lugapelsiteadmin

Windows Patch Tuesday hits snag with Citrix software, workarounds published

Microsoft starts 2025 as it hopefully doesn't mean to go on Devices that have Citrix's Session Recording software installed are having problems completing this month's Microsoft Patch Tuesday update, which includes important fixes.…

Crypto klepto North Korea stole $659M over just 5 heists last year

US, Japan, South Korea vow to intensify counter efforts North Korean blockchain bandits stole more than half a billion dollars in cryptocurrency in 2024 alone, the US, Japan, and South Korea say.…

Microsoft fixes under-attack privilege-escalation holes in Hyper-V

Plus: Excel hell, angst for Adobe fans, and life's too Snort for Cisco Patch Tuesday  The first Patch Tuesday of 2025 has seen Microsoft address three under-attack privilege-escalation flaws in its Hyper-V hypervisor, plus plenty more problems that deserve your attention.…

FBI wipes Chinese PlugX malware from thousands of Windows PCs in America

Hey, Xi: Zài jiàn! The FBI, working with French cops, obtained nine warrants to remotely wipe PlugX malware from thousands of Windows-based computers that had been infected by Chinese government-backed criminals, according to newly unsealed court documents.…

Snyk appears to deploy ‘malicious’ packages targeting Cursor for unknown reason

Packages removed, vendor said to have apologized to AI code editor as onlookers say it could have been a test Updated  Developer security company Snyk is at the center of allegations concerning the possible targeting or testing of Cursor, an AI code editor company, using "malicious" packages uploaded…

Azure and M365 MFA outage locks out users across regions

It's sorted out (mostly), but European users had a manic Monday Microsoft's multi-factor authentication (MFA) for Azure and Microsoft 365 (M365) was offline for four hours during Monday's busy start for European subscribers.…

NATO’s newest member comes out swinging following latest Baltic Sea cable attack

'Sweden has changed,' PM warns as trio of warships join defense efforts Sweden has committed to sending naval forces into the Baltic Sea following yet another suspected Russian attack on underwater cables in the region.…

Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days

'Codefinger' crims on the hunt for compromised keys A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant's own server-side encryption with customer provided keys (SSE-C) to lock up victims' data before demanding a ransom payment for the symmetric AES-256 keys required to…

Nominet probes network intrusion linked to Ivanti zero-day exploit

Unauthorized activity detected, but no backdoors found Exclusive  UK domain registry Nominet is investigating a potential intrusion into its network related to the latest Ivanti zero-day exploits.…

Europe coughs up €400 to punter after breaking its own GDPR data protection rules

PLUS: Data broker leak reveals extent of info trading; Hot new ransomware gang might be all AI, no bark; and more Infosec in brief  Gravy Analytics, a vendor of location intelligence info for marketers which reached a settlement with US authorities last year over its alleged unlawful sale…

Copyright © 2024 Lugapel