Top

Data loss, Threats & Malware

Europe’s largest caravan club admits wide array of personal data potentially accessed

February 12, 2024

Via: The Register

The Caravan and Motorhome Club (CAMC) and the experts it drafted to help clean up the mess caused by a January cyberattack still can’t figure out whether members’ data was stolen. According to an update shared with members late last […]


Data loss, Network security, Threats & Malware

Jet engine dealer to major airlines discloses ‘unauthorized activity’

February 12, 2024

Via: The Register

Willis Lease Finance Corporation has admitted to US regulators that it fell prey to a “cybersecurity incident” after data purportedly stolen from the biz was posted to the Black Basta ransomware group’s leak blog. The form 8-K filed with the […]


Data loss, Threats & Malware

Mon Dieu! Nearly half the French population have data nabbed in massive breach

February 12, 2024

Via: The Register

Nearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week. Payments outfits Viamedis and Almerys both experienced breaches of their […]


Threats & Malware, Vulnerabilities

Fortinet’s week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim

February 9, 2024

Via: The Register

We’ve had to write the word “Fortinet” so often lately that we’re considering making a macro just to make our lives a little easier after what the company’s reps will surely agree has been a week sent from hell. It […]


Threats & Malware, Virus & Malware

The ever-present state of cyber security alert

February 9, 2024

Via: The Register

As artificial intelligence (AI) technology becomes increasingly complex so do the threats from bad actors. It is like a forever war. Half the time too, we barely know that we’re using AI, largely because it’s getting progressively cheaper and easier […]


Access control, Security

A Question of Identity: The Evolution of Identity & Access Management

February 9, 2024

Via: SecureWorld

The cloud is the de facto platform for delivery of applications and services in the modern digital era. Identity as the new digital perimeter is the cornerstone for assuring secure “Anytime, Anywhere, Authorized” access to protect enterprise security and privacy. […]


Hacker, Threats & Malware

Authorities Take Down Seller of Widely Used RAT Malware

February 9, 2024

Via: DataBreach Today

Federal authorities have seized internet domains and arrested two men in Malta and Nigeria who they say served as sales and customer service reps for a dark web business that sold RAT malware to cybercriminals over a 12-year period, leading […]


Application security, Security

Rust can help make software secure – but it’s no cure-all

February 8, 2024

Via: The Register

Memory-safety flaws represent the majority of high-severity problems for Google and Microsoft, but they’re not necessarily associated with the majority of vulnerabilities that actually get exploited. So while coding with Rust can help reduce memory safety vulnerabilities, it won’t fix […]


Threats & Malware, Virus & Malware

Cybercrime duo accused of picking $2.5M from Apple’s orchard

February 8, 2024

Via: The Register

A cybersecurity researcher and his pal are facing charges in California after they allegedly defrauded an unnamed company, almost certainly Apple, out of $2.5 million. Noah Roskin-Frazee and Keith Latteri are alleged to have gained access to Apple’s systems via […]


Threats & Malware, Vulnerabilities

Raspberry Robin devs are buying exploits for faster attacks

February 8, 2024

Via: The Register

Researchers suspect the criminals behind the Raspberry Robin malware are now buying exploits for speedier cyberattacks. An exploit developer is thought by infosec pros to be either on the Raspberry Robin payroll or a close contact that sells them to […]


Threats & Malware, Virus & Malware

Fake LastPass lookalike made it into Apple App Store

February 8, 2024

Via: The Register

LastPass says a rogue application impersonating its popular password manager made it past Apple’s gatekeepers and was listed in the iOS App Store for unsuspecting folks to download and install. The software maker went public about the fake mobile app […]


Threats & Malware, Vulnerabilities

JetBrains urges swift patching of latest critical TeamCity flaw

February 7, 2024

Via: The Register

JetBrains is encouraging all users of TeamCity (on-prem) to upgrade to the latest version following the disclosure of a critical vulnerability in the CI/CD tool. Tracked as CVE-2024-23917, the vulnerability has been assigned a provisional 9.8 CVSS score and allows […]


Threats & Malware, Vulnerabilities

Raspberry Pi Pico cracks BitLocker in under a minute

February 7, 2024

Via: The Register

We’re very familiar with the many projects in which Raspberry Pi hardware is used, from giving old computers a new lease of life through to running the animated displays so beloved by retailers. But cracking BitLocker? We doubt the company […]


Cyber-crime, Malware

Iran’s cyber operations in Israel a potential prelude to US election interference

February 7, 2024

Via: The Register

Iran’s anti-Israel cyber operations are providing a window into the techniques the country may deploy in the run-up to the 2024 US Presidential elections, Microsoft says. An analysis of Iran’s activity, published by Microsoft Threat Analysis Center (MTAC) today, concluded […]


Cyber-crime, Malware

U.S. Implements Visa Ban to Counter Spyware Proliferation

February 7, 2024

Via: SecureWorld

The U.S. State Department announced Monday a new policy to impose visa restrictions on individuals linked to the misuse of commercial spyware tools that enable unlawful surveillance and human rights abuses globally. “The misuse of commercial spyware threatens privacy and […]


Threats & Malware, Vulnerabilities

Double trouble for Fortinet customers as pair of critical vulns found in FortiSIEM

February 6, 2024

Via: The Register

Fortinet’s FortiSIEM product is vulnerable to two new maximum-severity security vulnerabilities that allow for remote code execution. Both CVE-2024-23108 and CVE-2024-23109 have been assigned provisional scores of 10 on the CVSS scale, suggesting exploits can be carried out remotely by […]


Cyber-crime, Malware

EquiLend back in the saddle as ransom payment rumors swirl

February 6, 2024

Via: The Register

Global securities finance tech company EquiLend’s systems are now back online after announcing a disruptive ransomware attack nearly two weeks ago. EquiLend was founded in 2001 by some of Wall Street’s biggest players – its board of directors includes BlackRock, […]


Cyber-crime, Malware

Chinese Coathanger malware hung out to dry by Dutch defense department

February 6, 2024

Via: The Register

Dutch authorities are lifting the curtain on an attempted cyberattack last year at its Ministry of Defense (MoD), blaming Chinese state-sponsored attackers for the espionage-focused intrusion. Specialists from the Netherlands’ Military Intelligence and Security Service (MIVD) and the General Intelligence […]


Data loss, Threats & Malware

Verizon says 63K employees’ info fell into the wrong hands – an insider this time

February 6, 2024

Via: The Register

Verizon is notifying more than 63,000 people, mostly current employees, that an insider, accidentally or otherwise, had inappropriate access to their personal data. The privacy blunder happened in September, and the American telco giant attributed it to “inadvertent disclosure” and […]


Threats & Malware, Virus & Malware

SBF likely off the hook for misplaced FTX funds after cops bust SIM swap ring

February 5, 2024

Via: The Register

The recent indictment of a massive SIM-swapping ring may mean convicted crypto conman Sam Bankman-Fried is innocent of at least one allegation still hanging over his head: The theft of more than $400 million in crypto hacked from wallets belonging […]