The UK’s data protection regulator has launched an investigation into whether the former health secretary broke the law in using his private email account to conduct official departmental business. Concerns were raised by the Labour Party late last month after Matt Hancock resigned following leaked CCTV footage showing the married Tory MP in a romantic embrace with an advisor. They revolve around question marks over whether government contracts for PPE and other items were awarded…

Microsoft has now released a patch for all Windows versions affected by the PrintNightmare zero-day, but researchers have already found a way to bypass the fix in attacks. As predicted, Microsoft this week pushed an out-of-band patch for CVE-2021-34527, which now has a CVSS “high severity” score of 8.2. The incomplete initial release on Tuesday was followed up a day later with a version which covered the remaining unpatched products: Windows Server 2012, Windows Server…

Organizations have multiple reasons for embracing a multi-cloud strategy. First, it enables them to avoid “vendor lock-in” where they need to rely on a single vendor for all their cloud-based needs. Second, it empowers them to take advantage of the perks offered by several cloud service providers at once. Lastly, such a strategy helps to protect them against data loss and/or downtime, as an issue in one environment won’t necessarily spill over into another. But…

The threat of cyber security incidents looms over all organisations. There are simply too many things that can go wrong – whether it’s a cyber attack, a technical malfunction or another delay – to assume that operations will always be functional. And when disaster strikes, time is of the essence. The longer it takes to respond, the more likely it is the costs will escalate. That’s why it’s essential to have an incident response plan….

Microsoft issues an out-of-band patch for critical ‘PrintNightmare’ vulnerability following reports of in-the-wild exploitation and publication of multiple proof-of-concept exploit scripts Background On July 6, Microsoft updated its advisory to announce the availability of out-of-band patches for a critical vulnerability in its Windows Print Spooler that researchers are calling PrintNightmare. This remote code execution (RCE) vulnerability affects all versions of Microsoft Windows. CVE Description CVSSv3 VPR* …

The United States has been given leave to appeal a British court’s decision not to extradite WikiLeaks founder Julian Paul Assange to America.  In Westminster Magistrate’s court in January, district judge Vanessa Baraitser ruled that Australian citizen Assange should not be extradited to the United States to face 17 charges under the Espionage Act and one charge under the Computer Fraud and Abuse Act.  The US Department of Justice indicted Assange in 2019 over his alleged involvement in the acquisition…

A new phishing campaign claims to offer a security update for Kaseya’s VSA software but actually tries to install malware, says Malwarebytes. Image: danijelala, Getty Images/iStockPhoto Cybercriminals are already taking advantage of the ransomware attack against IT firm Kaseya to deploy spam designed to infect computers with Cobalt Strike-delivered malware. In a July 6 update to an ongoing blog and a tweet about the Kaseya incident, security firm Malwarebytes said that its Threat Intelligence team…

The Biden administration has announced the cancellation of a $10bn massive cloud-computing contract awarded to Microsoft.  After Microsoft won a lengthy bidding process for the Joint Enterprise Defense Infrastructure (JEDI) cloud contract in 2019, competing contractor Amazon Web Services (AWS) complained that the decision wasn’t fair. Yesterday the DoD issued a statement declaring that the contract had passed its sell-by date and was no longer relevant. “The Department has determined that, due to evolving requirements, increased cloud conversancy, and industry advances,…