12 Dec

Citrix goes shopping in Europe and returns with gifts for security-conscious customers

Citrix has gone on a European shopping trip, and come home with its bag of gifts bulging thanks to a pair of major buys: infosec

Author rabih
11 Dec

Blocking Chinese spies from intercepting calls? There ought to be a law

US telecoms carriers would be required to implement minimum cyber security standards and ensure their systems are not susceptible to hacks by nation-state attackers –

Author rabih
11 Dec

Krispy Kreme Doughnut Corporation admits to hole in security

Doughnut slinger Krispy Kreme has admitted to an attack that has left many customers unable to order online. According to a mandatory 8-K filing [PDF],

Author rabih
11 Dec

Three more vulns spotted in Ivanti CSA, all critical, one 10/10

Ivanti just put out a security advisory warning of three critical vulnerabilities in its Cloud Services Application (CSA), including a perfect 10. CSA is a

Author rabih
11 Dec

US names Chinese national it alleges was behind 2020 attack on Sophos firewalls

The US Departments of Treasury and Justice have named a Chinese business and one of its employees as the actors behind the 2020 exploit of

Author rabih
10 Dec

Microsoft holds last Patch Tuesday of the year with 72 gifts for admins

Microsoft hasn’t added too much coal to the stocking this Patch Tuesday, with just 72 fixes, only one of which scored more than nine on

Author rabih
10 Dec

US military grounds entire Osprey tiltrotor fleet over safety concerns

The US Navy, Air Force, and Marine Corps have grounded their fleet of Boeing-Bell-made Osprey V-22s on safety grounds. A spokesperson for the Naval Air

Author rabih
10 Dec

AMD secure VM tech undone by DRAM meddling

Researchers have found that the security mechanism AMD uses to protect virtual machine memory can be bypassed with $10 of hardware – and perhaps not

Author rabih
10 Dec

Fully patched Cleo products under renewed ‘zero-day-ish’ mass attack

Researchers at security shop Huntress are seeing mass exploitation of a vulnerability affecting three Cleo file management products, even on patched systems. Cleo issued patches

Author rabih
10 Dec

Heart surgery device maker’s security bypassed, data encrypted and stolen

A manufacturer of devices used in heart surgeries says it’s dealing with “a cybersecurity incident” that bears all the hallmarks of a ransomware attack. Artivion,

Author rabih
10 Dec

How cyber-secure is your business? | Unlocked 403 cybersecurity podcast (ep. 8)

Video, Business Security As cybersecurity is a make-or-break proposition for businesses of all sizes, can your organization’s security strategy keep pace with today’s rapidly evolving

Author rabih
10 Dec

Bitfinex heist gets the Netflix treatment after ‘cringey couple’ sentenced

A documentary examining the 2016 Bitfinex burglars hits Netflix, bringing the curious case to living rooms for the first time. Biggest Heist Ever covers the

Author rabih
10 Dec

WhatsApp finally fixes View Once flaw that allowed theft of supposedly vanishing pics

WhatsApp has fixed a problem with its View Once feature, designed to protect people’s privacy with automatically disappearing pictures and videos. View Once was introduced

Author rabih
10 Dec

Police arrest suspect in murder of UnitedHealthcare CEO, with grainy pics the only tech involved

Police in Pennsylvania have arrested a man suspected of killing the CEO of insurer UnitedHealthcare in New York City, thanks to a McDonald’s employee who

Author rabih
09 Dec

China’s Salt Typhoon recorded top American officials’ calls, says White House

Chinese cyberspies recorded “very senior” US political figures’ calls, according to White House security boss Anne Neuberger. Neuberger, America’s deputy national security advisor for cyber

Author rabih
09 Dec

Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket

Exclusive A massive online heist targeting AWS customers during which digital crooks abused misconfigurations in public websites and stole source code, thousands of credentials, and

Author rabih
09 Dec

OpenWrt orders router firmware updates after supply chain attack scare

OpenWrt users should upgrade their images to the same version to protect themselves from a possible supply chain attack reported to the open source Wi-Fi

Author rabih
09 Dec

Microsoft dangles $10K for hackers to hijack LLM email service

Microsoft and friends have challenged AI hackers to break a simulated LLM-integrated email client with a prompt injection attack – and the winning teams will

Author rabih
Load moreLoadingAll items loaded