Security News > 2024 > May

Exclusive Kyndryl, the IT services firm spun out of IBM, has been accused by multiple employees within its CISO Defense security group of discrimination on the basis of age, race, and disability, in both internal complaints and formal charges filed with the US Equal Employment Opportunity Commission. In an email exchange earlier this month, a Kyndryl security analyst, who having returned from short-term disability in December, felt he was being treated differently, and asked a manager whether he was facing retaliation for taking that time off.

A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the latest episode of a supply-chain attack. The software, known as the JAVS Viewer 8, is a component of the JAVS Suite 8, an application package courtrooms use to record, play back, and manage audio and video from proceedings.

The NVD started slowing down its CVE enrichment efforts earlier this year, and NIST confirmed that they are working on a multi-pronged solution that will include improved tools and methods, as well as establishing a consortium that will help addressed various challenges. Tanya Brewer, program manager at the NVD, said in April that the NVD program is considering many changes to improve software identification, automate CVE analysis activities, make NVD data more easy to "Consume" and customize, develop capabilities to publish additional kinds of data, and more.

Europol on Thursday said it shut down the infrastructure associated with several malware loader operations such as IcedID, SystemBC, PikaBot, SmokeLoader, Bumblebee, and TrickBot as part of a...

Of course, VPNs also impact your IP address to provide extra security for your online connections. VPNs add a layer of security to your online presence by routing your encrypted internet data to a VPN server that disguises your IP address.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

A macOS version of the LightSpy surveillance framework has been discovered, confirming the extensive reach of a tool only previously known for targeting Android and iOS devices. LightSpy is a modular iOS and Android surveillance framework used to steal a wide variety of data from people's mobile devices, including files, screenshots, location data, voice recordings during WeChat calls, and payment information from WeChat Pay, and data exfiltration from Telegram and QQ Messenger.

The U.S. Department of Justice (DoJ) on Wednesday said it dismantled what it described as "likely the world's largest botnet ever," which consisted of an army of 19 million infected devices that...

An international law enforcement operation codenamed 'Operation Endgame' has seized over 100 servers worldwide used by multiple major malware loader operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC. The action, which occurred between May 27 and 29, 2024, involved 16 location searches across Europe and led to the arrest of four individuals, one in Armenia and three in Ukraine. The police have identified eight fugitives linked to the malware operations, who will be added to Europol's 'Most Wanted' list later today.

An international law enforcement operation codenamed 'Operation Endgame' has seized over 100 servers worldwide used by multiple major malware loader operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC. The action, which occurred between May 27 and 29, 2024, involved 16 location searches across Europe and led to the arrest of four individuals, one in Armenia and three in Ukraine. The police have identified eight fugitives linked to the malware operations, who will be added to Europol's 'Most Wanted' list later today.