2024

US agencies warn made-in-China drones might help Beijing snoop on the world

It’s a bird, it’s a plane… it’s a flying menace out to endanger national security Two US government agencies, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI), warned on Wednesday that drones made in China could be used to gather information on critical…

JPMorgan exec claims bank repels 45 billion cyberattack attempts per day

Assets boss also reckons she has more engineers than Amazon The largest bank in the United States repels 45 billion – yes, with a B – cyberattack attempts per day, one of its leaders claimed at the World Economic Forum in Davos. …

Future of America’s Cyber Safety Review Board hangs in balance amid calls for rethink

Politics-busting, uber-transparent incident reviews require independence, less internal conflict As the US mulls legislation that would see the Cyber Safety Review Board (CSRB) become a permanent fixture in the government's cyber defense armory, experts are calling for substantial changes in the way it's organized.…

Ransomware attacks hospitalizing security pros, as one admits suicidal feelings

Untold harms of holding the corporate perimeter revealed in extensive series of interviews Ransomware attacks are being linked to a litany of psychological and physical illnesses reported by infosec professionals, and in some cases blamed for hospitalizations.…

Two more Citrix NetScaler bugs exploited in the wild

Just when you thought you had recovered from Bleed Two vulnerabilities in NetScaler's ADC and Gateway products have been fixed – but not before criminals found and exploited them, according to the vendor.…

Google TAG: Kremlin cyber spies move into malware with a custom backdoor

The threat hunters believe COLDRIVER has used SPICA since at least November 2022 Russian cyberspies linked to the Kremlin's Federal Security Service (FSB) are moving beyond their usual credential phishing antics and have developed a custom backdoor that they started delivering via email as far back as November…

Vast botnet hijacks smart TVs for prime-time cybercrime

8-year-old op responsible for DDoS attacks and commandeering broadcasts to push war material Security researchers have pinned a DDoS botnet that's infected potentially millions of smart TVs and set-top boxes to an eight-year-old cybercrime syndicate called Bigpanzi.…

Enter the era of platform-based cloud security

How an integrated platform can streamline the management overhead, improve cloud security and boost threat visibility Sponsored Post  Reports suggest that forward-looking organisations are ditching legacy point-based cloud security offerings and replacing them with more efficient integrated platforms which slash management overheads while significantly improving the app security.…

Insurance website’s buggy API leaked Office 365 password and a giant email trove

Pen-tester accessed more than 650,000 sensitive messages, and still can, at Indian outfit using Toyota SaaS Toyota Tsusho Insurance Broker India (TTIBI), an Indo-Japanese joint insurance venture, operated a misconfigured server that exposed more than 650,000 Microsoft-hosted email messages to customers, a security researcher has found.…

Apple, AMD, Qualcomm GPU security hole lets miscreants snoop on AI training and chats

So much for isolation A design flaw in GPU drivers made by Apple, Qualcomm, AMD, and likely Imagination can be exploited by miscreants on a shared system to snoop on fellow users.…

Copyright © 2024 Lugapel