Security News

Microsoft has announced that web content filtering has reached general availability and is now available for all Windows enterprise customers."The Microsoft Defender for Endpoint team is pleased to announce the general availability of web content filtering for our customers on Windows," said Thomas Doucette, a Program Manager at Microsoft.

Law enforcement authorities arrested 150 suspects allegedly involved in selling and buying illicit goods on DarkMarket, the largest illegal marketplace on the dark web when it was taken down in January 2021. The arrests are the result of a coordinated international operation dubbed Dark HunTOR that lasted ten months and involved police forces and investigators from nine countries.

Discovered by Huntress Labs earlier this month, the ongoing attacks focus on an SQL-injection bug in the BQE Web Suite from BQE Software. 102621 08:41 UPDATE: BQE clarified that the vulnerability affects BQE Web Suite customers, not BillQuick Web Suite customers, and that Huntress' reference to BillQuick was inaccurate.

Dark web activity the value of stolen data and cybercriminal behaviors, have dramatically evolved in recent years, according to a Bitglass research. Stolen data has a wider reach and moves more quickly Breach data received over 13,200 views in 2021 vs. 1,100 views in 2015 - a 1,100% increase.

In a paper distributed this month through ArXiv, they describe a HTTP protocol called HTTPS Attestable to enhance online security with remote attestation - a way for apps to obtain an assurance that data will be handled by trusted software in secure execution environments. "We propose a general solution to standardize attestation over HTTPS and establish multiple trusted connections to protect and manage requested data for selected HTTP domains," they say.

Data is a hot commodity on the Dark Web where people buy and sell sensitive information, much of it stolen through network breaches. A report released Tuesday by security provider Bitglass looks at how stolen data winds up on the Dark Web and offers advice on what you can do to better protect yourself and your organization.

Brave, the privacy-conscious web browser, has announced plans to introduce additional privacy protections against 'bounce tracking,' a newer form of tracking that is not currently blocked by the browser. The new system, which Brave's team calls "Debouncing", addresses the bounce tracking method, which disregards users' privacy preferences such as the 'Do Not Track' setting and the blocking of third-party cookies.

A ransomware kit costs as little as $66, though it needs to be modified, while a spearphishing attack can run as low as $100, says Altas VPN. Cybercrime can be a lucrative business for those who specialize in ransomware, phishing campaigns, and other types of attacks. The profit margins are especially healthy because cybercrime products and services often sell at bargain prices on the Dark Web.

From website hacking to DDoS attacks to custom malware to changing school grades, you can buy one of these services from a hacker for hire. Just how much do these types of items cost? A blog post published Tuesday by consumer website Comparitech examines the types of hacking services available on the Dark Web and scopes out their prices.

Apache has issued patches to address two security vulnerabilities, including a path traversal and file disclosure flaw in its HTTP server that it said is being actively exploited in the wild. "A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root," the open-source project maintainers noted in an advisory published Tuesday.