January 2024

URGENT: Upgrade GitLab – Critical Workspace Creation Flaw Allows File Overwrite 2024-01-30 at 18:46 By GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a workspace. Tracked as CVE-2024-0402, the vulnerability has a CVSS score of […]

ESA salutes Galileo satellite system meeting aviation standards 2024-01-30 at 18:16 By Richard Speed It’s all in the software The European Space Agency (ESA) has celebrated the Galileo satellite navigation system meeting civil aviation standards governing flight phases from take-off to landing and explained how the feat was done.… This article is an excerpt from

Reg story prompts fresh security bulletin, review of Juniper Networks’ CVE process 2024-01-30 at 17:32 By Connor Jones Vendor gets tangled in its own web of undisclosed vulnerabilities Juniper Networks has disclosed separate vulnerabilities it was previously accused of concealing, and apologized to customers for the error in communication.… This article is an excerpt from

There was a 39% surge in data exfiltration cyberattacks in 2023 2024-01-30 at 17:32 By According to a report, the number of organizations claiming to have been a victim of ransomware in the past 12 months more than doubled. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

Research shows cybercriminals’ motivation shifts to data exfiltration 2024-01-30 at 17:08 By A new report shows ransomware attacks are increasing again and reveals a change in strategy among cybercriminals. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

AI is changing search, for better or for worse 2024-01-30 at 16:47 By Thomas Claburn Bing hasn’t much benefited from its AI infusion but Google’s rivals sense an opening Feature  Ask Google’s Bard chatbot about the future of search and you’ll get a summary of trends that suggest there’s more to search than finding keywords

Raspberry Pi on IPO plans: ‘We want to be ready when the markets are ready’ 2024-01-30 at 16:16 By Richard Speed Bankers appointed, but CEO insists nothing will change while he’s in charge The Raspberry Pi company is again preparing the ground for an initial public offering (IPO), appointing bankers Peel Hunt and Jefferies ahead

China-Linked Hackers Target Myanmar’s Top Ministries with Backdoor Blitz 2024-01-30 at 16:16 By The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar’s Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRT-CTI, which said the activities took place

Windows 3.11 trundles on as job site pleads for ‘driver updates’ on German trains 2024-01-30 at 15:25 By Richard Speed Remember making Windows and DOS talk to a network? You could go back to the future with this assignment If you were thinking about forcing an AI to write a job ad for an administrator

UK lawmakers say live facial recognition lacks a legal basis 2024-01-30 at 14:51 By Lindsay Clark Lords warn Home Secretary there is nothing to regulate wider trawl of large populations A UK committee in its upper house has written to Home Secretary James Cleverly to warn of the lack of legal basis for the use