Security News

Microsoft slammed for lax security that led to China's cyber-raid on Exchange Online
2024-04-03 02:15

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Microsoft slammed for lax security that led to China's cyber-raid on Exchange Online
2024-04-03 02:15

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

China encouraged armed offensive against Myanmar government to protest proliferation of online scams
2024-03-28 04:28

The military junta controlling Myanmar has struggled to control all of its territory thanks in part to China backing rebel forces as a way of expressing its displeasure about cyberscam centers operating from the country. One issue Beijing wanted the junta to address was the proliferation of scam centers in Myanmar, as they often prey on Chinese netizens.

Germany warns of 17K vulnerable Microsoft Exchange servers exposed online
2024-03-26 19:21

The German national cybersecurity authority warned on Tuesday that it found at least 17,000 Microsoft Exchange servers in Germany exposed online and vulnerable to one or more critical security vulnerabilities. According to the German Federal Office for Information Security, around 45,000 Microsoft Exchange servers in Germany have Outlook Web Access enabled and are accessible from the Internet.

New ‘Loop DoS’ attack may impact up to 300,000 online systems
2024-03-20 19:40

A new denial-of-service attack dubbed 'Loop DoS' targeting application layer protocols can pair network services into an indefinite communication loop that creates large volumes of traffic. The attack is possible due to a vulnerability, currently tracked as CVE-2024-2169, in the implementation of the UDP protocol, which is susceptible to IP spoofing and does not provide sufficient packet verification.

Cyber baddies leak 70M+ files online, claim they're from AT&T
2024-03-18 16:45

More than 70 million records, allegedly stolen from AT&T in 2021, were dumped on a cybercrime forum at the weekend. The stolen files include names, Social Security Numbers, dates of birth, addresses, emails, phone numbers and other personal information, according to Dark Web Informer, who first spotted the massive data dump by the criminals.

UnitedHealth brings some Change Healthcare pharmacy services back online
2024-03-08 17:54

Optum's Change Healthcare has started to bring systems back online after suffering a crippling BlackCat ransomware attack last month that led to widespread disruption to the US healthcare system. United Health Group is the largest American health insurance company, and its subsidiary, Optum Solutions, operates the Change Healthcare platform.

FBI: U.S. lost record $12.5 billion to online crime in 2023
2024-03-07 12:53

FBI's Internet Crime Complaint Center has released its 2023 Internet Crime Report, which recorded a 22% increase in reported losses compared to 2022, amounting to a record of $12.5 billion. The number of relevant complaints submitted to the FBI in 2023 reached 880,000, 10% higher than the previous year, with the age group topping the report being people over 60, which shows how vulnerable older adults are to cybercrime.

New WogRAT malware abuses online notepad service to store malware
2024-03-05 20:25

A new malware dubbed 'WogRAT' targets both Windows and Linux in attacks abusing an online notepad platform named 'aNotepad' as a covert channel for storing and retrieving malicious code. The malware contains encrypted source code for a malware downloader that is compiled and executed on the fly.

Week in review: LockBit leak site is back online, NIST updates its Cybersecurity Framework
2024-03-03 09:00

Overcoming the pressures of cybersecurity startup leadershipIn this Help Net Security interview, Kunal Agarwal, CEO at Dope Security, offers a look into the CEO's leadership philosophy, the process of building a high-caliber team, and the unique challenges of navigating a startup in the tech industry. How organizations can navigate identity security risks in 2024In this Help Net Security interview, Deepak Taneja, CEO of Zilla Security, discusses identity security risks and threats.