News

Simple denial-of-service blunder turned out to be remote unauth code exec disaster

Suspected Chinese government spies have been exploiting a newly disclosed critical bug in Ivanti VPN appliances since mid-March. This is now at least the third time in three years these snoops have been pwning these products.…

It's going to happen to you one day, so get your ducks in a row

As Benjamin Franklin famously said: "An ounce of prevention is worth a pound of cure," and that's especially true when it comes to disaster recovery.…

Espionage? Botnets? Trying to exploit a zero-day?

Someone or something is probing devices made by Juniper Networks and Palo Alto Networks, and researchers think it could be evidence of espionage attempts, attempts to build a botnet, or an effort to exploit zero-day vulnerabilities.…

ProtectEU plan wants to have its cake and eat it too

The EU has issued its plans to keep the continent's denizens secure and among the pages of bureaucratese are a few worrying sections that indicate the political union wants to backdoor encryption by 2026, or even sooner.…

Recovery's never been harder in today's tangled, outsourced infrastructure

Comment  Disaster recovery is getting tougher as IT estates sprawl across on-prem gear, public cloud, SaaS, and third-party ITaaS providers. And it's not floods or fires causing most outages anymore - ransomware now leads the pack, taking down systems faster than any natural disaster.…

Stamp it out: Infostealer malware at German outfit may be culprit

Britain's Royal Mail is investigating after a crew calling itself GHNA claimed it has put 144GB of the delivery giant’s data up for sale, perhaps after acquiring it with the same stolen credentials it used to crack Samsung Germany.…

Double-oh-sh...

The name's not Bond. It's O'Brien - Keith O'Brien, now-former global payroll compliance manager at the Dublin, Ireland office of HR software-as-a-service maker Rippling.…

Bosses say theft now the name of the game with a shift in tactics, apparent branding

Big-game ransomware crew Hunters International says its criminal undertaking has become "unpromising, low-converting, and extremely risky," and it is mulling shifting tactics amid an apparent rebrand.…

Fallout shows how what you say must be central to disaster planning

Opinion  Oracle is being accused of poor incident comms as it reels from two reported data security mishaps over the past fortnight, amid a reluctance to publicly acknowledge all of the events as well as allegedly deleting evidence from the web.…

Learn how Infinidat’s enterprise cyber storage solutions can enable near-immediate recovery

Sponsored Post  It's not a question of if your organization gets hit by a cyberattack - only when, and how quickly it recovers.…

Organizational, technological resilience combined defeat the disease that is cybercrime

When IT disasters strike, it can become a matter of life and death for healthcare organizations – and criminals know it.…

Victims expect to spend considerable time and money over privacy incident, lawyers argue

Specialist class action lawyers have launched proceedings against Oracle in Texas over two alleged data breaches.…

Kept quiet for 30 years before becoming an 'unrivalled advocate' for the site

Obit  Betty Webb MBE, one of the team who worked at the code-breaking Bletchley Park facility during the Second World War, has died at the age of 101.…

Cupertino already squashed 'em in more recent releases - which this week get a fresh round of fixes

Apple has delivered a big batch of OS updates, some of which belatedly patch older versions of its operating systems to address exploited-in-the-wild flaws the iGiant earlier fixed in more recent releases.…

With help from UK operatives, because it’s getting tougher to run the scam in the USA

North Korea’s scamming, thieving, and AI-abusing fake IT workers are increasingly targeting European employers.…

But his emails! Sharing them with Google!

Senior members of the US National Security Council, including the White House national security adviser Michael Waltz, have been accused of using their personal Gmail accounts to exchange sensitive information.…

Copilot told us that half a century is 25 years. It feels much longer

Microsoft will officially hit the half-century mark on Friday as the Windows giant turns 50 years old. What do you consider the highs and lows of the company's journey to dominance?…

The UK government must be thrilled

Google will soon offer end-to-end encrypted (E2EE) email for all users, even those who do not use Google Workspace, and says it'll do so without imposing any undue stress on IT admins.…

Tech secretary reveals landmark legislation's full details for first time

The UK's technology secretary revealed the full breadth of the government's Cyber Security and Resilience (CSR) Bill for the first time this morning, pledging £100,000 ($129,000) daily fines for failing to act against specific threats under consideration.…

Not exactly Snowden levels of skill

A student at Britain's top eavesdropping government agency has pleaded guilty to taking sensitive information home on the first day of his trial.…