January 2024

Thieves steal 35.5M customers’ data from Vans sneakers maker

But what kind of info was actually compromised? None of your business VF Corporation, parent company of clothes and footwear brands including Vans and North Face, says 35.5 million customers were impacted in some way when criminals broke into their systems in December.…

IT consultant fined for daring to expose shoddy security

Spotting a plaintext password and using it in research without authorization deemed a crime A security researcher in Germany has been fined €3,000 ($3,300, £2,600) for finding and reporting an e-commerce database vulnerability that was exposing almost 700,000 customer records.…

US agencies warn made-in-China drones might help Beijing snoop on the world

It’s a bird, it’s a plane… it’s a flying menace out to endanger national security Two US government agencies, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI), warned on Wednesday that drones made in China could be used to gather information on critical…

JPMorgan exec claims bank repels 45 billion cyberattack attempts per day

Assets boss also reckons she has more engineers than Amazon The largest bank in the United States repels 45 billion – yes, with a B – cyberattack attempts per day, one of its leaders claimed at the World Economic Forum in Davos. …

Future of America’s Cyber Safety Review Board hangs in balance amid calls for rethink

Politics-busting, uber-transparent incident reviews require independence, less internal conflict As the US mulls legislation that would see the Cyber Safety Review Board (CSRB) become a permanent fixture in the government's cyber defense armory, experts are calling for substantial changes in the way it's organized.…

Ransomware attacks hospitalizing security pros, as one admits suicidal feelings

Untold harms of holding the corporate perimeter revealed in extensive series of interviews Ransomware attacks are being linked to a litany of psychological and physical illnesses reported by infosec professionals, and in some cases blamed for hospitalizations.…

Two more Citrix NetScaler bugs exploited in the wild

Just when you thought you had recovered from Bleed Two vulnerabilities in NetScaler's ADC and Gateway products have been fixed – but not before criminals found and exploited them, according to the vendor.…

Google TAG: Kremlin cyber spies move into malware with a custom backdoor

The threat hunters believe COLDRIVER has used SPICA since at least November 2022 Russian cyberspies linked to the Kremlin's Federal Security Service (FSB) are moving beyond their usual credential phishing antics and have developed a custom backdoor that they started delivering via email as far back as November…

Vast botnet hijacks smart TVs for prime-time cybercrime

8-year-old op responsible for DDoS attacks and commandeering broadcasts to push war material Security researchers have pinned a DDoS botnet that's infected potentially millions of smart TVs and set-top boxes to an eight-year-old cybercrime syndicate called Bigpanzi.…

Enter the era of platform-based cloud security

How an integrated platform can streamline the management overhead, improve cloud security and boost threat visibility Sponsored Post  Reports suggest that forward-looking organisations are ditching legacy point-based cloud security offerings and replacing them with more efficient integrated platforms which slash management overheads while significantly improving the app security.…

Copyright © 2024 Lugapel