Patch Now: Kubernetes RCE Flaw Allows Full Takeover of Windows Nodes

Attackers can remotely execute code with system privileges by exploiting a vulnerability in the source code of the open source container management system.


https://www.darkreading.com/cloud-securi...dows-nodes

Nissan Oceania Breached; 100K People Affected Down Under

A possible ransomware attack has exposed government and personal data of Australians and New Zealanders, encompassing the carmaker's customers, dealers, and employees.


https://www.darkreading.com/cyberattacks...s-affected

Bitcoin Fog mixer operator convicted for laundering $400 million


Russian-Swedish national Roman Sterlingov was convicted by a federal jury in Washington, D.C., for operating Bitcoin Fog between 2011 and 2021. [...]


https://www.bleepingcomputer.com/news/le...0-million/

Pen test vendor rotation: do you need to change annually?


Organizations commonly change their pen test providers annually. Learn more from Outpost24 about the drawbacks of rotating pentest providers and the benefits of the Penetration Testing as a Service (PTaaS) model. [...]


https://www.bleepingcomputer.com/news/se...-annually/

PixPirate Android malware uses new tactic to hide on phones


The latest version of the PixPirate banking trojan for Android employs a previously unseen method to hide from the victim while remaining active on the infected device even if its dropper app has been removed. [...]


https://www.bleepingcomputer.com/news/se...on-phones/

Fortinet warns of critical RCE bug in endpoint management software


Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server (EMS) software that can allow attackers to gain remote code execution (RCE) on vulnerable servers. [...]


https://www.bleepingcomputer.com/news/se...-software/

US govt probes if ransomware gang stole Change Healthcare data


The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group (UHG) subsidiary Optum, which operates the Change Healthcare platform, in late February. [...]


https://www.bleepingcomputer.com/news/se...care-data/

Hackers exploit Windows SmartScreen flaw to drop DarkGate malware


A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers. [...]


https://www.bleepingcomputer.com/news/se...e-malware/

Windows 11 gets single Teams app for work and personal accounts

Microsoft will soon provide a single Teams Windows and macOS app for all account types that will allow users to switch between work, school, or personal profiles. [...]


https://www.bleepingcomputer.com/news/mi...-accounts/

Shift Left is Dead: A Post Mortem

Shift left is dead. What now?


https://www.hackerone.com/vulnerability-...ft-is-dead