Security

Security | Jan 29, 2025

DeepSeek left API keys, plaintext logs exposed in easily found database

Two "unusual, open ports (8123 & 9000) that led to the exposed database" were not hard to find.

Jan 28, 2025

Supply chain security specialist Eclypsium raises $45 million in a Series C

Firmware specialist to deepen focus on GPUs and other AI software and hardware, focus growth in the US and APAC.

Security | Jan 27, 2025

SonicWall zero day confirmed exploited in the wild

Affected devices “designed as an advanced secure access gateway for medium enterprises, multi-national corporations and managed security service providers (MSSPs.)”

Security | Jan 24, 2025

Trump admin starts dismantling Biden cyber apparatus

But does outgoing prez still have final word on future cybersec roadmap?

Business | Jan 24, 2025

Taming the SASE monster: questions for CIOs

"SASE often fails to deliver because technical, architectural and implementation limitations result in trade-offs between security and performance"

Security | Jan 24, 2025

Fortinet firewall credentials dump: What the published emails show

The UK's "Medicines Discovery Catapult"; Hitachi; Bletchley Park, among the names in a trove of firewall passwords and rules leaked this week.

Security | Jan 22, 2025

Default Teams configurations exploited in ransomware attacks

social engineering over Teams to load ransomware

There’s no “i” in Teams – but there is in “IT support”

Government | Jan 21, 2025

HMG sees “£45 billion jackpot” if it gets IT right – blasts reliance on consultants, “archaic” systems

Government, wielding £17 billion in annual digital spend, promises a "wholesale reshaping of how services use technology"

| Cloud | Jan 20, 2025

AWS warns over "large number" of native SSE-C encryption incidents

Customer security hygiene to blame: Best mitigation, says AWS: "Never create long-term credentials in the first place"

1009