November 2024

Why the long name? Okta discloses auth bypass bug affecting 52-character usernames

Mondays are for checking months of logs, apparently, if MFA's not enabled In potentially bad news for those with long names and/or employers with verbose domain names, Okta spotted a security hole that could have allowed crims to pass Okta AD/LDAP Delegated Authentication (DelAuth) using only a username.…

Public sector cyber break-ins: Our money, our lives, our right to know

Is that a walrus in your server logs, or aren't you pleased to see me? Opinion  At the start of September, Transport for London was hit by a major cyber attack. TfL is the public body that moves many of London's human bodies to and from work and…

Six IT contractors accused of swindling Uncle Sam out of millions

Also, ecommerce fraud ring disrupted, another Operation Power Off victory, Sino SOHO botnet spotted, and more Security in brief  The US Department of Justice has charged six people with two separate schemes to defraud Uncle Sam out of millions of dollars connected to IT product and services contracts. …

Financial institutions told to get their house in order before the next CrowdStrike strikes

Calls for improvements will soon turn into demands when new rules come into force The UK's finance regulator is urging all institutions under its remit to better prepare for IT meltdowns like that of CrowdStrike in July.…

UK councils bat away DDoS barrage from pro-Russia keyboard warriors

Local authority websites downed in response to renewed support for Ukraine Multiple UK councils had their websites either knocked offline or were inaccessible to residents this week after pro-Russia cyber nuisances added them to a daily target list.…

Hack Nintendo’s alarm clock to show cat pics? Let’s-a-go!

How 'Gary' defeated Bowser broke into the interactive alarm clock A hacker who uses the handle GaryOderNichts has found a way to break into Nintendo's recently launched Alarmo clock, and run code on the device.…

Copyright © 2024 Lugapel