January 2024

Exploit for under-siege SharePoint vuln reportedly in hands of ransomware crew

It’s taken months for crims to hack together a working exploit chain Security experts claim ransomware criminals have got their hands on a functional exploit for a nearly year-old critical Microsoft SharePoint vulnerability that was this week added to the US's must-patch list.…

Secret multimillion-dollar cryptojacker snared by Ukrainian police

Criminal scored $2M in crypto proceeds but ends up in ‘cuffs following property raid The criminal thought to be behind a multimillion-dollar cryptojacking scheme is in custody following a Europol-led investigation.…

Secure network operations for hybrid working

How to have zero trust connectivity and optimize the remote user experience Webinar  Remote working has rapidly become the norm for many organizations and isn't ever going away. But it still needs to be secure if it's to be a success.…

So, are we going to talk about how GitHub is an absolute boon for malware, or nah?

Microsoft says it's doing its best to crack down on crims The popularity of Github has made it too big to block, which is a boon to dissidents ducking government censors but a problem for internet security.…

Data regulator fines HelloFresh £140k for sending 80M+ spams

Messaging menace used text and email to bombard people Food delivery company HelloFresh is nursing a £140,000 ($178k) fine by Britain’s data privacy watchdog after a probe found it had dispatched upwards of a staggering 79 million spam email and one million texts in just seven months.…

eBay to cough up $3M after cyber-stalking couple who dared criticize the souk

Staff sent live cockroaches, porno – and more – in harassment campaign to silence pair eBay will pay $3 million to settle criminal charges that its security team stalked and harassed a Massachusetts couple in retaliation for their website's critical coverage of the online tat bazaar.…

Mandiant’s brute-forced X account exposes perils of skimping on 2FA

Speculation builds over whether a nearly year-old policy change was to blame Google-owned security house Mandiant's investigation into how its X account was taken over to push cryptocurrency scams concludes the "likely" cause was a successful brute-force password attack.…

Infoseccers think attackers backed by China are behind Ivanti zero-day exploits

Customers currently left patchless while attacks are expected to increase Security experts believe Chinese nation-state attackers are actively exploiting two zero-day vulnerabilities in security products made by Ivanti.…

Fidelity National now says 1.3M customers had data stolen by cyber-crooks

It's still not calling it ransomware Fidelity National Financial now says criminals got hold of data belonging to 1.3 million customers after breaking into its IT network in November.…

Uncle Sam tells hospitals: Meet security standards or no federal dollars for you

Expect new rules in upcoming weeks US hospitals will be required to meet basic cybersecurity standards before receiving federal funding, according to rules the White House is expected to propose in the next few weeks.…

Copyright © 2024 Lugapel