The FTC will require web hosting giant GoDaddy to implement basic security protections, such as multi-factor authentication and HTTPS APIs, to settle charges that it failed to secure its hosting services against attacks since 2018.
BleepingComputer
FTC orders GoDaddy to fix poor web hosting security practices
The Federal Trade Commission (FTC) will require web hosting giant GoDaddy to implement basic security protections, including HTTPS APIs and mandato...
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability.
BleepingComputer
UK domain registry Nominet confirms breach via Ivanti zero-day
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago...
A pastor at a Pasco, Washington, church has been indicted on 26 counts of fraud for allegedly operating a cryptocurrency scam that defrauded investors of millions between 2021 and 2023.
BleepingComputer
Pastor who saw crypto project in his "dream" indicted for fraud
A pastor at a Pasco, Washington, church has been indicted on 26 counts of fraud for allegedly operating a cryptocurrency scam that defrauded invest...
Swiss tech company Proton, which provides privacy-focused online services, says that a Thursday worldwide outage was caused by an ongoing infrastructure migration to Kubernetes and a software change that triggered an initial load spike.
BleepingComputer
Proton worldwide outage caused by Kubernetes migration, software change
Swiss tech company Proton, which provides privacy-focused online services, says that a Thursday worldwide outage was caused by an ongoing infrastru...
Microsoft will force install the new Outlook email client on Windows 10 systems starting with next month's security update.
BleepingComputer
Microsoft to force install new Outlook on Windows 10 PCs in February
Microsoft will force install the new Outlook email client on Windows 10 systems starting with next month's security update.
Russian internet service provider Nodex confirmed on Tuesday that its network was "destroyed" in a cyberattack claimed by Ukrainian hacktivists part of the Ukrainian Cyber Alliance
BleepingComputer
Russian ISP confirms Ukrainian hackers "destroyed" its network
Russian internet service provider Nodex confirmed on Tuesday that its network was "destroyed" in a cyberattack claimed by Ukrainian hacktivists par...
SonicWall is emailing customers urging them to upgrade their firewall's SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is "susceptible to actual exploitation."
BleepingComputer
SonicWall urges admins to patch exploitable SSLVPN bug immediately
SonicWall is emailing customers urging them to upgrade their firewall's SonicOS firmware to patch an authentication bypass vulnerability in SS...
Tenable says customers must manually upgrade their software to revive Nessus vulnerability scanner agents taken offline on December 31st due to buggy differential plugin updates.
BleepingComputer
Bad Tenable plugin updates take down Nessus agents worldwide
Tenable says customers must manually upgrade their software to revive Nessus vulnerability scanner agents taken offline on December 31st due to bug...
A new variation of clickjacking attacks called "DoubleClickjacking" lets attackers trick users into authorizing sensitive actions using double-clicks while bypassing existing protections against these types of attacks.
BleepingComputer
New DoubleClickjacking attack exploits double-clicks to hijack accounts
A new variation of clickjacking attacks called "DoubleClickjacking" lets attackers trick users into authorizing sensitive actions using double-clic...
New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise of at least thirty-five extensions to inject data-stealing code, including those from cybersecurity firm Cyberhaven.
BleepingComputer
New details reveal how hackers hijacked 35 Google Chrome extensions
New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise of at least thirty-five...