Ukraine Claims Revenge Hack Against Moscow Internet Provider

January 9, 2024 at 04:05PM Ukraine media reported a cyberattack by the Blackjack cyber group, allegedly linked to the Security Service of Ukraine, targeting Moscow ISP M9 Telecom. Sources claim it was in retaliation for the Russia-backed breach of Kyivstar and may be a prelude to further “serious revenge.” The group also took credit for … Read more

FTC bans data broker from selling Americans’ location data

January 9, 2024 at 03:37PM The U.S. FTC banned data broker Outlogic, formerly X-Mode Social, from selling Americans’ sensitive location data. The move responds to data brokers exposing individuals’ location data revealing sensitive information. Outlogic lacked protocols to remove sensitive locations and sometimes failed to respect individuals’ opt-out preferences. The ban follows an August 2022 … Read more

Windows 10 KB5034122 update released with fix for shut down bug

January 9, 2024 at 02:55PM Microsoft released KB5034122 cumulative update for Windows 10 21H2 and 22H2, containing January 2024 security updates. It’s mandatory, with limited fixes due to the holiday season. After manual installation or ‘Check for Updates,’ it’ll automatically start but can be scheduled for restart. New update for Win 10, addressing issues and … Read more

CISA warns agencies of fourth flaw used in Triangulation spyware attacks

January 9, 2024 at 02:33PM The U.S. Cybersecurity and Infrastructure Security Agency has added six vulnerabilities impacting products from Apple, Adobe, Apache, D-Link, and Joomla to the Known Exploited Vulnerabilities catalog. These flaws are actively exploited and pose significant risks. Federal agencies have until January 29 to patch or discontinue use of the vulnerable products. … Read more

Microsoft January 2024 Patch Tuesday fixes 49 flaws, 12 RCE bugs

January 9, 2024 at 02:11PM Microsoft’s January 2024 Patch Tuesday addresses 49 flaws and 12 remote code execution vulnerabilities. Notably, a Windows Kerberos Security Feature Bypass and a Hyper-V RCE were classified as critical. Microsoft also addressed an Office Remote Code Execution Vulnerability and other flaws. Other vendors released updates, including .NET, Azure, Microsoft Edge, … Read more

Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V

January 9, 2024 at 02:00PM Microsoft issued urgent patches for critical, remote code execution vulnerabilities affecting Windows Kerberos and Hyper-V. The company’s latest “Patch Tuesday” aimed to address these significant security threats. (47 words) It looks like the meeting notes are highlighting the urgency of the critical vulnerabilities in Windows Kerberos and Windows Hyper-V that … Read more

Delinea Acquires Authomize to Tackle Identity-Based Threats

January 9, 2024 at 02:00PM Delinea, a Silicon Valley access management vendor, has acquired Israeli startup Authomize, enriching its product portfolio with identity threat detection and response technologies. The undisclosed but reportedly “several tens of millions of dollars” acquisition aims to combat the surge in identity-related data breaches by providing tools to detect and mitigate … Read more

Ransomware Gang Gives Toronto Zoo the Monkey Business

January 9, 2024 at 01:57PM The zoo informs that it does not retain guests’ credit card details as the investigation progresses. Based on the meeting notes provided, it appears that the zoo has confirmed that it does not store the credit card information of its guests. Full Article

Windows 11 KB5034123 update released with security and Wi-Fi fixes

January 9, 2024 at 01:57PM Microsoft released the Windows 11 KB5034123 update for versions 23H2 and 22H2, addressing Wi-Fi bug and displaying the smart card issue. The update is mandatory and can be installed through Windows Update or directly from Microsoft Update Catalog. It also includes build number updates for Windows versions and other improvements, … Read more

Hackers target Microsoft SQL servers in Mimic ransomware attacks

January 9, 2024 at 01:57PM Financially motivated Turkish hackers are targeting Microsoft SQL servers worldwide, encrypting victims’ files using Mimic ransomware. Tracked as RE#TURGENCE, the attacks have hit targets in the EU, US, and Latin America. The hackers compromise insecure MSSQL servers using brute force attacks, then deploy ransomware payloads and execute other malicious activities. … Read more