2025

Freshly discovered bug in OpenPGP.js undermines whole point of encrypted comms

Update before that proof-of-concept comes to bite Security researchers are sounding the alarm over a fresh flaw in the JavaScript implementation of OpenPGP (OpenPGP.js) that allows both signed and encrypted messages to be spoofed.…

Ransomware attack on food distributor spells more pain for UK supermarkets

Peter Green Chilled supplies all the major UK chains It's more bad news for UK supermarkets with chilled and frozen food distribution business Peter Green Chilled confirming a ransomware attack with customers.…

Virgin Media O2 patches hole that let callers snoop on your coordinates

Researcher finds VoLTE metadata could be used to locate users within 100 meters UK telco Virgin Media O2 has fixed an issue with its 4G Calling feature that allowed users' general location to be discerned by those who called them.…

CISA has a new No. 2 … but still no official top dog

Brain drain, budget cuts, constant cyberthreats - who wouldn't want this job? The US Cybersecurity and Infrastructure Security Agency (CISA) has a new No. 2: Madhu Gottumukkala, stepping in as the nation's lead civilian cyber agency faces budget cuts, a brain drain, and the never-ending task of defending…

SEC SIM-swapper who Googled ‘signs that the FBI is after you’ put behind bars

Proving yet again that crims are bad at search hygiene An Alabama man who SIM-swapped his way into the SEC's official X account, enabling a fake ETF announcement that briefly pumped Bitcoin, has been sentenced to 14 months in prison and three years of supervised release.…

Millions at risk after attackers steal UK legal aid data dating back 15 years

Cybercriminals lifted info including addresses, ID numbers, and financial records from agency systems A "significant amount of personal data" belonging to legal aid applicants dating back to 2010 in the UK was stolen by cybercriminals, the Ministry of Justice (MoJ) confirmed today.…

IT chiefs of UK’s massive health service urge vendors to make public security pledge

Enormous org has been hit by ransomware again and again, on multiple fronts, over the past year Top cybersecurity officials within the UK government and the National Health Service (NHS) are asking CEOs of tech suppliers to pledge their allegiance to sound security by signing a public charter.…

Boffins devise technique that lets users prove location without giving it away

ZKLP system allows apps to confirm user presence in a region without exposing exactly where Computer scientists from universities in Germany, Hong Kong, and the United Kingdom have proposed a way to provide verifiable claims about location data without surrendering privacy.…

Fired US govt workers, Uncle Xi wants you! – to apply for this fake consulting gig

Phony LinkedIn recruitment ads? Groundbreaking Chinese government snoops - hiding behind the guise of fake consulting companies - are actively trying to recruit the thousands upon thousands of US federal employees who have been fired since President Trump took office.…

America’s consumer watchdog drops leash on proposed data broker crackdown

Crooks must be licking their lips at the possibilities Uncle Sam's consumer watchdog has scrapped plans to implement Biden-era rules that would've treated certain data brokers as credit bureaus, forcing them to follow stricter laws when flogging Americans' sensitive data.…

Copyright © 2024 Lugapel