January 2024

Atlassian Confluence Server RCE attacks underway from 600+ IPs

If you're still running a vulnerable instance then 'assume a breach' More than 600 IP addresses are launching thousands of exploit attempts against CVE-2023-22527 – a critical bug in out–of-date versions of Atlassian Confluence Data Center and Server – according to non-profit security org Shadowserver.…

Slug slimes aerospace biz AerCap with ransomware, brags about 1TB theft

Loanbase admits massive loss of customer data to thieves, too AerCap, the world's largest aircraft leasing company, has reported a ransomware infection that occurred earlier this month, but claims it hasn't yet suffered any financial losses yet and all its systems are under control.…

EFF adds Street Surveillance Hub so Americans can check who’s checking on them

'The federal government has almost entirely abdicated its responsibility' For a country that prides itself on being free, America does seem to have an awful lot of spying going on, as the new Street Surveillance Hub from the Electronic Frontier Foundation shows.…

Ivanti and Juniper Networks accused of bending the rules with CVE assignments

Critics claim now-fixed vulnerabilities weren't disclosed, flag up grouping of multiple flaws under one CVE Critics are accusing major tech companies of not sticking to the rules when it comes to registering vulnerabilities with the appropriate authorities.…

Subway’s data torpedoed by LockBit, ransomware gang claims

Fast food chain could face a footlong recovery process if allegations are true The LockBit ransomware gang is claiming an attack on submarine sandwich slinger Subway, alleging it has made off with a platter of data.…

ICO fines spam slinging financial services biz

It's all very well offering 'Free Debt Help,' but recipients were unwilling, says watchdog... A financial services company that illegally dispatched tens of thousands of spam messages promising to help the recipients magically wipe away their debts is itself now a debtor to the UK’s data regulator.…

Safeguarding against the global ransomware threat

How Object First’s Ootbi delivers ransomware-proof and immutable backup storage that can be up and running in minutes Sponsored Feature  Ransomware is used by cybercriminals to steal and encrypt critical business data before demanding payment for its restoration. It represents one of, if not the most, serious cybersecurity…

BreachForums admin ‘Pompourin’ sentenced to 20 years of supervised release

ALSO: Another UEFI flaw found; Kaspersky discovers iOS log files actually work; and a few critical vulnerabilities in brief  Conor Brian Fitzpatrick – aka "Pompourin," a former administrator of notorious leak site BreachForums – has been sentenced to 20 years of supervised release.…

Russians invade Microsoft exec mail while China jabs at VMware vCenter Server

Plus: Uncle Sam says Ivanti exploits 'consistent with PRC' snoops A VMware security vulnerability has been exploited by Chinese cyberspies since late 2021, according to Mandiant, in what has been a busy week for nation-state espionage news.…

Five ripped off IT giant with $7M+ in bogus work expenses, prosecutors claim

Account manager and pals blew it on hotels, cruise, fancy meals and more allegedly Five people have been accused of pulling off a "brazen" scam that involved submitting more than $7 million in fake work expense claims to an IT consultancy to bankroll hotel stays, a cruise, visits…

Copyright © 2024 Lugapel