Intercontinental Exchange to pay $10M SEC penalty over VPN breach
The Intercontinental Exchange (ICE) will pay a $10 million penalty to settle charges brought by the U.S. Securities and Exchange Commission (SEC) after failing to…
Category: Bleeping Computer
Microsoft to start killing off VBScript in second half of 2024
Microsoft announced today that it will start deprecating VBScript in the second half of 2024 by making it an on-demand feature until it’s completely removed.…
Windows 11 24H2 now rolling out to Release Preview Insiders
Microsoft is rolling out Windows 11 24H2 to testers in the Release Preview Channel, confirming that it is in the final stages of testing. “Today,…
State hackers turn to massive ORB proxy networks to evade detection
Security researchers are warning that China-linked state-backed hackers are increasingly relying on a vast proxy server network created from virtual private servers and compromised online…
LastPass is now encrypting URLs in password vaults for better security
LastPass announced it will start encrypting URLs stored in user vaults for enhanced privacy and protection against data breaches and unauthorized access. The vendor of the popular…
Microsoft’s new Windows 11 Recall is a privacy nightmare
Microsoft’s announcement of the new AI-powered Windows 11 Recall feature has sparked a lot of concern, with many thinking that it has created massive privacy…
Chinese hackers hide on military and govt networks for 6 years
A previously unknown threat actor dubbed “Unfading Sea Haze” has been targeting military and government entities in the South China Sea region since 2018, remaining…
Veeam warns of critical Backup Enterprise Manager auth bypass bug
Veeam warned customers today to patch a critical security vulnerability that allows unauthenticated attackers to sign into any account via the Veeam Backup Enterprise Manager…
GhostEngine mining attacks kill EDR security using vulnerable drivers
A malicious crypto mining campaign codenamed ‘REF4578,’ has been discovered deploying a malicious payload named GhostEngine that uses vulnerable drivers to turn off security products and deploy an…
LockBit says they stole data in London Drugs ransomware attack
Today, the LockBit ransomware gang claimed they were behind the April cyberattack on Canadian pharmacy chain London Drugs and is now threatening to publish stolen…
Bitbucket artifact files can leak plaintext authentication secrets
Threat actors were found breaching AWS accounts using authentication secrets leaked as plaintext in Atlassian Bitbucket artifact objects. The issue was discovered by Mandiant, who was investigating…
Western Sydney University data breach exposed student data
Western Sydney University (WSU) has notified students and academic staff about a data breach after threat actors breached its Microsoft 365 and Sharepoint environment. WSU…