Security News > 2024 > May

A forensic analysis of a graph dataset containing transactions on the Bitcoin blockchain has revealed clusters associated with illicit activity and money laundering, including detecting criminal...

Microsoft has confirmed that the April 2024 Windows security updates break VPN connections across client and server platforms. The company explains on the Windows health dashboard that "Windows devices might face VPN connection failures after installing the April 2024 security update or the April 2024 non-security preview update."

Cybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays for its actual command-and-control (C2)...

In this Help Net Security video, Adam LaGreca, Founder of 10KMedia, sat down with John Leon, VP of Partnerships at Apiiro, discusses the company's new technology partner program SHINE. The name stands for the program's guiding principles - Seamless, Holistic, Integrated, Vendor-Neutral, and Enriched - doubling down on the company's goal to integrate across stacks, from security testing tools, CMDBs, WAFs, runtime API security solutions, training, risk management systems, and development tools. Apiiro technology partners can now seamlessly integrate into its Deep ASPM platform and leverage the unique context of Apiiro's Risk Graph.

Qantas Airways confirms that some of its customers were impacted by a misconfiguration in its app that exposed sensitive information and boarding passes to random users. Earlier today, several users of the Qantas app reported on social media that they could view other users' travel details, including personally identifiable information, boarding passes for upcoming flights, and other account information.

Security researchers in Adobe's bug bounty program can now pick up rewards for finding vulnerabilities in Adobe Firefly and Content Credentials. Members of Adobe's public bug bounty program will be eligible to work with Adobe Firefly and Content Credentials in the second half of 2024, and applications for the private program are open.

A new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office routers to monitor data that passes through them and steal authentication information. Lumen Technologies' Black Lotus Labs examined the new malware and reports that Cuttlefish creates a proxy or VPN tunnel on the compromised router to exfiltrate data discreetly while bypassing security measures that detect unusual sign-ins.

Scammers tricked a company into believing they were dealing with a BBC presenter. They faked her voice, and accepted money intended for her.

There’s a natural human desire to avoid threatening scenarios. The irony, of course, is if you hope to attain any semblance of security, you’ve got to remain prepared to confront those very same...

VPNs are legal to use in most countries, including the United States, United Kingdom, Canada, some European Union countries, Australia and Japan. So while VPNs provide privacy and security, they don't exempt users from legal responsibilities.