Cybercriminals are racing to exploit four zero-day bugs in Exchange before more organizations can patch them. Image: Microsoft Organizations that run Microsoft Exchange Server are being urged to apply several bug fixes to the program in response to a hack from a Chinese cybercriminal group. The attack has sparked concern among everyone from security experts to the White House. Early last week, Microsoft revealed that a China-based group called Hafnium has been launching cyberattacks against…

Virginia governor Ralph Northam has signed a new state data protection act into law.  The Virginia Consumer Data Protection Act (CDPA) requires people conducting business in the Commonwealth of Virginia to comply with a novel set of data security and privacy requirements.  The CDPA, which mirrors some of the provisions laid out in the EU’s General Data Protection Regulation (GDPR), comes into effect on January 1, 2023.  Businesses found to have violated the CDPA will…

An ongoing network outage at a university in Texas is believed to have been caused by a malicious hack. The computer network of the University of Texas at El Paso was turned off out of caution after a “potentially malicious intrusion” was detected in the early hours of Friday morning. Email and the server hosting the university’s website were affected by the incident, forcing faculty and students to communicate via Blackboard. The cyber-attack has also…

British tech company TiG Data Intelligence has successfully completed the acquisition of identity and security company ThirdSpace.  ThirdSpace began life in 2002 as Oxford Computer Group UK. The company’s first ever client, University West of England, is still working with them today. Operating as a specialist arm of TiG, ThirdSpace will retain its independent capability and expertise and its current management structure.  “We are delighted to be realising one of ThirdSpace’s strategic goals in expanding our security capabilities…

The REvil ransomware operators are using DDoS attacks and voice calls to journalists and victim’s business partners to force victims to pay the ransom. The REvil/Sodinokibi ransomware operators announced that they are using DDoS attacks and voice calls to victim’s business partners and journalists to force the victims into pay the ransom. The announcement shows an improvement in the double-extortion tactic, which doesn’t limit to threatening the victims to leak the stolen files in case…

Jack Wallen explains what supercookies are and how to protect your web browsing against them with Firefox’s new privacy feature. Image: NiroDesign, Getty Images/iStockphoto Mozilla announced recently a new take on privacy for its open source web browser Firefox. This new approach is called Total Cookie Protection and makes a limited exception for cross-site cookies only when they are needed for non-tracking purposes, such as those used by third-party login providers. Outside of that, permissions…