sales emerged.

Microsoft has started testing support for Wi-Fi 7 in Windows 11, which offers multi-gigabit speeds and improved throughput, latency, and reliability compared to previous Wi-Fi generations. Wi-Fi 7 support is now being tested in the Windows 11 Insider Preview Build 26063, released today in the Canary Channel.

Prescription orders hit after IT supplier Change Healthcare pulls plug on systems IT provider Change Healthcare has confirmed it shut down some of its systems following a cyberattack, disrupting...