Security News

Microsoft has released the January 2024 preview update for Windows 10, version 22H2, which adds Digital Markets Act compliance in the European Economic Area to allow European users to uninstall all apps in Windows by March 6. The KB5034203 is a monthly non-security optional cumulative update that enables Windows administrators to try out fixes and improvements that will come with the February 2024 Patch Tuesday release.

CISA Director Jen Easterly has confirmed she was the subject of a swatting attempt on December 30 after a bogus report of a shooting at her home. One of the most troubling trends we have seen in recent years has been the harassment of public officials across the political spectrum, including extreme incidents involving swatting and direct personal threats.

Jason's Deli is warning of a data breach in notifications sent to customers of its online platform stating that their personal data was exposed in credential stuffing attacks.In a data breach notification sent to customers, Jason's Deli says hackers obtained credentials of member accounts at Jason's Deli from other sources and, on December 21, 2023, used them in a credential stuffing attack against the restaurant's website.

A Baltimore man faces a potential maximum 20-year prison sentence after being charged for his alleged role in running an online service that sold personal data which was later used for financial fraud. The filing claims customers would approach Charleron with a name and home address, plus a payment in the region of $25 sent either via cryptocurrency or other digital means, and in return they would receive the PII necessary to take out credit cards in a victim's name.

While artificial intelligence discourse and chatbots dominated 2023, the cybersecurity space still pulled our attention now and then with cyberattacks, reminding us that technology advancements without cybersecurity can be counterintuitive, an approach akin to setting the cart before the horse. With this in mind, TechRepublic Premium spoke with a wide range of experts to find out their views on where the cybersecurity sector is headed.

This policy from TechRepublic Premium provides guidelines for the reporting of information security incidents by company employees. The goal is to facilitate the security response and remediation process to ensure the least amount of potential damage to systems, networks, customers and business reputation.

Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT versions before 7.4.1 that allows an attacker to create a new admin user. GoAnywhere MFT is used by organizations worldwide to secure transfer files with customers and business partners.

The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part of a massive "criminal affiliate program," new...

Besides fixing an actively exploited zero-day vulnerability, the latest update for the iOS 17 branch offers a new feature to help you protect your accounts and sensitive information in case your iPhone gets stolen. If enabled, the Stolen Device Protection feature makes it difficult for iPhone thieves to switch certain features on or off and perform certain actions if your iPhone is not at a familiar location such as your home or work place.

Two malicious packages discovered on the npm package registry have been found to leverage GitHub to store Base64-encrypted SSH keys stolen from developer systems on which they were installed. The...