PayPal has filed a patent application for a novel method that can identify when “super-cookie” is stolen, which could improve the cookie-based authentication mechanism and limit account takeover attacks. […]
RCMP investigating cyber attack as its website remains down
The Royal Canadian Mounted Police (RCMP), Canada’s national police force has disclosed that it recently faced a cyber attack targeting its networks. The federal body has started its criminal investigation into the matter as it works to determine the scope of the security breach. […]
Authorities Claim LockBit Admin “LockBitSupp” Has Engaged with Law Enforcement
LockBitSupp, the individual(s) behind the persona representing the LockBit ransomware service on cybercrime forums such as Exploit and XSS, “has engaged with law enforcement,” authorities said.
The development comes following the takedown of the prolific ransomware-as-a-service (RaaS) operation as part of a coordinated international operation codenamed Cronos. Over 14,000 rogue
The development comes following the takedown of the prolific ransomware-as-a-service (RaaS) operation as part of a coordinated international operation codenamed Cronos. Over 14,000 rogue
Apple adds PQ3 quantum-resistant encryption to iMessage
Apple is adding to the iMessage instant messaging service a new post-quantum cryptographic protocol named PQ3, designed to defend encryption from quantum attacks. […]
Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies
Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light.
“Microsoft will automatically enable the logs in customer accounts and increase the default log retention period from 90 days to 180 days,”
“Microsoft will automatically enable the logs in customer accounts and increase the default log retention period from 90 days to 180 days,”
FTC sues H&R Block over deceptive ‘free’ online filing ads
The U.S. Federal Trade Commission (FTC) sued tax preparation giant H&R Block over the company’s deceptive “free” online filing advertising and for pressuring people into overpaying for its services. […]
Insomniac Games alerts employees hit by ransomware data breach
Sony subsidiary Insomniac Games is sending data breach notification letters to employees whose personal information was stolen and leaked online following a Rhysida ransomware attack in November. […]
Google Pay app shutting down in US, users have till June to move funds
Google is retiring the standalone Pay app in the United States. Users have until June 4 to transfer the balance to bank accounts. […]
LockBit ransomware gang has over $110 million in unspent bitcoin
The LockBit ransomware gang received more than $125 million in ransom payments over the past 18 months, according to the analysis of hundreds of cryptocurrency wallets associated with the operation. […]
Dormant PyPI Package Compromised to Spread Nova Sentinel Malware
A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel.
The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected an anomalous update to the library on February 21,
The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected an anomalous update to the library on February 21,