Viry a Červi

Plus: Google Cloud ANZ boss departs; Japan revives airliner ambitions; China-linked attackers target Asian entities

Asia in brief  Singapore's Monetary Authority on Monday launched an application, intuitively named "COllaborative Sharing of Money Laundering/TF Information & Cases" (COSMIC for short, obviously) to target money laundering and terrorism financing.…

At least not until Redmond's government edition is ready to roll

Staff working at the US House Of Representatives have been barred from using Microsoft's Copilot chatbot and AI productivity tools, pending the launch of a version tailored to the needs of government users.…

This time, we got lucky. It mostly affected bleeding-edge distros. But that's not a defense strategy

Analysis  The discovery last week of a backdoor in a widely used open source compression library called xz could have been a security disaster had it not been caught by luck and atypical curiosity about latency from a Microsoft engineer.…

Also, TheMoon botnet back for EoL SOHO routers, Sellafield to be prosecuted for 'infosec failures', plus critical vulns

Infosec in brief  Nearly a year on from the discovery of a massive data theft at healthcare biz Harvard Pilgrim, and the number of victims has now risen to nearly 2.9 million people in all US states.…

Theresa Payton on why US needs a national privacy law

Interview  Congress is mulling legislation that will require TikTok's Chinese parent ByteDance to cut ties with the video-sharing mega-app, or the social network will be banned in the USA.…

Still claims the personal info wasn't stolen from its systems

AT&T confirmed over the weekend that more than 73 million records of its current and former customers dumped on the dark web in mid-March do indeed describe its subscribers, though it still denies the data came direct from its systems.…

Code shines up nicely in production, says Chocolate Factory's Bergstrom

Echoing the past two years of Rust evangelism and C/C++ ennui, Google reports that Rust shines in production, to the point that its developers are twice as productive using the language compared to C++.…

STOP USAGE OF FEDORA RAWHIDE, says Red Hat while Debian Unstable and others also affected

Red Hat on Friday warned that a malicious backdoor found in the widely used data compression software library xz may be present in instances of Fedora Linux 40 and the Fedora Rawhide developer distribution.…

CVE-2024-1086 turns the page tables on system admins

A Linux privilege-escalation proof-of-concept exploit has been published that, according to the bug hunter who developed it, typically works effortlessly on kernel versions between at least 5.14 and 6.6.14. …

2.5 million people were affected, in a breach that could spell more trouble down the line.

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.