Cybersecurity

Recall the Recall recall? Microsoft thinks it can make that Windows feature palatable

AI screengrab service to be opt-in, features encryption, biometrics, enclaves, more Microsoft has revised the Recall feature for its Copilot+ PCs and insists that the self-surveillance system is secure.…

That doomsday critical Linux bug: It’s CUPS. May lead to remote hijacking of devices

No patches yet, can be mitigated, requires user interaction Final update  After days of anticipation, what was billed as one or more critical unauthenticated remote-code execution vulnerabilities in all Linux systems was today finally revealed.…

Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud

Defenders beware: Data theft, extortion, and backdoors on Storm-0501's agenda Microsoft's latest threat intelligence blog issues a warning to all organizations about Storm-0501's recent shift in tactics, targeting, and backdooring hybrid cloud environments.…

Patch now: Critical Nvidia bug allows container escape, complete host takeover

33% of cloud environments using the toolkit impacted, we're told A critical bug in Nvidia's widely used Container Toolkit could allow a rogue user or software to escape their containers and ultimately take complete control of the underlying host.…

HPE patches three critical security holes in Aruba PAPI

More 9.8 bugs? Ay, papi! Aruba access points running AOS-8 and AOS-10 need to be patched urgently after HPE emitted fixes for three critical flaws in its networking subsidiary's networking access points.…

Doomsday ‘9.9 RCE bug’ could hit every Linux system

No fix yet plus criticalness plus uncertainty plus talk of example exploit equals nightmare Details about an as-yet-non-public critical 9.9-out-of-10-severity unauthenticated remote-code execution vulnerability affecting all GNU/Linux systems could be revealed today.…

Securing intellectual property in AI-powered enterprises

Protect your enterprise data while leveraging AI models Webinar  As organizations adopt AI technologies, safeguarding private intellectual property (IP) has become more challenging.…

Victims lose $70k to one single wallet-draining app on Google’s Play Store

Attackers got 10k people to download 'trusted' web3 brand cheat before Mountain View intervened The latest in a long line of cryptocurrency wallet-draining attacks has stolen $70,000 from people who downloaded a dodgy app in a single campaign researchers describe as a world-first.…

Public Wi-Fi operator investigating cyberattack at UK’s busiest train stations

See it, say it… not sorted just yet as network access remains offline Updated  A cybersecurity incident is being probed at Network Rail, the UK non-departmental public body responsible for repairing and developing train infrastructure, after unsavory messaging was displayed to those connecting to major stations' free Wi-Fi…

UK government’s bank data sharing plan slammed as ‘financial snoopers’ charter’

Access to account info needed to tackle benefit fraud, latest bill claims Privacy campaigners are criticizing UK proposals to force banks to share data from the accounts of government benefit claimants, saying the ploy amounts to "a financial snoopers' charter targeted to automate suspicion."…

Copyright © 2024 Lugapel