lugapelsiteadmin
Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit
Yank access to management interface, stat A critical zero-day vulnerability in Palo Alto Networks' firewall management interface that can allow an unauthenticated attacker to remotely execute code is now officially under active exploitation.…
Simplifying endpoint security
Discover unified strategies to secure and manage all endpoints across your organization Webinar As organizations expand their digital footprint, the range of endpoints - spanning from laptops to IoT devices - continues to grow.…
Bitfinex burglar bags 5 years behind bars for Bitcoin heist
A nervous wait for rapper wife who also faces a stint in the clink The US is sending the main figure behind the 2016 intrusion at crypto exchange Bitfinex to prison for five years after he stole close to 120,000 Bitcoin.…
Microsoft Power Pages misconfigurations exposing sensitive data
NHS supplier that leaked employee info fell victim to fiddly access controls that can leave databases dangling online Private businesses and public-sector organizations are unwittingly exposing millions of people's sensitive information to the public internet because they misconfigure Microsoft’s Power Pages website creation problem.…
Fortinet patches VPN app flaw that could give rogue users, malware a privilege boost
Plus a bonus hard-coded local API key A now-patched, high-severity bug in Fortinet's FortiClient VPN application potentially allows a low-privilege rogue user or malware on a vulnerable Windows system to gain higher privileges from another user, execute code and possibly take over the box, and delete log files.…
Cybercriminal devoid of boundaries gets 10-year prison sentence
Serial extortionist of medical facilities stooped to cavernous lows in search of small payouts A rampant cybercrook and repeat attacker of medical facilities in the US is being sentenced to a decade in prison, around seven years after the first of his many crimes.…
Kids’ shoemaker Start-Rite trips over security again, spilling customer card info
Full details exposed, putting shoppers at serious risk of fraud Updated Children's shoemaker Start-Rite is dealing with a nasty "security incident" involving customer payment card details, its second significant lapse during the past eight years.…
NatWest blocks bevy of apps in clampdown on unmonitorable comms
From guidance to firm action... no more WhatsApp, Meta's Messenger, Signal, Telegram and more The full list of messaging apps officially blocked by Brit banking and insurance giant NatWest Group is more extensive than WhatsApp, Meta's Messenger, and Skype – as first reported.…
Asda security chief replaced, retailer sheds jobs during Walmart tech divorce
British grocer's workers called back to office as clock ticks for contractors The head of tech security at Asda, the UK's third-largest food retailer, has left amid an ongoing tech divorce from US grocery giant Walmart.…
Five Eyes infosec agencies list 2024’s most exploited software flaws
Slack patching remains a problem – which is worrying as crooks increasingly target zero-day vulns The cyber security agencies of the UK, US, Canada, Australia, and New Zealand have issued their annual list of the 15 most exploited vulnerabilities, and warned that attacks on zero-day exploits have become…