Login
Twitter's former head of security Peiter "Mudge" Zatko on Tuesday told the US Senate Judiciary Committee that the social media company's lax data handling and inability to present problems to its board of directors threaten the privacy, security, and democracy for Americans.β¦
Patch Tuesday September's Patch Tuesday is here and it brings, among other things, fixes from Microsoft for one security bug that miscreants have used to fully take over Windows systems along with details of a second vulnerability that, while not yet under attack, has already been publicly disclosed.β¦
The Lorenz ransomware gang is exploiting a vulnerability in Mitel VoIP appliances to break corporate networks.β¦
Sponsored Post No matter how hard organizations in Latin America try to stop malicious attackers from infiltrating their IT systems, breaches are inevitable β as recent events demonstrate.Β β¦
Elon Musk has come up with a new reason to get out of his acquisition of Twitter - a severance payment.β¦
Multiple high-severity firmware bugs in HP's business computers remain unpatched, some more than a year after Binarly security researchers disclosed the vulnerabilities to HP and then discussed them at the Black Hat security conference last month.β¦
The Yanluowang ransomware group behind the May attack on Cisco Systems has publicly leaked the stolen files on the dark web over the weekend, but the networking giant says there's nothing to worry about.β¦
Chinese scammers have reportedly stolen a whopping $529 million dollars from Indian residents using instant lending apps, lures of part-time jobs, and bogus cryptocurrency trading schemes, according to the cyber crime unit in the state of Uttar Pradesh.β¦
Apple has pushed out five security fixes including two vulnerabilities in its iPhones, iPads and Mac operating systems that are already being exploited.β¦
Google closed its $5.4 billion Mandiant acquisition today in a move that brings the threat intel and incident response giant under the Google Cloud umbrella.Β β¦
In an IT world that is increasingly automated, there are still occasions when manual operations are necessary. According to Microsoft, one of these times is when security events are reported to enterprise security operation centers (SOCs).β¦
Webinar Keeping data secure from ransomware attacks requires dedicated attention to constantly evolving risks. Zero Trust security is one of the many rungs on the IT team's Jacob's Ladder to data asset security heaven. But there are other steps you can take, not least making assured data recovery integral to an organization's cyber security.β¦
Scientists from the National University of Singapore and Yonsei University in the Republic of Korea have developed a device for verifying whether your laptop microphone is secretly recording your conversations.β¦
VMware engineers have tested the Linux kernel's fix for the Retbleed speculative execution bug, and report it can impact compute performance by a whopping 70 percent.β¦
The US Treasury Department has issued sanctions against Iran's intelligence agency in response to that country's cyberattack against Albania and other "cyber-enabled activities against the United States and its allies."β¦
In brief AT&T cybersecurity researchers have discovered a sneaky piece of malware targeting Linux endpoints and IoT devices in the hopes of gaining persistent access and turning victims into crypto-mining drones.β¦
The massive amounts of digital data being bought and sold β or sometimes freely shared β poses a grave national security risk, according to a former US policymaker and diplomat.β¦
Federal investigators and private companies seized $30 million in cryptocurrency stolen in March by North Korean-linked APT gang Lazarus Group from a video game developer, the latest example of the growing skills of government and cybersecurity experts to track and recover such ill-gotten gains.β¦
Facebook parent Meta has disbanded its Responsible Innovation Team (RIT) that it claimed last year was a central part of efforts to "proactively surface and address potential harms to society in all that we build."Β β¦
The US Commerce Department's Bureau of Industry and Security (BIS) has relaxed restrictions that barred export of some encryption technologies to Huawei, in the name of ensuring the United States is in a better position to negotiate global standards.β¦
Cisco patched three security vulnerabilities in its products this week, and said it will leave unpatched a VPN-hijacking flaw that affects four small business routers.β¦
Mandiant is "highly confident" that foreign cyberspies will target US election infrastructure, organizations, and individuals in the run-up to the November midterm elections.β¦
Google's open source security team says OSS-Fuzz, its community fuzzing service, has helped fix more than 8,000 security vulnerabilities and 26,000 other bugs in open source projects since its 2016 debut.β¦
US private equity investor Thoma Bravo has pulled out of its planned takeover of Darktrace, causing shares in the UK cybersecurity company to plummet.β¦
The North Korean state-sponsored crime ring Lazarus Group is behind a new cyberespionage campaign with the goal to steal data and trade secrets from energy providers across the US, Canada and Japan, according to Cisco Talos.β¦
Webinar Passwords are the first line of defense against bad actors gaining illegal access to data, a protective rampart that too often falls to common mistakes and increasingly sophisticated cyberattacks.β¦
Bike and car accessory retailer Halfords has found itself in the wrong lane with Britainβs data watchdog for sending hundreds of thousands of unsolicited marketing emails to members of the public.β¦
About halfway between The Philippines and Hawaii is a place called Rongelap Atoll thatβs infamous for having been unintentionally irradiated by nuclear weapons tests conducted by America at nearby Bikini Atoll in 1954.β¦
Webinar Statistics suggest that there was a ransomware attack on a company or organization every 11 seconds in 2021, but only 57 percent of the victims successfully retrieved their kidnapped data by using back up. And the 32 percent that paid a ransom only recovered 65 percent of their lost data.β¦
The Vice Society threat group is ramping up ransomware attacks on US school districts just as students around the country return to the classroom, the FBI and other federal agencies are warning.β¦
Mandiant has named a new threat group, APT42, that it says functions as the cyberspy arm of Iran's Islamic Revolutionary Guard Corps (IRGC), which has plotted to murder US citizens including former National Security Advisor John Bolton.β¦
With 3 billion players globally, the $200 billion gaming market is an increasingly ripe target for cybercriminals β with the perennially popular Minecraft one of the most targeted lures.β¦
China has accused the United States of a savage cyber attack on a university famed for conducting aerospace research and linked to China's military.β¦
A Pakistani parliamentary committee has labelled its own cybersecurity agency "incompetent".β¦
The open source Go programming language, developed by Google, has added support for vulnerability management in a way designed to preserve programmers' patience.β¦
The IT systems of InterContinental Hotels Group, the massive hospitality organization that operates 17 hotel brands around the world, have been compromised, causing ongoing disruption to the corporation's online booking systems and other services.β¦
Updated Cybercriminals hit the Los Angeles Unified School District (LAUSD) over the holiday weekend with a ransomware attack that temporarily shut down email, computer systems, and applications.β¦
A cyberespionage group has targeted government agencies and big-name corporations throughout Asia since at least 2020, using the notorious ProxyShell vulnerabilities in Microsoft Exchange to gain initial access.β¦
Critics unhappy about insurers excluding certain nation-state attacks from cyber policies should consider the alternative: higher prices, according to Lloyd's of London.β¦
On the day the UK is set to appoint its new prime minister, digital and culture secretary Nadine Dorries is introducing legislation in Parliament she promises will βdrop unnecessary box-ticking and measures stifling British businesses.ββ¦
Webinar The cyber security of any organisation or enterprise relies on the integrity of its identity management structure. After all, there's no shortage of bad actors looking for a chink in the wall.β¦
In brief NATO officials are investigating after criminals put up some data for sale on dark forums that they claim is "classified" information stolen from European missile maker MBDA.β¦
Microsoft appears to have fixed a problem that saw its Defender antivirus program identify apps based on the Chromium browser engine and/or Electron JavaScript framework as malware, and suggest users remove them.β¦
China will conduct a three month blitz to cleanse the local internet of "rumors and false information".β¦
Google and its YouTube subsidiary have joined other social media networks pledging to keep the 2022 US midterm elections safe and free from Russian trolls β and anyone else spewing democracy-damaging disinformation β by taking down such content.β¦
A US man has admitted he broke the law when he used 3D printers to make components converting semi-automatic guns to full auto.β¦
US mobile carriers know a lot about where their customers every move, and according to letters sent to the Federal Communications Commission (FCC), they routinely store such location data for years, willingly hand it over to law enforcement if served a proper subpoena, and say users can't opt out.β¦
A ruling handed down from the Delhi High Court this week declared that Telegram must hand over information such as IP addresses, mobile numbers, and devices used by channels on the platform involved in copyright infringement.β¦
Three former US government cyber-spies who, among other things, illicitly compromised and snooped on Americans' devices for the United Arab Emirates government have been banned from participating in international arms exports under a deal reached with Uncle Sam.β¦
Massive amounts of private data β including more than 300,000 biometric digital fingerprints used by five mobile banking apps β have been put at risk of theft due to hard-coded Amazon Web Services credentials, according to security researchers.β¦
Scumbags are using a photo from the James Webb Space Telescope to smuggle Windows malware onto victims' computers β albeit in a roundabout way.β¦
LabMD, the embattled and now defunct cancer-testing company, will get another chance at suing security firm Tiversa for defamation following an appeals court ruling.Β β¦
The FBI has urged people to be cautious and heavily research a DeFi β decentralized finance β provider before putting your money into it, after more than a billion dollars was stolen from these providers in three months.β¦
As the NHS in England is set to launch a competition for a far-reaching patient data platform, a public consultation has said decisions about health data sharing should not be taken by politicians.β¦
Researchers at security company Proofpoint and PricewaterhouseCoopers (PWC) said on Tuesday they had identified a cyber espionage campaign that delivers the ScanBox exploitation framework through a malicious fake Australian news site.β¦
Google has created a bug bounty program that will reward those who find and report vulnerabilities in its open-source projects, thereby hopefully strengthening software supply-chain security.β¦
Watch out: someone is spreading cryptocurrency-mining malware disguised as legitimate-looking applications, such as Google Translate, on free software download sites and through Google searches.β¦
Google in November will prohibit Android VPN apps in its Play store from interfering with or blocking advertising, a change that may pose problems for some privacy applications.β¦
A critical command-injection vulnerability in multiple API endpoints of Atlassian Bitbucket Server and Data Center could allow an unauthorized attacker to remotely execute malware, and view, change, and even delete data stored in repositories.β¦
In brief A survey of cybersecurity decision makers found 77 percent think the world is now in a perpetual state of cyberwarfare.β¦
FreshRSS