Blog

Citrix goes shopping in Europe and returns with gifts for security-conscious customers

Acquires two companies that help those on the nice list keep naughty list types at bay Citrix has gone on a European shopping trip, and come home with its bag of gifts bulging thanks to a pair of major buys: infosec outfits deviceTRUST and Strong Network.…

Three more vulns spotted in Ivanti CSA, all critical, one 10/10

Patch up, everyone – that admin portal is mighty attractive to your friendly cyberattacker Ivanti just put out a security advisory warning of three critical vulnerabilities in its Cloud Services Application (CSA), including a perfect 10.…

US names Chinese national it alleges was behind 2020 attack on Sophos firewalls

Also sanctions his employer – an outfit called Sichuan Silence linked to Ragnarok ransomware The US Departments of Treasury and Justice have named a Chinese business and one of its employees as the actors behind the 2020 exploit of a zero-day flaw in Sophos firewalls…

Microsoft holds last Patch Tuesday of the year with 72 gifts for admins

Twas the night before Christmas, and all through the house, patching was done with the click of a mouse Patch Tuesday  Microsoft hasn't added too much coal to the stocking this Patch Tuesday, with just 72 fixes, only one of which scored more than nine on the CVSS…

US military grounds entire Osprey tiltrotor fleet over safety concerns

Boeing-Bell V-22 can't outfly its checkered past, it seems The US Navy, Air Force, and Marine Corps have grounded their fleet of Boeing-Bell-made Osprey V-22s on safety grounds.…

AMD secure VM tech undone by DRAM meddling

Boffins devise BadRAM attack to pilfer secrets from SEV-SNP encrypted memory Researchers have found that the security mechanism AMD uses to protect virtual machine memory can be bypassed with $10 of hardware – and perhaps not even that.…

Fully patched Cleo products under renewed ‘zero-day-ish’ mass attack

Thousands of servers targeted while customers wait for patches Researchers at security shop Huntress are seeing mass exploitation of a vulnerability affecting three Cleo file management products, even on patched systems.…

Heart surgery device maker’s security bypassed, data encrypted and stolen

Sounds like th-aorta get this sorted quickly A manufacturer of devices used in heart surgeries says it's dealing with "a cybersecurity incident" that bears all the hallmarks of a ransomware attack.…

Bitfinex heist gets the Netflix treatment after ‘cringey couple’ sentenced

Streamer's trademark dramatic style takes on Bitcoin Bonnie and Clyde A documentary examining the 2016 Bitfinex burglars hits Netflix, bringing the curious case to living rooms for the first time.…

WhatsApp finally fixes View Once flaw that allowed theft of supposedly vanishing pics

And it only took four months, tut WhatsApp has fixed a problem with its View Once feature, designed to protect people's privacy with automatically disappearing pictures and videos.…

Copyright © 2024 Lugapel