Google, Microsoft and Mozilla have all moved to patch a critical zero-day flaw affecting their browsers and potentially linked to the dissemination of malicious commercial spyware. The vulnerability in question has been assigned the designation CVE-2023-4863. It is a heap-based buffer overflow flaw that enables a remote attacker to perform an out-of-bounds memory write […]

One of Europe’s most powerful supercomputers is being built in Bristol to provide a national resource for researchers and industry experts, with processing power to support artificial intelligence (AI) innovation and scientific discovery. Backed by a £900m investment announced in March to transform UK’s computing capacity, the facility at the University of Bristol will […]

Six months into her role at real-time Norwegian graphics and live production service provider Vizrt, Petra Tesch is enjoying challenges old and new. The Stockholm-based chief information officer (CIO) is an exponent of plain speaking when it comes to getting the message across. “There’s a saying in Swedish that goes, ‘Speak with farmers in farmers’ […]

Automotive industry leaders are struggling with competing cyber risk and security priorities, and as such, many are increasingly concerned that their organisations will be unprepared for new, United Nations (UN)-backed vehicle safety regulations that come into force next year, leaving drivers exposed to unacceptable security risks. The United Nations Economic Commission for Europe World […]

Protecting the company against cyber attacks is a cross-organizational endeavor. And while employees are often called the first line of defense, it’s critical not to overlook senior leaders and the C-suite. IT has a lot of work to do in defending the organization against hackers, which includes ensuring endpoint protection, backing up data, installing […]

Britain’s spy agencies violated the privacy rights of two foreign nationals living outside the UK as part of the UK’s programme of bulk surveillance, the European Court of Human Rights ruled. The court upheld a complaint from an IT professional and a security and privacy researcher living outside the UK that GCHQ had breached […]

GitHub has fixed a race condition vulnerability in its repository creation and user renaming operations that could have enabled threat actors to perform what is known as a repojacking attack. Discovered and disclosed by researchers from Checkmarx, had the flaw been exploited it could have been used to take control of code repositories and […]

NGO Save the Children, one of the world’s oldest and largest charities, has confirmed it has fallen victim to a ransomware attack by the BianLian operation. First tracked by VX Underground – which stated that the gang needed “to be punched in the face”, a statement with which it is hard to argue – […]

A threat actor tracked in Microsoft’s taxonomy as Storm-0324 has been observed switching up its tactics to incorporate social engineering phishing attacks conducted via Microsoft Teams, Redmond has revealed. Storm-0324, a so-called initial access broker (IAB), is linked to several prolific and dangerous ransomware operations, including some known to have deployed the Clop, Gandcrab, […]

National Cyber Security Centre (NCSC) chief executive Lindy Cameron and information commissioner John Edwards have signed a joint memorandum of understanding (MoU) to establish deeper and more effective collaboration between the two organisations, recognising that while both have distinct niches, there are some areas where they could align their work, and “deconflict” on others. […]