-
Sellafield nuclear site hit with £332,500 fine after “significant cybersecurity shortfalls”
The UK’s Sellafield nuclear waste processing and storage site has been fined £332,500 by regulators after its IT systems were found to have been left vulnerable to hackers and unauthorised access for years. Read more in my article on the Hot for Security blog. Read More
-
CRI Releases Guidance on Avoiding Ransomware Payments
The Counter Ransomware Initiative has released new guidance discouraging organizations from making ransomware payments Read More
-
Litespeed Cache Plugin Flaw Allows XSS Attack, Update Now
The new LiteSpeed Cache flaw (CVE-2024-47374) allows unauthenticated code injection across more than six million active installations Read More
-
Microsoft and US Government Disrupt Russian Star Blizzard Operations
Microsoft and the US government have collectively seized over 100 websites used by Russian nation-state actor Star Blizzard Read More
-
CeranaKeeper Emerges as New Threat to Thai Government Networks
China-aligned CeranaKeeper discovered targeting Thai govt institutions using cloud services for data exfiltration Read More
-
Tick tock.. Operation Cronos arrests more LockBit ransomware gang suspects
International law enforcement continues to dismantle the LockBit ransomware gang’s infrastructure. Read more in my article on the Tripwire State of Security blog. Read More
-
A Single Cloud Compromise Can Feed an Army of AI Sex Bots
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which use custom jailbreaks to bypass content filtering, often veer into darker role-playing scenarios, including child…
-
Cybersecurity Spending on the Rise, But Security Leaders Still Feel Vulnerable
A new report by Red Canary has found that while cybersecurity budgets have risen, many security leaders still feel overwhelmed by the growing threat landscape Read More
-
Weird Zimbra Vulnerability
Hackers can execute commands on a remote computer by sending malformed emails to a Zimbra mail server. It’s critical, but difficult to exploit. In an email sent Wednesday afternoon, Proofpoint researcher Greg Lesnewich seemed to largely concur that the attacks weren’t likely to lead to mass infections that could install ransomware or espionage malware. The…
-
Northern Ireland Police Data Leak Sees Service Fined by ICO
The ICO blamed the Police Service of Northern Ireland for procedural failings that exposed the personal data of 9843 personnel, putting police officers at risk Read More