July 2024

Ransomware infection cuts off blood supply to 250+ hospitals

Scumbags go for the jugular A ransomware attack against blood-donation nonprofit OneBlood, which services more than 250 American hospitals, has "significantly reduced" the org's ability to take, test, and distribute blood.…

Chrome adopts app-bound encryption to stymie cookie-stealing malware

Windows users now get macOS-grade secret security Google says it's enhancing the security of sensitive data managed by Chrome for Windows users to fight the scourge of infostealer malware targeting cookies.…

Embedding AI security from the get go

Watch this Palo Alto Networks keynote to understand the importance of visibility, control and governance in AI application and service development Sponsored Post  The dawn of artificial intelligence is upon us, but its development has only just begun.…

‘Error’ in Microsoft’s DDoS defenses amplified 8-hour Azure outage

A playbook full of strategies and someone fumbles the implementation Do you have problems configuring Microsoft's Defender? You might not be alone: Microsoft admitted that whatever it's using for its defensive implementation exacerbated yesterday's Azure instability.…

UK Electoral Commission slapped for basic cybersecurity fails

It took 13 months to notice 40 million voters' data was compromised The UK's Electoral Commission has received a formal slap on the wrist for a litany of security failings that led to the theft of personal data belonging to around 40 million voters.…

DigiCert gives unlucky folks 24 hours to replace doomed certificates after code blunder

For the want of an underscore DigiCert has given some unlucky customers 24 hours to replace their SSL/TLS security certificates it previously issued them – due to a five-year-old blunder in its backend software.…

‘LockBit of phishing’ EvilProxy used in more than a million attacks every month

Leaves a trail of ransomware infections, data theft, business email compromise in its wake Insight  The developers of EvilProxy – a phishing kit dubbed the "LockBit of phishing" – have produced guides on using legitimate Cloudflare services to disguise malicious traffic. This adds to the ever-growing arsenal of…

Ransomware gangs are loving this dumb but deadly make-me-admin ESXi vulnerability

Get those patches applied – all the big dogs are abusing it Do you have your VMware ESXi hypervisor joined to Active Directory? Well, the latest news from Microsoft serves as a reminder that you might not want to do that given the recently patched vulnerability that has…

Proofpoint phishing palaver plagues millions with ‘perfectly spoofed’ emails from IBM, Nike, Disney, others

They DKIM here, they DKIM there A huge phishing campaign exploited a security blind-spot in Proofpoint's email filtering systems to send an average of three million "perfectly spoofed" messages a day purporting to be from Disney, IBM, Nike, Best Buy, and Coca-Cola – all of which are Proofpoint…

Malaysia is working on an internet ‘kill switch’, says minister

Follows requirement for social media and messaging platforms to get a license Legislation for an internet "kill switch" will reach Malaysia’s Parliament in October, according to the country's minister for Law and Institutional Reform.…

Copyright © 2024 Lugapel