February 2024

Lurie Children’s Hospital back to pen and paper after cyberattack

It's the second Chicago hospital to disclose a major incident in the same week For the second time in one week, cybercriminals have targeted a Chicago children's hospital, this time causing significant operational disruption.…

SBF likely off the hook for misplaced FTX funds after cops bust SIM swap ring

PLUS: more glibc vulns discovered; DraftKings hacker sentenced; and a hefty dose of critical vulnerabilities Infosec In Brief  The recent indictment of a massive SIM-swapping ring may mean convicted crypto conman Sam Bankman-Fried is innocent of at least one allegation still hanging over his head: The theft of…

Researchers remotely exploit devices used to manage safe aircraft landings and takeoffs

The closest thing we may ever get to a real-life Die Hard 2 scenario Criminals could remotely tamper with the data that apps used by airplane pilots rely on to inform safe takeoff and landing procedures, according to fresh research.…

Blackbaud settles with FTC after that IT breach exposed millions of people’s info

Cloud software slinger admits no guilt, promises better basic security hygiene Blackbaud, which had data on millions of people stolen from it by one or more crooks, has promised to shore up its IT defenses in a proposed deal with the FTC.…

Critical vulnerability in Mastodon is pounced upon by fast-acting admins

Danger of remote account takeovers leaves lead devs scared of releasing many details Mastodon has called admins to action following the disclosure of a critical vulnerability affecting the decentralized social network favored by erstwhile Twitter lovers.…

Interpol’s latest cybercrime intervention dismantles ransomware, banking malware servers

Efforts part of internationally coordinated operations carried out in recent months Interpol has arrested 31 people following a three-month operation to stamp out various types of cybercrime.…

Wikileaks source and former CIA worker Joshua Schulte sentenced to 40 years jail

'Vault 7' leak detailed cyber-ops including forged digital certs Joshua Schulte, a former CIA employee and software engineer accused of sharing material with WikiLeaks, was sentenced to 40 years in prison by the US Southern District of New York on Thursday.…

Managing the hidden risks of shadow APIs

How F5 Distributed Cloud Services seal security gaps in modern app development amid growing attack surface Partner Content  Application programming interfaces (APIs) play a significant role in today's digital economy, but at the same time they can also represent a data security vulnerability.…

Cloudflare sheds more light on Thanksgiving security breach in which tokens, source code accessed by suspected spies

Atlassian systen compromised via October Okta intrusion Cloudflare has just detailed how suspected government spies gained access to its internal Atlassian installation using credentials stolen via a security breach at Okta in October.…

Rise of deepfake threats means biometric security measures won’t be enough

Defenses need a rethink in face of increasing sophistication Cyber attacks using AI-generated deepfakes to bypass facial biometrics security will lead a third of organizations to doubt the adequacy of identity verification and authentication tools as standalone protections.…

Copyright © 2024 Lugapel