Ollama drama as 'easy-to-exploit' critical flaw found in open source AI server
About a thousand vulnerable instances still exposed online, we're told
Patches24 Jun 2024 | 9
CSO
Change Healthcare finally spills the tea on what medical data was stolen by cyber-crew
'Substantial proportion' of America to get a little note from next month
Cyber-crime21 Jun 2024 | 9
Uncle Sam sanctions Kaspersky's top bosses – but not Mr K himself
Here's America's list of the supposedly dirty dozen
CSO21 Jun 2024 | 17
Crooks get their hands on 500K+ radiology patients' records in cyber-attack
Two ransomware gangs bragged of massive theft of personal info and medical files
Cyber-crime20 Jun 2024 | 4
Biden bans Kaspersky: No more sales, updates in US
Blockade begins July 20 on national security grounds as antivirus slinger vows to fight back
CSO20 Jun 2024 | 111
That PowerShell 'fix' for your root cert 'problem' is a malware loader in disguise
Control-C, Control-V, Enter ... Hell
Research19 Jun 2024 | 18
Dark-web kingpin puts 'stolen' internal AMD databases, source code up for sale
Updated Chip designer really gonna need to channel some Zen right now
Cyber-crime18 Jun 2024 |
Shoddy infosec costs PwC spinoff and NMA $11.3M in settlement with Uncle Sam
Updated Pen-testing tools didn't work – and personal info of folks hit by pandemic started appearing in search engines
CSO17 Jun 2024 | 2
AWS is pushing ahead with MFA for privileged accounts. What that means for you ...
The clock is ticking – why not try a passkey?
CSO17 Jun 2024 | 17
Microsoft answered Congress' questions on security. Now the White House needs to act
Feature Business as usual needs a real change
Public Sector15 Jun 2024 | 45
Meta won't train AI on Euro posts after all, as watchdogs put their paws down
Facebook parent calls step forward for privacy a 'step backwards'
AI + ML14 Jun 2024 | 41
Microsoft bigwig says the Feds catching Chinese spies in Exchange Online is the cloud working as intended
'It's not our job to find the culprits – That's what we're paying you for' lawmaker scolds Brad Smith
CSO14 Jun 2024 | 57
Oracle Ads have had it: $2B operation shuts down after dwindling to $300M
Analysis In this slightly more private era, your data ain't as profitable as it once was
Personal Tech13 Jun 2024 | 25
Ransomware crew may have exploited Windows make-me-admin bug as a zero-day
Symantec suggests Black Basta crew beat Microsoft to the patch
Malware Month12 Jun 2024 | 2
White House report dishes deets on all 11 major government breaches from 2023
The MOVEit breach and ransomware weren’t kind to the Feds last year
CSO12 Jun 2024 | 1
Let's kick off our summer with a pwn-me-by-Wi-Fi bug in Microsoft Windows
Patch Tuesday Redmond splats dozens of bugs as does Adobe while Arm drivers and PHP under active attack
CSO12 Jun 2024 | 7
Akira: Perhaps the next big thing in ransomware, says Tidal threat intelligence chief
Interview Scott Small tells us gang's 'intent and capability' should get the attention of CSOs
Malware Month09 Jun 2024 | 3
Uber ex-CSO Joe Sullivan: We need security leaders running to work, not giving up
Interview Lessons learned from the infosec chief convicted and punished for covering up theft of data from taxi app maker
CSO08 Jun 2024 | 33
FCC takes some action against notorious BGP
How's your RPKI-based security plan coming along? Feds want to know
Networks07 Jun 2024 | 9
Microsoft Research chief scientist has no issue with Windows Recall
As tool emerges to probe OS feature's SQLite-based store of user activities
OSes06 Jun 2024 | 114
Microsoft paid Tenable a bug bounty for an Azure flaw it says doesn't need a fix, just better documentation
Let customers interfere with other tenants? That's our cloud working by design, Redmond seems to say
CSO05 Jun 2024 | 9
Command senior chief busted for secretly setting up Wi-Fi on US Navy combat ship
In the Navy, no, you cannot have an unauthorized WLAN. In the Navy, no, that's not a good plan
CSO04 Jun 2024 | 91
Pentagon 'doubling down' on Microsoft despite 'massive hack,' senators complain
Meanwhile Mr Smith goes to Washington to testify before Congress
Public Sector04 Jun 2024 | 5
Hudson Rock yanks report fingering Snowflake employee creds snafu for mega-leak
Analysis Cloud storage giant lawyers up against infosec house
Cyber-crime04 Jun 2024 | 18
NIST turns to IT consultants to clear National Vulnerability Database backlog
Aims to get CVE logjam cleared by the end of FY 24
CSO03 Jun 2024 | 5
US senator claims UnitedHealth's CEO, board appointed 'unqualified' CISO
Similar cases have resulted in serious sanctions, and they were on a far smaller scale
CSO31 May 2024 | 26
OpenAI is very smug after thwarting five ineffective AI covert influence ops
That said, use of generative ML to sway public opinion may not always be weak sauce
AI + ML30 May 2024 | 11
IBM spin-off Kyndryl accused of discriminating on basis of age, race, disability
Exclusive Five current and former employees file formal charges with US employment watchdog
CSO30 May 2024 | 18
2.8M US folks learn their personal info was swiped months ago in Sav-Rx IT heist
Theft happened in October, only now are details coming to light
Cyber-crime28 May 2024 | 8
How's Uncle Sam getting on with Biden's AI exec order? Pretty good, we're told
Interview Former Pentagon deputy CIO Rob Carey tells us guardrails should steer Feds away from bad ML
Public Sector27 May 2024 | 7
Three-year-old Apache Flink flaw under active attack
We know IT admins have busy schedules but c'mon
Patches24 May 2024 | 11
70% of CISOs worry their org is at risk of a material cyber attack
Wait, why do you want this job again?
CSO23 May 2024 | 7
Go after UnitedHealth, not us, 100+ medical groups urge Uncle Sam
Why should we get its paperwork?
CSO22 May 2024 | 8
Confused by the SEC's IT security breach reporting rules? Read this
'Clarification' weighs in on material vs voluntary disclosures
CSO22 May 2024 | 2
Telegram CEO calls out rival Signal, claiming it has ties to US government
Drama between two of the leading secure messaging services
Applications14 May 2024 | 25
AI red-teaming tools helped X-Force break into a major tech manufacturer 'in 8 hours'
RSAC Hint: It's the 'the largest' maker of a key computer component
Spotlight on RSA13 May 2024 | 7
Ransomware negotiator weighs in on the extortion payment debate with El Reg
Interview As gang tactics get nastier while attacks hit all-time highs
Cyber-crime12 May 2024 | 43
Critical infrastructure security will stay poor until everyone pulls together
Interview Claroty CEO Yaniv Vardi tells us what's needed to defend vital networks
Public Sector11 May 2024 | 12
Ex-White House election threat hunter weighs in on what to expect in November
Interview Spoiler alert: We're gonna talk about AI
Public Sector09 May 2024 | 36
Ten years since the first corp ransomware, Mikko Hyppönen sees no end in sight
Interview On the plus side, infosec's a good bet for a long, stable career
Malware Month08 May 2024 | 24
From infosec to skunks, RSA Conference SVP spills the tea
Interview Keynotes, physical security, playlists … the buck stops with Linda Gray Martin
Spotlight on RSA08 May 2024 |
UnitedHealth's 'egregious negligence' led to Change Healthcare ransomware infection
Interview 'I'm blown away by the fact that they weren't using MFA'
Spotlight on RSA08 May 2024 | 25
CISA says 'no more' to decades-old directory traversal bugs
Recent attacks on healthcare thrust infosec agency into alert mode
CSO06 May 2024 | 13
It may take decade to shore up software supply chain security, says infosec CEO
interview Sure, we're waking to the risk, but we gotta get outta bed, warns Endor Labs founder Varun Badhwar
CSO03 May 2024 | 27
Qantas app glitch sees boarding passes fly to other accounts
Issue now resolved and isn't thought to be the work of criminals
CSO01 May 2024 | 8
UnitedHealth CEO: 'Decision to pay ransom was mine'
Updated Congress to hear how Citrix MFA snafu led to massive data theft, $870M+ loss
Malware Month30 Apr 2024 | 28
London Drugs closes all of its pharmacies following 'cybersecurity incident'
Updated Canadian stores shuttered 'until further notice'
CSO29 Apr 2024 | 20
UK lays down fresh legislation banning crummy default device passwords
New laws mean vendors need to make clear how long you'll get updates too
CSO29 Apr 2024 | 77
Kaiser Permanente handed over 13.4M people's data to Microsoft, Google, others
Ouch!
CSO26 Apr 2024 | 8
Management company settles for $18.4M after nuclear weapons plant staff fudged their timesheets
The firm 'fessed up to staff misconduct and avoided criminal liability
CSO24 Apr 2024 | 10
Ransomware feared as IT 'issues' force Octapharma Plasma to close 150+ centers
Updated Source blames BlackSuit infection – as separately ISP Frontier confirms cyberattack
Cyber-crime18 Apr 2024 | 9
Kremlin's Sandworm blamed for cyberattacks on US, European water utilities
Water tank overflowed during one system malfunction, says Mandiant
Research17 Apr 2024 | 10
MGM says FTC can't possibly probe its ransomware downfall – watchdog chief Lina Khan was a guest at the time
What a twist!
Cyber-crime16 Apr 2024 | 19
X fixes URL blunder that could enable convincing social media phishing campaigns
Poorly implemented rule allowed miscreants to deceive users with trusted URLs
CSO10 Apr 2024 | 27
Nearly 1M medical records feared stolen from City of Hope cancer centers
Is there no cure for this cyber-plague?
Cyber-crime03 Apr 2024 | 7
Malicious xz backdoor reveals fragility of open source
Analysis This time, we got lucky. It mostly affected bleeding-edge distros. But that's not a defense strategy
Devops01 Apr 2024 | 98
Malicious SSH backdoor sneaks into xz, Linux world's data compression library
STOP USAGE OF FEDORA RAWHIDE, says Red Hat while Debian Unstable and others also affected
CSO29 Mar 2024 | 123
These 17,000 unpatched Microsoft Exchange servers are a ticking time bomb
One might say this is a wurst case scenario
Patches28 Mar 2024 | 44
'Thousands' of businesses at mercy of miscreants thanks to unpatched Ray AI flaw
Anyscale claims issue is 'long-standing design decision' – as users are raided by intruders
CSO27 Mar 2024 | 14
Row breaks out over true severity of two DNSSEC flaws
Updated Some of us would be happy being rated 7.5 out of 10, just sayin'
CSO26 Mar 2024 | 11
Biting the hand that feeds IT
