US Government Accounting Office says it was notified of data breach by IT contractor CGI Federal

The U.S. Government Accounting Office says it was notified of a data breach by IT contractor GCI Federal. Reuters could not immediately ascertain the size and scope of the breach. The GAO said that about 6,000 people, “primarily current and Read More …

Cloudflare blames previous Okta breach for November 2023 cyberattack

Cloudflare is laying the blame for the cyberattack it suffered late last year the after-effects of the critical Okta breach. The content delivery service provider has published a blog post detailing the cybersecurity incident it suffered on Thanksgiving Day 2023, Read More …

Hundreds of museums hit by cyber attack

Hundreds of art institutions and museums have been affected by a cyber attack on the Gallery Systems software company, with those impacted having used the software to organise their online archives. Last month, Gallery Systems informed its clients that computers Read More …

‘Lazy’ broadband engineers blamed for exposing hospitals and banks to cyber attacks

Hospitals and banks are more exposed to cyber attacks because “lazy” broadband engineers are failing to fill in crucial forms, it has been alleged. Industry sources warned of a “Wild West” among contractors who are not handing over information about Read More …

Supply chain attack targeting Ledger crypto wallet leaves users hacked

Hackers compromised the code behind a crypto protocol used by multiple web3 applications and services, the software maker Ledger said on Thursday. Ledger, a company that makes a widely used and popular crypto hardware and software wallet, among other products, Read More …

Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally

The US Federal Bureau of Investigation (FBI) and partners assess Russian Foreign Intelligence Service (SVR) cyber actors – also known as Advanced Persistent Threat 29 (APT 29), the Dukes, CozyBear, and NOBELIUM/Midnight Blizzard – are exploiting CVE-2023-42793 a at a Read More …

How the EU Cyber Resilience Act Impacts Manufacturers

The European Union (EU) released their new Cyber Resilience Act which is claimed to be the first ever act put in place to ensure consumers are better protected by the manufacturers of both hardware and software products sold within the Read More …

Roblox and Twitch provider Tipalti breached by ransomware

Accounting software provider Tipalti says it is investigating a claim by ransomware group ALPHV that they have gained access to Tipalti’s systems. Tipalti makes software for accounting and payment automation and has some big names among its customers. In what Read More …

Hijackable Go Module Repositories

The Go module ecosystem is unique because it’s decentralized. Other packaging systems like Pypi or NPM require developers to create accounts to upload their packages. This gives the package platform the ability to moderate users and content. That isn’t the Read More …

Guidelines for secure AI system development

AI systems have the potential to bring many benefits to society. However, for the opportunities of AI to be fully realised, it must be developed, deployed and operated in a secure and responsible way. AI systems are subject to novel Read More …