Ransomware attacks hit record levels in 2024 despite law enforcement crackdowns
Is it time to ban payments to ransomware gangs?
Microsoft will let consumers purchase security updates for Windows 10 after its end of life, but only for a single year
Less expensive than business rates
In brief: We're less than one year away from Windows 10's end-of-life date. Microsoft has already revealed how much businesses will have to pay if they want to continue receiving official support after October 14, 2025. Now, the company has announced that customers will also be able to purchase Extended Security Updates (ESU) for $30 for one year, with no option to continue beyond that period.
Eurojust, FBI, and other agencies join forces to take down two major data-stealing malware rings
"We are looking forward to seeing you soon..." in jail
Defense Department began testing AI surveillance system to safeguard critical military assets
A commercial AI surveillance solution which can be tailored to specific DoD needs
Apple offers $1 million bounty for uncovering security flaws in private AI cloud
The rewards are comparable to those offered for iOS
Microsoft CEO Satya Nadella's compensation rises 63% to $79 million despite his request for a pay cut
When your pay simultaneously goes up and down
What just happened? In a scenario that the vast majority of us will never experience, Microsoft boss Satya Nadella has seen his take-home pay increase 63% compared to last year despite the CEO requesting the amount he receives be reduced. While Nadella's salary was cut by 50%, other forms of his compensation increased significantly, bringing his total to $79.11 million in fiscal 2024, up from $48.51 million a year earlier.
Russia, China, and Iran are escalating online influence efforts ahead of US election, says Microsoft
Both major US parties are being targeted
A hot potato: Microsoft is warning that Russia, China, and Iran are carrying out online cyber and influence efforts ahead of the US election, and there are signs that these campaigns will escalate as November 5 draws closer. While Russia is smearing VP Kamala Harris, China is targeting Republicans critical of the country.
Meta reintroduces facial recognition to combat celebrity scam ads, account hackers
Meta scrapped its facial recognition tech in 2021
New attack methods work against Spectre mitigations in modern PC CPUs
Speculation barriers don't work as intended
Facepalm: Spectre-based flaws are still causing some security issues in recent Intel and AMD CPUs. A newly developed attack can bypass protection "barriers" OEMs added to avoid personal data leakage. However, microcode and system updates should already be available for affected systems.
Mozilla advises Firefox users to update if they want browser add-ons to keep working
Trying to avoid another "extension apocalypse" like the one that happened in 2019
WeChat modified TLS encryption protocol exposes users to security risks
Its security falls short of the cryptographic standards expected for an app of WeChat's size, researchers say
Microsoft warns of 600 million daily cyberattacks and advanced tactics by nation-state actors
Their tech tools are getting more sophisticated, too
Signatures are becoming obsolete, so why are we still signing receipts?
Despite advanced payment systems, signatures stubbornly stick around
Google Chrome 130 adds passkeys for passwordless login on desktop
Chrome now supports passkeys not only on Android but also on Windows, macOS, and Linux desktops. Additionally, you can set up a PIN for easy access to your passkeys on the go.
Windows 10 support ends in a year, leaving users with difficult choices to make
As end of support looms, options exist but they come with a new set of pros and cons
FBI creates fake cryptocurrency in sting operation to catch pump-and-dump market manipulators
This was a first for the bureau
Dutch police reveal details in international takedown of "world's largest" illegal dark web market
The kingpins closed shop last year and went into hiding for months
Data broker National Public Data files for bankruptcy following massive breach
The debtor's insurance has declined coverage
Massive hack hits Internet Archive, compromising millions of user accounts
This is just the latest in a series of security and legal setbacks the nonprofit has faced
Firefox releases critical security fix following discovery of exploited vulnerability
Firefox 131.0.2 includes a security fix for a vulnerability actively exploited in the wild, where attackers can achieve code execution by exploiting a use-after-free flaw in animation timelines.
Hacker shows how a cigarette lighter can grant you root access
Homebrewed hardware circumvents security through electromagnetic interference
Kaspersky products have been removed from the Google Play Store
Kaspersky isn't giving up on mobile, though
Android's latest security feature will lock out devices when detecting "motion associated with theft"
The phone will quickly lock upon detection, keeping your data safe
Cloudflare recently mitigated a 3.8 Tbps DDoS attack, the largest ever recorded
The CDN protected one of its customers with fully autonomous systems