August 2024

Faulty instructions in Alibaba’s T-Head C910 RISC-V CPUs blow away all security

Let's get physical, physical ... I don't wanna hear your MMU talk Black Hat  Computer security researchers at the CISPA Helmholtz Center for Information Security in Germany have found serious security flaws in some of Alibaba subsidiary T-Head Semiconductor's RISC-V processors.…

Fighting AI fire with AI fire

Palo Alto Networks reveals how AI can be harnessed to strengthen cyber security defenses David Gordon Sponsored Post  Hackers and cyber criminals are busy finding new ways of using AI to launch attacks on businesses and organizations often unprepared to deal with the speed, scale and sophistication of…

Small CSS tweaks can help nasty emails slip through Outlook’s anti-phishing net

A simple HTML change and the warning is gone! Researchers say cybercriminals can have fun bypassing one of Microsoft's anti-phishing measures in Outlook with some simple CSS tweaks.…

Police take just 2 days to recover $40M stolen in business email scam

Timor-Leste is a known cybercrime hotspot Two days is all it took for Interpol to recover more than $40 million worth of stolen funds in a recent business email compromise (BEC) heist, the international cop shop said this week.…

EQT buys majority share in Swiss cybersecurity biz Acronis

Went at equivalent of $3.5B+ valuation for entire firm, though portion sold not specified Acronis, the Swiss disaster recovery turned cybersecurity firm and catch-all for managed service providers, has been majority acquired by Europe’s largest private equity firm, EQT.…

Sonic Automotive says ransomware-linked CDK software outage cost it $30M

Misery loves company – all of its competitors were also negatively impacted One of the US's largest car dealerships says the IT outage caused by CDK Global's June ransomware attack cost it approximately $30 million.…

Bad apps bypass Windows security alerts for six years using newly unveiled trick

Windows SmartScreen and Smart App Control both have weaknesses of which to be wary Elastic Security Labs has lifted the lid on a slew of methods available to attackers who want to run malicious apps without triggering Windows' security warnings, including one in use for six years.…

Users call on Microsoft to update Outlook’s friendly name feature

That one weird thing in Outlook that gives phishers and scammers an in to an inbox Users are urging Microsoft to rethink how it shows sender email addresses in Outlook because phishing criminals are taking advantage, using helpful, friendly names to serve up emails loaded with malicious intent.…

Billion-dollar bust as international op shutters Cryptonator wallet

Chap named 'Roman Boss' accused of being just that at a cryptocash laundering outfit Users of Cryptonator – an online digital wallet and cryptocurrency exchange – received an unpleasant surprise last weekend after the service was shuttered in a combined operation run by the FBI, the US Internal…

MDM vendor Mobile Guardian attacked, leading to remote wiping of 13,000 devices

Singapore Ministry of Education orders software removed after string of snafus UK-based mobile device management vendor Mobile Guardian has admitted that on August 4 it suffered a security incident that involved unauthorized access to iOS and ChromeOS devices managed by its tools, which are currently unavailable. In Singapore,…

Copyright © 2024 Lugapel