lugapelsiteadmin
Russians invade Microsoft exec mail while China jabs at VMware vCenter Server
Plus: Uncle Sam says Ivanti exploits 'consistent with PRC' snoops A VMware security vulnerability has been exploited by Chinese cyberspies since late 2021, according to Mandiant, in what has been a busy week for nation-state espionage news.…
Five ripped off IT giant with $7M+ in bogus work expenses, prosecutors claim
Account manager and pals blew it on hotels, cruise, fancy meals and more allegedly Five people have been accused of pulling off a "brazen" scam that involved submitting more than $7 million in fake work expense claims to an IT consultancy to bankroll hotel stays, a cruise, visits…
Thieves steal 35.5M customers’ data from Vans sneakers maker
But what kind of info was actually compromised? None of your business VF Corporation, parent company of clothes and footwear brands including Vans and North Face, says 35.5 million customers were impacted in some way when criminals broke into their systems in December.…
IT consultant fined for daring to expose shoddy security
Spotting a plaintext password and using it in research without authorization deemed a crime A security researcher in Germany has been fined €3,000 ($3,300, £2,600) for finding and reporting an e-commerce database vulnerability that was exposing almost 700,000 customer records.…
US agencies warn made-in-China drones might help Beijing snoop on the world
It’s a bird, it’s a plane… it’s a flying menace out to endanger national security Two US government agencies, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI), warned on Wednesday that drones made in China could be used to gather information on critical…
JPMorgan exec claims bank repels 45 billion cyberattack attempts per day
Assets boss also reckons she has more engineers than Amazon The largest bank in the United States repels 45 billion – yes, with a B – cyberattack attempts per day, one of its leaders claimed at the World Economic Forum in Davos. …
Future of America’s Cyber Safety Review Board hangs in balance amid calls for rethink
Politics-busting, uber-transparent incident reviews require independence, less internal conflict As the US mulls legislation that would see the Cyber Safety Review Board (CSRB) become a permanent fixture in the government's cyber defense armory, experts are calling for substantial changes in the way it's organized.…
Ransomware attacks hospitalizing security pros, as one admits suicidal feelings
Untold harms of holding the corporate perimeter revealed in extensive series of interviews Ransomware attacks are being linked to a litany of psychological and physical illnesses reported by infosec professionals, and in some cases blamed for hospitalizations.…
Two more Citrix NetScaler bugs exploited in the wild
Just when you thought you had recovered from Bleed Two vulnerabilities in NetScaler's ADC and Gateway products have been fixed – but not before criminals found and exploited them, according to the vendor.…
Google TAG: Kremlin cyber spies move into malware with a custom backdoor
The threat hunters believe COLDRIVER has used SPICA since at least November 2022 Russian cyberspies linked to the Kremlin's Federal Security Service (FSB) are moving beyond their usual credential phishing antics and have developed a custom backdoor that they started delivering via email as far back as November…