cybersecurity

Security | Apr 26, 2023

Over 200,000 unique malware samples found in 12 weeks, amid AI threat warnings

Signature-based detection is dying hard.

Security | Apr 25, 2023

"Cascading" software supply chain attack now has CNI victims in EU, US

Two critical infrastructure providers in the energy sector were breached via a software supply chain attack that also hit business communications provider 3CX and its downstream customers, as well as trading companies. That’s according to cybersecurity firm Symantec this week, which said that its Threat Hunter Team had identified

Security | Apr 23, 2023

VMware warns over pre-auth RCE bug in logging utility

From remote nobody to root in one deserialization bug exploit...

Security | Apr 19, 2023

Kubernetes security audit warns over 19 issues, unfixed 2019 bugs

NCC Group audit puts the spotlight on API, permissions weaknesses.

Security | Apr 18, 2023

Russian APT hacked Cisco routers to hit US government

Cisco "deeply concerned" at attacks on "routers and firewalls globally"

Security | Apr 17, 2023

Restaurants reel as POS app hit by ransomware

Major franchises affected after $7.8 billion firm hit in attack

data breaches | Apr 14, 2023

Pentagon leaks by a junior sysadmin put the spotlight back on insider threat

A High School diploma and "normal colour vision" get you a lot of access...

Security | Apr 11, 2023

Patch Tuesday brings a zero day fix and a patch for a... 2013 bug?

Microsoft has urged users to patch a zero day in the Windows Common Log File System (CLFS) that allows elevation by a local attacker to SYSTEM privileges and which is being exploited in the wild. CVE-2023-28252 was reported by a member of China’s DBAPPSecurity WeBin Lab and as that

Security | Apr 10, 2023

Known exploited list: 15 million systems still exposed

... and probably shot to high heaven with malware.

document.currentScript.parentNode.innerHTML = (parseInt(document.currentScript.closest('.iteration-container').dataset.length)).toString();