September 20, 2024
US indicts two over socially engineered $230M+ crypto heist
Just one victim milked of nearly a quarter of a billion bucks Two individuals are in cuffs and facing serious charges in connection to a major theft of cryptocurrency worth more than $230 million from a single victim.…
Ivanti patches exploited admin command execution flaw
Fears over chained attacks affecting EOL product The US Cybersecurity and Infrastructure Security Agency (CISA) just added the latest Ivanti weakness to its Known Exploited Vulnerability (KEV) catalog, a situation sure to annoy some – given that it's yet another path traversal flaw.…
Cybercrooks strut away with haute couture Harvey Nichols data
Nothing high-end about the sparsely detailed, poorly publicized breach High-end British department store Harvey Nichols is writing to customers to confirm some of their data was exposed in a recent cyberattack.…
CISA boss: Makers of insecure software are the real cyber villains
Write better code, urges Jen Easterly. And while you're at it, give crime gangs horrible names like 'Evil Ferret' Software developers who ship buggy, insecure code are the true baddies in the cyber crime story, Jen Easterly, boss of the US government's Cybersecurity and Infrastructure Security Agency, has…