Microsoft Exchange Server is a widely used email server application. Many utilities, as well as supporting tools and aids, have been developed for it. Considering how important email is to any organization, maintaining a secure Exchange server is an essential activity. Zero-day vulnerabilities on Exchange Server — not Exchange Online — that were exploited by
Cyber Security
This is where news and updates on Cyber Security are published on a daily basis.
Africa’s fintech space has gained proper attention over the past few years in investments but it is not news that startups still battle with offering high-quality products. However, they seem to be doing quite well compared with traditional banks that face challenges like legacy cost structures and a major lack of operational efficiency. Appzone is
For organizations that deal with the defense infrastructure – cybersecurity is more than just a buzzword. Recently the US Department of Defense (DoD) created a new certification process – the Cybersecurity Maturity Model Certificate (CMMC) – to ensure that all its vendors and contractors follow established best cybersecurity practices. For organizations that work along the
Canada’s leading provider of laboratory diagnostic information and digital health connectivity systems today announced the launch of a new Vulnerability Disclosure Program (VDP). LifeLabs Medical Laboratory started the VDP program with the intention of strengthening cybercrime detection technology across its online tools, apps, and solutions. “Our goal is to continue to innovate and lead the health
Hello friends, and welcome back to Week in Review! Last week, I talked about Clubhouse’s slowing user growth. Well, this week news broke that they had been in talks with Twitter for a $4 billion acquisition, so it looks like they’re still pretty desirable. This week, I’m talking about a story I published a couple
“Most of the startups I give advice to about how to raise venture capital shouldn’t be raising venture capital,” an investor recently told me. While the idea that every startup isn’t venture-backable might run counter to the narrative to the barrage of funding news each week, I think it’s important to double click on the
Some personal information just doesn’t age – here’s what the Facebook data leak may mean for you ‘Half a billion Facebook users’ data breached’, this or something very similar is a headline you may have seen in the media in recent days. Any data breach, especially one that affects such a large quantity of users,
by Paul Ducklin How scammers copied a government website almost to perfection. What to do about those fake “bug” hunters who ask for payment for finding “vulnerabilities” that aren’t. Why the Dutch data protection authority fined Booking.com for not sending in a data breach disclosure fast enough. With Kimberly Truong, Doug Aamoth and Paul Ducklin.
APKPure, one of the largest alternative app stores outside of the Google Play Store, was infected with malware this week, allowing threat actors to distribute Trojans to Android devices. In an incident that’s similar to that of German telecommunications equipment manufacturer Gigaset, the APKPure client version 3.17.18 is said to have been tampered with in
The United States has imprisoned the cyberstalker of a woman who, as a child, survived a violent assault that claimed the life of her friend. According to court records, the victim was in a Texas bedroom with another girl in December 1999 when an assailant entered and slit both the little girls’ throats. The perpetrator
Welcome back to The TechCrunch Exchange, a weekly startups-and-markets newsletter. It’s broadly based on the daily column that appears on Extra Crunch, but free, and made for your weekend reading. Ready? Let’s talk money, startups and spicy IPO rumors. The startup world could be in for a busy summer. Today the economy is improving. Unemployment
Chinese regulators have hit Alibaba with a record fine of 18 billion yuan (about $2.75 billion) for violating anti-monopoly rules as the country seeks to rein in the power of its largest internet conglomerates. In November, China proposed sweeping antitrust regulations targeting its interent economy. In late December, the State Administration for Market Regulation said
The treasure trove of data reportedly includes users’ LinkedIn IDs, full names, email addresses, phone numbers and workplace information Mere days after news broke of a data leak that impacted more than half a billion Facebook users, another massive batch of people’s personal information is being offered for sale on a hacking forum. This time
by Paul Ducklin The annual Pwn2Own contest features live hacking where top cybersecurity researchers duke it out under time pressure for huge cash prizes. Their quest: to prove that the exploits they claim to have discovered really do work under real-life conditions. Indeed, Pwn2Own is a bug bounty program with a twist. The end result
A previously undocumented malware downloader has been spotted in the wild in phishing attacks to deploy credential stealers and other malicious payloads. Dubbed “Saint Bot,” the malware is said to have first appeared on the scene in January 2021, with indications that it’s under active development. “Saint Bot is a downloader that appeared quite recently,
Social media giant Facebook has removed thousands of groups from its platforms over the trading of fake and misleading reviews. The cull occurred after two separate interventions by Britain’s competition watchdog, the Competition and Markets Authority (CMA). In January 2020, Facebook committed to improving its identification, investigation, and removal of groups and other pages where
However the outcome of today’s vote count turned out, there was one thing we knew for certain: it wasn’t going to mark the end of the battle between Amazon and the Retail, Wholesale and Department Store Union. With voting having broken overwhelmingly in Amazon’s favor, the union was quick to challenge the results. The RWDSU
A vulnerability in Fortinet’s Fortigate VPN is being exploited by Cring ransomware threat actors, according to a report published days after a Cybersecurity and Infrastructure Security Agency advisory warned that several FortiOS flaws were being utilized in cyber attacks. Kaspersky Lab’s ICS CERT, a project dedicated to industrial cybersecurity threats, released a report Wednesday showing
Easy to redeem and hard to trace, gift cards remain a hot commodity in the criminal underground A cybercriminal has sold almost 900,000 gift cards and over 300,000 payment cards on a top-tier cybercrime forum on the dark web. The total value of the cards was claimed to be some US$38 million. The hacker probably
Iyuno-SDI Group, a provider of translated subtitles and other media localization services, announced today it has raised $160 million in funding from SoftBank Vision 2. The company said this makes the fund one of its largest shareholders. Iyuno-SDI Group was formed after Iyuno Media Group completed its acquisition of SDI Media last month. In a
by Paul Ducklin In a brief yet fascinating press release, Europol just announced the arrest of an Italian man who is accused of “hiring a hitman on the dark web”. According to Europol: The hitman, hired through an internet assassination website hosted on the Tor network, was paid about €10,000 worth in Bitcoins to kill
An Iranian threat actor has unleashed a new cyberespionage campaign against a possible Lebanese target with a backdoor capable of exfiltrating sensitive information from compromised systems. Cybersecurity firm Check Point attributed the operation to APT34, citing similarities with previous techniques used by the threat actor as well as based on its pattern of victimology. APT34
Police in Chicago have arrested a former track and field coach for allegedly soliciting sexually explicit images from female athletes under false pretenses. Chicago resident Steve Waithe was arrested on April 7 and charged with one count of wire fraud and one count of cyberstalking. Waithe attended Loch Raven High School, where he was the Maryland State
Product-led growth is all the rage in the Valley these days, and we had two leading thinkers discuss how to incorporate it into a startup at TechCrunch Early Stage 2021. Tope Awotona is the CEO and founder of Calendly, which bootstrapped for much of its existence before raising $350 million at a $3 billion valuation
ESET researchers discover a new Lazarus backdoor deployed against a freight logistics firm in South Africa ESET researchers have discovered a previously undocumented Lazarus backdoor used to attack a freight logistics company in South Africa, which they have dubbed Vyveva. The backdoor consists of multiple components and communicates with its C&C server via the Tor
Cybercrime is increasing at an alarming clip. Year after year billions of dollars are lost and millions of personal records stolen by online criminals. To counter this onslaught of cyber attacks, businesses and governments have come to count on equally cunning and dedicated cybersecurity professionals to protect them from attack. The scale and impact of
Butter, a startup registered in Denmark but operating fully remote, is building an “all-in-one” platform for planning and running virtual workshops. Offering video software and other features dedicated to workshopping, the idea is to pull people away from using more generic tools, such as Zoom and Microsoft Teams, which, arguably, aren’t well suited to workshops.
Cuba Ransomware Overview Over the past year, we have seen ransomware attackers change the way they have responded to organizations that have either chosen to not pay the ransom or have recovered their data via some other means. At the end of the day, fighting ransomware has resulted in the bad actors’ loss of revenue.
Google on Tuesday announced that its open source version of the Android operating system will add support for Rust programming language in a bid to prevent memory safety bugs. To that end, the company has been building parts of the Android Open Source Project (AOSP) with Rust for the past 18 months, with plans in
Michigan State University (MSU) has been impacted by a data breach stemming from a cyber-attack on an Ohio law firm. Bricker & Eckler LLP, which is associated with MSU Title IX contractor INCompliance Consulting, was hit with ransomware in January 2021. An investigation into the incident determined that an unauthorized party gained access to certain Bricker
- 1
- 2
- 3
- …
- 190
- Next Page »