cybercrime
OneCoin fraudster gets four years hard time
A former exec with OneCoin has been sentenced to four years in prison for their role in the cryptocurrency pyramid scheme
Microsoft
Microsoft’s “top notch” China hack post-mortem was "troubling" speculation
"The loss of a signing key is a serious problem, but the loss of a signing key through unknown means is far more significant... Microsoft’s customers did not have essential facts needed to make their own risk assessments."
Microsoft
Microsoft roasted over “cascade of security failures” – authentication system utterly broken
"A corporate culture that deprioritized both enterprise security investments and rigorous risk management."
News
UK police award £10m contract to automate document redaction
Less time in Acrobat, more time fighting crime
NSA
“Bring memes”: Dave Luber takes over as NSA Director of Cybersecurity from Rob Joyce
As well as coming under immediate pressure on social media chatterati to be immediately amusing and bring his meme A-game, Luber faces other challenges too...
Rubrik
Rubrik files for IPO, reveals rapid growth, $354 million loss
Data security and backup firm's SEC filing shows it sees a TAM of $36.3 billion by the end of 2024.
utilities
Water company dangles £10m for MSSP support
Assessment by the NCSC of previous industry breaches has seen an “enhanced” Cyber Assessment Framework (e-CAF) created that requires...
xz-utils
xz-utils Github repository disabled as Linux maintainers assess blast radius of backdoor, earlier commits
Incident suggests a state actor exploiting overstretched maintainer of an "unpaid hobby project"
cybersecurity
Malicious backdoor, CVSS 10, slipped onto major Linux distributions
Poisoned Easter eggs for all: Apparent supply chain attack caught mercifully early…
Ubuntu
Password-leaking Ubuntu bug sat silent for 11 years
A newly-discovered Linux bug could allow for password leaks. Worse yet, it has sat undiscovered in the OS for the last 11 years
Redis
AWS, Google, Oracle back Redis fork “Valkey” under the Linux Foundation
"Valkey will be community-driven without surprise license changes that break trust and disrupt a level open source playing field" says the Linux Foundation.
cybersecurity
UK nuclear waste firm Sellafield Ltd. prosecuted over cyber failings
Prosecution follows allegations of extensive pwnage, desperately poor hygiene, and as CISO falls on his sword.