Security News

June 15, 2022, is the day that Microsoft will stop supporting most versions of Internet Explorer 11, and organizations should have ensured that they ready for its retirement. Starting tomorrow, the company will no longer support the Internet Explorer 11 desktop application on some versions of Windows 10, namely: Windows 10 client SKUs and Windows 10 IoT. When trying to open IE, users of those OSes will be "Redirected" to Microsoft Edge, i.e., the new browser will open after a notification message.

This retirement affects Internet Explorer 11 desktop apps on specific versions of Windows 10 delivered via the Semi-Annual Channel to systems running Windows 10 client SKUs and Windows 10 IoT. Internet Explorer is also not available on Windows 11, where the new Chromium-based Microsoft Edge is the default web browser. Windows releases where Internet Explorer will still be available after June 15, 2022, include Windows 7 ESU, Windows 8.1, and all versions of Windows 10 LTSC client, IoT, and Server.

May 2022 Patch Tuesday provided the final releases for several Windows 10 operating systems and this month we'll see the final update for Internet Explorer 11. June 2022 Patch Tuesday forecast We hope to see a fix for CVE-2022-30190 in this month's operating systems updates.

Over 3.6 million MySQL servers are publicly exposed on the Internet and responding to queries, making them an attractive target to hackers and extortionists. Of these accessible MySQL servers, 2.3 million are connected over IPv4, with 1.3 million devices over IPv6.

More than 380,000 Kubernetes API servers allow some kind of access to the public internet, making the popular open-source container-orchestration engine for managing cloud deployments an easy target and broad attack surface for threat actors, researchers have found. The Shadowserver Foundation discovered the access when it scanned the internet for Kubernetes API servers, of which there are more than 450,000, according to a blog post published this week.

That's according to Arkose Labs, which claimed in its latest State of Fraud and Account Security report that one in four online accounts created in Q1 2022 were fake and used for fraud, scams, and the like. In total, 93 percent of all attacks against Arkose Labs' customers were bot-driven, it's claimed; data scraping increased by 250 percent while four percent of all logins in Q1 were credential-stuffing attempts.

Securing your internet access can mean many things, but we like to think of it as a two-fold approach for both on-device data and network data once your web request has left your device. We'll take a look at how to secure your data on the device and how to protect your data that ISPs might see through iCloud Private Relay and VPNs. How to secure on-device network activity.

Threat analysts have uncovered yet a new campaign that uses the RIG Exploit Kit to deliver the RedLine stealer malware. The threat actors use the exploit to compromise the machine and deploy RedLine, a cheap but powerful info-stealing malware widely circulated on Russian-speaking forums.

Hospitals and Health Care group has disconnected all incoming and outgoing Internet connections after discovering they suffered a cyberattack that resulted in the theft of sensitive administrative and patient data. The cyberattack occurred on April 19th and affected the CHs of Vitry-le-François and Saint-Dizier, causing GHT to disconnect Internet connections to the hospitals to prevent the attack's spread and further data theft.

Today, the U.S. has announced exemptions on previously imposed sanctions on Russia related to telecommunications and internet-based communications, likely to prevent Russians from being isolated from Western news sources. The revised sanctions released today and signed by Deputy Director of the Office of Foreign Assets Control, Bradley Smith, re-opens the possibility for US companies to license, export, sell, or supply services for software, hardware, and IT technology related to communications.