SolarWinds is yet again disclosing security vulnerabilities in one of its widely-used products. The company has released updates to patch six critical authentication bypass and remote command execution vulnerabilities in…
For years, CSOs have worried about their IT infrastructure being used for unauthorized cryptomining. Now, say researchers, they’d better start worrying about crooks hijacking and reselling access to exposed corporate…
Conveyancers have reacted furiously to the introduction of an annual fee of £50 per user to access the the Mortgage Lenders’ Handbook. The post Fee for accessing Lenders’ Handbook infuriates…
The High Court has refused a law firm permission to challenge a decision of the Legal Ombudsman which cost it over £115,000 in compensation and reduced costs. The post High…
The extended fixed recoverable costs regime is failing to achieve its stated objectives. Instead of promoting fairness and efficiency, the rules are creating anomalies that undermine justice. The post Fixed…
A community interest company is using artificial intelligence to help it provide pro bono advice to people seeking global talent visas to come to the UK. The post Community interest…
Ransomware defense requires focusing on business resilience. This means patching issues promptly, improving user education, and deploying multifactor authentication. – Read More
Russian and Chinese nation-state attackers are exploiting a months-old WinRAR vulnerability, despite a patch that came out last July. – Read More
To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single sign-on (SSO) authentication for all devices. – Read More
The retail sector must adapt as consumers become more cybersecurity-conscious. Increased attack transparency is a good place to start. – Read More
A critical vulnerability has been patched in vm2, a widely used library for the Node.js JavaScript runtime that allows untrusted code to be executed inside a sandbox within the same…
Cybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot (formerly Clawdbot) on the official Extension Marketplace that claims to be a free artificial…
Palo Alto Networks unveiled its Quantum-Safe Security solution at the company’s virtual Quantum-Safe Summit Tuesday. The solution is designed to help organizations prepare for the post-quantum era by addressing the…
In two separate campaigns, attackers used the JScript C2 framework to target Chinese gambling websites and Asian government entities with new backdoors. – Read More
The “coordinated” cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM. Operational technology (OT)…