Security News > 2024 > May

They're emotional support squid because they're large, and cuddly, but also cheerfully bright and derpy. They make great neck pillows for travelling, and, on a more personal note, when my mum was sick in the hospital I gave her one and she said it brought her "Great comfort" to have her squid tucked up beside her and not be a nuisance while she was sleeping.

Starting in July, Microsoft will begin gradually enforcing multi-factor authentication for all users signing into Azure to administer resources. "Service principals, managed identities, workload identities, and similar token-based accounts used for automation are excluded. Microsoft is still gathering customer input for certain scenarios such as break-glass accounts and other special recovery processes," explained Azure product manager Naj Shahid.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

The cryptojacking group known as Kinsing has demonstrated its ability to continuously evolve and adapt, proving to be a persistent threat by swiftly integrating newly disclosed vulnerabilities to...

The Securities and Exchange Commission has adopted amendments to Regulation S-P that require certain financial institutions to disclose data breach incidents to impacted individuals within 30 days of discovery. Notify affected individuals within 30 days if their sensitive information is, or is likely to be, accessed or used without authorization, detailing the incident, breached data, and protective measures taken.

The U.S. Department of Justice charged two suspects for allegedly leading a crime ring that laundered at least $73 million from cryptocurrency investment scams, also known as "Pig butchering." In pig butchering scams, criminals approach targets using various messaging apps, dating platforms, or social media platforms to build trust and introduce them to investment schemes that help them drain the victims' cryptocurrency wallets.

The WebTPA Employer Services data breach disclosed earlier this month is impacting close to 2.5 million individuals, the U.S. Department of Health and Human Services notes. A recent update on the U.S. Department of Health and Human Services data breach portal shows that the number of affected individuals is 2,429,175.

A joint cybersecurity advisory from the Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, Department of Health and Human services and Multi-State Information Sharing and Analysis Center was recently released to provide more information about the Black Basta ransomware. According to cybersecurity company SentinelOne, Black Basta is highly likely tied to FIN7, a threat actor also known as "Carbanak," active since 2012 and affiliated with several ransomware operations.

Interview On Wednesday the FBI and international cops celebrated yet another cybercrime takedown - of ransomware brokerage site BreachForums - just a week after doxing and imposing sanctions on the LockBit ransomware crew's kingpin, and two months after compromising the gang's website. While the BreachForums shutdown didn't have quite the swagger of the LockBit seizure in February, it did brag the stolen data marketplace "Is under control of the FBI" and include profile pics of website admins Baphomet and ShinyHunters.

The US Justice Department had unsealed charges against a US woman and an Ukranian man who, along with three unidentified foreign nationals, have allegedly helped North Korean IT workers work remotely for US companies under assumed US identities and thus evade sanctions. According to the court documents, the conspirators defrauded over 300 US companies by using US payment platforms and online job site accounts, proxy computers located in the United States, and witting and unwitting US persons and entities.