June 2024

CISA looked at C/C++ projects and found a lot of C/C++ code. Wanna redo any of it in Rust?

So, so many lines of memory-unsafe routines in crucial open source, and unsafe dependencies The US government's Cybersecurity and Infrastructure Security Agency (CISA) has analyzed 172 critical open source projects and found that more than half contain code written in languages like C and C++ that are not…

TeamViewer says Russia broke into its corp IT network

Same APT29 crew that hit Microsoft and SolarWinds. How close were we to a mega backdoor situation? TeamViewer says it was Russian intelligence that broke into its systems this week.…

Unlock the future of security

Join our exclusive webinar on identity security Webinar  In today's rapidly evolving digital landscape, securing identities is more critical than ever.…

Google cuts ties with Entrust in Chrome over trust issues

Move comes weeks after Mozilla blasted certificate authority for failings Google is severing its trust in Entrust after what it describes as a protracted period of failures around compliance and general improvements.…

Microsoft hits snooze again on security certificate renewal

Seeing weird warnings in Microsoft 365 and Office Online? That'll be why Microsoft has expiration issues with its TLS certificates, resulting in unwanted security warnings.…

‘Skeleton Key’ attack unlocks the worst of AI, says Microsoft

Simple jailbreak prompt can bypass safety guardrails on major models Microsoft on Thursday published details about Skeleton Key – a technique that bypasses the guardrails used by makers of AI models to prevent their generative chatbots from creating harmful content.…

Polyfill.io owner punches back at ‘malicious defamation’ amid domain shutdown

No supply-chain attacks to see over here! After having its website shut down, the polyfill.io owner is fighting back against claims it smuggled suspicious code onto websites all across the internet.…

US lawmakers wave red flags over Chinese drone dominance

Congressman warns tech is getting the 'Huawei Playbook' treatment US Congress members warned against Chinese dominance of the drone industry on Wednesday, elevating the threat posed by Beijing's control of the technology as similar to that of semiconductors and ships.…

Korean telco allegedly infected its P2P users with malware

KT may have had an entire team dedicated to infecting its own customers A South Korean media outlet has alleged that local telco KT deliberately infected some customers with malware due to their excessive use of peer-to-peer (P2P) downloading tools.…

WhisperGate suspect indicted as US offers a $10M bounty for his capture

Russian national accused of attacks in lead-up to the Ukraine war The US Department of Justice has indicted a 22-year-old Russian for allegedly attacking Ukrainian government computers and destroying critical infrastructure systems in the so-called “WhisperGate” wiper attack that preceded Russia's illegal invasion of the European nation.…

Copyright © 2024 Lugapel