Security News

Microsoft fixes flaw after being called irresponsible by Tenable CEO
2023-08-04 22:54

Microsoft fixed a security flaw in the Power Platform Custom Connectors feature that let unauthenticated attackers access cross-tenant applications and Azure customers' sensitive data after being called "Grossly irresponsible" by Tenable's CEO. The root cause of the issue stemmed from inadequate access control measures for Azure Function hosts launched by connectors within the Power Platform. "It should be noted that this is not exclusively an issue of information disclosure, as being able to access and interact with the unsecured Function hosts, and trigger behavior defined by custom connector code, could have further impact," says cybersecurity firm Tenable which discovered the flaw and reported it on March 30th. "However, because of the nature of the service, the impact would vary for each individual connector, and would be difficult to quantify without exhaustive testing."

Celsius feels the heat: Ex-CEO arrested, watchdogs line up to sue bankrupt crypto biz
2023-07-13 20:48

Exec faces fraud charges, one regulator wants $5 billion fine Alex Mashinsky, the now-former CEO of collapsed cryptocurrency concern Celsius, today faces charges of fraud as prosecutors and...

CEO guilty of selling counterfeit Cisco devices to military, govt orgs
2023-06-07 14:19

A Florida man has pleaded guilty to importing and selling counterfeit Cisco networking equipment to various organizations, including education, government agencies, healthcare, and the military. A U.S. Department of Justice announcement published yesterday says Aksoy pleaded guilty in the U.S. District Court of New Jersey, admitting that he defrauded many people and companies by selling them low-quality equipment made to appear as new Cisco models.

From CEO Fraud to Vendor Fraud: The Shift to Financial Supply Chain Compromise
2023-05-25 16:00

TechRepublic Premium Bring your own device policy PURPOSE The purpose of this Bring your own device policy from TechRepublic Premium is to provide requirements for BYOD usage and establish the steps that both users and the IT department should follow to initialize, support and remove devices from company access. These requirements must be followed as documented in order to protect company systems .....

Wireless Broadband Alliance CEO on key drivers for Wi-Fi adoption in enterprise networks
2023-05-22 04:45

This Help Net Security interview with Tiago Rodrigues, CEO at Wireless Broadband Alliance, delves into the future of enterprise networking, exploring the significant role of Wi-Fi 6E and Private 5G. What role does Wi-Fi 6E play in enterprise connectivity, and what advanced capabilities does it offer on the 6GHz spectrum? How is the need for Private 5G in enterprise networks growing due to new IoT use cases, and what are the key drivers for Wi-Fi adoption in enterprise networks?

Ex-CEO of breached pyschotherapy clinic gets prison sentence for bad data security
2023-04-18 18:56

After stealing the data, he decided to blackmail the clinic for €450,000; when that didn't work he stooped yet lower and tried blackmailing the patients for €200 each, with a warning that the "Fee" would increase to €500 after 24 hours. Patients who didn't pay up after a further 48 hours, the blackmailer said, would be doxxed, a jargon term meaning to have your personal data exposed publicly on purpose.

Europol busts ‘CEO fraud’ gang that stole €38M in a few days
2023-02-17 18:18

Europol has dismantled a Franco-Israeli 'CEO fraud' group that employed business email compromise attacks to divert payments from organizations to bank accounts under the threat actor's control. The fraudsters impersonated CEOs when approaching employees in the target organizations' financial departments and tricked them into performing payments to bank accounts under the scammer's control.

Authorities break up gang responsible for €38 million CEO fraud
2023-02-17 11:24

8 suspects arrested Seizures include: electronic equipment and vehicles, about EUR 3 million from Portuguese bank accounts, EUR 1.1 million from Hungarian bank accounts, EUR 600 000 from Croatian bank accounts, EUR 400 000 from Spanish bank accounts, EUR 350 000 in virtual currencies. The total value of the seizures is estimated at about EUR 5.5 million.

SimSpace CEO brings dogfight mentality to terra firma for IT cybersecurity training
2023-01-17 22:09

Figure A. After the Air Force, Hutchison took a leadership role in the U.S. Cyber Command, where he oversaw the first joint, force-on-force tactical cyber training exercise Cyber Flag. He built a team that launched the first cyber adversary tactics office, founded the first joint cyber-focused tabletop exercise and established an inaugural cybersecurity team certification.

Open source software host Fosshost shutting down as CEO unreachable
2022-12-04 07:02

Open source software hosting and cloud computing provider Fosshost will no longer be providing services as it reaches end of life. UK-based non-profit Fosshost has been providing services to several high profile open source projects like GNOME, Armbian, Debian and Free Software Foundation Europe completely free of charge.