Break out your emergency change process and patch this ransomware-friendly bug ASAP, says VMware

File upload vuln lets miscreants hijack vCenter Server VMware has disclosed a critical bug in its flagship vSphere and vCenter products and urged users to drop everything and patch it. The virtualization giant also offered a workaround.…

9h

Database containing personal info on 106m people who traveled to Thailand found open to the internet – report

Misconfigured Elasticsearch server blamed A database containing personal information on 106 million international travelers to Thailand was exposed to the public internet this year, a Brit biz claimed this week.…

10h

Suex to be you: Feds sanction cryptocurrency exchange for handling payments from 8+ ransomware variants

Russia-based biz targeted in Uncle Sam's crack down on cyber-extortion The US Treasury on Tuesday sanctioned virtual cryptocurrency exchange Suex OTC for handling financial transactions for ransomware operators, an intervention that's part of a broad US government effort to disrupt online extortion and related cyber-crime.…

14h

Fix network printing or keep Windows secure? Admins would rather disable PrintNightmare patch

'Our >3,000 customers had to print again' Microsoft's Patch Tuesday update last week was meant to fix print vulnerabilities in Windows but also broke network printing for many, with some admins disabling security or removing the patch to get it working.…

21h

UK Ministry of Defence apologises after Afghan interpreters' personal data exposed in email blunder

We joke about lethal consequences of failure but this isn't funny The UK's Ministry of Defence has launched an internal investigation after committing the classic CC-instead-of-BCC email error – but with the names and contact details of Afghan interpreters trapped in the Taliban-controlled nation.…

23h

Mafia works remotely, too, it seems: 100+ people suspected of phishing, SIM swapping, email fraud cuffed

Dare we say, these Euro cops ran mobprobe Police arrested 106 people suspected of carrying out online fraud for an organized crime gang linked to the Italian Mafia, Europol said on Monday.…

1d

You’ve trained at the cutting edge, here’s how to keep your DFIR skills razor sharp

Sometimes the most important tool is a bookmark Sponsored  There’s nothing like five or six days of in-depth training with SANS Institute to develop cutting-edge Digital Forensics and Incident Response security skills.…

1d

Apache OpenOffice can be hijacked by malicious documents, fix still in beta

If you need another reason to try an alternative software suite Apache OpenOffice (AOO) is currently vulnerable to a remote code execution vulnerability and while the app's source code has been patched, the fix has only been made available as beta software and awaits an official release.…

1d

Ransomware recovery: Start getting back up before you’re even hit

Here’s how to put your plan together Sponsored  What’s the first step to recovering from a ransomware attack? Making sure you have a recovery plan in place well before you get attacked.…

1d

Tick, tick, tick … TikTok China just limited kids to 40 minutes' use each day

And added a bug bounty program to detect any holes in its 'youth mode' Douyin, the Chinese app known as TikTok outside the Middle Kingdom, has imposed limits on usage time for kids.…

2d