World Food Programme breach exposes data of 600k vulnerable Gazan families
Those receiving aid in the famine-threatened, war-torn territory told support will remain
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Those receiving aid in the famine-threatened, war-torn territory told support will remain
Connected devices can leave an otherwise secure network vulnerable Pwned Welcome to Pwned, The Register's new column, where we highlight the worst infosec own goals so you can, hopefully, protect against them. Caffeine is an essential tool for most IT defenders, so, on balance, we're sure it has protected against a lot more exploits than it has caused. But in this case, the desire for everyone's favorite stimulant led to a massive breach.…
Also, cybercriminals get breached, Gemini spills the calendar beans, and more infosec in brief T'was a dark few days for automotive software systems last week, as the third annual Pwn2Own Automotive competition uncovered 76 unique zero-day vulnerabilities in targets ranging from Tesla infotainment to EV chargers.…
Crims claim to know which customers are marked 'vulnerable' British telco Brsk is investigating claims that it was attacked by cybercriminals who made off with more than 230,000 files.…
US DOE among breached government agencies More than 400 organizations have been compromised in the Microsoft SharePoint attack, according to Eye Security, which initially sounded the alarm on the mass exploitation last Friday, even before Redmond confirmed the critical vulnerabilities.…
But we mean, you've had nearly four years to patch One of the critical security flaws exploited by China's Salt Typhoon to breach US telecom and government networks has had a patch available for nearly four years - yet despite repeated warnings from law enforcement and private-sector security firms, nearly all public-facing Microsoft Exchange Server instances with this vulnerability remain unpatched.…
If you're still running a vulnerable instance then 'assume a breach' More than 600 IP addresses are launching thousands of exploit attempts against CVE-2023-22527 – a critical bug in out–of-date versions of Atlassian Confluence Data Center and Server – according to non-profit security org Shadowserver.…
ALSO: CISA begs for a consistent budget, Las Vegas school breach; Nigeria arrests six cyber princes, the week's critical vulnerabilities Security In Brief Notorious ransomware gang LockBit has reportedly exfiltrated “a tremendous amount of sensitive data from aerospace outfit Boeing.…
Progress Software vulnerability ID'd in enormous burglary at Ontario's BORN Canada's Better Outcomes Registry & Network (BORN) fears a MOVEit breach allowed cybercriminals to copy 3.4 million people's childcare health records dating back more than a decade.…
ALSO: Euro chip maker breached, crims plan to undermine cyber insurance, and this week's critical vulnerabilities Infosec in Brief No one likes malware, but malicious code that tracks your location is particularly unlovable.…
Rubrik Zero Lab’s ‘The Hard Truths’ annual report into the state of data security Webinar It seems no longer possible to imagine whether it's just a case of if a security breach will occur within your organization, or if malicious actors will exploit a vulnerability to play havoc with your data. Rather, it's just a question of when.…
Patch flaws and enforce authentication policies, CISA and FBI warn State-sponsored threat actors from Russia over the last year breached a non-governmental organization (NGO) by leveraging multifactor authentication (MFA) defaults and exploiting the PrintNightmare vulnerability in Windows Print Spooler.…