Mozilla Thunderbird finally takes on Gmail with new email service
Mozilla Thunderbird is launching “Thundermail,” a privacy-focused email service under its new Thunderbird Pro suite, looking to compete with Gmail. Thundermail will offer web-based email with custom domain support and no ad-based data harvesting. Thunderbird Pro will also include encrypted file sharing, a scheduling tool, and an optional AI assistant, with plans for a paid model followed by free-tier options.
(Forbes)
Surge in scans on PAN GlobalProtect VPNs hints at attacks
Scans targeting Palo Alto Networks’ GlobalProtect VPN spiked between March 17 and March 26, with nearly 24,000 unique IPs attempting access, according to GreyNoise. Researchers warn this could signal attackers preparing to exploit new or existing vulnerabilities. Most activity originated from U.S. IPs, with smaller volumes in the UK, Russia, and Singapore. Palo Alto’s prominence makes it a frequent target, and past patterns suggest a potential new zero-day or CVE drop within weeks. Organizations are advised to review logs and hunt for signs of compromise.
Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities
Microsoft used its AI-powered Security Copilot tool to discover 20 critical vulnerabilities in open-source bootloaders, including GRUB2, U-Boot, and Barebox. These flaws could let attackers execute arbitrary code, potentially bypassing Secure Boot protections and installing persistent malware. Microsoft worked with maintainers to release security updates in February. While some vulnerabilities require physical access, others could be exploited remotely to bypass security mechanisms like BitLocker.
New Windows 11 trick lets you bypass Microsoft Account requirement
A newly discovered trick lets users bypass the Microsoft Account requirement when installing Windows 11. By pressing Shift+F10 at the network setup screen and entering “start ms-cxh:localonly”, users can create a local account instead. This method, confirmed by BleepingComputer, offers an easier workaround than previous registry-based methods. While Microsoft has been tightening restrictions on local accounts, it’s unclear if this command will be removed in future updates.
Huge thanks to our sponsor, Qualys
Cybercom discovered Chinese malware in South American nations — Joint Chiefs chairman nominee
Retired Lt. Gen. Dan Caine, Trump’s nominee for chairman of the Joint Chiefs of Staff, told lawmakers that U.S. Cyber Command’s hunt-forward operations uncovered Chinese malware on multiple South American networks. These missions, conducted with host nations’ consent, help allies strengthen cybersecurity and provide the U.S. with insights into adversary tactics. Cybercom declined to confirm or deny the claims. Caine also supports maintaining the dual-hat leadership of Cybercom and the NSA, citing operational efficiency, despite ongoing debate over whether the roles should be split.
Lawmakers warn of impact HHS firings will have on medical device cybersecurity efforts
Congressional leaders and cybersecurity experts are sounding alarms after layoffs at the United States Department of Health and Human Services, including cuts to the FDA’s medical device cybersecurity team, affecting those responsible for vetting medical devices for security risks. Experts warn the firings could stall new device approvals and weaken oversight of existing ones. Former FDA cybersecurity director Kevin Fu said the agency was already understaffed, and further reductions could jeopardize national security.
Apple issues fixes for vulnerabilities in both old and new OS versions
Apple released security updates Monday to patch vulnerabilities across iOS, iPadOS, macOS, and Safari, including two actively exploited zero-days. One flaw lets attackers bypass WebKit’s sandbox, and another disables USB Restricted Mode on locked devices. Apple says these were used in “highly sophisticated” attacks. Other fixes address issues like unauthorized access to keychain data. Updates also extend to older OS versions to patch previously identified zero-days.
FDA’s Critical Role in Keeping Medical Devices Secure
The Federal Drug Administration regulates software in medical devices, and software as a medical device, to balance oversight with swift security updates. Manufacturers must follow strict risk management, design controls, and documentation requirements for software changes. Most updates require formal review, but critical cybersecurity patches can be deployed without FDA approval if they don’t alter device function or safety. The FDA encourages proactive cybersecurity planning, including real-time threat monitoring and secure patch deployment, emphasizing that cybersecurity is essential for patient safety.