News

About 2,000 NetScaler installations feared compromised as CISA raises alarm over ShareFile

Miscreants are actively exploiting critical bugs in two of Citrix's products, both of which the business IT player fixed earlier this summer.…

Plus laptop and radio with yet more officers details reportedly nicked from car

A man was arrested in Northern Ireland for suspected Collection of Terrorist Information following an incident where police mistakenly leaked details that identified 10,000 serving officers, but he has now been released on bail.…

The My Number card mess remains unsolved as trust in e-government remains muted

Japan’s digital minister has doubled down on a June promise to penalize himself for the poor rollout of the country’s digital ID, My Number Card, by offering up three months salary on Tuesday.…

Which is a problem, because local orgs are leaking data and shadowy traders are cashing in

Vietnam’s Ministry of Information and Communications has admitted the nation has a vast shortfall of infosec pros.…

Cleanup will involve 'complete rewrite of our website's code'

Discord.io has shut down "for the foreseeable future," after crooks stole, and then put up for sale, data belonging to all 760,000 of the service's users.…

Plus: Medical records for 4M people within reach of Clop gang after IBM MOVEit deployment hit

The Clorox Company has some cleaning up to do as some of its IT systems remain offline and operations "temporarily impaired" following a security breach.…

Why a fully mobile, hybrid and edge workforce needs a more flexible security solution

Sponsored Feature  Securing the corporate network has never been a simple process, but years ago it was at least a bit more straightforward. Back then, the network perimeter was clear and well defined, and everything inside it was considered trusted and safe. The security team defended against everything outside, established security protocols and deployed security tools, monitored the network gateways, and kept sensitive data as safe as possible.…

Norfolk and Suffolk constabularies admit to accidentally including raw crime data in FoI responses

Norfolk and Suffolk police have stepped forward to admit that a “technical issue” resulted in raw data pertaining to crime reports accidentally being included in Freedom of Information responses.…

Abreezio? Maybe not, but it was a plea deal

The former chief executive of a company that was sold to Qualcomm for more than $150 million has pleaded guilty to one count of money laundering relating to a $1.5 million transaction involving proceeds from the deal.…

Voting machines and their data allegedly accessed without authorization by keen golfer's gofers

Authorities in the US state of Georgia have indicted a famous Floridian and his loyal associates on counts including theft of data, software, and personal information.…

Again labels America a hacker empire over alleged backdoors found in earthquake monitoring kit

China's Global Times, a state-controlled media outlet, has teased an imminent exposé of alleged US attacks on seismic data measurement stations.…

Trio alleged to have blackmailed over 100 targets after threats of intimate image release

Two Nigerian men have been extradited to the US and were scheduled to appear in deferral court on Monday, charged with sextortion and causing the death of one of their victims: a teen who was found dead from a self-inflicted gunshot wound.…

Try out a hot new thing before official launch? Something smells phishy

The FBI has warned of a scam in which criminals lure people into installing what they think are pre-release beta-grade phone apps to try out – only for the software to be laced with malware.…

Affected vehicles still safe to use, says automaker

Ford has suggested owners of vehicles equipped with its SYNC 3 infotainment system disable the Wi-Fi lest someone nearby exploits a buffer-overflow vulnerability and hijacks the equipment.…

Names, job titles and salaries included in unwitting leak

Cumbria Constabulary inadvertently published the names and salaries of all its officers and staff online earlier this year, making it the second UK force in a fortnight to admit disclosing personal information about its employees.…

Claiming affiliation with Anonymous, hackers want more public debate over radioactive water release plans

Entities using the name and iconography of Anonymous (EUTNAIOA) claim to have conducted cyberprotests against the Japanese government for actions related to the release of wastewater from the Fukushima Daini Nuclear Power Plant.…

PLUS: Phishing campaign targets the C-suite; Cybercrime arrests in EU and Africa; and more

Infosec in brief  The July breach of Microsoft Exchange Online by suspected Chinese hackers is the next topic up for review by the Department of Homeland Security's Cyber Safety Review Board (CSRB). …

QC crypto-cracking coming in 5, 10, maybe 50 years, so act … now?

Google has started deploying a hybrid key encapsulation mechanism (KEM) to protect the sharing of symmetric encryption secrets during the establishment of secure TLS network connections.…

Feds argue leaks to press amount to witness tampering

Sam Bankman-Fried (SBF), former chief executive of crypto-disaster FTX, who has been awaiting trial for his firm's failure while in home detention with his family, has been sent to jail for attempting to intimidate witnesses.…

What are these gadgets running, Windows? Ka-boom-tsch

Fifteen bugs in Codesys' industrial control systems software could be exploited to shut down power plants or steal information from critical infrastructure environments, experts have claimed.…