2024
Infostealer malware, weak password leaves Orange Spain RIPE for plucking
No 2FA or special characters to prevent database takeover and BGP hijack Updated A weak password exposed by infostealer malware is being blamed after a massive outage at Orange Spain disrupted around half of its network's traffic.…
As lawmakers mull outlawing poor security, what can they really do to tackle online gangs?
Headline-grabbing takedowns are nice, but long-term solutions require short-term sacrifices Comment In some ways, the ransomware landscape in 2023 remained unchanged from the way it looked in previous years. Vendor reports continue to show a rise in attacks, major organizations are still getting hit, and the inherent issues…
Three Chinese balloons float near Taiwanese airbase
Also: Remember that balloon over the US last February? It might have used a US internet provider Four Chinese balloons have reportedly floated over the Taiwan Strait, three of them crossing over the island's land mass and near its Ching-Chuan-Kang air base before disappearing, according to the Taiwan's…
Microsoft kills off Windows app installation from the web, again
Unpleasant Christmas package lets malware down the chimney Microsoft has disabled a protocol that allowed the installation of Windows apps after finding that miscreants were abusing the mechanism to install malware.…
Freight giant Estes refuses to deliver ransom, says personal data opened and stolen
Pay up, or just decline to submit One of America's biggest private freight shippers, Estes Express Lines, has told more than 20,000 customers that criminals stole their personal information.…
Atos confirms talks with Airbus over cybersecurity wing sale
IT service company's latest move to clear its maturing debts French IT services provider Atos has entered talks with Airbus to sell its tech security division in an effort to ease its financial burdens.…
Copy that? Xerox confirms ‘security incident’ at subsidiary
Company’s removal from ransomware gang’s leak blog could mean negotiations underway Xerox has officially confirmed that a cyber baddie broke into the systems of its US subsidiary - a week after INC Ransom claimed to have exfiltrated data from the copier and print giant.…
Formal ban on ransomware payments? Asking orgs nicely to not cough up ain’t working
With the average demand hitting $1.5 million, something's gotta change Emsisoft has called for a complete ban on ransom payments following another record-breaking year of digital extortion.…
Google password resets not enough to stop these info-stealing malware strains
Now every miscreant is jumping on Big G's OAuth account security hole Security researchers say info-stealing malware can still access victims' compromised Google accounts even after passwords have been changed.…