News
BYOD should stand for bring your own disaster, according to Microsoft ransomware data
Microsoft research says that 80-90 percent of ransomware attacks over the past year originated from unmanaged devices.…
Lorenz ransomware crew bungles blackmail blueprint by leaking two years of contacts
The Lorenz ransomware group leaked the details of every person who contacted it via its online contact form over the course of the last two years.…
North Korea goes phishing in South’s shipyards
South Korea's National Intelligence Service (NIS) has warned North Korea is attacking its shipbuilding sector.…
IT networks under attack via critical Confluence zero-day. Patch now
Atlassian today said miscreants have exploited a critical bug in on-premises instances of Confluence Server and Confluence Data Center to create and abuse admin accounts within the enterprise colab software. …
Make-me-root 'Looney Tunables' security hole on Linux needs your attention
Grab security updates for your Linux distributions: there's a security hole that can be fairly easily exploited by rogue users, intruders, and malicious software to gain root access and take over the box.…
'Gay furry hackers' brag of second NATO break-in, steal and leak more data
NATO is "actively addressing" multiple IT security incidents after a hacktivist group claimed it once again breached some of the military alliance's websites, this time stealing what's claimed to be more than 3,000 files and 9GB of data.…
Red Cross lays down hacktivism law as Ukraine war rages on
New guidelines have been codified to govern the rules of engagement concerning hacktivists involved in ongoing cyber warfare.…
CISA barred from coordinating with social media sites to police misinformation
The US Fifth Circuit Court of Appeals has modified a ruling from last month to add the Cybersecurity and Infrastructure Security Agency (CISA) to a list of US government entities prohibited from working with social media firms to curtail the spread of misinformation. …
Trio of TorchServe flaws means PyTorch users need an urgent upgrade
A trio of now-patched security issues in TorchServe, an open-source tool for scaling PyTorch machine-learning models in production, could lead to server takeover and remote code execution (RCE), according to security researchers.…
US v Sam Bankman-Fried trial begins ... as imploded crypto biz boss sues his insurer
The first of two US government prosecutions of former FTX CEO Sam Bankman-Fried commenced in New York on Monday, only a day after the cryptocurrency tycoon sued his own insurance company for failing to cover his legal costs.…
CISA adds latest Chrome zero-day to Known Exploited Vulnerabilities Catalog
The US's Cybersecurity and Infrastructure Security Agency (CISA) has added the latest actively exploited zero-day vulnerability affecting Google Chrome to its Known Exploited Vulnerabilities (KEV) Catalog.…
Co-founder of collapsed crypto biz Three Arrows cuffed at airport
Asia in brief Zhu Su, co-founder of fallen crypto business Three Arrows Capital (3AC), was arrested last Friday at Changi Airport in Singapore as he attempted to leave the country.…
Feds hopelessly behind the times on ransomware trends in alert to industry
An urgent ransomware warning from the Feds has some industry analysts scratching their heads and wondering if Uncle Sam's noggin has been buried in the sand for too long.…
Security researchers believe mass exploitation attempts against WS_FTP have begun
Security researchers have spotted what they believe to be a "possible mass exploitation" of vulnerabilities in Progress Software's WS_FTP Server.…
AWS stirs the MadPot – busting bot baddies and eastern espionage since 2010
Interview AWS has unveiled MadPot, its previously secret threat-intelligence tool that one of the cloud giant's security execs tells us has thwarted Chinese and Russian spies – and millions of bots.…
Yes, Singapore immigration plans to scan your face instead of your passport
Last week the internet was abuzz with talk that Singapore's commercial Changi airport was no longer going to require passports for clearance at immigration. Although it is true the paper documentation will be replaced by biometric measures, it's not quite time to pack the document away.…
Now MOVEit maker Progress patches holes in WS_FTP
Infosec in brief Progress Software, maker of the mass-exploited MOVEit document transfer tool, is back in the news with more must-apply security patches, this time for another file-handling product: WS_FTP.…
Microsoft Bing Chat pushes malware via bad ads
Microsoft introduced its Bing Chat AI search assistant in February and a month later began serving ads alongside it to help cover costs.…
PhD student guilty of 3D-printing 'kamikaze' drone for Islamic State terrorists
A PhD student has been found guilty of building a potentially deadly drone for Islamic State terrorists, in part using his home 3D printer.…
Norway wants Facebook behavioral advertising banned across Europe
Norway has told the European Data Protection Board (EDPB) it believes a countrywide ban on Meta harvesting user data to serve up advertising on Facebook and Instagram should be made permanent and extended across Europe.…
Pages
