Enterprise IT
Why stablecoins may yet disrupt traditional Correspondent Banking
"It's probably quicker to fly with a bag of cash than it is to actually route the payment..."
Cloud
This Azure bug is a perfect CVSS 10, gives you control over K8s clusters
A critical vulnerability in an Azure tool that lets users manage Kubernetes clusters can be exploited remotely without authentication to gain administrative control over Kubernetes clusters, as well as Azure edge devices. The vulnerability, allocated a maximum possible CVSS (severity rating) score of 10 has been allocated CVE-2022-37968. It is
Featured
Hey hackers! Grab some hardcoded Siemens crypto keys and go wild*
Per RATM: "Action must be taken. We don't need the key we'll break in"
Enterprise IT
Deutsche Bank turns to a known quantity as digital shakeup continues
Deutsche Bank has extended a contract with Kyndryl (previously IBM Infrastructure Services) to run its continental European core banking and mission critical IT infrastructures, in what the two described as one of the “largest and longest-running vendor contracts in the financial industry” at nearly 20 years together. Kyndryl will also
Cybersecurity
Critical pre-auth RCE Fortinet vulnerability is a breeze to exploit
A vulnerability in multiple Fortinet products gives an unauthenticated remote attackers root access to its core product’s administrative interface – and the vulnerability has been exploited in the wild the company warned. Given exploitation the company has warned customers to check for Indicators of Compromise. https://twitter.com/Horizon3Attack/status/
Cybersecurity
Here's why Intel’s UEFI source code leak is a genuine security concern
Intel late Sunday confirmed that proprietary UEFI code had been leaked in a potential serious security breach. The Intel Alder Lake source code was leaked to 4chan and Github – as first reported by Tom’s Hardware – as a 6GB file containing sensitive tools and code for building and optimising BIOS/
Enterprise IT
US State Department names DoD veteran Dr Kelly Fletcher as CIO
The US Department of State has appointed Dr Kelly Fletcher as its new Chief Information Officer (CIO). She will lead a team of 2,700 IT professionals and oversee $2.5 billion of digital transformation programmes. Among those programmes is a recently signed $1.58 billion contract with Verizon to
Enterprise IT
Version Control in Source Control: When IP Investigations and Dev Tech Collide.
Investigations and e-discovery exercises in response to IP theft are fraught with challenges...
Cybersecurity
Former Uber CSO Joe Sullivan found guilty of concealing data breach
Note: There is no contractual indemnity clause that will cover criminal activity.
Cybersecurity
US agencies ordered to run asset discovery scans every single week
Knock Knock. Who's there? Multiple APTs, patch your shit.
Featured
Google Cloud pledges $1 billion African expansion as continent's DC footprint grows
Google Cloud has pledged to build a cloud region in South Africa – joining AWS, Azure and Oracle on the continent for the first time – and pledged to deliver dedicated cloud interconnect sites in Nigeria and Kenya. The South African plans alone – which will see Google Cloud add regions in Cape
Cloud
BIS warns “Big Tech” a risk to financial stability as regulatory concentration risk fears linger
Hyperscalers may be tired of making the case for resilience, regulators are not done with fretting...