Just doesn't believe it will sort out the mess that saw data leak from LINE messaging app Japan's government has considered the proposed security improvements developed by Yahoo !, found them wanting, and ordered the onetime web giant to take new measures.... [...]
Japan's Hoya also makes components for chips, displays, and hard disks, and has spent four days groping for a fix If ever there was an incident that brings the need for good infosec into sharp focus, this is the one: Japan's Hoya – a maker of eyeglass and contact lenses …
CISA calls for 'fundamental, security-focused reforms' to happen ASAP, delaying work on other software A review of the June 2023 attack on Microsoft's Exchange Online hosted email service – which saw accounts used by senior US officials compromised by a China-linked group called "Storm-0558" – has found that the incident would …
Reveals 2021 incident that saw parliamentary agencies briefly probed The government of South Pacific island nation New Zealand has revealed that it, too, has been attacked by China.... [...]
United Nations finds IT contract and crypto scams are just two of DPRK's illicit menu items If you dine out at an Asian restaurant on your next holiday, the United Nations thinks your meal could help North Korea to launder money.... [...]
New infostealer may indicate a shift in tactics – and maybe targets too, beyond Asia North Korea's notorious Kimsuky cyber crime gang has commenced a campaign using fresh tactics, according to infosec tools vendor Rapid7.... [...]
Also down under, researchers find security-cleared workers leaking details of their gigs An Australian IT contractor has been sentenced to 30 months jail for ripping off the National Maritime Museum.... [...]
But failing to recover from incidents is unforgivable because 'adrenalin does not scale' Zero tolerance of failure by information security professionals is unrealistic, and makes it harder for cyber security folk to do the essential part of their job: recovering fast from inevitable attacks, according to Gartner analysts Chris …
Bill proposes to do to China what China already does to the US – make life hard for foreign social networks The United States House of Representatives on Wednesday passed the Protecting Americans from Foreign Adversary Controlled Applications Act – a law aimed at forcing TikTok's Chinese parent ByteDance to sell …
Russia and Sudan top the list of suspects Several French government websites have been disrupted by a severe distributed denial of service attack.... [...]
Critical vulns in USB under ESXi and desktop hypervisors found by Chinese researchers at cracking contest Hypervisors are supposed to provide an inviolable isolation layer between virtual machines and hardware. But hypervisor heavyweight VMware by Broadcom yesterday revealed its hypervisors are not quite so inviolable as it might like …
Moonlighted for two PRC companies after side-stepping Big G's security The US Department of Justice on Wednesday revealed an indictment that charges a former Google employee with leaking the ad giant’s AI tech to two Chinese companies – after easily defeating the Big G’s security controls.... [...]
Government mighty displeased about a shared Active Directory that led to a big data leak Japan's government has ordered local tech giants LINE and NAVER to disentangle their tech stacks, after a data breach saw over 510,000 users' data exposed.... [...]
Tried to speed boot times, maybe by messing with 'Windows source code', ended up building a viral on-ramp Chinese PC maker Acemagic has admitted some of its products shipped with pre-installed malware.... [...]
And accuses a former Australian politician of having 'sold out their country' The director general of security at Australia's Security Intelligence Organisation (ASIO) has delivered his annual threat assessment, revealing ongoing attempts by adversaries to map digital infrastructure with a view to disrupting important services at delicate moments.... [...]
Non-techies told to master firmware upgrades and firewall rules. For the infosec hardheads: have some IOCs Authorities from eleven nations have delivered a sequel to the January takedown of a botnet run by Russia on compromised Ubiquiti Edge OS routers – in the form of a warning that Russia may …
First integration across properties, as end user compute division readies to leave home Broadcom has delivered on its 2023 teaser of integration between VMware's SD-WAN and Symantec's Security Service Edge, by today debuting the "VMware VeloCloud SASE, Secured by Symantec" at Mobile World Congress in Barcelona.... [...]
Scammers' tactics are tiresomely familiar: get-rich-quick schemes and data harvesting China's Ministry of Industry and Information Technology has warned local netizens that fake wallet apps for the nation's central bank digital currency (CBDC) are already circulating and being abused by scammers.... [...]
Trove reveals RATs that can pop major OSes, campaigns against offshore and local targets A cache of stolen documents posted to GitHub appears to reveal how a Chinese infosec vendor named I-Soon offers rent-a-hacker services for Beijing.... [...]
Website has been seized and replaced with law enforcement logos from eleven nations Updated Notorious ransomware gang LockBit's website has been taken over by law enforcement authorities, who claim they have disrupted the group's operations and will soon reveal the extent of an operation against the group.... [...]
$1.3 billion lost as identity fraud – and greed – saw 57,000 or more seek unearned tax refunds One hundred and fifty people who worked for the Australian Taxation Office (ATO) have been investigated – and some prosecuted – for participating in a tax refund scam promoted on Facebook and TikTok …
Looks like LockBit took a swipe at an outsourced life insurance application Indian tech services giant Infosys has been named as the source of a data leak suffered by the Bank of America.... [...]
Moscow-backed Cozy Bear may have had access to the green rectangular email cloud for six months HPE has become the latest tech giant to admit it has been compromised by Russian operatives.... [...]
'Aleksandr Ermakov' isn't allowed down under after being linked to ten-million-record leak Australia's government has used the "significant cyber incidents" sanctions regime it introduced in 2021 for the first time, against a Russian named Aleksandr Gennadievich Ermakov whom authorities have deemed responsible for the 2022 attack on health insurer …
.SBS gTLD once owned by Australian broadcaster is another source of strife Scammers are buying up cheap domain names to host sites that sell dodgy health products using fake articles, according to cybercrime disruption outfit Netcraft.... [...]