Ransomware spreaders have built a handy tool that abuses an out-of-date Microsoft Windows driver to disable security defenses before dropping malware into the targeted systems.β¦
In Brief We thought it was probably the case when the news came out, but now it's been confirmed: The X_Trader supply chain attack behind the 3CX compromise last month wasn't confined to the telco developer.β¦
Asia In Brief Chinese scientists have estimated the mass of the Milky Way.β¦
I feel like a significant portion of this week's video went to discussing "the Coinbase breach that wasn't a Coinbase breach". There are various services out there that are used by the likes of password managers to alert their customers to new breaches (including HIBP in 1Password) and whoever Dashlane is using frankly, royally cocked up the attribution. What was a garden variety list of email addresses someone had just chucked the "Coinbase" name on had absolutely nothing to do with a breach of the crypto company. It's frustrating to watch, and I suspect that will come through when you watch the video too. See what you think.
Europe's air-traffic agency appears to be the latest target in pro-Russian miscreants' attempts to disrupt air travel.β¦
Microsoft has partnered with organizations around the globe to bring more women into infosec roles, though the devil is in the details.β¦
Are automatic dependency updates always a good idea?
An international group of law enforcement agencies are urging Meta not to standardize end-to-end encryption on Facebook Messenger and Instagram, which they say will harm their ability to fight child sexual abuse material (CSAM) online.β¦
Many routers that are offered for resale contain sensitive corporate information and allow third-party connections to corporate networks
The post Did you mistakenly sell your network access? β Week in security with Tony Anscombe appeared first on WeLiveSecurity