Blog

UK telco TalkTalk confirms probe into alleged data grab underway

Spinner says crim's claims 'very significantly overstated' UK broadband and TV provider TalkTalk says it's currently investigating claims made on cybercrime forums alleging data from the company was up for grabs.…

AI chatbot startup founder, lawyer wife accused of ripping off investors in $60M fraud

GameOn? It's looking more like game over for that biz The co-founder and former CEO of AI startup GameOn is in a pickle. After exiting the top job last year under a cloud, he's now in court – along with his wife – for allegedly bilking his company…

Don’t want your Kubernetes Windows nodes hijacked? Patch this hole now

SYSTEM-level command injection via API parameter *chef's kiss* A now-fixed command-injection bug in Kubernetes can be exploited by a remote attacker to gain code execution with SYSTEM privileges on all Windows endpoints in a cluster, and thus fully take over those systems, according to Akamai researcher Tomer Peled.…

North Korean dev who renamed himself ‘Bane’ accused of IT worker fraud scheme

5 indicted as FBI warns North Korea dials up aggression, plus Russian devs allegedly get in on the act The US is indicting yet another five suspects it believes were involved in North Korea's long-running, fraudulent remote IT worker scheme – including one who changed their last name…

China and friends claim success in push to stamp out tech support cyber-scam slave camps

Paint a target on Myanmar, pledge more info-sharing to get the job done A group established by six Asian nations to fight criminal cyber-scam slave camps that infest the region claims it’s made good progress dismantling the operations.…

Court rules FISA Section 702 surveillance of US resident was unconstitutional

'Public interest alone does not justify warrantless querying' says judge It was revealed this week a court in New York made a landmark ruling that sided against the warrantless state surveillance of people's private communications in America.…

One of Salt Typhoon’s favorite flaws still wide open on 91% of at-risk Exchange Servers

But we mean, you've had nearly four years to patch One of the critical security flaws exploited by China's Salt Typhoon to breach US telecom and government networks has had a patch available for nearly four years - yet despite repeated warnings from law enforcement and private-sector security…

SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix

Big organizations and governments are main users of these gateways SonicWall is warning customers of a critical vulnerability that was potentially already exploited as a zero-day.…

Meta’s pay-or-consent model under fire from EU consumer group

Company 'strongly disagrees' with law infringement allegations Meta has again come under fire for its pay-or-consent model in the EU.…

FortiGate config leaks: Victims’ email addresses published online

Experts warn not to take leaks lightly as years-long compromises could remain undetected Thousands of email addresses included in the Belsen Group's dump of FortiGate configs last week are now available online, revealing which organizations may have been impacted by the 2022 zero-day exploits.…

Copyright © 2024 Lugapel