December 2024

US Treasury Department outs the blast radius of BeyondTrust’s key leak

Data pilfered as miscreants roamed affected workstations The US Department of the Treasury has admitted that miscreants were in its systems, accessing documents in what has been called a "major incident."…

China’s cyber intrusions took a sinister turn in 2024

From targeted espionage to pre-positioning - not that they are mutually exclusive The Chinese government's intrusions into America's telecommunications and other critical infrastructure networks this year appears to signal a shift from cyberspying as usual to prepping for destructive attacks.…

More telcos confirm Salt Typhoon breaches as White House weighs in

The intrusions allowed Beijing to 'geolocate millions of individuals' AT&T, Verizon, and Lumen Technologies confirmed that Chinese government-backed snoops accessed portions of their systems earlier this year, while the White House added another, yet-unnamed telecommunications company to the list of those breached by Salt Typhoon.…

It’s only a matter of time before LLMs jump start supply-chain attacks

'The greatest concern is with spear phishing and social engineering' Interview  Now that criminals have realized there's no need to train their own LLMs for any nefarious purposes - it's much cheaper and easier to steal credentials and then jailbreak existing ones - the threat of a large-scale…

How cops taking down LockBit, ALPHV led to RansomHub’s meteoric rise

Cut off one head, two more grow back in its place RansomHub, the ransomware collective that emerged earlier this year, quickly gained momentum, outpacing its criminal colleagues and hitting its victims especially hard. The group named and shamed hundreds of organizations on its leak site, while demanding exorbitant…

Microsoft adds another problem to the Windows 11 24H2 naughty list

Santa Satya pops one more issue into his sack just in time for Christmas The trickle of known issues with Windows 11 24H2 has continued with a new one just in time for festive season: installed the operating system using removable media? There's a chance it might stop…

Former NSA cyberspy’s not-so-secret hobby: Hacking Christmas lights

Rob Joyce explains how it's done Video  In 2018, Rob Joyce, then Donald Trump's White House Cybersecurity Coordinator, gave a surprise talk at the legendary hacking conference Shmoocon about his hobby.…

How Androxgh0st rose from Mozi’s ashes to become ‘most prevalent malware’

Botnet's operators 'driven by similar interests as that of the Chinese state' After the Mozi botnet mysteriously disappeared last year, a new and seemingly more powerful botnet, Androxgh0st, rose from its ashes and has quickly become a major threat to critical infrastructure.…

What do ransomware and Jesus have in common? A birth month and an unwillingness to die

35 years since AIDS first borked a PC and we're still no closer to a solution Feature  Your Christmas holidays looked quite different in the '80s to how they do today. While some will remember what it was like to wake up on the 25th back then, some…

One third of adults can’t delete device data

Easier to let those old phones gather dust in a drawer, survey finds The UK's Information Commissioner's Office (ICO) has warned that many adults don't know how to wipe their old devices, and a worrying number of young people just don't care.…

Copyright © 2024 Lugapel