17 Sep

Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day

Analysis Microsoft, in a low-key update to its September Patch Tuesday disclosures, has confirmed a just-fixed Internet Explorer vulnerability was exploited as a zero-day before

Author rabih
16 Sep

The empire of C++ strikes back with Safe C++ blueprint

After two years of being beaten with the memory-safety stick, the C++ community has published a proposal to help developers write less vulnerable code. The

Author rabih
16 Sep

Snowflake slams ‘more MFA’ button again – months after Ticketmaster, Santander breaches

Snowflake continues to push forward in strengthening its users’ cybersecurity posture by making multi-factor authentication the default for all new accounts. The imposition follows a

Author rabih
16 Sep

Germany’s CDU still struggling to restore data months after June cyberattack

One of Germany’s major political parties is still struggling to restore member data more than three months after a June cyberattack targeting its systems. The

Author rabih
16 Sep

Prison just got rougher as band of heinously violent cybercrims sentenced to lengthy stints

One cybercriminal of the most violent kind will spend his best years behind bars, as will 11 of his thug pals for a string of

Author rabih
16 Sep

AI security bubble already springing leaks

Digital Security Artificial intelligence is just a spoke in the wheel of security – an important spoke but, alas, only one Cameron Camp 16 Sep

Author rabih
16 Sep

China’s quantum* crypto tech may be unhackable, but it’s hardly a secret

Opinion We have a new call to arms in the 21st century battlefront between the West and China. The Middle Kingdom is building an uncrackable

Author rabih
16 Sep

23andMe settles class-action breach lawsuit for $30 million

Infosec In Brief Genetic testing outfit 23andMe has settled a proposed class action case related to a 2023 data breach for $30 million. Documents [PDF]

Author rabih
13 Sep

Feeld dating app’s security too open-minded as private data swings into public view

Security researchers have revealed a litany of failures in the Feeld dating app that could be abused to access all manner of private user data,

Author rabih
13 Sep

CosmicBeetle joins the ranks of RansomHub affiliates – Week in security with Tony Anscombe

Video, Ransomware ESET research also finds that CosmicBeetle attempts to exploit the notoriety of the LockBit ransomware gang to advance its own ends 13 Sep

Author rabih
13 Sep

I stole 20 GB of data from Capgemini – and now I’m leaking it, says cybercrook

A miscreant claims to have broken into Capgemini and leaked a large amount of sensitive data stolen from the technology services giant – including source

Author rabih
13 Sep

Cambodian senator sanctioned by US over alleged forced labor cyber-scam camps

The US Department of the Treasury’s Office of Foreign Assets Control issued sanctions on Thursday against Cambodian entrepreneur and senator Ly Yong Phat, for his

Author rabih
13 Sep

Australia’s government spent the week boxing Big Tech

Australia’s government has spent the week reining in Big Tech. The fun started on Monday when prime minister Anthony Albanese announced his intention to introduce

Author rabih
13 Sep

Feds pull plug on domains linked to import of Chinese gun conversion devices

The US Attorney’s Office in the District of Massachusetts has seized more than 350 internet domains allegedly used by Chinese outfits to sell US residents

Author rabih
13 Sep

Fortinet admits miscreant got hold of customer data in the cloud

Fortinet has admitted that bad actors accessed cloud-hosted data about its customers, but insisted it was a “limited number” of files. The question is: how

Author rabih
13 Sep

‘Hadooken’ Linux malware targets Oracle WebLogic servers

An unknown attacker is exploiting weak passwords to break into Oracle WebLogic servers and deploy an emerging Linux malware called Hadooken, according to researchers from

Author rabih
12 Sep

I stole 20GB of data from Capgemini – and now I’m leaking it, says cyber-crook

A miscreant claims to have broken into Capgemini and leaked a large amount of sensitive data stolen from the technology services giant – including source

Author rabih
12 Sep

Adobe fixed Acrobat bug, neglected to mention whole zero-day exploit thing

Adobe’s patch for a remote code execution (RCE) bug in Acrobat this week doesn’t mention that the vulnerability is considered a zero-day nor that a

Author rabih
Load moreLoadingAll items loaded