Federal US government agencies have been given six months to secure their Microsoft 365 environments according to specific guidelines, the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has announced. CISA has the option to oblige federal government agencies to take certain actions via a “Binding Operational Directive” in order to protect […]

Attackers are actively exploiting a critical vulnerability in Apache Struts 2, the Internet Storm Center (ISC) reports. The vulnerability (CVE-2024-53677) allows remote code execution. Struts is a very popular open source framework for developing Java web applications and websites. The vulnerability allows a remote attacker to modify file upload parameters, allowing path traversal and in

CrowdStrike has asked a US judge to drop the lawsuit filed by Delta Air Lines. The cybersecurity company points to the contract conditions. Delta Air Lines has sued CrowdStrike over the major outage caused by an update from the company earlier this year. The American airline claims that the disruption caused damage of more than

Interpol wants an end to the use of the term ‘Pig Butchering’ because it is said to be offensive to victims. Last month, the Dutch Banking Association (NVB) warned about pig butchering, which is a combination of dating fraud and investment fraud. Scammers first build a relationship of trust with victims and then entice them

Privacy organization noyb has filed a complaint about Ryanair with the Italian privacy regulator because of the facial scan that new customers must undergo. All customers who want to book a flight via the Ryanair website or app must create an account. This is a permanent account, says noyb. “This often involves combining and retaining