Security News

Both bills have provisions that could be used to break end-to-end encryption. 3(c)(7)(A)(iii) would allow a company to deny access to apps installed by users, where those app makers "Have been identified as national security, intelligence, or law enforcement risks." That language is far too broad. It would allow Apple to deny access to an encryption service provider that provides encrypted cloud backups to the cloud.

Microsoft confirmed today that a future Windows update will permanently disable the Internet Explorer web browser on users' systems."Users will still see the Internet Explorer icon on their devices but if they click to open Internet Explorer, Microsoft Edge will open instead with easy access to IE mode," said the General Manager for Microsoft Edge Enterprise Sean Lyndersay today.

The Alphv ransomware group is trying out a new tactic to push companies to pay for their post-breach silence: a clearnet website with sensitive data about the employees and customers stolen from a victim organization. Like some other ransomware gangs before them, they will also probably use the compromised information to directly contact the affected individuals and notify them about their personal, financial and medical information being available online to anyone who knows how to search for it.

June 15, 2022, is the day that Microsoft will stop supporting most versions of Internet Explorer 11, and organizations should have ensured that they ready for its retirement. Starting tomorrow, the company will no longer support the Internet Explorer 11 desktop application on some versions of Windows 10, namely: Windows 10 client SKUs and Windows 10 IoT. When trying to open IE, users of those OSes will be "Redirected" to Microsoft Edge, i.e., the new browser will open after a notification message.

This retirement affects Internet Explorer 11 desktop apps on specific versions of Windows 10 delivered via the Semi-Annual Channel to systems running Windows 10 client SKUs and Windows 10 IoT. Internet Explorer is also not available on Windows 11, where the new Chromium-based Microsoft Edge is the default web browser. Windows releases where Internet Explorer will still be available after June 15, 2022, include Windows 7 ESU, Windows 8.1, and all versions of Windows 10 LTSC client, IoT, and Server.

May 2022 Patch Tuesday provided the final releases for several Windows 10 operating systems and this month we'll see the final update for Internet Explorer 11. June 2022 Patch Tuesday forecast We hope to see a fix for CVE-2022-30190 in this month's operating systems updates.

Over 3.6 million MySQL servers are publicly exposed on the Internet and responding to queries, making them an attractive target to hackers and extortionists. Of these accessible MySQL servers, 2.3 million are connected over IPv4, with 1.3 million devices over IPv6.

More than 380,000 Kubernetes API servers allow some kind of access to the public internet, making the popular open-source container-orchestration engine for managing cloud deployments an easy target and broad attack surface for threat actors, researchers have found. The Shadowserver Foundation discovered the access when it scanned the internet for Kubernetes API servers, of which there are more than 450,000, according to a blog post published this week.

That's according to Arkose Labs, which claimed in its latest State of Fraud and Account Security report that one in four online accounts created in Q1 2022 were fake and used for fraud, scams, and the like. In total, 93 percent of all attacks against Arkose Labs' customers were bot-driven, it's claimed; data scraping increased by 250 percent while four percent of all logins in Q1 were credential-stuffing attempts.

Securing your internet access can mean many things, but we like to think of it as a two-fold approach for both on-device data and network data once your web request has left your device. We'll take a look at how to secure your data on the device and how to protect your data that ISPs might see through iCloud Private Relay and VPNs. How to secure on-device network activity.