2024

Ireland fines Meta for 2018 ‘View As’ breach that exposed 30M accounts

€251 million? Zuck can find that in his couch cushions, but Meta still vows to appeal It's been six years since miscreants abused some sloppy Facebook code to steal access tokens belonging to 30 million users, and the slow-turning wheels of Irish justice have finally caught up with…

BlackBerry offloads Cylance’s endpoint security products to Arctic Wolf

Fresh attempt to mix the perfect cocktail of IoT and Infosec BlackBerry's ambition to mix infosec and the Internet of Things has been squeezed, after the Canadian firm announced it is offloading Cylance's endpoint security products.…

Australia moves to drop some cryptography by 2030 – before quantum carves it up

The likes of SHA-256, RSA, ECDSA and ECDH won't be welcome in just five years Australia's chief cyber security agency has decided local orgs should stop using the tech that forms the current cryptographic foundation of the internet by the year 2030 – years before other nations plan…

Ransomware scum blow holes in Cleo software patches, Cl0p (sort of) claims responsibility

But can you really take crims at their word? Supply chain integration vendor Cleo has urged its customers to upgrade three of its products after an October security update was circumvented, leading to widespread ransomware attacks that Russia-linked gang Cl0p has claimed are its evil work.…

Trump administration wants to go on cyber offensive against China

The US has never attacked Chinese critical infrastructure before, right? President-elect Donald Trump's team wants to go on the offensive against America's cyber adversaries, though it isn't clear how the incoming administration plans to achieve this. …

Are your Prometheus servers and exporters secure? Probably not

Plus: Netscaler brute force barrage; BeyondTrust API key stolen; and more Infosec in brief  There's a problem of titanic proportions brewing for users of the Prometheus open source monitoring toolkit: hundreds of thousands of servers and exporters are exposed to the internet, creating significant security risks and leaving…

Iran-linked crew used custom ‘cyberweapon’ in US critical infrastructure attacks

IOCONTROL targets IoT and OT devices from a ton of makers, apparently An Iranian government-linked cybercriminal crew used custom malware called IOCONTROL to attack and remotely control US and Israel-based water and fuel management systems, according to security researchers.…

Scumbag gets 30 years in the clink for running CSAM dark-web chatrooms, abusing kids

'Today’s sentencing is more than just a punishment. It’s a message' A Texan who ran a forum on the dark web where depraved netizens could swap child sex abuse material (CSAM), and chat freely about abusing kids, has been sentenced to 30 years in prison.…

Google Timeline location purge causes collateral damage

Privacy measure leaves some mourning lost memories A year ago, Google announced plans to save people's Location History, which it now calls Timeline, locally on devices rather than on its servers.…

Cyber protection made intuitive and affordable

How Cynet delivered 100 percent Protection and 100 percent Detection Visibility in 2024 MITRE ATT&CK Evaluation Partner Content  Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders is to keep IT environments up and running.…

Copyright © 2024 Lugapel