A critical vulnerability in an Azure tool that lets users manage Kubernetes clusters can be exploited remotely without authentication to gain administrative control over Kubernetes clusters, as well as Azure edge devices. The vulnerability, allocated a maximum possible CVSS (severity rating) score of 10 has been allocated CVE-2022-37968. It is

Per RATM: "Action must be taken. We don't need the key we'll break in"

Deutsche Bank has extended a contract with Kyndryl (previously IBM Infrastructure Services) to run its continental European core banking and mission critical IT infrastructures, in what the two described as one of the “largest and longest-running vendor contracts in the financial industry” at nearly 20 years together. Kyndryl will also

A vulnerability in multiple Fortinet products gives an unauthenticated remote attackers root access to its core product’s administrative interface – and the vulnerability has been exploited in the wild the company warned. Given exploitation the company has warned customers to check for Indicators of Compromise. https://twitter.com/Horizon3Attack/status/

Intel late Sunday confirmed that proprietary UEFI code had been leaked in a potential serious security breach. The Intel Alder Lake source code was leaked to 4chan and Github – as first reported by Tom’s Hardware – as a 6GB file containing sensitive tools and code for building and optimising BIOS/

The US Department of State has appointed Dr Kelly Fletcher as its new Chief Information Officer (CIO). She will lead a team of 2,700 IT professionals and oversee $2.5 billion of digital transformation programmes. Among those programmes is a recently signed $1.58 billion contract with Verizon to

Investigations and e-discovery exercises in response to IP theft are fraught with challenges...