News

Lawsuits pile up after database accessed by miscreants

Canada's largest school board has revealed that student records dating back to 1985 may have been accessed by miscreants who compromised software provider PowerSchool.…

Seven days after disclosure and little action taken, data shows

Fortinet customers need to get with the program and apply the latest updates as nearly 50,000 management interfaces are still vulnerable to the latest zero-day exploit.…

Incident response protocols engaged following claims of source code burglary

Hewlett Packard Enterprise (HPE) is probing assertions made by prolific Big Tech intruder IntelBroker that they broke into the US corporation's systems and accessed source code, among other things.…

Why not adopt a new approach for 2025?

Webinar  In today's digital landscape, cybersecurity teams can often find themselves trapped in an endless cycle of responding to threats.…

AI has transformed banking across APAC. But is this transformation secure?

Partner Content  The banking industry in Asia Pacific (APAC) is thriving, with strong financial performance underpinning its technological ambitions.…

Taipei invites infosec bods to come and play on its home turf

Picture this: It's 2030 and China's furious with Taiwan after the island applies to the UN to be recognized as an independent state. After deciding on a full military invasion, China attempts to first cripple its rebellious neighbor's critical infrastructure.…

Clear rules and guaranteed consequences concentrate the mind wonderfully. Just ask a Russian

Opinion  "As obsolete as warships in the Baltic" was a great pop lyric in Prefab Sprout's 1985 gem, Faron Young. Great, but ironically obsolete itself. Sweden has just deployed multiple warships in that selfsame sea to guard against the very modern menace of underwater cable cutting.…

Students have work to complete at home in the meantime

A UK high school will have to close for at least two days, today and tomorrow, after becoming the latest public-sector victim of ransomware criminals.…

'Minor issue' with showing accounting customers 'unrelated business information' required repairs

Sage Group plc has confirmed it temporarily suspended its Sage Copilot, an AI assistant for the UK-based business software maker's accounting tools, this month after it blurted customer information to other users.…

PLUS: Allstate sued for allegedly tracking drivers; Dutch DDoS; More fake jobs from Pyongyang; and more

Infosec in brief  Hogwarts doesn’t teach an incantation that could have saved Harry Potter publisher Scholastic from feeling the power of an online magician who made off with millions of customer records - except perhaps the wizardry of multifactor authentication.…

PLUS: Salt Typhoon and IT worker scammers sanctioned; Alibaba Cloud’s K8s go global; Amazon acquires Indian BNPL company

Asia In Brief  When food delivery “superapps” started operations in Indonesia, users started putting on weight – and that’s not an entirely bad thing.…

Incoming president promises to allow ongoing operations for 90 days just as made-in-China app started to go dark

US president-elect Donald Trump appears to have proposed the government he will soon lead should acquire half of made-in-China social media service TikTok’s stateside operations.…

The S in LLM stands for Security

OpenAI's ChatGPT crawler appears to be willing to initiate distributed denial of service (DDoS) attacks on arbitrary websites, a reported vulnerability the tech giant has yet to acknowledge.…

Plus: Uncle Sam is cross with this one Chinese biz over Salt Typhoon mega-snooping

Decades-old legislation requiring American telcos to lock down their systems to prevent foreign snoops from intercepting communications isn't mere decoration on the pages of law books – it actually means carriers need to secure their networks, the FCC has huffed.…

Ransomware, AI, secure software, digital IDs – there's something for everyone in the presidential directive

Analysis  Joe Biden, in the final days of his US presidency, issued another cybersecurity order that is nearly as vast in scope as it is late in the game.…

Competition hots up with Ivanti over who can have the worst start to a year

Fortinet has confirmed that previous analyses of records leaked by the Belsen Group are indeed genuine FortiGate configs stolen during a zero-day raid in 2022.…

With Biden reportedly planning to skirt enforcement and kick the can to Trump, this saga might still not be over

updated  The US Supreme Court has upheld a law requiring TikTok to either divest from its Chinese parent company ByteDance or face a ban in the United States. The decision eliminates the final legal obstacle to the federal government forcing a shutdown of the platform on January 19.…

Turns out tool does both file transfers and security fixes fast

Don't panic. Yes, there were a bunch of CVEs affecting potentially hundreds of thousands of users found in rsync in early December – and made public on Tuesday – but a fixed version came out the same day, and was further tweaked for better compatibility the following day.…

Pastes allegedly stolen documents on leak site with £600K demand

Another year and yet another UK local authority has been pwned by a ransomware crew. This time it's Gateshead Council in North East England at the hands of the Medusa group.…

If you want a picture of the future, imagine your infosec team stamping on software forever

Microsoft brainiacs who probed the security of more than 100 of the software giant's own generative AI products came away with a sobering message: The models amplify existing security risks and create new ones.…