lemmydev2

HP rescinds European support call strategy due to "feedback."

Users will now be more vulnerable to data breaches from bad actors, Apple says, after Home Office orderBusiness live – latest updatesApple has taken the unprecedented step of removing its strongest data security tool from customers in the UK, after the government demanded “backdoor” access to user data.UK users will no longer have access to the advanced data protection (ADP) tool, which uses end-to-end encryption to allow only account holders to view items such as photos or documents they have stored online in the iCloud storage service. UK users will now be more vulnerable to data breaches from bad actors, and other threats to customer privacy, Apple said. It will also mean that all data is accessible by Apple, which can share it with law enforcement if they have a warrant. Continue reading...

Cryptocurrency exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets. [...]

Researchers say there's dissent in the ranks. Plus: An AI tool lets you have a go yourself at analysing the data Hundreds of thousands of internal messages from the Black Basta ransomware gang were leaked by a Telegram user, prompting security researchers to bust out their best Russian translations post haste.…

Pegasus spyware, once considered a tool for targeting journalists and activists—is now being deployed against executives in the private sector, including finance, real estate, and logistics.  In a December 2024 investigation, 11 new Pegasus infections were detected among 18,000 devices scanned globally, signaling a shift in espionage tactics toward corporate espionage.  The findings, detailed in […] The post Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors appeared first on Cyber Security News.

Don't think this is SaaS and you can relax: Redmond wants a few of you to check your websites Microsoft has fixed a security flaw in its Power Pages website-building SaaS, after criminals got there first – and urged users to check their sites for signs of exploitation.…

Microsoft’s quantum chip engineers just discovered a brand new state of matter, and Bitcoin’s security could get lost in the flux. The post Microsoft’s new state of matter is a quantum threat to bitcoin appeared first on Protos.

Meta’s copyright defense may hinge on court ignorance of torrenting terminology.

Legal discovery targets names of Altice users hit with copyright notices.

An unknown leaker has released what they claim to be an archive of internal Matrix chat logs belonging to the Black Basta ransomware operation. [...]

Bug bounty programs, where external agents are invited to search and report vulnerabilities (bugs) in exchange for rewards (bounty), have become a major tool for companies to improve their systems. We suggest augmenting such programs by inserting artificial bugs to increase the incentives to search for real (organic) bugs. Using a model of crowdsearch, we identify the efficiency gains by artificial bugs, and we show that for this, it is sufficient to insert only one artificial bug. Artificial bugs are particularly beneficial, for instance, if the designer places high valuations on finding organic bugs or if the budget for bounty is not sufficiently high.

[...]

Yet, as prizes paid for finding artificial and organic bugs may optimally differ, the designer may want to prove to the finders of the artificial bug, or even to all participants, that an artificial bug found was indeed inserted on purpose and was artificially designed by the designer at the start of the bug bounty program. Even more importantly, if the artificial bug is not found during the crowdsearch, it is important that the designer can prove that an artificial bug has been inserted before the crowdsearch started. This would ensure, or reaffirm, the credibility of the bug bounty program with artificial bugs.

The third quarter of 2024 saw a dramatic shift in the types of malware detected at network perimeters, according to a new WatchGuard report. The report’s key findings include a 300% increase quarter over quarter of endpoint malware detections, highlighted by growing threats that exploit legitimate websites or documents for malicious purposes as threat actors turn to more social engineering tactics to execute their attacks. While Microsoft documents like Word and Excel have long been … More → The post 300% increase in endpoint malware detections appeared first on Help Net Security.