Recent Security News
-
European Court of Human Rights declares backdoored encryption is illegal
February 15, 2024 at 02:31AM The European Court of Human Rights has ruled that requiring weakened encryption and extensive data retention violates the European Convention on Human Rights. The decision may impact European data surveillance legislation, including Chat Control. This ruling has significant implications for privacy and law enforcement practices, potentially affecting similar laws in…
-
Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation
February 15, 2024 at 12:21AM Microsoft has confirmed active exploitation of a critical security flaw in Exchange Server, allowing attackers to gain privileges and execute operations. It has released patches to address this and other vulnerabilities in its Patch Tuesday updates. Threat actors, including APT28, have a history of exploiting such flaws for NTLM relay…
-
Microsoft: New critical Exchange bug exploited as zero-day
February 14, 2024 at 06:29PM Microsoft has warned of a critical vulnerability in Exchange Server, CVE-2024-21410, allowing remote unauthenticated threat actors to escalate privileges. The company has released Exchange Server 2019 Cumulative Update 14 to address this and enable NTLM credentials Relay Protections. Admins are advised to evaluate their environments before toggling EP on Exchange…
-
LockBit claims ransomware attack on Fulton County, Georgia
February 14, 2024 at 06:08PM LockBit ransomware group claims responsibility for cyberattack on Fulton County, Georgia, threatening to leak sensitive data unless a ransom is paid. The attack, causing IT outages in phone, court, and tax systems, still impacts the county weeks later. Despite the breach, no indication of stolen sensitive information was found, but…