2024

If you’re using Polyfill.io code on your site – like 100,000+ are – remove it immediately

Scripts turn malicious, infect webpages after Chinese CDN swallows domain The polyfill.io domain is being used to infect more than 100,000 websites with malware after a Chinese organization bought the domain earlier this year.…

CISA says crooks used Ivanti bugs to snoop around high-risk chemical facilities

Crafty crims broke in but encryption stopped any nastiness US cybersecurity agency CISA is urging high-risk chemical facilities to secure their online accounts after someone broke into its Chemical Security Assessment Tool (CSAT) portal.…

UK and US cops band together to tackle Qilin’s ransomware shakedowns

Attacking the NHS is a very bad move UK and US cops have reportedly joined forces to find and fight Qilin, the ransomware gang wreaking havoc on the global healthcare industry.…

Ransomware thieves beware

Why Object First and Veeam tick the box for encryption and immutability Sponsored Feature  You know that a technology problem is serious when the White House holds a summit about it.…

Julian Assange to go free in guilty plea deal with US

WikiLeaks boss already out of Blighty and, if all goes to plan, ultimately off to home in Australia WikiLeaks founder Julian Assange has been freed from prison in the UK after agreeing to plead guilty to just one count of conspiracy to obtain and disclose national defense information,…

America’s best chance for nationwide privacy law could do more harm than good

'Congress has effectively gutted it as part of a backroom deal' Analysis  Introduced in April, the American Privacy Rights Act (APRA) was - in the words of its drafters - "the best opportunity we’ve had in decades to establish a national data privacy and security standard that gives…

Car dealers stuck in the slow lane after cyber woes at software biz CDK

More customers self-reporting to SEC as disruption carries into second week The number of US companies filing Form 8-Ks with the Securities and Exchange Commission (SEC) and referencing embattled car dealership software biz CDK is mounting.…

‘Mirai-like’ botnet observed attacking EOL Zyxel NAS devices

Seems like as good a time as any to upgrade older hardware There are early indications of active attacks targeting end-of-life Zyxel NAS boxes just a few weeks after details of three critical vulnerabilities were made public.…

Britain’s Ministry of Defence accused of wasting £174M on ‘external advice’

Morpheus comms system online by 2025? You must be dreaming The UK government has been accused of blowing £174 million ($220 million) on "external advice" for a new radio system for the armed forces that has been beset by delays and cancelled contracts.…

Levi’s and more affected in pants-dropping week of data breaches

A busy few days for security teams There were data breaches galore in the US last week with various major incidents reported to state attorneys general, some in good time, some not.…

Copyright © 2024 Lugapel