Security News

Amazon Web Services Launches Independent European Cloud as Calls for Data Sovereignty Grow
2023-11-01 17:10

Amazon Web Services has launched an independent cloud for Europe designed for public sector customers and companies operating in highly regulated industries within the European Union. The AWS Sovereign Cloud will operate both "Physically and logically" separate from AWS's existing cloud regions and has been engineered specifically to meet the data residency and regulatory requirements of European customers.

Ragnar Locker ransomware’s dark web extortion sites seized by police
2023-10-19 14:39

The Ragnar Locker ransomware operation's Tor negotiation and data leak sites were seized Thursday morning as part of an international law enforcement operation. A Europol spokesperson has confirmed the seizure message is legitimate as part of an ongoing action targeting the Ragnar Locker ransomware gang and that a press release will be published tomorrow.

New Critical Zero-Day Vulnerability Affects Web UI of Cisco IOS XE Software & Allows Attackers to Compromise Routers
2023-10-18 09:00

Cisco Talos discovered a new critical zero-day vulnerability in the Web User Interface feature of Cisco IOS XE software that's currently being used in the wild. The vulnerability used to access the system and create those accounts is CVE-2023-20198; it received the highest Common Vulnerability Scoring System score of 10.

Silent Skimmer: A Year-Long Web Skimming Campaign Targeting Online Payment Businesses
2023-10-02 11:20

A financially motivated campaign has been targeting online payment businesses in the Asia Pacific, North America, and Latin America with web skimmers for more than a year. The BlackBerry Research...

Finnish Authorities Dismantle Notorious PIILOPUOTI Dark Web Drug Marketplace
2023-09-20 12:51

Finnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade since May 2022. "The site operated as a hidden...

Do You Really Trust Your Web Application Supply Chain?
2023-09-20 10:34

Well, you shouldn’t. It may already be hiding vulnerabilities. It's the modular nature of modern web applications that has made them so effective. They can call on dozens of third-party web...

Microsoft to start retiring Exchange Web Services in October 2026
2023-09-19 16:28

Microsoft said today that the Exchange Web Services API for Exchange Online and Office 365 will be retired in approximately three years. These resources can be retrieved from various sources, including Exchange Online, Exchange Online as part of Office 365, and on-premises editions of Exchange.

Microsoft Edge is losing tablet-friendly "Web Select" feature
2023-09-16 19:18

Microsoft's Edge browser, known for its innovative features, is now shedding one of its most applauded functions, Web Select. Accessed either via the menu or the Control+Shift+X shortcut, Web Select provided an edge over simple screenshot tools.

Scattered Spider traps 100+ victims in its web as it moves into ransomware
2023-09-15 21:25

Scattered Spider, the crew behind at least one of the recent Las Vegas casino IT security breaches, has already hit some 100 organizations during its so-far brief tenure in the cybercrime scene, according to Mandiant. The Google-owned threat intel firm tracks Scattered Spider as UNC3944.

The Initial Access Broker Economy: A Deep Dive into Dark Web Hacking Forums
2023-09-07 14:02

Initial access brokers are cybercriminals that focus on gaining privileged IT access to corporate environments, which they then auction off on specialized dark web forums. We wanted to better understand how IABs operate, so we did the only natural thing and spent weeks painstakingly translating posts from Russian into English to conduct an in-depth analysis on the corporate access economy.