SecurityWeek

Amidst public pressure, Microsoft changes the set-up experience of Copilot+ PCs to disable the controversial Windows Recall feature by default.

Tenable goes shopping again in Israel with plans to buy early stage startup Eureka Security to boost data security posture management tooling.

Noteworthy stories that might have slipped under the radar: TikTok patches account hijacking zero-day, $300 million DMM Bitcoin hack, free Android VPN apps analyzed.

Mozilla has announced a 0Day Investigative Network (0Din) bug bounty program for LLMs and other deep learning tech.

The FCC proposes that broadband providers plan for BGP security and provide quarterly reports on implemented risk mitigations.

AI-powered MDR startup AirMDR has raised $5 million in seed funding from Foundation Capital and Storm Ventures.

SolarWinds has released patches for high-severity vulnerabilities in Serv-U and the SolarWinds Platform.

Frontier Communications is notifying over 750,000 individuals that their personal information was stolen in a recent data breach.

To comply with new UK government regulations, Apple has specified that iPhones will get at least 5 years of security updates.

Akamai warns that a Chinese threat actor is exploiting years-old remote code execution vulnerabilities in ThinkPHP in new attacks.

The US government is trying to recover more than $5.3 million stolen by cybercriminals through a BEC scheme from a workers union.

Log tampering is an almost inevitable part of a compromise. Why and how do cybercriminals target logs, and what can be done to protect them?

Google and Microsoft warn of elevated risks of cyber threats facing the 2024 Paris Olympics, especially from Russian threat actors.

A Russian cyber gang is believed to be behind a ransomware attack that disrupted London hospitals and led to operations and appointments being canceled.

GreyNoise has observed a rapid increase in the number of exploitation attempts targeting a recent Check Point VPN zero-day.

It took code security firm Kiuwan nearly two years to patch several serious vulnerabilities found in its SAST products.

A multinational operation by Interpol and the FBI cracked down on attempts in Moldova to sabotage one of the international police agency’s key tools, the Red Notice system.

Gone are the days when cyberattacks were deemed concerns solely by corporate giants.

Multiple Chinese state-sponsored groups have targeted a Southeast Asian government in a years-long cyberespionage campaign.

The FBI has obtained more than 7,000 LockBit ransomware decryption keys and is urging victims to get in touch with its IC3.