Security News > 2024 > April

The Federal Communications Commission today voted to restore a national standard to ensure the internet is fast, open, and fair. Today's decision to reclassify broadband service as a Title II telecommunications service allows the FCC to protect consumers, defend national security, and advance public safety.

Reddit is investigating a major outage blocking users worldwide from accessing the social network's websites and mobile apps. Mobile users also report seeing an "Error: Choose failed Missing field 'user id'" error or an outage icon with the Reddit alien logo on the mobile app.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT. The malware could, "aside from...

Over 1,400 CrushFTP servers exposed online were found vulnerable to attacks currently targeting a critical severity server-side template injection vulnerability previously exploited as a zero-day. Shodan also currently tracks 5,232 Internet-exposed CrushFTP servers, although it doesn't provide any information on how many of them might be vulnerable to attacks.

Hackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term access. Currently installed on more than 30,000 websites, WP Automatic lets administrators automate content importing from various online sources and publishing on their WordPress site.

Only 17% of respondents to the ISC2 Cybersecurity Workforce Study were women, showing a continued struggle for workplaces to recruit and retain women in this industry. Notably, women reported more women on their teams: 30% of women said there were other women on their teams, as opposed to 22% of men.

It may come as a surprise to absolutely nobody that experts say, in revealing the most prevalent and likely tactics to meddle with elections this year, that state-sponsored cybercriminals pose the biggest threat. As leaders of major international powers, both of these elections are likely to be targeted by foreign adversaries, and according to security giant Mandiant's latest report on election security trends, defenders should be aware of the four Ds. DDoS attacks, data theft and leaks, disinformation, and deepfakes lead the way as the most likely types of attacks to be trialed during this year's elections, researchers say, all of which have the potential to impact voter outcomes.

Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple...

Large language models, or LLMs, are trained on massive troves of material-nearly the entire internet in some cases. These LLMs have begun to disrupt the traditional relationship between writer and reader.