lugapelsiteadmin
Public sector cyber break-ins: Our money, our lives, our right to know
Is that a walrus in your server logs, or aren't you pleased to see me? Opinion At the start of September, Transport for London was hit by a major cyber attack. TfL is the public body that moves many of London's human bodies to and from work and…
Six IT contractors accused of swindling Uncle Sam out of millions
Also, ecommerce fraud ring disrupted, another Operation Power Off victory, Sino SOHO botnet spotted, and more Security in brief The US Department of Justice has charged six people with two separate schemes to defraud Uncle Sam out of millions of dollars connected to IT product and services contracts. …
Financial institutions told to get their house in order before the next CrowdStrike strikes
Calls for improvements will soon turn into demands when new rules come into force The UK's finance regulator is urging all institutions under its remit to better prepare for IT meltdowns like that of CrowdStrike in July.…
UK councils bat away DDoS barrage from pro-Russia keyboard warriors
Local authority websites downed in response to renewed support for Ukraine Multiple UK councils had their websites either knocked offline or were inaccessible to residents this week after pro-Russia cyber nuisances added them to a daily target list.…
Hack Nintendo’s alarm clock to show cat pics? Let’s-a-go!
How 'Gary' defeated Bowser broke into the interactive alarm clock A hacker who uses the handle GaryOderNichts has found a way to break into Nintendo's recently launched Alarmo clock, and run code on the device.…
Gang gobbles 15K credentials from cloud and email providers’ garbage Git configs
Emeraldwhale looked sharp – until it made a common S3 bucket mistake A criminal operation dubbed Emeraldwhale has been discovered after it dumped more than 15,000 credentials belonging to cloud service and email providers in an open AWS S3 bucket, according to security researchers.…
LottieFiles supply chain attack exposes users to malicious crypto wallet drainer
A scary few Halloween hours for team behind hugely popular web plugin LottieFiles is overcoming something of a Halloween fright after battling to regain control of a compromised developer account that was used to exploit users' crypto wallets.…
Tower PC case used as ‘creative cavity’ by drug importer
Motherboard missing, leaving space for a million hits of meth Australian police have arrested a man after finding he imported what appear to be tower PC cases that were full of illicit drugs.…
Chinese attackers accessed Canadian government networks – for five years
India makes it onto list of likely threats for the first time A report by Canada's Communications Security Establishment (CSE) revealed that state-backed actors have collected valuable information from government networks for five years.…
Windows Themes zero-day bug exposes users to NTLM credential theft
Plus a free micropatch until Redmond fixes the flaw There's a Windows Themes spoofing zero-day bug on the loose that allows attackers to steal people's NTLM credentials.…