The Information Commissioner’s Office has issued a £98,000 penalty to Tuckers Solicitors based in London. The solicitors firm suffered a ransomware attack where confidential information including, PII and case material was lost. UK lawyer fined for not patching fast enough before attack • The Register
QNAP device vulnerability – UPDATED
This post was first published on 26 January 2022 There have been further warnings to update QNAP devices that are vulnerable to a Linux bug: QNAP warns severe Linux bug affects most of its NAS devices (bleepingcomputer.com) Today is a day of minority device vulnerabilities – here is another for …
Apple software updates released
Apple has released security and patch updates for their operating systems across most of it’s devices. These updates also include new features across the devices, Macs, iPhones and iPads. The advice, as always, is get the updates ASAP – patched devices are always more secure. iOS 15.4 and macOS 12.3 …
Azure flaw found, reported and fixed before it was exploited… probably
AutoWarp was discovered and reported by Orca Security to Microsoft, who patched it, before its widespread exploitation. Microsoft Azure flaw allowed unauthorized account access • The Register AutoWarp would have given unauthorised access to Azure Automation Services.
Dirty Pipe – the next in what is becoming a procession of Linux vulnerabilities and this one is bad
This is a high-severity vulnerability in the Linux kernel that could allow untrusted users root access. Linux has been bitten by its most high-severity vulnerability in years | Ars Technica Linux distributions patch kernel privilege escalation flaw • The Register Dirty Pipe has been listed among the most serious Linux threats …
