06 May 2022

BLEEPING COMPUTER REPORTS: Security, Technology, Crypto Currency, Software, and Government

Intro: On the subject of incorrect claims by ISPs for high-speed fiber internet connections, the Federal Trade Commission is starting to enforce honesty - stop "lying" to its customers and support its high-speed internet claims.
supply chain

NIST updates guidance for defending against supply-chain attacks

The National Institute of Standards and Technology (NIST) has released updated guidance on securing the supply chain against cyberattacks.

  • Installing fiber internet

    FTC to force ISP to deploy fiber for 60K users to match speed claims

    The Federal Trade Commission (FTC) today proposed an order requiring Connecticut-based internet service provider Frontier Communications to stop "lying" to its customers and support its high-speed internet claims.

  • Cybersecurity Lock World

    Microsoft, Apple, and Google to support FIDO passwordless logins

    Microsoft, Apple, and Google announced today plans to support a common passwordless sign-in standard (known as passkeys) developed by the World Wide Web Consortium (W3C) and the FIDO Alliance.

  •  

    LATEST ARTICLES

    fendt-tractor 

    US agricultural machinery maker AGCO hit by ransomware attack

    AGCO, a leading US-based agricultural machinery producer, has announced it was hit by a ransomware attack impacting some of its production facilities.

    QNAP 

    QNAP fixes critical QVR remote command execution vulnerability

    QNAP has released several security advisories today to alert its customers about various fixes for flaws affecting its products. The one that stands out is a critical RCE (remote code execution) in QVR.

    Bitcoin Cryptocurrency 

    US sanctions Bitcoin laundering service used by North Korean hackers

    The US Department of Treasury today sanctioned cryptocurrency mixer Blender.io used last month by the North Korean-backed Lazarus hacking group to launder funds stolen from Axie Infinity's Ronin bridge.

    NVIDIA 

    Technology, CryptoCurrency

    NVIDIA fined for failure to disclose cryptomining sales boost

    The U.S. Securities and Exchange Commission (SEC) announced Friday that it settled charges against multinational tech firm NVIDIA for "inadequate disclosures" of cryptomining's impact on its gaming business.

    NPM

    SheetJS ditches npm registry over 2FA requirement and 'legal matters'

    In a surprising move, the popular open source project, SheetJS aka "xlsx," has dropped support for the npm registry. Downloaded about 1.4 million times every week on npm, SheetJS is relied upon by NodeJS developers looking to craft and parse Excel spreadsheets using nothing but JavaScript.

    Google 

    Google Docs crashes on seeing "And. And. And. And. And."

    A bug in Google Docs is causing it to crash when a series of words are typed into a document opened with the online word processor. BleepingComputer was able to reproduce the issue last night and reached out to Google.

    red bird 

    New Raspberry Robin worm uses Windows Installer to drop malware

    Red Canary intelligence analysts have discovered a new Windows malware with worm capabilities that spreads using external USB drives.

    Hacking security 

    White House: Prepare for cryptography-cracking quantum computers

    President Joe Biden signed a national security memorandum (NSM) on Thursday asking government agencies to implement a set of measures that would mitigate risks posed by quantum computers to US national cyber security.

    vodka 

    Ukraine’s IT Army is disrupting Russia's alcohol distribution

    Hacktivists operating on the side of Ukraine have focused their DDoS attacks on a portal that is considered crucial for the distribution of alcoholic beverages in Russia.

    F5

    F5 warns of critical BIG-IP RCE bug allowing device takeover

    F5 has issued a security advisory warning about a flaw that may allow unauthenticated attackers with network access to execute arbitrary system commands, perform file actions, and disable services on BIG-IP.

    No comments:

    QOD: You can dig it