Microsoft yesterday took the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a "wormable" flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017. (By Brian Krebs, Krebs on Security)
Millions of websites have been compromised, but the most likely malware isn't cyptomining: it's quietly stealing files and redirecting traffic, a new Sitelock report shows. (By Curtis Franklin Jr., Dark Reading)
First reported by the Financial Times, the popular messaging app discovered in early May that attackers were installing surveillance software on iPhones and Android phones – by calling victims using WhatsApp's call function. WhatsApp is owned by Facebook and is used by 1.5 billion people globally. The messaging platform touts itself as a secure end-to-end encryption app for communications. (By Lindsey O'Donnell, Threatpost)
Human error is the greatest risk to companies moving their systems and data to the cloud, according to a recent report from Kaspersky Lab. The Kaspersky Lab Global Corporate IT Security Risks Survey examined data based on 7,186 interviews with companies of different sizes in 24 countries. (By Jonathan Greig, TechRepublic)
The incident marked as one of the worst data breaches in history, with the company paying a record $115 million fine to settle U.S. lawsuits. According to the indictment, the hackers used sophisticated techniques, including spearfishing, to hack into the computer networks of the targeted businesses and then installed malware on their computers to further compromise the networks and gain access to sensitive users' data and confidential business information. (By Mohit Kumar, The Hacker News)