News

Windows 10 users are reporting that they are unable to print using devices from multiple vendors after installing updates for Windows 10 versions 1903, 1909, and 2004 devices released on June 9, 2020. KB4560960 and KB4557957, the updates causing these issues, are cumulative updates that were released on Tuesday with security fixes for multiple Windows 10 components, as well as improvements and fixes for various Windows 10 features. Even though no Microsoft officials have confirmed it, a...

Bad guys find unprotected Elasticsearch servers exposed on the web faster than search engines can index them. A study found that threat actors are mainly going for cryptocurrency mining and credential theft. For the duration of the experiment, a honeypot with a fake database recorded more than 150 unauthorized requests, the first one occurring less than 12 hours since being exposed. Comparitech’s research team, led by Bob Diachenko, left the Elasticsearch server exposed on the...

D-Link has released a firmware update to fix three out of six security vulnerabilities reported for the DIR-865L wireless router model for consumers. One flaw is rated critical, others are high-severity. Attackers can use the bugs to execute arbitrary commands, steal sensitive information, upload malware, or delete data. D-Link’s DIR-865L was released in 2012 and is no longer supported for U.S. consumers but its status on localized pages for European countries is End of Sale. This means that...

The government will provide £10 million over four years “to develop groundbreaking cybersecurity technologies,” as part of its commitment to increase investment in R&D to 2.4 percent of GDP by 2027, Digital Secretary Oliver Dowden announced. Nine winning research teams share the £10 million investment under the government’s Digital Security by Design programme, which aims to help the tech infrastructure of UK organisations and digital devices be more resilient to cyberattacks. Grant winners are creating...

Hacker groups that engage in web skimming (also known as Magecart) attacks have breached the web stores of two of the world's biggest retail chains -- accessories store Claire's and sporting goods retailer Intersport. According to reports published today by security firms Sanguine Security and ESET, hackers breached the two companies' websites and hid malicious code that would record payment card details entered in checkout forms. According to Sanguine Security's Willem de Groot, Claire's website was compromised...

European energy company giant Enel Group suffered a ransomware attack a few days ago that impacted its internal network. Detected on June 7, the incident is the work of EKANS (SNAKE) ransomware operators, the group that also targeted Honda earlier this week. Enel Group confirmed for BleepingComputer that its internal IT network was disrupted on Sunday evening following a ransomware attack caught by their antivirus before the malware could spread. Dealing with the incident required isolating the...

Social networking giant Twitter disclosed today three new state-linked information operations that have been taking place on its platform this year. As a result of its investigation, Twitter said it banned and removed 32,242 accounts that were part of networks operated out of China, Russia, and Turkey, all three pushing local political agendas and narratives, and associated with state-sponsored entities. Of the three networks, the largest was the one based in China. Twitter said it banned 23,750...

The City of Knoxville, Tennessee, was forced to shut down its entire computer network following a ransomware attack that took place overnight and targeted the city's offices. Knoxville has a population of over 180,000, it's Tennessee's third-largest city after Nashville and Memphis, and it's also part of the Knoxville Metropolitan Statistical Area, with a reported population of almost 870,000 in 2015. Computers on Knoxville's network were encrypted overnight, with the attack being noticed by employees of the city's fire department around...

Fortune 500 insurance holding company Genworth Financial disclosed a data breach after an unauthorized party gained access to insurance agents' online accounts using compromised login credentials. The U.S. mortgage and long term care insurer had revenue of $8,6 billion during the last fiscal year and it reached a deal with China Oceanwide Holdings Group that will allow the Chinese company to buy Genworth for $2.7 billion. Genworth's services and products are offered through financial advisors, intermediaries, as...

TAIT, one of the world's leading live event solutions providers, disclosed a data breach that led to the exposure of personal and financial information stored on a server and on the email accounts of some of its employees. The TAIT group of companies (Brilliant, Kinesys, Production Glue, Stage Technologies, TAIT UK, and TAIT Navigator) employs over 900 people in 14 office locations around the world and has been a provider of live experience solutions in over 30...