News
Lethal weather
Webinar The cloud is floating around everywhere and with the rapid expansion of IT always comes new complexities that alter the threat landscape.…
Capita wins £50M fraud reporting contract with City of London cops
Capita, which is still dealing with a digital break-in that exposed customers' data to criminals, has scored a £50 million contract with the City of London police to run contact and engagement services for the force's fraud reporting service.…
Bringing security to account: why identity must be unified
Sponsored Feature Many organizations are suffering from an identity crisis. Not in the psychological sense, nor in respect to their branding or culture. But in how their IT systems enable employees to access the applications and data they need for work.…
Florida man insists he didn't violate the law by keeping Top Secret docs
A Florida man and his valet appeared in a Miami federal courtroom on Tuesday to respond to criminal charges of document hoarding and related claims.…
June Patch Tuesday: VMware vuln under attack by Chinese spies, Microsoft kinda meh
Microsoft has released security updates for 78 flaws for June's Patch Tuesday, and luckily for admins, none of these are under exploit.…
Last of the Gozi 3 sentenced over Windows info-stealing malware ops
The last of the three men said to be responsible for infecting Windows computers with the banking trojan Gozi has been sentenced to three years.…
The commonality of criminal intrusion
Webinar It seems no longer possible to imagine whether it's just a case of if a security breach will occur within your organization, or if malicious actors will exploit a vulnerability to play havoc with your data. Rather, it's just a question of when.…
These Microsoft Office security signatures are 'practically worthless'
Office Open XML (OOXML) Signatures, an Ecma/ISO standard used in Microsoft Office applications and open source OnlyOffice, have several security flaws and can be easily spoofed.…
Russia-Ukraine war sending shockwaves into cyber-ecosystem
Sponsored Feature When military historians come to chronicle the first 15 months of the Russian invasion of Ukraine, they won't find any shortage of battlefront bulletins to inform their accounts.…
UK telco watchdog Ofcom, Minnesota Dept of Ed named as latest MOVEit victims
Two more organizations hit in the mass exploitation of the MOVEit file-transfer tool have been named – the Minnesota Department of Education in the US, and the UK's telco regulator Ofcom – just days after security researchers discovered additional flaws in Progress Software's buggy suite.…
China's cyber now aimed at infrastructure, warns CISA boss
China's cyber-ops against the US have shifted from espionage activities to targeting infrastructure and societal disruption, the director of the Cybersecurity and Infrastructure Security Agency (CISA) Jen Easterly told an Aspen Institute event on Monday.…
India probes medical info 'leak' to Telegram
Asia In Brief India's government has denied its Co-WIN COVID-19 vaccination management platform has leaked data, but ordered an investigation into the program's security.…
Unsealed: Charges against Russians blamed for Mt Gox crypto-exchange collapse
American prosecutors have unsealed an indictment against two Russians who allegedly had a hand in the ransacking and collapse of Mt Gox a decade ago, an implosion that cost the cryptocurrency exchange's thousands of customers most of their digital coins.…
Fortinet squashes hijack-my-VPN bug in FortiOS gear
Fortinet has patched a critical bug in its FortiOS and FortiProxy SSL-VPN that can be exploited to hijack the equipment.…
Posing as journalists, Pink Drainer pilfers $3.3M in crypto
Miscreants targeting Discord and Twitter accounts have stolen more than $3.3 million in cryptocurrency from 2,300 victims so far in an ongoing campaign that started in April and saw the highest spike in activity earlier this month.…
Microsoft stole our stolen dark web data, says security outfit
Microsoft stands accused by cyber intelligence firm Hold Security of violating an agreement between the pair by misusing Hold's database of more than 360 million sets of credentials culled from the dark web.…
Lantum S3 bucket leak is prescription for chaos for thousands of UK doctors
A UK agency for freelance doctors has potentially exposed personal details relating to 3,200 individuals via unsecured S3 buckets, which one expert said could be used to launch ID theft attacks or blackmail.…
Hold it – more vulnerabilities found in MOVEit file transfer software
Infosec in brief Security firms helping Progress Software dissect the fallout from a ransomware attack against its MOVEit file transfer suite have discovered more issues that the company said could be used to stage additional exploits.…
Pages
