lugapelsiteadmin

Romanian hospital ransomware crisis attributed to third-party breach

Emergency impacting more than 100 facilities appears to be caused by incident at software provider The Romanian national cybersecurity agency (DNSC) has pinned the outbreak of ransomware cases across the country's hospitals to an incident at a service provider.…

Southern Water cyberattack expected to hit hundreds of thousands of customers

The company also curiously disappears from Black Basta leak site UK utilities giant Southern Water admits between 5 and 10 percent of its customers have had their data stolen during a January cyberattack.…

Bumblebee malware wakes from hibernation, forgets what year it is, attacks with macros

Trying to break in with malicious Word documents? How very 2015 of you The Bumblebee malware loader seemingly vanished from the internet last October, but it's back and - oddly - relying on a vintage vector to try and gain access.…

Australian Tax Office probed 150 staff over social media refund scam

$1.3 billion lost as identity fraud – and greed – saw 57,000 or more seek unearned tax refunds One hundred and fifty people who worked for the Australian Taxation Office (ATO) have been investigated – and some prosecuted – for participating in a tax refund scam promoted on…

Crims found and exploited these two Microsoft bugs before Redmond fixed ’em

SAP, Adobe, Intel, AMD also issue fixes as well as Google for Android Patch Tuesday  Microsoft fixed 73 security holes in this February's Patch Tuesday, and you better get moving because two of the vulnerabilities are under active attack.…

Just one bad DNS packet can bring down a public DNSSEC server

'You don't have to do more than that to disconnect an entire network' El Reg told as patches emerge A 20-plus-year-old security vulnerability in the design of DNSSEC could allow a single DNS packet to exhaust the processing capacity of any server offering the system for domain-name resolution,…

QNAP vulnerability disclosure ends up an utter shambles

Two new flaws, one zero-day, countless different patches, but everything's fine! Network-attached storage (NAS) specialist QNAP has disclosed and released fixes for two new vulnerabilities, one of them a zero-day discovered in early November.…

ALPHV blackmails Canadian pipeline after ‘stealing 190GB of vital info’

Gang still going after critical infrastructure because it's, you know, critical Updated  Canada's Trans-Northern Pipelines has allegedly been infiltrated by the ALPHV/BlackCat ransomware crew, which claims to have stolen 190 GB of data from the oil distributor.…

Crooks hook hundreds of exec accounts after phishing in Azure C-suite pond

Plenty of successful attacks observed with dangerous follow-on activity The number of senior business executives stymied by an ongoing phishing campaign continues to rise with cybercriminals registering hundreds of cloud account takeovers (ATOs) since spinning it up in November.…

Meta says risk of account theft after phone number recycling isn’t its problem to solve

Leaves it to carriers, promoting a complaint to Irish data cops from Big Tech's bête noire Meta has acknowledged that phone number reuse that allows takeovers of its accounts "is a concern," but the ad biz insists the issue doesn't qualify for its bug bounty program and is…

Copyright © 2024 Lugapel