February 2024

Raspberry Robin devs are buying exploits for faster attacks

One of most important malware loaders to cybercrims who are jumping on vulnerabilities faster than ever Researchers suspect the criminals behind the Raspberry Robin malware are now buying exploits for speedier cyberattacks.…

Cybercrime duo accused of picking $2.5M from Apple’s orchard

Security researcher buddies allegedly tag team a four-month virtual gift card heist at Cupertino tech giant A cybersecurity researcher and his pal are facing charges in California after they allegedly defrauded an unnamed company, almost certainly Apple, out of $2.5 million.…

Rust can help make software secure – but it’s no cure-all

Security is a process, not a product. Nor a language Memory-safety flaws represent the majority of high-severity problems for Google and Microsoft, but they're not necessarily associated with the majority of vulnerabilities that actually get exploited.…

IT suppliers hacked off with Uncle Sam’s demands in aftermath of cyberattacks

Plan says to hand over keys to networks – and report intrusions within eight hours of discovery Organizations that sell IT services to Uncle Sam are peeved at proposed changes to procurement rules that would require them to allow US government agencies full access to their systems in…

Volt Typhoon not the only Chinese crew lurking in US energy, critical networks

Presumably American TLAs are all over Beijing's infrastructure, too ... right? Volt Typhoon isn't the only Chinese spying crew infiltrating computer networks in America's energy sector and other critical organizations with the aim of wrecking equipment and causing other headaches, the US government has said.…

Half of polled infosec pros say their degree was less than useful for real-world work

The other half paid attention in class? Half of infosec professionals polled by Kaspersky said any cybersecurity knowledge they picked up from their higher education is at best somewhat useful for doing their day jobs. On the other hand, half said the know-how was at least very useful.…

US says China’s Volt Typhoon is readying destructive cyberattacks

12 international govt agencies sound the alarm, critical infrastructure at the heart of threats The US government today confirmed China's Volt Typhoon crew comprised "multiple" critical infrastructure orgs' IT networks in America – and Uncle Sam warned that the Beijing-backed spies are readying "disruptive or destructive cyberattacks" against…

Iran’s cyber operations in Israel a potential prelude to US election interference

Tactics are more sophisticated and supported in greater numbers Iran's anti-Israel cyber operations are providing a window into the techniques the country may deploy in the run-up to the 2024 US Presidential elections, Microsoft says.…

Raspberry Pi Pico cracks BitLocker in under a minute

Windows encryption feature defeated by $10 and a YouTube tutorial We're very familiar with the many projects in which Raspberry Pi hardware is used, from giving old computers a new lease of life through to running the animated displays so beloved by retailers. But cracking BitLocker? We doubt…

JetBrains urges swift patching of latest critical TeamCity flaw

Cloud version is safe, but no assurances offered about possible on-prem exploits JetBrains is encouraging all users of TeamCity (on-prem) to upgrade to the latest version following the disclosure of a critical vulnerability in the CI/CD tool.…

Copyright © 2024 Lugapel