November 2024

Kids’ shoemaker Start-Rite trips over security again, spilling customer card info

Full details exposed, putting shoppers at serious risk of fraud Updated  Children's shoemaker Start-Rite is dealing with a nasty "security incident" involving customer payment card details, its second significant lapse during the past eight years.…

NatWest blocks bevy of apps in clampdown on unmonitorable comms

From guidance to firm action... no more WhatsApp, Meta's Messenger, Signal, Telegram and more The full list of messaging apps officially blocked by Brit banking and insurance giant NatWest Group is more extensive than WhatsApp, Meta's Messenger, and Skype – as first reported.…

Asda security chief replaced, retailer sheds jobs during Walmart tech divorce

British grocer's workers called back to office as clock ticks for contractors The head of tech security at Asda, the UK's third-largest food retailer, has left amid an ongoing tech divorce from US grocery giant Walmart.…

Five Eyes infosec agencies list 2024’s most exploited software flaws

Slack patching remains a problem – which is worrying as crooks increasingly target zero-day vulns The cyber security agencies of the UK, US, Canada, Australia, and New Zealand have issued their annual list of the 15 most exploited vulnerabilities, and warned that attacks on zero-day exploits have become…

Reminder: China-backed crews compromised ‘multiple’ US telcos in ‘significant cyber espionage campaign’

Feds don't name Salt Typhoon, but describe Beijing band's alleged deeds The US government has confirmed there was "a broad and significant cyber espionage campaign" conducted by China-linked snoops against "multiple" American telecommunications providers' networks.…

Microsoft slips Task Manager and processor count fixes into Patch Tuesday

Sore about cores no more Microsoft has resolved two issues vexing Windows 11 24H2 and Windows Server 2025 users among the many security updates that emerged on Patch Tuesday.…

Admins can give thanks this November for dollops of Microsoft patches

Don't be a turkey – get these fixed Patch Tuesday  Patch Tuesday has swung around again, and Microsoft has released fixes for 89 CVE-listed security flaws in its products – including two under active attack – and reissued three more.…

China’s Volt Typhoon crew and its botnet surge back with a vengeance

Ohm, for flux sake China's Volt Typhoon crew and its botnet are back, compromising old Cisco routers once again to break into critical infrastructure networks and kick off cyberattacks, according to security researchers.…

Air National Guardsman gets 15 years after splashing classified docs on Discord

22-year-old talked of 'culling the weak minded' – hmm! A former Air National Guard member who stole classified American military secrets, and showed them to his gaming buddies on Discord, has been sentenced to 15 years in prison.…

Here’s what we know about the suspected Snowflake data extortionists

A Canadian and an American living in Turkey 'walk into' cloud storage environments… Two men allegedly compromised what's believed to be multiple organizations' Snowflake-hosted cloud environments, stole sensitive data within, and extorted at least $2.5 million from at least three victims.…

Copyright © 2024 Lugapel