lemmydev2

BogusBazaar ripped off shoppers and scraped card details, but not in China A crime ring dubbed BogusBazaar has scammed 850,000 people out of tens of millions of dollars via a network of dodgy shopping websites.…

Ransomware and extortion incidents surged by 67% in 2023, according to NTT Security Holdings’ 2024 Global Threat Intelligence Report. Global ransomware crisis After a down year in 2022, ransomware and extortion incidents increased in 2023. More than 5,000 ransomware victims were detected or posted across multiple social channels, up from approximately 3,000 in 2022. The number of victims is likely higher because the research does not reflect incidents where ransoms were paid before the listing … More → The post Global ransomware crisis worsens appeared first on Help Net Security.

F5 has fixed two high-severity BIG-IP Next Central Manager vulnerabilities, which can be exploited to gain admin control and create rogue accounts on any managed assets. [...]

Researchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use.

    Image: Eken

A company that manufactures video doorbells found by Consumer Reports to contain serious security vulnerabilities has issued a fix, the consumer advocacy group is reporting. Eken Group has issued a firmware update for the affected security products under its own name, as well as those from other brands it has licensing deals with, including Fishbot, Rakeblue, Tuck, and others. All the video doorbells use the Aiwit smartphone app and could be purchased from popular online retailers like Amazon, Shein, Temu, and Walmart. Back in February, CR reported that it found vulnerabilities in Eken-produced video doorbells that “could allow a dangerous person to take control of the video doorbell on their target’s home.” Gaining access to the...

Continue reading…

Leah Nylen / Bloomberg: Filing: FTC says Jeff Bezos, Andy Jassy, and other Amazon execs used Signal's disappearing messages to conceal evidence in FTC's antitrust case against Amazon  —  - Agency accuses retail giant of failing to preserve documents  — Top executives communicated via Signal disappearing chats

Andy Edser / PC Gamer: Microsoft partners with IBM to release the MS-DOS 4.0 source code under the MIT license on GitHub  —  Fond memories of beige machines.  —  Ah, the PC in the spare room.  Back when “going on the computer” was an event, not a daily necessity, I cut my teeth on MS-DOS games.

Chance Miller / 9to5Mac: A number of Apple users say they were logged out of their Apple ID across multiple devices on April 26 and forced to reset their password before logging back in  —  There appears to be an increasingly widespread Apple ID outage of some sort impacting Apple users tonight.

Kate Kelly / New York Times: Congress considers legislation to block DJI drones from running on US communication networks, effectively killing the Chinese company's US commercial business  —  U.S. authorities consider DJI a security threat.  Congress is weighing legislation to ban it, prompting a lobbying campaign from the company …

Ouch! Millions of Kaiser Permanente patients' data was likely handed over to Google, Microsoft Bing, X/Twitter, and other third-parties, according to the American healthcare giant.…

Refreshed software and collaboration with the security researcher community may have contributed to the 5% drop.

This week, the Steering Committee of the Global Encryption Coalition (GEC-SC) contributed an important statement to the ongoing discussions at the United Nations concerning the Secretary General’s Global digital compact. The attached PDF contains a statement read by a representative of the GEC-SC to the UN, Mallory Knodel, articulating the expert insights and proposed amendments […] The post Global Encryption Coalition (GEC-SC) contribution to the ongoing discussions at the UN’s Global digital compact. appeared first on Global Encryption Coalition.