Security News
Computer hardware maker Zotac has exposed return merchandise authorization (RMA) requests and related documents online for an unknown period, exposing sensitive customer information. [...]
In an ongoing extortion campaign against Ticketmaster, threat actors have leaked almost 39,000 print-at-home tickets for 150 upcoming concerts and events, including Pearl Jam, Phish, Tate McCrae,...
A May 2024 data breach disclosed by American luxury retailer and department store chain Neiman Marcus last month has exposed more than 31 million customer email addresses, according to Have I Been Pwned founder Troy Hunt, who analyzed the stolen data. In a separate incident notification published on its website, Neiman Marcus revealed that the data exposed in the attack included names, contact information, dates of birth, gift card info, transaction data, partial credit card and Social Security numbers, and employee identification numbers.
Microsoft reminded customers today that multiple editions of Windows 11, version 22H2, will reach the end of servicing in three months, on October 8, 2024. Windows 11 22H2 started rolling out in September to Release Preview Insiders for enterprise testing and was released as an enablement package on October 31.
Antivirus company Avast have discovered a weakness in the cryptographic scheme of the DoNex ransomware family and released a decryptor so victims can recover their files for free. [...]
ProPublica has a long investigative article on how the Cyber Safety Review Board failed to investigate the SolarWinds attack, and specifically Microsoft’s culpability, even though they were...
Apple has removed 25 virtual private network apps from the Russian App Store at the request of Roskomnadzor, Russia's telecommunications watchdog. Roskomnadzor confirmed to Interfax that the order targets multiple apps used to gain access to content tagged as illegal in Russia.
Microsoft has finally released a spell check and autocorrect feature in Notepad for all Windows 11 users, forty-one years after the program was introduced in 1983. [...]
TeamViewer, the company developing the popular remote access/control software with the same name, has finished the investigation into the breach it detected in late June 2024, and has confirmed that it was limited to their internal corporate IT environment. "Neither our separated product environment, nor the connectivity platform, nor any customer data has been touched," the company says.
A remote code execution vulnerability in the Ghostscript document conversion toolkit, widely used on Linux systems, is currently being exploited in attacks. Ghostscript comes pre-installed on many Linux distributions and is used by various document conversion software, including ImageMagick, LibreOffice, GIMP, Inkscape, Scribus, and the CUPS printing system.