Blog

It’s 2024 and we’re just getting round to stopping browsers insecurely accessing 0.0.0.0

Can't reach someone's private server on localhost from outside? No problem A years-old security oversight has been addressed in basically all web browsers – Chromium-based browsers, including Microsoft Edge and Google Chrome, WebKit browsers like Apple's Safari, and Mozilla's Firefox.…

Hello? Are you talking on a Cisco SPA300 or SPA500 IP phone? Now’s the time to junk ’em

Multiple critical flaws found and they won't be fixed A boffin from British defence contractor BAE has found three critical flaws in Cisco's Small Business SPA300 and SPA500 IP phones – and another couple of nasties – none of which will be fixed or mitigated.…

Delta: CrowdStrike’s offer to help in Falcon meltdown was too little, too late

Airline unimpressed with 'unhelpful and untimely' phone call from CEO, Falcon maker says claims untrue Delta Air Lines has come out swinging at CrowdStrike in a letter accusing the security giant of trying to "shift the blame" for the IT meltdown caused by its software – and that…

Using 1Password on Mac? Patch up if you don’t want your Vaults raided

Hundreds of thousands of users potentially vulnerable Password manager 1Password is warning that all Mac users running versions before 8.10.36 are vulnerable to a bug that allows attackers to steal vault items.…

US elections have never been more secure, says CISA chief

Election tech is fine – it's all those idiots buying into the propaganda that's worrying Jen Easterly Black Hat  US Cybersecurity and Infrastructure Security Agency (CISA) director Jen Easterly and her counterparts from the UK and EU want the world to know that, when it comes to securing…

Report: Tech misconceptions plague the IT world

Just snapping the webcam shutter closed won't keep a user safe online New research shows that while many Brits will snap shut a laptop camera in the name of privacy, a worrying amount will just as happily shovel all manner of personal information into an online game in…

Entrust faces years of groveling to regain browsers’ trust, say rival chiefs

Sectigo bosses claim it's only a matter of time before Microsoft and Apple drop Big E from their root stores too After falling down in the estimations of major browser makers Google and Mozilla, Entrust faces a lengthy fight on its hands to regain industry trust and once…

Cloud storage lockers from Microsoft and Google used to store and spread state-sponsored malware

Why run your own evil infrastructure when Big Tech offers robust tools hosted at trusted URLs? Black Hat  State-sponsored cyber spies and criminals are increasingly using legitimate cloud services to attack their victims, according to Symantec's threat hunters who have spotted three such operations over recent months, plus…

Faulty instructions in Alibaba’s T-Head C910 RISC-V CPUs blow away all security

Let's get physical, physical ... I don't wanna hear your MMU talk Black Hat  Computer security researchers at the CISPA Helmholtz Center for Information Security in Germany have found serious security flaws in some of Alibaba subsidiary T-Head Semiconductor's RISC-V processors.…

Fighting AI fire with AI fire

Palo Alto Networks reveals how AI can be harnessed to strengthen cyber security defenses David Gordon Sponsored Post  Hackers and cyber criminals are busy finding new ways of using AI to launch attacks on businesses and organizations often unprepared to deal with the speed, scale and sophistication of…

Copyright © 2024 Lugapel