Specially crafted network packet could allow remote code execution and access to VM fleets VMware by Broadcom has revealed a pair of critical-rated flaws in vCenter Server – the tool used to manage virtual machines and hosts in its flagship Cloud Foundation and vSphere suites.... [...]
Who needs ransomware when you can scare techies into coughing up their credentials? Notorious cyber gang UNC3944 – the crew suspected of involvement in the recent attacks on Snowflake and MGM Entertainment, and plenty more besides – has changed its tactics and is now targeting SaaS applications... [...]
PLUS: Australia to age limit social media; Hong Kong's robo-dogs; India's new tech minister The space junk cleaning mission launched by Japan's Aerospace Exploration Agency (JAXA) has successfully hunted down one of its targets.... [...]
Offline for four days and counting, as are parent company and e-commerce brand Japanese media conglomerate Kadokawa and several of its properties have been offline for four days after a major cyber attack.... [...]
Spammers will probably bid to buy it, so community is trying to find a better home for decades-old service Exclusive The Spam and Open Relay Blocking System (SORBS) – a longstanding source of info on known sources of spam widely used to create blocklists – has been shuttered by its owner …
Opponents of Myanmar’s internet-nobbling military government don't like when Facebook asks for their real names Big Tech isn't much help if you're an activist trying to work against a military junta, and FOSS tools aren't a great alternative either, according to opponents of Myanmar's military regime.... [...]
Man arrested and blackmail charges expected after allegations of unpaid contractors and iffy infosec Updated Over a million records describing Australians who visited local pubs and clubs have apparently been posted online.... [...]
Only from its digital doc-signing service, which is isolated from its cloudy storage Dropbox has revealed a major attack on its systems that saw customers' personal information accessed by unknown and unauthorized entities.... [...]
Huawei is OK, but Xiaomi, OPPO, and Samsung are in strife. And Honor isn't living its name Many Chinese keyboard apps, some from major handset manufacturers, can leak keystrokes to determined snoopers, leaving perhaps three quarters of a billion people at risk according to research from the University of …
After two years of warnings, and outages, regulators ran out of patience with Kotak Mahindra Bank India’s central bank has banned Kotak Mahindra Bank from signing up new customers for accounts or credit cards through its online presence and app.... [...]
And warn that AI is already being used by extremists to plot attacks The director general of Australia’s lead intelligence agency and the commissioner of its Federal Police yesterday both called for social networks to offer more assistance to help their investigators work on cases involving terrorism, child …
A day after FBI boss warns Beijing is poised to strike against US infrastructure China last week reorganized its military to create an Information Support Force aimed at ensuring it can fight and win networked wars.... [...]
Hypershield detects bad behavior and automagically reconfigures networks to snuff out threats Cisco has developed a product called Hypershield that it thinks represents a new way to do network security.... [...]
Just doesn't believe it will sort out the mess that saw data leak from LINE messaging app Japan's government has considered the proposed security improvements developed by Yahoo !, found them wanting, and ordered the onetime web giant to take new measures.... [...]
Japan's Hoya also makes components for chips, displays, and hard disks, and has spent four days groping for a fix If ever there was an incident that brings the need for good infosec into sharp focus, this is the one: Japan's Hoya – a maker of eyeglass and contact lenses …
CISA calls for 'fundamental, security-focused reforms' to happen ASAP, delaying work on other software A review of the June 2023 attack on Microsoft's Exchange Online hosted email service – which saw accounts used by senior US officials compromised by a China-linked group called "Storm-0558" – has found that the incident would …
Reveals 2021 incident that saw parliamentary agencies briefly probed The government of South Pacific island nation New Zealand has revealed that it, too, has been attacked by China.... [...]
United Nations finds IT contract and crypto scams are just two of DPRK's illicit menu items If you dine out at an Asian restaurant on your next holiday, the United Nations thinks your meal could help North Korea to launder money.... [...]
New infostealer may indicate a shift in tactics – and maybe targets too, beyond Asia North Korea's notorious Kimsuky cyber crime gang has commenced a campaign using fresh tactics, according to infosec tools vendor Rapid7.... [...]
Also down under, researchers find security-cleared workers leaking details of their gigs An Australian IT contractor has been sentenced to 30 months jail for ripping off the National Maritime Museum.... [...]
But failing to recover from incidents is unforgivable because 'adrenalin does not scale' Zero tolerance of failure by information security professionals is unrealistic, and makes it harder for cyber security folk to do the essential part of their job: recovering fast from inevitable attacks, according to Gartner analysts Chris …
Bill proposes to do to China what China already does to the US – make life hard for foreign social networks The United States House of Representatives on Wednesday passed the Protecting Americans from Foreign Adversary Controlled Applications Act – a law aimed at forcing TikTok's Chinese parent ByteDance to sell …
Russia and Sudan top the list of suspects Several French government websites have been disrupted by a severe distributed denial of service attack.... [...]
Critical vulns in USB under ESXi and desktop hypervisors found by Chinese researchers at cracking contest Hypervisors are supposed to provide an inviolable isolation layer between virtual machines and hardware. But hypervisor heavyweight VMware by Broadcom yesterday revealed its hypervisors are not quite so inviolable as it might like …
Moonlighted for two PRC companies after side-stepping Big G's security The US Department of Justice on Wednesday revealed an indictment that charges a former Google employee with leaking the ad giant’s AI tech to two Chinese companies – after easily defeating the Big G’s security controls.... [...]