Security News

CISA has urged manufacturers of small office/home office routers to ensure their devices' security against ongoing attacks attempting to hijack them, especially those coordinated by Chinese state-backed hacking group Volt Typhoon. Threat actors are compromising many such devices, taking advantage of the sheer numbers of SOHO routers used by Americans and using them as launchpads in attacks targeting U.S. critical infrastructure organizations.

The Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management tools to increase their permissions on the network. [...]

In an email interview with TechRepublic, Jake Williams, faculty member at IANS Research and former NSA offensive hacker, said, "The publication highlights the challenges with comparing the features provided by vendors. CISA seems to be putting vendors on notice that they want vendors to be clear about what standards they do and don't support in their products, especially when a vendor only supports portions of a given standard." According to CISA and the NSA, the definitions and policies of the different variations of MFAs are unclear and confusing.

Microsoft says the recent wave of blue screens impacting some Windows users is not caused by issues in its August 2023 optional updates. Microsoft first acknowledged this known issue on Wednesday, saying that affected platforms include Windows 11 22H2 and Windows 10 21H2/22H2.

The U.S. government has banned European commercial spyware manufacturers Intellexa and Cytrox, citing risks to U.S. national security and foreign policy interests. Google's Threat Analysis Group linked the Cytrox in May 2022 with multiple zero-day vulnerabilities used to deploy Predator spyware on Android devices.

The U.S. government on Tuesday added two foreign commercial spyware vendors, Cytrox and Intellexa, to an economic blocklist for weaponizing cyber exploits to gain unauthorized access to devices and "Threatening the privacy and security of individuals and organizations worldwide." Cytrox is the maker of a mobile mercenary spyware called Predator that's analogous to NSO Group's Pegasus.

Cybercriminals are increasingly posing as multi-factor authentication vendors and small businesses are becoming more popular targets, according to VIPRE. Attachment-based malspam is on the rise. The report also concluded that attachment-based malspam is on the rise, by a significant 22% when compared to malspam with links.

Here's a look at the current top facial recognition software vendors, as well as use cases for the technology. Facial recognition software vendors Amazon Rekognition: Best overall facial recognition software.

An international law enforcement operation has resulted in the arrest of 288 vendors who are believed to be involved in drug trafficking on the dark web, adding to a long list of criminal enterprises that have been shuttered in recent years. "This represents the most funds seized and the highest number of arrests in any coordinated international action," U.S. Attorney General Merrick B. Garland said.

An international law enforcement operation codenamed 'SpecTor' has arrested 288 dark web vendors and customers worldwide, with police seizing €50.8 million in cash and cryptocurrency. "The vendors arrested as a result of the police action against Monopoly Market were also active on other illicit marketplaces, further impeding the trade of drugs and illicit goods on the dark web."