December 3, 2024

Perfect 10 directory traversal vuln hits SailPoint’s IAM solution

20-year-old info disclosure class bug still pervades security software It's time to rev up those patch engines after SailPoint disclosed a perfect 10/10 severity vulnerability in its identity and access management (IAM) platform IdentityIQ.…

Severity of the risk facing the UK is widely underestimated, NCSC annual review warns

National cyber emergencies increased threefold this year The number of security threats in the UK that hit the country's National Cyber Security Centre's (NCSC) maximum severity threshold has tripled compared to the previous 12 months.…

Russia gives life sentence to Hydra dark web kingpin after seizing a ton of drugs

No exaggeration – literally a ton. Plus, 15 co-conspirators also put behind bars A Russian court has handed a life sentence to the head of the infamous online drugs souk Hydra, and 15 of his co-conspirators will also spend many years behind bars.…

Data on 760K workers from Xerox, Nokia, BofA, Morgan Stanley and more dumped online

Yet another result of the MOVEit mess Hundreds of thousands of employees from major corporations including Xerox, Nokia, Koch, Bank of America, Morgan Stanley and others appear to be the latest victims in a massive data breach linked to last year's attacks on file transfer tool MOVEit.…

AWS unveils cloud security IR service for a mere $7K a month

Tap into the infinite scalability... of pricing Re:Invent  Amazon Web Services has a new incident response service that combines automation and people to protect customers' AWS accounts - at a hefty price.…

Copyright © 2024 Lugapel