Summary

Total Articles Found: 16

Top sources:

Top Keywords:

Top Authors

Top Articles:

  • RSAC branded a 'super spreader event' as attendees share COVID-19 test results
  • Malwarebytes blocks Google, YouTube as malware
  • Thousands of websites run buggy WordPress plugin that allows complete takeover
  • SCOTUS judges 'doxxed' after overturning Roe v Wade
  • Codebreakers decipher Mary, Queen of Scots' secret letters 436 years after her execution
  • Warning on SolarWinds-like supply-chain attacks: 'They're just getting bigger'
  • Squid games: 35 security holes still unpatched in proxy after 2 years, now public
  • School chat app Seesaw abused to send 'inappropriate image' to parents, teachers
  • Lapsus$ teen sentenced to indefinite detention in hospital for Nvidia, GTA cyberattacks
  • If you've got Intel inside, you probably need to get these security patches inside, too

SolarWinds slams SEC lawsuit against it as 'unprecedented' victim blaming

Published: 2024-01-29 20:52:28

Popularity: 11

Author: Jessica Lyons Hardcastle

18,000 customers, including the Pentagon and Microsoft, may have other thoughts SolarWinds – whose network monitoring software was backdoored by Russian spies so that the biz's customers could be spied upon – has accused America's financial watchdog of seeking to "revictimise the victim" after the agency sued it over the 2020 attack.…

...more

Lapsus$ teen sentenced to indefinite detention in hospital for Nvidia, GTA cyberattacks

Published: 2023-12-21 22:15:10

Popularity: 23

Author: Jessica Lyons Hardcastle

Arion Kurtaj will remain hospitalized until a mental health tribunal says he can leave Two British teens who were members of the Lapsus$ gang have been sentenced for their roles in a cyber-crime spree that included compromising Uber, Nvidia, and fintech firm Revolut, and also blackmailing Grand Theft Auto maker Rockstar Games.…

...more

Bug hunters on your marks: TETRA radio encryption algorithms to enter public domain

Published: 2023-11-14 08:00:09

Popularity: 18

Author: Jessica Lyons Hardcastle

Emergency comms standard had five nasty flaws but will be opened to academic research A set of encryption algorithms used to secure emergency radio communications will enter the public domain after an about-face by the European Telecommunications Standards Institute (ETSI).…

...more

Squid games: 35 security holes still unpatched in proxy after 2 years, now public

Published: 2023-10-13 00:21:34

Popularity: 37

Author: Jessica Lyons Hardcastle

We'd like to say don't panic … but maybe? 35 vulnerabilities in the Squid caching proxy remain unfixed more than two years after being found and disclosed to the open source project's maintainers, according to the person who reported them.…

...more

Ex-Ubiquiti dev jailed for 6 years after stealing internal corp data, extorting bosses

Published: 2023-05-12 20:28:05

Popularity: 16

Author: Jessica Lyons Hardcastle

Momentary lapse in VPN led to stretch in the cooler, $1.6m bill Nickolas Sharp has been sentenced to six years in prison and ordered to pay almost $1.6 million to his now-former employer Ubiquiti – after stealing gigabytes of corporate data from the biz and then trying to extort almost $2 million from his bosses while posing as an anonymous hacker.…

...more

Warning on SolarWinds-like supply-chain attacks: 'They're just getting bigger'

Published: 2023-03-03 11:33:13

Popularity: 38

Author: Jessica Lyons Hardcastle

Industry hasn't 'improved much at all' Mandiant's Eric Scales tells us SCSW  Back in 2020, Eric Scales led the incident response team investigating a state-backed software supply-chain attack that compromised application build servers and led to infections at government agencies and tech giants including Microsoft and Intel.…

...more

Google: You get crypto, you get crypto, almost everyone gets email crypto!

Published: 2023-03-01 01:38:14

Popularity: 6

Author: Jessica Lyons Hardcastle

Personal Gmail users still out of luck Google continued its client-side encryption rollout, the feature generally available to some Gmail and Calendar users who can now send and receive encrypted messages and meeting invites.…

...more

Feeling VEXed by software supply chain security? You’re not alone

Published: 2023-02-28 01:01:13

Popularity: 12

Author: Jessica Lyons Hardcastle

Chainguard CEO explains how to secure code given crims know to poison it at the source SCSW  The vast majority of off-the-shelf software is composed of imported components, whether that's open source libraries or proprietary code. And that spells a security danger: if someone can subvert one of those components, they can infiltrate every installation of applications using those dependencies.…

...more

Codebreakers decipher Mary, Queen of Scots' secret letters 436 years after her execution

Published: 2023-02-09 08:30:05

Popularity: 41

Author: Jessica Lyons Hardcastle

Digital sleuths chop through crypto challenge in 'surreal' search A team of codebreakers discovered – and then cracked – more than 50 secret letters written by Mary Stuart, Queen of Scots while she was imprisoned in England by her cousin, Queen Elizabeth I. …

...more

School chat app Seesaw abused to send 'inappropriate image' to parents, teachers

Published: 2022-09-16 21:45:39

Popularity: 31

Author: Jessica Lyons Hardcastle

This is why we don't reuse passwords, kids Parents and teachers received a link to an "inappropriate image" this week via Seesaw after miscreants hijacked accounts in a credential stuffing attack against the popular school messaging app.…

...more

Malwarebytes blocks Google, YouTube as malware

Published: 2022-09-21 15:56:01

Popularity: 96

Author: Jessica Lyons Hardcastle

Sounds like fair comment Updated  Google and its Youtube domains are being flagged as malicious by Malwarebytes as of Wednesday morning, blocking users from accessing a whole range of websites.…

...more

Critical hole in Atlassian Bitbucket allows any miscreant to hijack servers

Published: 2022-08-29 18:08:14

Popularity: 13

Author: Jessica Lyons Hardcastle

Grab and deploy this backend update if you offer even repo read access A critical command-injection vulnerability in multiple API endpoints of Atlassian Bitbucket Server and Data Center could allow an unauthorized attacker to remotely execute malware, and view, change, and even delete data stored in repositories.…

...more

Thousands of websites run buggy WordPress plugin that allows complete takeover

Published: 2022-07-15 19:15:10

Popularity: 81

Author: Jessica Lyons Hardcastle

All versions are susceptible, there's no patch, so now's a good time to remove this add-on Miscreants have reportedly scanned almost 1.6 million websites in attempts to exploit an arbitrary file upload vulnerability in a previously disclosed buggy WordPress plugin.…

...more

SCOTUS judges 'doxxed' after overturning Roe v Wade

Published: 2022-07-13 18:28:12

Popularity: 51

Author: Jessica Lyons Hardcastle

Physical and IP addresses as well as credit card info revealed in privacy breach The US Supreme Court justices who overturned Roe v. Wade last month may have been doxxed – had their personal information including physical and IP addresses, and credit card info revealed – according to threat intel firm Cybersixgill.…

...more

RSAC branded a 'super spreader event' as attendees share COVID-19 test results

Published: 2022-06-16 21:56:13

Popularity: 143

Author: Jessica Lyons Hardcastle

That, and Black Hat, are about to reveal risk assessment skills of our cyber-risk experts RSA Conference  Quick show of hands: who came home from this year's RSA Conference without COVID-19?…

...more

If you've got Intel inside, you probably need to get these security patches inside, too

Published: 2022-05-12 21:06:29

Popularity: 21

Author: Jessica Lyons Hardcastle

So. Many. BIOS. Bugs Intel has disclosed high-severity bugs in its firmware that's used in datacenter servers, workstations, mobile devices, storage products, and other gear. These flaws can be exploited to escalate privileges, leak information, or stop things from working.…

...more

end