In March’s Patch Tuesday, Microsoft released updates to address 61 vulnerabilities, including two critical flaws in Microsoft Hyper-V, its virtualization software that enables the creation of virtual machines (VMs).
Security News
Read about the latest security news. News about computer security malware, and other threats to your computer.
Russian-Canadian Man Sentenced for LockBit Ransomware Attacks
In Canada, a 34-year-old man holding dual Russian and Canadian nationality has been handed a four-year prison term and fined 860,000 Canadian dollars for his role in launching cyberattacks using the LockBit ransomware. His arrest occurred in late 2022, moments before he could secure access to his laptop.
Ledger Users Lose Hundreds of Thousands in Crypto to Phishing Attack
Ledger, a provider of cryptocurrency wallets, has reported a significant loss for its users. Criminals distributed a malicious version of the Ledger Connect Kit through a phishing attack on a former employee. This kit is a crucial JavaScript library that links Ledger crypto wallets to third-party applications, also known as wallet-connected websites.
Windows 10 and Windows 11 Users to Encounter New Login Prompt for Microsoft Apps
Windows 10 and 11 users will soon notice changes when logging into Microsoft apps. A new prompt will ask if they want to use their Windows account for the login. This update is Microsoft’s response to comply with the Digital Markets Act (DMA).
Proton Mail Launches Desktop App for Enhanced Email Experience
Proton Mail, a well-known email service provider, has expanded its offerings by launching a desktop application for macOS and Windows users. They also announced plans to introduce a version for Linux users in the early part of next year. Proton’s CEO, Andy Yen, stated that although many users typically access email through a browser on a desktop, desktop applications have distinct advantages, such as improved offline support. This launch marks a significant step for Proton Mail, offering a service that even major players like Gmail do not.
Widespread Exploitation of Critical Apache Struts 2 Vulnerability
Global attackers actively exploit a severe vulnerability in Apache Struts 2, a popular open-source framework for developing Java web applications and websites. This alert comes from Australian and French authorities who anticipate widespread abuse. The Apache Foundation responded on December 7 with security updates to address this vulnerability, CVE-2023-50164.