Microsoft now blocks the Windows 11 24H2 update on computers with standalone scanners, multi-function printers, fax machines, modems, and other network devices with eSCL protocol support. […]
Salt Typhoon hackers backdoor telcos with new GhostSpider malware
The Chinese state-sponsored hacking group Salt Typhoon has been observed utilizing a new “GhostSpider” backdoor in attacks against telecommunication service providers. […]
Vulnerabilities Expose mySCADA myPRO Systems to Remote Hacking
Critical vulnerabilities patched by mySCADA in its myPRO HMI/SCADA product can allow remote and unauthenticated takeover of the system.
The post Vulnerabilities Expose mySCADA myPRO Systems to Remote Hacking appeared first on SecurityWeek.
Microsoft 365 outage impacts Exchange Online, Teams, Sharepoint
Microsoft is working on fixing an ongoing and widespread Microsoft 365 outage that is impacting multiple services and features, including Exchange Online, Microsoft Teams, and SharePoint Online. […]
Halcyon Raises $100 Million at $1 Billion Valuation
Series C Funding round brings the total amount raised by the ransomware protection firm to $190 million.
The post Halcyon Raises $100 Million at $1 Billion Valuation appeared first on SecurityWeek.
Google’s New Restore Credentials Tool Simplifies App Login After Android Migration
Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device.
Part of Android’s Credential Manager API, the feature aims to reduce the hassle of re-entering the login credentials for every app during the handset replacement.
“With Restore Credentials, apps can seamlessly onboard
Part of Android’s Credential Manager API, the feature aims to reduce the hassle of re-entering the login credentials for every app during the handset replacement.
“With Restore Credentials, apps can seamlessly onboard
PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot
The administrators of the Python Package Index (PyPI) repository have quarantined the package “aiocpa” following a new update that included malicious code to exfiltrate private keys via Telegram.
The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to date.
By putting the
The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to date.
By putting the
Visio Trust Raises $7 Million for Third-Party Risk Management Platform
San Francisco-based third-party risk management provider Visio Trust has raised $7 million in venture funding.
The post Visio Trust Raises $7 Million for Third-Party Risk Management Platform appeared first on SecurityWeek.
North Korea Deploying Fake IT Workers in China, Russia, Other Countries
The North Korean fake IT workers have infiltrated businesses in China, Russia, and other countries aside from the US.
The post North Korea Deploying Fake IT Workers in China, Russia, Other Countries appeared first on SecurityWeek.
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18 – Nov 24)
We hear terms like “state-sponsored attacks” and “critical vulnerabilities” all the time, but what’s really going on behind those words? This week’s cybersecurity news isn’t just about hackers and headlines—it’s about how digital risks shape our lives in ways we might not even realize.
For instance, telecom networks being breached isn’t just about stolen data—it’s about power. Hackers are
For instance, telecom networks being breached isn’t just about stolen data—it’s about power. Hackers are