Security News

Russian retail chain 'DNS' disclosed yesterday that they suffered a data breach that exposed the personal information of customers and employees. While the firm has not provided details on what information was compromised, it clarified that the hackers didn't steal user passwords and payment card data, as that data isn't stored on their systems.

Microsoft next month will start phasing out Client Access Rules in Exchange Online - and will do away with this means for controlling access altogether within a year. CARs are being replaced with Continuous Access Evaluation for Azure Active Directory, which can apparently in "Near-real time" pick up changes to access controls, user accounts, and the network environment and enforce the latest rules and policies as needed, according to a notice this week from Microsoft's Exchange Team.

The Brute Ratel post-exploitation toolkit has been cracked and is now being shared for free across Russian-speaking and English-speaking hacking communities. Things are about to change, as cyber threat intelligence researcher Will Thomas has reported that a cracked copy of Brute Ratel is now circulating widely among threat actors in online hacking forums.

Microsoft announced today that it will retire Client Access Rules in Exchange Online within a year, by September 2023. CARs are sets of conditions, exceptions, actions, and priority values that allow Microsoft 365 admins to filter client access to Exchange Online based on many factors.

The LockBit ransomware operation has suffered a breach, with an allegedly disgruntled developer leaking the builder for the gang's newest encryptor. After security researcher 3xp0rt shared the tweet about the leaked LockBit 3.0 builder, VX-Underground shared that they were contacted on September 10th by a user named 'protonleaks,' who also shared a copy of the builder.

Become an ethical hacker online We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. Whether you're running a business worried about cybercrime or looking to earn some more money, becoming an ethical hacker can be a big boost.

Apple strengthens security and privacy in iOS 16Apple announced additional security and privacy updates for its newest mobile operating system. Government guide for supply chain security: The good, the bad and the uglyJust as developers and security teams were getting ready to take a breather and fire up the BBQ for the holiday weekend, the U.S.'s most prestigious security agencies dropped a 60+ page recommended practice guide, Securing the Software Supply Chain for Developers.

Below you can find a list of free online cybersecurity courses that can help further your career. The course begins with a detailed discussion of how two parties who have a shared secret key can communicate securely when a powerful adversary eavesdrops and tampers with traffic.

59% of consumers are more concerned about becoming a victim of fraud now than they were in 2021, according to ac research released by Paysafe. Consumers across North America, Latin America and Europe are prioritising security over convenience when making online purchases, as the impact of rising inflation and energy prices continues to fuel financial worries.

Microsoft warned customers today that it will finally disable basic authentication in random tenants worldwide to improve Exchange Online security starting October 1, 2022."Since our first announcement nearly three years ago, we've seen millions of users move away from basic auth, and we've disabled it in millions of tenants to proactively protect them. We're not done yet though, and unfortunately usage isn't yet at zero. Despite that, we will start to turn off basic auth for several protocols for tenants not previously disabled," the Exchange Team said today.