February 2024
OpenAI shuts down China, Russia, Iran, N Korea accounts caught doing naughty things
You don't need us to craft phishing emails or write malware, super-lab sniffs OpenAI has shut down five accounts it asserts were used by government agents to generate phishing emails and malicious software scripts as well as research ways to evade malware detection.…
China’s Volt Typhoon spies broke into emergency network of ‘large’ US city
Jeez, not now, Xi. Can't you see we've got an election and Ukraine and Gaza and cost of living and layoffs and ... The Chinese government's Volt Typhoon spy team has apparently already compromised a large US city's emergency services network and has been spotted snooping around America's…
US Air Force’s new cyber, IT skill recruitment plan: Bring back warrant officer ranks
Officer pay, limited command duties and writing 'code for your country' Skilled IT professionals considering a career change have a new option, as the US Air Force is reintroducing warrant officer ranks exclusively "within the cyber and information technology professions." …
Prudential Financial finds cybercrims lurking inside its IT systems
Some company admin and customers data exposed, but bad guys were there for 'only' a day Prudential Financial, the second largest life insurance company in the US and eight largest worldwide, is dealing with a digital break-in that exposed some internal company and customer records to a criminal…
Romanian hospital ransomware crisis attributed to third-party breach
Emergency impacting more than 100 facilities appears to be caused by incident at software provider The Romanian national cybersecurity agency (DNSC) has pinned the outbreak of ransomware cases across the country's hospitals to an incident at a service provider.…
Southern Water cyberattack expected to hit hundreds of thousands of customers
The company also curiously disappears from Black Basta leak site UK utilities giant Southern Water admits between 5 and 10 percent of its customers have had their data stolen during a January cyberattack.…
Bumblebee malware wakes from hibernation, forgets what year it is, attacks with macros
Trying to break in with malicious Word documents? How very 2015 of you The Bumblebee malware loader seemingly vanished from the internet last October, but it's back and - oddly - relying on a vintage vector to try and gain access.…
Australian Tax Office probed 150 staff over social media refund scam
$1.3 billion lost as identity fraud – and greed – saw 57,000 or more seek unearned tax refunds One hundred and fifty people who worked for the Australian Taxation Office (ATO) have been investigated – and some prosecuted – for participating in a tax refund scam promoted on…
Crims found and exploited these two Microsoft bugs before Redmond fixed ’em
SAP, Adobe, Intel, AMD also issue fixes as well as Google for Android Patch Tuesday Microsoft fixed 73 security holes in this February's Patch Tuesday, and you better get moving because two of the vulnerabilities are under active attack.…
Just one bad DNS packet can bring down a public DNSSEC server
'You don't have to do more than that to disconnect an entire network' El Reg told as patches emerge A 20-plus-year-old security vulnerability in the design of DNSSEC could allow a single DNS packet to exhaust the processing capacity of any server offering the system for domain-name resolution,…