Security Bulletin

SC Media previews next week’s trifecta of cybersecurity conferences and offers a cheat sheet on what to expect and best bets to attend.

The process took two years, but this is the first successful settlement obtained under Texas' Capture or Use of Biometric Identifier Act, which forbids the capture of biometric data without users' explicit consent.

Malicious actors could potentially exploit this vulnerability if they gain physical access to a user's device.

The sustained cyberattack, likely made worse by a mitigation snafu, disrupted several Azure cloud services for nearly eight hours on July 30.

Two US senators accuse carmakers of deceptive language and shifty practices in sharing and resale of driver data.

While the DDoS attack was the initial trigger, Microsoft said it was “amplified” by an internal misconfiguration.

Numerous Electoral Commission accounts had similar passwords or default credentials, which could increase vulnerability to intrusions.

Intrusions involved the delivery of phishing emails with malicious RAR or ISO attachments, with the former triggering direct DBatLoader execution and the latter obscuring a Windows batch script with a PEM-encoded certificate revocation list...

Attackers leveraged agreement-spoofing phishing emails to deliver a RAR archive with a malicious DLL, which would execute DSDownloader.