Recent Security News
-
Kasseika Ransomware Using BYOVD Trick to Disarms Security Pre-Encryption
January 24, 2024 at 07:06AM Kasseika, a new ransomware group, has adopted the Bring Your Own Vulnerable Driver (BYOVD) attack to evade security processes on Windows hosts, demonstrating similarities with the now-defunct BlackMatter. Their attack chain begins with a phishing email, followed by deploying remote administration tools and executing a malicious batch script. The ransomware…
-
Major US, UK Water Companies Hit by Ransomware
January 24, 2024 at 06:18AM Veolia North America and Southern Water were both hit by ransomware attacks resulting in data breaches. Veolia assures its water operations weren’t affected, but personal data may have been compromised. Southern Water is investigating a ransomware group’s claim of stealing personal information and documents. The water sector has seen increased…
-
What Microsoft’s latest email breach says about this IT security heavyweight
January 24, 2024 at 06:07AM Microsoft revealed a second breach by Russian cyber spies, Cozy Bear, who stole emails and files from the tech giant’s leadership and security teams. The company is uncertain about the breach’s financial impact but has faced similar incidents before. Concerns about Microsoft’s security practices were raised by a US Senator,…
-
Microsoft: Recent updates cause Sysprep Windows validation errors
January 24, 2024 at 05:29AM Microsoft has reported 0x80073cf2 errors for admins using the Sysprep tool to validate Windows 10 installations after recent updates. This issue affects Windows 10, version 22H2 systems in audit mode. A temporary workaround is available for affected Windows images by removing the problematic Microsoft.MicrosoftEdge package using a PowerShell command. Microsoft…
-
Amazon’s French Warehouses Fined Over Employee Surveillance
January 24, 2024 at 05:06AM France’s data protection agency fined Amazon’s French warehouses unit 32 million euros for an “excessively intrusive” surveillance system monitoring employee performance through package processing scanners. The system raised alerts for inactivity exceeding 10 minutes and fast handling of packages. The surveillance violated EU’s data protection regulation. The fine equals about…