The Australian government has banned all Kaspersky Lab products and web services from its systems and devices following an analysis that claims the company poses a significant security risk to the country. From a report: "After considering threat and risk analysis, I have determined that the use of Kaspersky Lab, Inc. products and web services by Australian Government entities poses an unacceptable security risk to Australian Government, networks and data, arising from threats of foreign interference, espionage and sabotage," justified Stephanie Foster, Secretary of the Department of Home Affairs.

"I have also considered the important need for a strong policy signal to critical infrastructure and other Australian governments regarding the unacceptable security risk associated with the use of Kaspersky Lab, Inc. products and web services."

ZDNet's Steven Vaughan-Nichols shares some of the latest improvements to ExpressVPN following its codebase transition from C to Rust. An anonymous reader quotes an excerpt from the report: ExpressVPN is one of ZDNET's favorite Virtual Private Networks (VPNs). The popular VPN's transformation of its Lightway codebase from C to Rust promises to make the service faster and more secure. For now, the updated Lightway 2.0 is only available via ExpressVPN's Aircove router with the February 4 AircoveOS v5 update. The Aircove, which we rate as the best VPN router, costs $189. With this device, you can protect your tech from unwanted snoopers without installing a VPN on each gadget. So, how much faster is the updated ExpressVPN? In my tests, I connected to the internet via my updated router over my 2 Gigabit per second (Gbps) AT&T Internet using a 2.5 Gbps Ethernet-connected Linux Mint desktop with a Wi-Fi 6 connection over my Samsung Galaxy 25 Plus smartphone.

Without the VPN engaged, I saw 1.6 Gbps speeds, which is about par. With the VPN switched on and using Lightway 2.0, I saw speeds in the 290 to 330 Megabit per second (Mbps) range to Toronto and London, England. Farther afield, I saw speeds around 250 to 280Mbps to Hong Kong and Seoul. That's about 20% faster than I had seen with earlier Lightway versions. I was impressed. This version of the VPN should also be more secure. As Pete Membrey, ExpressVPN's chief research officer, said in a statement: "At ExpressVPN, we innovate to solve the challenges of tomorrow. Upgrading Lightway from its previous C code to Rust was a strategic and straightforward decision to enhance performance and security while ensuring longevity."

The updated Lightway VPN protocol also uses ML-KEM, the newly finalized NIST standard for post-quantum encryption. This feature, wrote Membray in a blog post, "ensures your connection is secured by encryption designed not just for today's threats but for the quantum-powered challenges of the future." To ensure the integrity of the recoded Lightway protocol, ExpressVPN commissioned two independent security audits from cybersecurity firms Cure53 and Praetorian. Both audits yielded positive results, with only minor vulnerabilities identified and promptly addressed by ExpressVPN. In short, ExpressVPN is technically about as safe a VPN as they come.

A Disney employee's download of an AI image generation tool from GitHub led to a massive data breach in July 2024, exposing over 44 million internal Slack messages. The software contained infostealer malware that compromised Matthew Van Andel's computer [non-paywalled source] for five months, giving hackers access to his 1Password manager.

The attackers used the stolen credentials to access Disney's corporate systems, publishing sensitive information including customer data, employee passport numbers, and revenue figures from Disney's theme parks and streaming services. The breach also devastated Van Andel personally. Hackers exposed his Social Security number, financial login details, and even credentials for his home's Ring cameras. Shortly after the incident, Disney fired Van Andel following a forensic analysis of his work computer, citing misconduct he denies. Security researchers believe the attacker, who identified as part of a Russia-based hacktivist group called Nullbulge, is likely an American individual.

British iPhone users have shown minimal reaction to Apple's decision to disable end-to-end encryption for UK iCloud customers, challenging the company's assumption about privacy priorities, a Bloomberg columnist notes. Rather than create a government-accessible backdoor demanded under Britain's Investigatory Powers Act, Apple chose to eliminate its Advanced Data Protection feature entirely for UK customers, effectively giving both authorities and potential hackers easier access to stored emails, photos and documents.

The near absence of public outcry from British consumers points to what researchers call the "privacy paradox," where stated concerns about data security rarely translate to action. According to cited research, while 92% of American consumers believe they should control their online information, only 16% have stopped using services over data misuse. The quiet reception suggests Apple's principled stand against backdoors may have limited impact if customers don't understand or value encrypted protection, potentially undermining privacy's effectiveness as a marketing differentiator for the tech giant.

North Korean hackers have executed the largest cryptocurrency theft in history, draining $1.5 billion from Dubai-based exchange Bybit by compromising its multisignature cold wallet system. The attackers stole over 400,000 ethereum and staked ethereum coins without exploiting code vulnerabilities or infrastructure.

Security researchers from Elliptic identified North Korean signatures in the subsequent laundering operations, consistent with the nation's ongoing cryptocurrency theft operations that fund its weapons programs. Investigators determined the hackers manipulated the user interfaces on multiple Bybit employees' devices simultaneously, tricking authorized personnel into approving what appeared to be legitimate transactions. This sophisticated attack "altered the smart contract logic and masked the signing interface," according to Bybit's disclosure.

"The Bybit hack has shattered long-held assumptions about crypto security," noted researchers at Check Point. "No matter how strong your smart contract logic or multisig protections are, the human element remains the weakest link."

An anonymous reader quotes a report from 9to5Google: Starting with the Snapdragon 8 Elite, Qualcomm will offer device manufacturers (OEMs) the "ability to provide support for up to eight consecutive years of Android software and security updates." Qualcomm today announced a "program" in partnership with Google: "What this means is that support for platform software included in this program will be made available to OEMs for eight consecutive years, including both Android OS and kernel upgrades, without requiring significant changes or upgrades to the platform and OEM code on the device (a separation commonly referred as 'Project Treble' or the 'vendor implementation'). While kernel changes will require updating kernel mode drivers, the vendor code can remain unchanged while the software support is being provided."

This program specifically includes "two upgrades to the mobile platform's Android Common Kernel (ACK) to support the eight-year window." It's ultimately up to manufacturers to update their devices, but the bottleneck going forward won't be the chip. Qualcomm today notes how the extended software support it's providing can "lower costs for OEMs interested in supporting their devices longer." The first devices to benefit are Snapdragon 8 Elite-powered smartphones launching with Android 15. Notably, the program runs for the "next five generations" of SoCs, including Snapdragon 8 and 7-series chips launching "later this year." Older chipsets will not benefit from this program.

An anonymous reader quotes a report from TorrentFreak: In France, rightsholders have taken legal action to compel large VPN providers to support their pirate site blocking program. The aim is to reinforce existing blocking measures, but VPN providers see this as a dangerous move, leading to potential security issues and overblocking. As a result, some are considering leaving France altogether if push comes to shove. [...] Earlier this month, sports rightsholders Canal+ and LFP requested blocking injunctions that would require popular VPNs to start blocking pirate sites and services. The full requests are not public, but the details available show that Cyberghost, ExpressVPN, NordVPN, ProtonVPN, and Surfshark are listed as respondents. [...]

The blocking request has yet to be approved and several of the targeted VPN providers have reserved detailed commentary, for now. That said, the VPN Trust Initiative (VTI), which includes ExpressVPN, NordVPN and Surfshark as members, has been vocal in its opposition. VTI is part of the i2Coalition and while it doesn't speak directly for any of the members, the coalition's Executive Director Christian Dawson has been in regular discussions with VPN providers. From this, it became clear that VPN providers face difficult decisions. If VPN providers are ordered to block pirate sites, some are considering whether to follow in the footsteps of Cisco, which discontinued its OpenDNS service in the country, to avoid meddling with its DNS resolver.

Speaking with TorrentFreak, VTI's Dawson says that VPNs have previously left markets like India and Pakistan in response to restrictive requirements. This typically happens when privacy or security principles are at risk, or if the technical implementation of blocking measures is infeasible. VTI does not rule out that some members may choose to exit France for similar reasons, if required to comply with blocking measures. "We've seen this before in markets like India and Pakistan, where regulatory requirements forced some VPN services to withdraw rather than compromise on encryption standards or log-keeping policies," Dawson says. "France's potential move to force VPN providers to block content could put companies in a similar position -- where they either comply with measures that contradict their purpose or leave the market altogether." "This case in France is part of a broader global trend of regulatory overreach, where governments attempt to control encrypted services under the guise of content regulation. We've already seen how China, Russia, Myanmar, and Iran have imposed VPN restrictions as part of broader censorship efforts."

"The best path forward is for policymakers to focus on targeted enforcement measures that don't undermine Internet security or create a precedent for global Internet fragmentation," concludes Dawson. "As seen in other cases, blanket blocking measures do not effectively combat piracy but instead create far-reaching consequences that disrupt the open Internet."

Microsoft has updated its CPU compatibility list for Windows 11 24H2, excluding pre-11th-generation Intel processors for OEMs building new PCs. The Register reports: Windows 11 24H2 has been available to customers for months, yet Microsoft felt compelled in its February update to confirm that builders, specifically, must use Intel's 11th-generation or later silicon when building brand new PCs to run its most recent OS iteration. "These processors meet the design principles around security, reliability, and the minimum system requirements for Windows 11," Microsoft says.

Intel's 11th-generation chips arrived in 2020 and were discontinued last year. It would be surprising, if not unheard of, for OEMs to build machines with unsupported chips. Intel has already transitioned many pre-11th generation chips to "a legacy software support model," so Microsoft's decision to omit the chips from the OEM list is understandable. However, this could be seen as a creeping problem. Chips made earlier than that were present very recently, in the list of supported Intel processors for Windows 11 22H2 and 23H2.

This new OEM list may add to worries of some users looking at the general hardware compatibility specs for Windows 11 and wondering if the latest information means that even the slightly newer hardware in their org's fleet will soon no longer meet the requirements of Microsoft's flagship operating system. It's a good question, and the answer -- currently -- appears to be that those "old" CPUs are still suitable. Microsoft has a list of hardware compatibility requirements that customers can check, and they have not changed much since the outcry when they were first published.

Google is preparing to abandon SMS verification codes for Gmail authentication in favor of QR codes, Gmail spokesperson Ross Richendrfer told Forbes. The move aims to address significant security vulnerabilities inherent in SMS-based verification while combating fraudulent exploitation of Google's messaging infrastructure, he said.

"Just like we want to move past passwords with the use of things like passkeys, we want to move away from sending SMS messages for authentication," Richendrfer said. The transition will target "rampant, global SMS abuse" that undermines security and enables criminal schemes. SMS verification currently serves dual purposes at Google: confirming user identity and preventing service abuse. However, these codes are vulnerable to phishing, dependent on carrier security practices, and frequently exploited in "traffic pumping" scams where fraudsters profit from artificially triggered SMS messages.

The forthcoming implementation will display QR codes that users scan with their phone cameras instead of entering six-digit codes. This approach eliminates shareable verification codes and reduces dependency on telecom carriers. The changes will roll out "over the next few months," the company said.

An anonymous Slashdot reader shared this report from Phoronix: Linux's second-in-command Greg Kroah-Hartman has also been a big proponent of Rust kernel code. He's crafted another Linux kernel mailing list post [Wednesdsay] outlining the benefits of Rust and encouraging new kernel code/drivers to be in Rust rather than C. Greg KH makes the case that the majority of the kernel bugs are due to "stupid little corner cases in C that are totally gone in Rust."
"As someone who has seen almost EVERY kernel bugfix and security issue for the past 15+ years... and who sees EVERY kernel CVE issued, I think I can speak on this topic," Kroah-Hartman began. Here's some excerpts from his remarks. Citing corner cases like overwrites of memory, error path cleanups, use-after-free mistakes and forgetting to check error values, Kroah-Hartman says he's "all for... making these types of problems impossible to hit." That's why I'm wanting to see Rust get into the kernel, these types of issues just go away, allowing developers and maintainers more time to focus on the REAL bugs that happen (i.e. logic issues, race conditions, etc.)... [F]or new code / drivers, writing them in Rust where these types of bugs just can't happen (or happen much much less) is a win for all of us, why wouldn't we do this...? Rust isn't a "silver bullet" that will solve all of our problems, but it sure will help in a huge number of places, so for new stuff going forward, why wouldn't we want that...?

Yes, mixed language codebases are rough, and hard to maintain, but we are kernel developers dammit, we've been maintaining and strengthening Linux for longer than anyone ever thought was going to be possible. We've turned our development model into a well-oiled engineering marvel creating something that no one else has ever been able to accomplish. Adding another language really shouldn't be a problem, we've handled much worse things in the past and we shouldn't give up now on wanting to ensure that our project succeeds for the next 20+ years. We've got to keep pushing forward when confronted with new good ideas, and embrace the people offering to join us in actually doing the work to help make sure that we all succeed together.
Kroah-Hartman emphasized later that "a huge majority of the stupid things we do in C just don't happen in the same code implemented in Rust (i.e. memory leaks, error path cleanups, return value checking, etc.) "

The complete thread contains over 140 messages — including Linus Torvalds' observation that " #pragma is complete garbage and should never be used."

The Washington Post looks at a new kind of battery that "could make American EVs cheaper and safer, experts say." If you bought an EV with a lithium iron phosphate (LFP) battery, you could expect lower car payments, less fire risk and more years of use out of your car — but you wouldn't be able to go as far on a single charge as you could with the nickel manganese cobalt (NMC) batteries commonly found in American and European electric cars. That trade-off has made LFP batteries the go-to choice for standard-range EVs in China, helping to make electric cars more affordable and limit pollution. Now, American companies are starting to build their own LFP batteries to catch up to their Chinese rivals... But there are plenty of barriers for U.S. companies that want to adopt a technology dominated by Chinese firms. Tariffs and tax credit restrictions have made it too expensive for most American automakers to import LFP batteries from China, and national security concerns have made it hard for American companies to partner with Chinese battery makers to build factories in the United States...

Although American scientists invented LFP batteries in 1997, U.S. automakers didn't invest in the technology. Instead, they bet on NMC batteries because they have longer range, a big concern for American EV buyers. "Everyone in the West thought LFP was a nonstarter five or six years ago," said Adrian Yao, who founded STEER, a technology research group within Stanford University. "We really did have a myopic focus on" range, he added. That left the door open for Chinese companies to perfect LFP batteries, which have a few advantages. Instead of pricey nickel and cobalt, they use iron, which makes them 20 percent cheaper than NMC batteries, according to the International Energy Agency. While NMC batteries can be recharged up to about 1,000 times before they go kaput — which is enough to put 200,000 miles on most EVs — LFP batteries can last two or three times as long, according to Moura. Plus, LFP batteries' chemistry makes them less likely to catch fire and easier to extinguish. An NMC battery, on the other hand, is so flammable that "you could put it underwater or in space, and it'll keep burning because the oxygen it needs to keep the flame going is embedded within itself," Moura said.

That safety advantage is key, because Chinese firms figured out they could pack LFP cells closer together inside a battery pack without risking a fire. That meant they could cram more energy into LFP batteries and nearly catch up to the range of NMC batteries. Last year, the Chinese battery giant CATL made the first LFP battery with more than 600 miles of range. Since LFP batteries are made from common materials and last longer, they also have a smaller environmental footprint than NMC batteries.
Ford used LFP batteries in its Mach-E sedan (2023) and F-150 Lightning pickup trucks (2024), according to the article, "while Rivian began using them in the basic trims of its R1S SUV and R1T pickup truck this year... American LFP factories are slated to open this year in St. Louis and next year in Arizona." And an environmental engineering professor at the University of California at Berkeley predicts LFP battery factories in the U.S. will "grow quite rapidly over the next five to 10 years."

This year's "State of Rust" survey was completed by 7,310 Rust developers. DevClass note some key findings: When asked about their biggest worries for Rust's future, 45.5 percent cited "not enough usage in the tech industry," up from 42.5 percent last year, just ahead of the 45.2 percent who cited complexity as a concern... Only 18.6 percent declared themselves "not worried," though this is a slight improvement on 17.8 percent in 2023...

Another question asks whether respondents are using Rust at work. 38.2 percent claimed to use it for most of their coding [up from 34% in 2023], and 13.4 percent a few times a week, accounting for just over half of responses. At the organization level there is a similar pattern. 45.5 percent of organizations represented by respondents make "non-trivial use of Rust," up from 38.7 percent last year.
More details from I Programmer: On the up are "Using Rust helps us achieve or goals", now 82% compared to 72% in 2022; "We're likely to use Rust again in the future", up 3% to 78%; and "Using Rust has been worth the cost of Adoption". Going down are "Adopting Rust has been challenging", now 34.5% compared to 38.5% in 2022; and "Overall adopting Rust has slowed down our team" down by over 2% to 7%.
"According to the survey, organizations primarily choose Rust for building correct and bug-free software (87.1%), performance characteristics (84.5%), security and safety properties (74.8%), and development enjoyment (71.2%)," writes The New Stack: Rust seems to be especially popular for creating server backends (53.4%), web and networking services, cloud technologies and WebAssembly, the report said. It also seems to be gaining more traction for embedded use cases... Regarding the preferred development environment, Linux remains the dominant development platform (73.7%).

However, although VS Code remains the leading editor, its usage dropped five percentage points, from 61.7% to 56.7%, but the Zed editor gained notable traction, from 0.7% to 8.9%. Also, "nine out of 10 Rust developers use the current stable version, suggesting strong confidence in the language's stability," the report said...

Overall, 82% of respondents report that Rust helped their company achieve its goals, and daily Rust usage increased to 53% (up four percentage points from 2023). When asked why they use Rust at work, 47% of respondents cited a need for precise control over their software, which is up from 37% when the question was asked two years ago.

Five days ago on Patch Tuesday, Microsoft released patch KB5051987 for Windows 11 version 24H2, writes the XDA Developers site.

But "As reported by Windows Latest and various communities like Reddit and Microsoft's help forum, many users have encountered a major issue..."

Some have reported that, in addition to File Explorer failing to launch, they're unable to open folders from the desktop, save Office files, or even download files. Clicking on a folder icon may display its subfolders, but the contents within remain inaccessible... Some users on Microsoft's help forum and Reddit have also reported that the KB5051987 patch fails to install entirely. The update gets stuck at a certain percentage for hours before eventually displaying an error code. While these are among the most widely reported issues, others have surfaced as well, including problems with Taskbar preview animations, the camera, and more.
"Microsoft keeps running into brick walls with the 2024 version of Windows 11," writes ZDNet. "Each new update designed to fix the outstanding bugs ends up introducing other problems..." Among the glitches resolved were ones that affected digital audio converters, USB audio drivers, USB cameras, and passkeys. The update also patched several security vulnerabilities, including some that were deemed critical....

Other glitches that may pop up include a stuttering mouse, an undetectable camera, .NET apps that cannot be installed inside the Windows Sandbox, and the Taskbar's new preview animation that does not work properly. You may also encounter other roadblocks. One person in the Windows Feedback Hub said that after installing the update, the battery life shows only 2.5 hours versus 6 hours previously. Another person found that the clipboard history no longer copies items from Microsoft Word...

Each annual Windows update can suffer from bugs, especially after being rolled out to millions of users. However, Windows 11 24H2 has been more problematic than usual. Since its official launch last October, the 2024 version has carried with it a host of known issues, many of which still haven't been resolved.

California sued to fine a data-harvesting company, reports the Washington Post, calling it "a rare step to put muscle behind one of the strongest online privacy laws in the United States." Even when states have tried to restrict data brokers, it has been tough to make those laws stick. That has generally been a problem for the 19 states that have passed broad laws to protect personal information, said Matt Schwartz, a policy analyst for Consumer Reports. He said there has been only 15 or so public enforcement actions by regulators overseeing all those laws. Partly because companies aren't held accountable, they're empowered to ignore the privacy standards. "Noncompliance is fairly widespread," Schwartz said. "It's a major problem."

That's why California is unusual with a data broker law that seems to have teeth. To make sure state residents can order all data brokers operating in the state to delete their personal records [with a single request], California is now requiring brokers to register with the state or face a fine of $200 a day. The state's privacy watchdog said Thursday that it filed litigation to force one data broker, National Public Data, to pay $46,000 for failing to comply with that initial phase of the data broker law. NPD declined to comment through an attorney... This first lawsuit for noncompliance, Schwartz said, shows that California is serious about making companies live up to their privacy obligations... "If they can successfully build it and show it works, it will create a blueprint for other states interested in this idea," he said.
Last summer NPD "spilled hundreds of millions of Americans' Social Security Numbers, addresses, and phone numbers online," according to the blog Krebs on Security, adding that another NPD data broker sharing access to the same consumer records "inadvertently published the passwords to its back-end database in a file that was freely available from its homepage..."

California's attempt to regulate the industry inspired the nonprofit Consumer Reports to create an app called Permission Slip that reveals what data companies collect and, for people in U.S. states, will "work with you to file a request, telling companies to stop selling your personal information."

Other data-protecting options suggested by The Washington Post:

• Use Firefox, Brave or DuckDuckGo, "which can automatically tell websites not to sell or share your data. Those demands from the web browsers are legally binding or will be soon in at least nine states."

• Use Privacy Badger, an EFF browser extension which the EFF says "automatically tells websites not to sell or share your data including where it's required by state law."

Google's Threat Intelligence Group notes "the growing threat to secure messaging applications." While specifically acknowledging "wide ranging efforts to compromise Signal accounts," they add that the threat "also extends to other popular messaging applications such as WhatsApp and Telegram, which are also being actively targeted by Russian-aligned threat groups using similar techniques.

"In anticipation of a wider adoption of similar tradecraft by other threat actors, we are issuing a public warning regarding the tactics and methods used to date to help build public awareness and help communities better safeguard themselves from similar threats."

Computer Weekly reports: Analysts predict it is only a matter of time before Russia starts deploying hacking techniques against non-military Signal users and users of other encrypted messaging services, including WhatsApp and Telegram. Dan Black, principal analyst at Google Threat Intelligence Group, said he would be "absolutely shocked" if he did not see attacks against Signal expand beyond the war in Ukraine and to other encrypted messaging platforms...

Russia-backed hackers are attempting to compromise Signal's "linked devices" capability, which allows Signal users to link their messaging account to multiple devices, including phones and laptops, using a quick response (QR) code. Google threat analysts report that Russia-linked threat actors have developed malicious QR codes that, when scanned, will give the threat actor real-time access to the victim's messages without having to compromise the victim's phone or computer. In one case, according to Black, a compromised Signal account led Russia to launch an artillery strike against a Ukrainian army brigade, resulting in a number of casualties... Google also warned that multiple threat actors have been observed using exploits to steal Signal database files from compromised Android and Windows devices.
The article notes that the attacks "are difficult to detect and when successful there is a high risk that compromised Signal accounts can go unnoticed for a long time." And it adds that "The warning follows disclosures that Russian intelligence created a spoof website for the Davos World Economic Forum in January 2025 to surreptitiously attempt to gain access to WhatsApp accounts used by Ukrainian government officials, diplomats and a former investigative journalist at Bellingcat."

Google's Threat Intelligence Group notes there's a variety of attack methods, though the "linked devices" technique is the most widely used. "We are grateful to the team at Signal for their close partnership in investigating this activity," Google's group says in their blog post, adding that "the latest Signal releases on Android and iOS contain hardened features designed to help protect against similar phishing campaigns in the future. Update to the latest version to enable these features."

Microsoft's newly announced Muse AI model for game development has triggered immediate backlash from industry professionals. "Fuck this shit," responded David Goldfarb, founder of The Outsiders, arguing that such AI tools primarily serve to "reduce capital expenditure" while devaluing developers' collective artistic contributions.

Multiple developers told Wired that the tool is aimed at shareholders rather than actual developers. "Nobody will want this. They don't CARE that nobody will want this," one AAA developer said, noting that internal criticism remains muted due to job security concerns amid industry-wide layoffs.

The resistance comes as developers increasingly view AI initiatives as threats to job security rather than helpful tools. One anonymous developer called it "gross" that they needed to remain unnamed while criticizing Muse, as their studio still depends on potential Game Pass deals with Microsoft. Even in prototyping, where Microsoft sees AI potential, Creative Assembly's Marc Burrage warns that automated shortcuts could undermine crucial learning experiences in game development.

Cryptocurrency exchange Bybit has experienced $1.46 billion worth of "suspicious outflows," according to blockchain sleuth ZachXBT. From a report: The wallet in question appears to have sent 401,346 ETH ($1.1 billion) as well as several other iterations of staked ether (stETH) to a fresh wallet, which is now liquidating mETH and stETH on decentralized exchanges, etherscan shows. The wallet has sold around $200 million worth of stETH so far. Bybit CEO Ben Zhou wrote on X that a hacker "took control of the specific ETH cold wallet and transferred all the ETH in the cold wallet to this unidentified address."

WinRAR 7.10 now lets users remove potentially sensitive metadata from downloaded files while preserving core Windows security features. The file compression tool's latest release introduces a "Zone value only" setting that strips download locations and IP addresses from Windows' Mark-of-the-Web security flags during file extraction.

The new privacy control, enabled by default, maintains only the basic security zone identifier that triggers Windows' safety prompts for downloaded files. This change prevents recipients of shared archives from accessing metadata that could reveal where files originated. The update from win.rar GmbH, whose compression software claims 500 million users worldwide, also adds performance improvements through larger memory page support and introduces a dark mode interface.

Apple is removing its most advanced, end-to-end encrypted security feature for cloud data in the United Kingdom [alternative source], in a stunning development after the government ordered the company to build a backdoor for accessing user data. From a report: The company said Friday that Advanced Data Protection, an optional feature that adds end-to-end encryption to a wide assortment of user data is no longer available in the UK for new users.

This layer of security covers iCloud data storage, device backups, web bookmarks, voice memos, notes, photos, reminders and text message backups. "We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy," the company said in a statement. "ADP protects iCloud data with end-to-end encryption, which means the data can only be decrypted by the user who owns it, and only on their trusted devices."

Mirnotoriety shares a report from The Register: The operators of Ghost ransomware continue to claim victims and score payments, but keeping the crooks at bay is possible by patching known vulnerabilities and some basic infosec actions, according to a joint advisory issued Wednesday by the FBI and US Cybersecurity and Infrastructure Security Agency. The Feds warned orgs to beware of this spectral menace, which is known to have infected critical infrastructure and entities in every sector of a typical economy, and which has been observed scoring ransoms as recently as January. It is said to have racked up victims in more than 70 countries, including some in its China homeland.

Ghost first appeared in 2021, and according to the Feds, the gang will "rotate their ransomware executable payloads, switch file extensions for encrypted files, modify ransom note text, and use numerous ransom email addresses, which has led to variable attribution of this group over time." The Chinese group has therefore been identified as Ghost, Cring, Crypt3r, Phantom, Strike, Hello, Wickrme, HsHarada, and Rapture over time. The group's favored tactics, however, remain consistent: It targets unpatched systems to exploit known vulnerabilities that allow it to infect targets. [...]