US Official Reproaches Industry for Bad CybersecurityCISA Director Says Programming Language Swap Will End Memory Safety VulnerabilitiesA top U.S. government official urged industry to become more...
Day: February 28, 2023
Online Shopping Cart Software Vulnerable: German BSI Report
Online Shopping Cart Software Vulnerable: German BSI ReportBSI Study Finds Outdated Software, Vulnerable JavaScript LibrariesAn assessment of online shopping cart software used by e-commerce sites performed...
Australia Centralizes Government Cybersecurity Response
Australia Centralizes Government Cybersecurity ResponseHome Affairs Minister Clare O'Neil Dings Cybersecurity Law as 'Bloody Useless'The Australian government says it will centralize its approach to securing federal...
Fortinet soluciona 40 fallas, 2 críticas con PoC CVE-2022-39952 (PARCHA YA!)
Fortinet soluciona 40 fallas, 2 críticas con PoC CVE-2022-39952 (PARCHA YA!)Fortinet ha publicado actualizaciones de seguridad para abordar 40 vulnerabilidades en su línea de software, incluidos...
Guía de NSA para proteger redes domésticas
Guía de NSA para proteger redes domésticasLa Agencia de Seguridad Nacional de Estados Unidos (NSA) ha publicado una guía para proteger redes domésticas. La guía «Best...
Learn the art of malicious compliance: doing exactly what you were asked, even when it’s wrong
Learn the art of malicious compliance: doing exactly what you were asked, even when it's wrongSmart-alec worker found a way to avoid nasty, boring jobs –...
LockBit’s Royal Mail ransom deadline flies by. No data released
LockBit's Royal Mail ransom deadline flies by. No data releasedAlso: Russian wiper malware authors turn to data theft, plus this week's critical vulns in brief The...
Namecheap admits ‘unauthorized emails’ pwning its customers
Namecheap admits 'unauthorized emails' pwning its customersBlames 'third-party provider' as phishers drain Ethereum wallets Domain registrar Namecheap blamed a "third-party provider" that sends its newsletters after...
Pepsi Bottling Ventures says info-stealing malware swiped sensitive data
Pepsi Bottling Ventures says info-stealing malware swiped sensitive dataThat's not what I like Crooks have breached Pepsi Bottling Ventures' network and, after deploying info-stealing malware, made...
Romance scam targets security researcher, hilarity ensues
Romance scam targets security researcher, hilarity ensuesHappy Valentine's Day! Now don't get fooled It sounds like the plot of a somewhat far-fetched romcom-slash-thriller Netflix series, maybe...
Google lets a few Android devices into its Privacy Sandbox
Google lets a few Android devices into its Privacy SandboxChocolate Factory's ad tech renovation is moving ahead, like it or not Google on Tuesday began rolling...
Record-breaking number of record-breaking DDoS attacks confirmed
Record-breaking number of record-breaking DDoS attacks confirmedAnd growing abuse of cloud – because using hijacked Brazilian cable modems to down sites is so 2013 Dozens of...
Microsoft delivers 75-count box of patches for Valentine’s Day
Microsoft delivers 75-count box of patches for Valentine's DayAdobe, SAP, Intel, AMD, Android also show up with bouquet of fixes Patch Tuesday Happy Patch Tuesday for...
Russian crook made $90M exploiting stolen info on Tesla, Roku, Avnet, Snap, more
Russian crook made $90M exploiting stolen info on Tesla, Roku, Avnet, Snap, moreUndisclosed earnings reports swiped, exploited A Russian national with ties to the Kremlin exploited...
Apple splats zero-day bug, other gremlins in macOS, iOS
Apple splats zero-day bug, other gremlins in macOS, iOSWebKit flaw 'may have been exploited' – just like Tim Cook 'may have' made a million bucks this...
Hyundai and Kia issue software upgrades to thwart killer TikTok car theft hack
Hyundai and Kia issue software upgrades to thwart killer TikTok car theft hackGone in 60 seconds using a USB-A plug and brute force instead of a...
Storage security toughen-up for compliance and cyberwar in 2023
Storage security toughen-up for compliance and cyberwar in 2023Giving storage platforms enhanced built-in security features will be a significant step toward counteracting the impacts of cybercrime...
Intel patches up SGX best it can after another load of security holes found
Intel patches up SGX best it can after another load of security holes foundPlus bugs squashed in Server Platform Services and more Intel's Software Guard Extensions...
ESXiArgs ransomware fights off Team America’s data recovery script
ESXiArgs ransomware fights off Team America's data recovery scriptWant a clue to what you’re dealing with? Check the ransom note That didn't take long.… Leer másThe...
More victims of fake crypto investor scam speak to The Register
More victims of fake crypto investor scam speak to The RegisterUK-based Coin Publishers were conned out of $206,000 after meeting in a Barcelona hotel Exclusive When...
VMware, Windows 11 shafted by Windows Server 2022
VMware, Windows 11 shafted by Windows Server 2022OS won't start on some systems with ESXi VMs, while Win11 updates may not make it to devices Updated ...
Google’s big security cert log overhaul broke Android apps. Now it’s hit undo
Google's big security cert log overhaul broke Android apps. Now it's hit undoDevs missed warnings plus tons of code relies again on lone open source maintainer...
Norway finds a way to recover crypto North Korea pinched in Axie heist
Norway finds a way to recover crypto North Korea pinched in Axie heistMeanwhile South Korea's Do Kwon is sought for fraud by US authorities Norwegian authorities...
Antivirus apps are there to protect you – Cisco’s ClamAV has a heckuva flaw
Antivirus apps are there to protect you – Cisco's ClamAV has a heckuva flawSwitchzilla hardware and software need attention, unless you fancy arbitrary remote code execution...
EU lawmakers argue against signing US data-transfer pact
EU lawmakers argue against signing US data-transfer pactCommittee: Something about complaints process being dealt with in total secrecy doesn't sit right Lawmakers in the European Parliament...
Zero to SIEM in Seconds Part 1: Operationalize in Seconds
Zero to SIEM in Seconds Part 1: Operationalize in SecondsOperationalize in Seconds is the first in a series of blog posts focused on what... The post...
Why Natural Language Processing Is Crucial for Open-Source Intelligence Analysts
Why Natural Language Processing Is Crucial for Open-Source Intelligence AnalystsAs the volume of data continues to grow, it's important to have tools that can help derive...
Addressing Common Executive Compliance Requests
Addressing Common Executive Compliance RequestsThe relationship between executive teams and compliance is a close one, as executives are responsible for ensuring that their organizations adhere to...
Introducing the Inaugural Hacker’s Yearbook
Introducing the Inaugural Hacker’s YearbookGet an overview of the most impactful security trends and cyberattacks of 2022, with key insights to help you prepare for the...
Addressing Common HR Compliance Requests
Addressing Common HR Compliance RequestsPeople & HR departments and organizations must address various compliance requirements to ensure the fair and legal treatment of employees. See some...