Security News
Microsoft is introducing a new Exchange Online security feature that will automatically start throttling and eventually block all emails sent from "Persistently vulnerable Exchange servers" 90 days after the admins are pinged to secure them.It will also be able to throttle and eventually block emails from Exchange servers that haven't been remediated before reaching Exchange Online mailboxes.
Twitter has taken down internal source code for its platform and tools that was leaked on GitHub for months.On Friday, GitHub complied with a DMCA infringement notice issued by Twitter because the leak exposed proprietary source code and internal tools, which could pose a security risk to Twitter.
Tracking pixels like the Meta and TikTok pixels are popular tools for online businesses to monitor their website visitors' behaviors and preferences, but they do come with risks. While pixel technology has been around for years, privacy regulations such as CCPA and GDPR have created new, much stricter rules, making the practice of data harvesting through a tracking pixel highly controversial.
India's government has started to consult some proposed details of its long-awaited Digital India Act, including a declaration that the bill needed a dedicated adjudicatory tool for offenses committed online. According to the Ministry of Electronics & IT, minister of state Rajeev Chandrasekhar said the bill's guiding principles include "Managing the complexities of internet and rapid expansion of the types of intermediaries addressing the risks of emerging technologies, protecting citizen rights, managing and setting guardrails for the varied intermediaries on the internet."
The CISO of Acronis has downplayed what appeared to be an intrusion into its systems, insisting only one customer was affected, using stolen credentials, and that all other data remains safe. Acronis security boss Kevin Reed took to LinkedIn to dispute details of the boasted intrusion.
The CISO of Swiss cybersecurity firm Acronis has acknowledged a breach of the company's systems but stated the incident only impacted a single customer and that all other data remains safe. A Thursday post [PDF] to the notorious Breached Forums leak-mart brought news of the breach.
Boeing said on Tuesday its anti-jam ground-based satellite communications system had passed the necessary tests to validate it for use in the U.S. Space Force's Pathfinder program. The tests proved PTW was resistant to jamming but also validated hardware and software integration between PTES and the Department of Defense's satellite communications architecture.
Microsoft is investigating an ongoing outage blocking Exchange Online customers worldwide from accessing their mailboxes or sending/receiving emails. Affected users see "550 5.4.1 Recipient address rejected: Access denied" errors when trying to send or when receiving messages, starting today at 1:11 PM UTC. "We're investigating an issue wherein users may be unable to access their Exchange Online mailboxes via any connection method. Additional details can be found within the Service Health Dashboard under EX522020," Microsoft tweeted earlier today.
Burton Snowboards, a leading snowboard manufacturing company, has canceled all online orders today following what it describes as a "Cyber incident." "We are currently experiencing a system outage due to a recent cyber incident and are unable to process online orders at this time," the snowboarding brand says in a prominent alert on its website.
Many online stores are exposing private backups in public folders, including internal account passwords, which can be leveraged to take over the e-commerce sites and extort owners. According to a study by website security company Sansec, roughly 12% of online stores forget their backups in public folders due to human error or negligence.