Campbell Conroy & O'Neil, P.C. - U.S. law firm to a dazzling array of huge companies - told its star-studded clientele that an intruder may have groped their data. It was hit with ransomware in February and is now suffering the data-breach fallout. That client list spans a slew of industries and includes the likes of Apple, Boeing, British Airways, Chrysler, Exxon Mobil, Fisher-Price, Ford, Honda, IBM, Jaguar, Monsanto, Toyota and US Airways - to name just a few. READ MORE...
French lawmakers have launched an investigation into Israeli offensive cybersecurity company NSO Group after they learned French President Emmanuel Macron topped a list of 14 heads of states potentially targeted by the company's spyware. Amnesty International said Tuesday the French leader was a potential spyware target, along with presidents Imran Khan of Pakistan, Cyril Ramaphosa of South Africa and Barham Salih of Iraq. READ MORE...
Security updates released by Adobe on Tuesday for seven of its products patch a total of 21 vulnerabilities, including 15 flaws that have been assigned a critical severity rating. Seven vulnerabilities have been addressed in Adobe After Effects for Windows and macOS. Five of them can allow arbitrary code execution and they have been rated critical, but it's worth noting that they are actually high-severity issues based on their CVSS score. READ MORE...
A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter "Severa" Levashov, a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally. Levashov has been in federal custody since his extradition to the United States and guilty plea in 2018, and was facing up to 12 more years in prison. Instead, he will go free under three years of supervised release and a possible fine. READ MORE...
The Department of Homeland Security's (DHS) Transportation Safety Administration (TSA) yesterday announced a second security directive that requires owners and operators of TSA-designated critical pipelines to implement cybersecurity measures that help protect against malicious digital incidents. This directive is a more expansive follow-up to an initial pipeline security directive issued on May 27, roughly two weeks after the highly disruptive ransomware attack against Colonial Pipeline. READ MORE...
Microsoft has shared workarounds for a Windows 10 zero-day vulnerability that can let attackers gain admin rights on vulnerable systems and execute arbitrary code with SYSTEM privileges. As BleepingComputer previously reported, a local elevation of privilege bug dubbed SeriousSAM found in recently released Windows versions allows users with low privileges to access sensitive Registry database files. READ MORE...