News

The second max score this week for Netzilla - not a good look

If you're running the Engineering-Special (ES) builds of Cisco Unified Communications Manager or its Session Management Edition, you need to apply Cisco's urgent patch after someone at Switchzilla made a big mistake.…

Two flaws in TeleMessage are 'frequent attack vectors for malicious cyber actors'

The US security watchdog CISA has warned that malicious actors are actively exploiting two flaws in the Signal clone TeleMessage TM SGNL, and has directed federal agencies to patch the flaws or discontinue use of the app by July 22.…

Nonprofit TTAM assures everything is BAU. Whether that makes customers feel better is another matter

The medical research nonprofit vying to buy 23andMe is informing existing customers that it plans to complete the deal on July 8.…

Aeza Group accused of assisting data bandits and BianLian ransomware crooks

The US Treasury has sanctioned Aeza Group, a Russian bulletproof hosting (BPH) provider, and four of its cronies for enabling ransomware and other cybercriminal activity.…

Experts say they don't expect the MOVEit menace to do much about it

Security experts have uncovered a hole in Cl0p's data exfiltration tool that could potentially leave the cybercrime group vulnerable to attack.…

It might be time to update the Submarine Telegraph Act of 1885

Cyberattacks and undersea cable sabotage are blurring the line between war and peace and exposing holes in UK law, a government minister has warned lawmakers.…

Frequent flyers’ info takes flight

Australian airline Qantas on Wednesday revealed it fell victim to a cyberattack that saw information describing six million customers stolen.…

Customizations not saved with security baseline policy update

Microsoft Intune administrators may face a few days of stress after Redmond acknowledged a problem with security baseline customizations.…

Body stays coy on details but alludes to similarities with 2023 espionage campaign

The International Criminal Court (ICC) says a "sophisticated" cyberattack targeted the institution, the second such incident in two years.…

The silly mistakes to the flagrant failures

They say that success breeds complacency, and complacency leads to failure. For cybercriminals, taking too many shortcuts when it comes to opsec delivers a little more than that. …

Makes the usual complaints about control and cost, adds argument Apple's practices harm privacy

Secure comms biz Proton has joined a lawsuit that alleges Apple’s anticompetitive ways are harming developers, consumers, and privacy.…

Resulting in two indictments, one arrest, and 137 laptops seized

The US Department of Justice has announced a major disruption of multiple North Korean fake IT worker scams.…

Don't leave the door open to disgruntled workers

A judge has sentenced a disgruntled IT worker to more than seven months in prison after he wreaked havoc on his employer's network following his suspension, according to West Yorkshire Police.…

Time ticking for defenders as social engineering pros weave wider web

Just a few weeks after warning about Scattered Spider's tactics shifting toward the insurance industry, the same experts now say the aviation industry is now on the ransomware crew's radar.…

Device compromises and deep-seated access to critical infrastructure exposed surveillance vulnerabilities in agency's work

A major Mexican drug cartel insider grassed on his fellow drug-peddlers back in 2018, telling the FBI that a cartel "hacker" was tracking a federal official and using their deep-rooted access to the country's critical infrastructure to kill informants.…

Like being hard to spot? They’d much rather you didn’t

Opinion  There are few tech deceptions more successful than Chrome's Incognito Mode.…

PLUS: Broadband blimps to fly in Japan; Starbucks China put ads before privacy; and more!

Asia In Brief  Canada’s government has ordered Chinese CCTV systems vendor Hikvision to cease its local operations.…

PLUS: Crooks target hardware crypto wallets; Bad flaws in Brother printers; ,O365 allows takeover-free phishing; and more

Infosec in Brief  Despite warnings not to pay ransomware operators, almost half of those infected by the malware send cash to the crooks who planted it, according to infosec software slinger Sophos.…

Watch out for supply chain hacks especially

interview  The ceasefire between Iran and Israel may prevent the two countries from firing missiles at each other, but it won't carry any weight in cyberspace, according to former NATO hacker Candan Bolukbas.…

Taking advantage of the ridiculously complex US healthcare billing system

Criminals masquerading as insurers are tricking patients and healthcare providers into handing over medical records and bank account information via emails and text messages, according to the FBI.…