lugapelsiteadmin
North Korea targets crypto developers via NPM supply chain attack
Yet another cash grab from Kim's cronies and an intel update from Microsoft North Korea has changed tack: its latest campaign targets the NPM registry and owners of Exodus and Atomic cryptocurrency wallets.…
Mysterious Palo Alto firewall reboots? You’re not alone
Limited-edition hotfix to get wider release before end of month Administrators of Palo Alto Networks' firewalls have complained the equipment falls over unexpectedly, and while a fix has bee prepared, it's not yet generally available.…
Have I Been Pwned likely to ban resellers from buying subs, citing ‘sh*tty behavior’ and onerous support requests
‘What are customers actually getting from resellers other than massive price markups?’ asks Troy Hunt Troy Hunt, proprietor of data breach lookup site Have I Been Pwned, is likely to ban resellers from the service.…
Feds want devs to stop coding ‘unforgivable’ buffer overflow vulnerabilities
FBI, CISA harrumph at Microsoft and VMware in call for coders to quit baking avoidable defects into stuff US authorities have labelled buffer overflow vulnerabilities "unforgivable defects”, pointed to the presence of the holes in products from the likes of Microsoft and VMware, and urged all software developers…
Russia’s Sandworm caught snarfing credentials, data from American and Brit orgs
'Near-global' initial access campaign active since 2021 An initial-access subgroup of Russia's Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing credentials and data from "a limited number of organizations," according to Microsoft.…
Crimelords and spies for rogue states are working together, says Google
Only lawmakers can stop them. Plus: software needs to be more secure, but what's in it for us? Google says the the world's lawmakers must take action against the increasing links between criminal and state-sponsored cyber activity.…
February’s Patch Tuesday sees Microsoft offer just 63 fixes
Don't relax just yet: Redmond has made some certificate-handling changes that could trip unprepared admins Patch Tuesday Microsoft’s February patch collection is mercifully smaller than January’s mega-dump. But don't get too relaxed – some deserve close attention, and other vendors have stepped in with plenty more fixes.…
Probe finds US Coast Guard has left maritime cybersecurity adrift
Numerous systemic vulnerabilities could scuttle $5.4T industry Despite the escalating cyber threats targeting America's maritime transportation system, the US Coast Guard still lacks a comprehensive strategy to secure this critical infrastructure - nor does it have reliable access to data on cybersecurity vulnerabilities and past attacks, the Government…
Yup, AMD’s Elba and Giglio definitely sound like they work corporate security
Which is why Cisco is adding these Pensando DPUs to more switches Cisco is cramming into more of its switches Pensando data processing units (DPUs) from AMD, which will be dedicated to handling security, storage, and other tasks.…
Man who SIM-swapped the SEC’s X account pleads guilty
Said to have asked search engine 'What are some signs that the FBI is after you?' An Alabama man is pleading guilty after being charged with SIM swapping the Securities and Exchange Commission's (SEC) X account in January last year.…