News

No longer a blind spot, printer security is now a grown up conversation says Brother

Sponsored Feature  As businesses journey deeper into an era of restless digital change, it's surprising how inventions from past decades still define the office environment.…

Settles lawsuit with two states after wider leak that affected millions

A DNA diagnostics company will pay $400,000 and tighten its security in the wake of a 2021 attack where criminals broke into its network and swiped personal data on over two million people from a nine-year-old "legacy" database the company forgot it had.…

Tech has changed in 400 years. The rules haven’t

Opinion  Mary, Queen of Scots, was a hapless CEO, even by the standards of 1600s Europe. Mother of the first Stuart King of England, James I (and VI of Scotland; let's not go into that), she was herself the first Stuart monarch to lose both throne and head. She wasn't the last. The family had issues.…

Also: Russia may legalize hacking; Oakland declares ransomware emergency; the CVEs you should know about this week

In brief  Web hosting and domain name concern GoDaddy has disclosed a fresh attack on its infrastructure, and concluded that it is one of a series of linked incidents dating back to 2020.…

Eggheads prove they can mimic messages and bag bug bounty bucks

Analysis  Over the past two decades, efforts have been made to make email more secure. Alas, defensive protocols implemented during this period, such as SPF, DKIM, and DMARC, remain unable to deal with the complexity of email forwarding and differing standards, a study has concluded.…

Move along, totally nothing to see here

The FBI claims it has dealt with a cybersecurity "incident" that reportedly involved computer systems being used to investigate child sexual exploitation.…

In other words, script kiddies up to shenanigans again

A series of distributed denial-of-service (DDoS) attacks shut down seven German airports' websites on Thursday, a day after a major IT glitch at Lufthansa grounded flights.…

ThreatLabz finds free alternative to Cobalt Strike and other tools used in the wild

There's a fresh open-source command-and-control (C2) framework on the loose, dubbed Havoc, as an alternative to the popular Cobalt Strike, and other mostly legitimate tools, that have been abused to spread malware.…

Committee: Something about complaints process being dealt with in total secrecy doesn't sit right

Lawmakers in the European Parliament have urged the European Commission not to issue the "adequacy decision" needed for the EU-US Data Privacy Framework (DPF) to officially become the pipeline for data to freely flow from the EU to the States.…

Switchzilla hardware and software need attention, unless you fancy arbitrary remote code execution

Antivirus software is supposed to be an important part of an organization's defense against the endless tide of malware.…

Meanwhile South Korea's Do Kwon is sought for fraud by US authorities

Norwegian authorities announced on Thursday that they had recovered $5.9 million of cryptocurrency stolen in the Axie Infinity hack – an incident widely held to have been perpetrated by the Lazarus Group, which has links to North Korea.…

Devs missed warnings plus tons of code relies again on lone open source maintainer

Google this week reversed an overhaul of one of its security-related file formats after the transition broke Android apps.…

OS won't start on some systems with ESXi VMs, while Win11 updates may not make it to devices

Microsoft is sorting through two issues with Windows Server 2022 that affect VMware virtual machines and updates not getting passed on to Windows 11 devices.…

UK-based Coin Publishers were conned out of $206,000 after meeting in a Barcelona hotel

Exclusive  When Ahad Shams detailed on Twitter how his company was scammed out of $4 million in cryptocurrency after a face-to-face meeting, Chris Hunter immediately recognized what was going on.…

Want a clue to what you’re dealing with? Check the ransom note

That didn't take long.…

Plus bugs squashed in Server Platform Services and more

Intel's Software Guard Extensions (SGX) are under the spotlight again after the chipmaker disclosed several newly discovered vulnerabilities affecting the tech, and recommended users update their firmware.…

Giving storage platforms enhanced built-in security features will be a significant step toward counteracting the impacts of cybercrime in 2023, Dell experts predict

Sponsored Feature  Cybercriminals tend not to discriminate when it comes to the type of data they steal. Structured or unstructured, both formats contain valuable information that will bring them a profit. From a cybersecurity practitioner's perspective, however, structural state presents specific challenges when it comes to storing and moving sensitive data assets around.…

Gone in 60 seconds using a USB-A plug and brute force instead of a key

Korean car-makers Hyundai and Kia will issue software updates to some of their models after a method of stealing them circulated on TikTok, leading to many thefts and even some deaths.…

WebKit flaw 'may have been exploited' – just like Tim Cook 'may have' made a million bucks this week

Apple this week released bug-splatting updates to its operating systems and Safari browser, to fix a zero-day vulnerability in its WebKit browser engine that's reported to have been actively exploited.…

Undisclosed earnings reports swiped, exploited

A Russian national with ties to the Kremlin exploited stolen upcoming financial filings belonging to hundreds of companies to help him and his associates net more than $90 million.…