The Stack

AWS

A $100 billion AWS and 5 key cloud takeaways from Amazon’s earnings

CapEx looks set to pass $60 billion

IBM

Epic court clash looms over IBM mainframe migration software

LzLabs denies licence breach claims over "reverse engineering"

Ubuntu

Ubuntu 24.04 LTS lands with 12 years of support, Active Directory, other additions

“Improved syscall performance, nested KVM support on ppc64el, and access to the newly landed bcachefs filesystem" < Do you speak the lingo?

Cisco

Cisco ASA zero days exploited in wild: NCSC says “pull the power plug” to avoid persistence

Four months of exploitation in the wild? Deep joy...

Cybersecurity

MITRE attack strikes a NERVE after Ivanti to VMware pivot

"We did not detect… lateral movement into our VMware infrastructure. At the time we believed we took all the necessary actions to mitigate the vulnerability, but these actions were clearly insufficient.”

Mona Lisa rapping: Microsoft’s new AI spins up convincing talking heads

"While acknowledging the possibility of misuse, it's imperative to recognize the substantial positive potential of our technique"

VPN

PAN-OS vuln mitigation howler: “Disabling telemetry” no help

POCs for CVSS 10 bug are out of the bag, tens of thousands are exposed, and telemetry mitigation didn't work.

openssf open source social engineering attack

Cybersecurity

XZ Redux? Social engineering attacks on OSS intercepted

"These emails implored OpenJS to take action to update one of its popular JavaScript projects to ‘address any critical vulnerabilities'"

VPN

Palo Alto Networks: CVSS 10 bug in Pan-OS is being exploited in the wild

Patch? You'll need to wait until Sunday. Turn off telemetry (no, really; it's a mitigation!) and go to the pub. OK, maybe don't.

See all

An attacker could run you up a huge AWS bill just by sending rejected requests to an S3 bucket and there’s little you can do about it