September 2024

Patch now: Critical Nvidia bug allows container escape, complete host takeover

33% of cloud environments using the toolkit impacted, we're told A critical bug in Nvidia's widely used Container Toolkit could allow a rogue user or software to escape their containers and ultimately take complete control of the underlying host.…

HPE patches three critical security holes in Aruba PAPI

More 9.8 bugs? Ay, papi! Aruba access points running AOS-8 and AOS-10 need to be patched urgently after HPE emitted fixes for three critical flaws in its networking subsidiary's networking access points.…

Doomsday ‘9.9 RCE bug’ could hit every Linux system

No fix yet plus criticalness plus uncertainty plus talk of example exploit equals nightmare Details about an as-yet-non-public critical 9.9-out-of-10-severity unauthenticated remote-code execution vulnerability affecting all GNU/Linux systems could be revealed today.…

Securing intellectual property in AI-powered enterprises

Protect your enterprise data while leveraging AI models Webinar  As organizations adopt AI technologies, safeguarding private intellectual property (IP) has become more challenging.…

Victims lose $70k to one single wallet-draining app on Google’s Play Store

Attackers got 10k people to download 'trusted' web3 brand cheat before Mountain View intervened The latest in a long line of cryptocurrency wallet-draining attacks has stolen $70,000 from people who downloaded a dodgy app in a single campaign researchers describe as a world-first.…

Public Wi-Fi operator investigating cyberattack at UK’s busiest train stations

See it, say it… not sorted just yet as network access remains offline Updated  A cybersecurity incident is being probed at Network Rail, the UK non-departmental public body responsible for repairing and developing train infrastructure, after unsavory messaging was displayed to those connecting to major stations' free Wi-Fi…

UK government’s bank data sharing plan slammed as ‘financial snoopers’ charter’

Access to account info needed to tackle benefit fraud, latest bill claims Privacy campaigners are criticizing UK proposals to force banks to share data from the accounts of government benefit claimants, saying the ploy amounts to "a financial snoopers' charter targeted to automate suspicion."…

RansomHub genius tries to put the squeeze on Delaware Libraries

Extorting underfunded public services for $1M isn't a good look Despite being top of the ransomware tree at the moment, RansomHub – specifically, one of its affiliates – clearly isn't that bright as they are reportedly trying to extort Delaware Libraries for around $1 million.…

China claims Taiwan, not civilian hackers, behind website vandalism

Taiwan laughs it off – and so does Beijing, which says political slurs hit sites nobody reads anyway Taiwan has dismissed Chinese allegations that its military sponsored a recent wave of anti-Beijing cyber attacks.…

CrowdStrike apologizes to Congress for ‘perfect storm’ that caused global IT outage

Argues worse could happen if it loses kernel access CrowdStrike is "deeply sorry" for the "perfect storm of issues" that saw its faulty software update crash millions of Windows machines, leading to the grounding of thousands of planes, passengers stranded at airports, the cancellation of surgeries, and disruption…

Copyright © 2024 Lugapel