Cybersecurity

Software Experts named Avast “Best Antivirus” for its robust threat detection, broad platform support, and comprehensive privacy features. Avast Premium Security offers proactive protection with advanced malware detection, phishing and ransomware shields, and web threat prevention. The suite includes Scam Guardian Pro, an AI-powered defense against online scams. Avast Ultimate bundles Premium Security with SecureLine VPN, AntiTrack, and Cleanup Premium, providing a holistic security, privacy, and performance solution. Avast’s technologies are certified by leading independent labs and protect over 435 million users globally.

A *People’s Daily* commentary questioning the security of Nvidia’s H20 chip has sparked debate over potential “tracking” and “remote shutdown” vulnerabilities. Nvidia denies any “backdoors,” but China seeks verifiable proof of security, emphasizing cybersecurity’s importance. U.S. legislation, the “Securing Semiconductor Supply Chains Act,” proposes tracking advanced chips to prevent illegal diversion. Experts believe regulatory scrutiny targets potential risks associated with Nvidia’s products, aiming to ensure their security before widespread adoption in China. Verifiable evidence from Nvidia CEO Jensen Huang is needed to alleviate concerns.

Microsoft has expanded its .NET bug bounty program, increasing the top reward to $40,000 for critical vulnerabilities in .NET and ASP.NET Core. The program now encompasses a wider range of technologies and offers tiered rewards based on the severity of the vulnerability, incentivizing researchers to focus on the most damaging flaws, like Remote Code Execution (RCE) and Elevation of Privilege (EoP). This move reflects Microsoft’s commitment to proactive security and leveraging external talent to identify weaknesses.

A 158-year-old British transportation firm, Knights of Old (KNP), has ceased operations after a ransomware attack stemming from a weak employee password. Hackers encrypted critical data, demanding a £5 million ransom which KNP couldn’t afford. Despite having cyberattack insurance, the damage was catastrophic, with all data, servers, and backups compromised. The UK’s NCSC is working to combat the rising threat of ransomware, which averages around £4 million in demands for UK companies. The incident resulted in approximately 700 job losses.

China’s Ministry of State Security warns of increasing cybersecurity threats from hidden “backdoors” in foreign-made technology. These backdoors, either intentionally embedded or unwittingly created, can grant unauthorized access for espionage, potentially turning everyday devices into tools for remote surveillance and data theft. The Ministry urges vigilance, advocating for domestically developed technology and robust security protocols to mitigate these risks and protect national security.

CrowdStrike named a Leader in the 2025 Gartner Magic Quadrant for Endpoint Protection Platforms for the sixth consecutive year, securing the top spot for vision and execution for the third year running. The AI-native Falcon platform, with its single-agent architecture, drives this success, offering comprehensive prevention, detection, and response capabilities. Innovations like File System Containment and agentic AI automate decisions and enhance security workflows. CrowdStrike also received a Customers’ Choice award based on user reviews.

A security flaw in the U.S. rail system, identified in 2012, allows remote activation of emergency brakes using readily available technology. The vulnerability lies in the End-of-Train (EoT) modules, which lack robust security. The Association of American Railroads (AAR) reportedly dismissed the initial warnings. Only after a recent advisory from CISA did the AAR announce an upgrade plan, expected to be fully deployed by 2027, fifteen years after the flaw was first discovered.

Doxxing, involving weaponized personal data for harassment, is escalating in China as a severe digital threat. Tech giant Tencent, targeting this on its platform QQ (597 million users), purged over 100,000 abusive posts, terminated 10,000+ harassment groups, and employs advanced algorithms/AI detection. This crackdown aligns with China’s intensified cyber governance and foreshadows stricter privacy law enforcement. Tencent’s approach, utilizing tech like neural networks and judicial reporting, may set a precedent for combating industrialized “doxxing economies” and balancing innovation with safety in web ecosystems.

Ingram Micro Holding Corporation is experiencing a system outage due to a detected ransomware attack on its internal systems. The company has taken affected systems offline, engaged cybersecurity experts, and notified law enforcement. They are working to restore operations and apologize for disruptions.

A former IT technician, Mohammed Umar Taj, was sentenced to seven months and 14 days in prison for a retaliatory cyberattack against his former employer after termination. The attack caused significant financial damage, reputational harm, and disrupted operations for clients internationally. This case highlights the severe consequences of digital revenge and the critical importance of robust cybersecurity for businesses.