lugapelsiteadmin

Here’s what we know about the DragonForce ransomware that hit Marks & Spencer

Would you believe it, this RaaS cartel says Russia is off limits DragonForce, a new-ish ransomware-as-a-service operation, has given organizations another cyber threat to worry about — unless they’re in Russia, which is off limits to the would-be extortionists.…

Uncle Sam pulls $2.4B Leidos deal to support CISA after rival alleges foul play

Nightwing claims insider intel helped secure lucrative CISA work but US says decision is unrelated The Department of Homeland Security (DHS) scrapped a highly lucrative cybersecurity contract originally awarded to Leidos following a legal challenge from rival bidder Nightwing, yet insists the pushback had nothing to do with…

Ivanti patches two zero-days under active attack as intel agency warns customers

Vendor says vulns are linked with 2 mystery open source libraries integrated into EPMM product Australia's intelligence agency is warning organizations about several new Ivanti zero-days chained for remote code execution (RCE) attacks. The vendor itself has said the vulns are linked to two mystery open source libraries…

Meta’s still violating GDPR rules with latest plan to train AI on EU user data, says noyb

'Legitimate interest' won't wash, says privacy outfit, as Zuck's org claims activists want to 'delay AI innovation' There's a Max Schrems-shaped object standing in the way of Meta's plans to train its AI on the data of its European users, and he's come armed with several justifications for…

VPN Secure parent company CEO explains why he had to axe thousands of ‘lifetime’ deals

Admits due diligence fell short - furious users cry ‘gaslighting’ Customers are blasting VPN Secure's new parent company after it abruptly axed thousands of "lifetime" accounts. The reason? The CEO admits in an interview with The Register that his team didn't dig deep enough before acquiring the virtual…

Go ahead and ignore Patch Tuesday – it might improve your security

No rush, according to Gartner chap who says: 'Nobody has ever out-patched threat actors at scale' Patch Tuesday has rolled around again, but if you don't rush to implement the feast of fixes it delivered, your security won't be any worse off in the short term – and…

Commvault fixes critical Command Center issue after flaw finder alert

Pay-to-play security on CVSS 10 issue is now fixed An update that fixed a critical flaw in data protection biz Commvault's Command Center was initially not available to a significant user subset – those testing out a free trial version of the product. That is, until a security…

‘We still have embeds in CISA’: CTO of Brit cyber agency talks post-Trump relationship with US counterpart

Both agencies seem unbothered despite tech world's clear concerns for US infoseccers CYBERUK  The top brass from the UK's cyber agency say everything is business as usual when it comes to the GCHQ arm's relationship with CISA, amid growing unease about the current administration's treatment of its US…

Marks & Spencer admits cybercrooks made off with customer info

Market cap down by more than £1B since April 22 Marks & Spencer has confirmed that customer data was stolen as part of its cyberattack, fueling conjecture that ransomware was involved.…

As US vuln-tracking falters, EU enters with its own security bug database

EUVD comes into play not a moment too soon The European Vulnerability Database (EUVD) is now fully operational, offering a streamlined platform to monitor critical and actively exploited security flaws amid the US struggles with budget cuts, delayed disclosures, and confusion around the future of its own tracking…

Copyright © 2024 Lugapel