2024
Dutch cops pwn the Redline and Meta infostealers, leak ‘VIP’ aliases
Legal proceedings underway with more details to follow Dutch police (Politie) say they've dismantled the servers powering the Redline and Meta infostealers – two key tools in a modern cyber crook's arsenal.…
WordPress forces user conf organizers to share social media credentials, arousing suspicions
One told to take down posts that said nice things about WP Engine Organisers of WordCamps, community-organized events for WordPress users, have been ordered to take down some social media posts and share their login credentials for social networks.…
Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns
Also, Change Healthcare sets a record, cybercrime cop suspect indicted, a new Mallox decryptor, and more in brief Senate intelligence committee chair Mark Warner (D-VA) is demanding to know why, in the wake of the bust-up of a massive online Russian disinformation operation, the names of six US-based…
Worker surveillance must comply with credit reporting rules
US Consumer Financial Protection Bureau demands transparency, accountability from sellers of employee metrics The US Consumer Financial Protection Bureau on Thursday published guidance advising businesses that third-party reports about workers must comply with the consent and transparency requirements set forth in the Fair Credit Reporting Act.…
Just how private is Apple’s Private Cloud Compute? You can test it to find out
Also updates bug bounty program with $1M payout In June, Apple used its Worldwide Developer Conference to announce the creation of the Private Cloud Compute platform to run its AI Intelligence applications, and now it's asking people to stress test the system for security holes.…
Putin’s pro-Trump trolls accuse Harris of poaching rhinos
Plus: Iran's IRGC probes election-related websites in swing states Russian, Iranian, and Chinese trolls are all ramping up their US election disinformation efforts ahead of November 5, but – aside from undermining faith in the democratic process and confidence in the election result – with very different objectives, according…
AWS Cloud Development Kit flaw exposed accounts to full takeover
Remember Bucket Monopoly? Yeah, it gets worse Amazon Web Services has fixed a flaw in its open source Cloud Development Kit that, under the right conditions, could allow an attacker to hijack a user's account completely.…
Emergency patch: Cisco fixes bug under exploit in brute-force attacks
Who doesn't love abusing buggy appliances, really? Cisco has patched an already exploited security hole in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that miscreants have been brute-forcing in attempted denial of service attacks.…
Bitwarden’s FOSS halo slips as new SDK requirement locks down freedoms
Arguments continue but change suggests it's not Free Software anymore The Bitwarden online credentials storage service is changing its build requirements – which some commentators feel mean it's no longer FOSS.…
Ransomware’s ripple effect felt across ERs as patient care suffers
389 US healthcare orgs infected this year alone Ransomware infected 389 US healthcare organizations this fiscal year, putting patients' lives at risk and costing facilities up to $900,000 a day in downtime alone, according to Microsoft.…