Beware the Zoom site you don't recognize, as a criminal gang is creating multiple fake versions aimed at luring users to download malware that can steal banking data, IP addresses, and other information.β¦
At least 350,000 open source projects are believed to be potentially vulnerable to exploitation via a Python module flaw that has remained unfixed for 15 years.β¦
San Francisco police are now set to use non-city-owned video cameras for real-time surveillance under a rule approved by the Board of Supervisors.β¦
Updated Google and its Youtube domains are being flagged as malicious by Malwarebytes as of Wednesday morning, blocking users from accessing a whole range of websites.β¦
The lone developer of anti-cookie-warning browser add-on "I Don't Care About Cookies" has sold it to Avast, resulting in both concern β and new forks.β¦
Webinar The latest Data Breach Investigations Report (DBIR) states that applications are the 'main attack vector,' responsible for over 80 percent of breaches. Hardly welcome news since APIs are in use everywhere and have direct access to data in a way which web applications do not.β¦
ChromeLoader β the malware that exploded onto the scene this year by hijacking browsers to redirect users to pages of ads β is apparently evolving into a more significant threat by deploying malicious payloads that go beyond malvertising.β¦
On Tuesday, the European Court of Justice (ECJ) issued rulings that limit indiscriminate data retention in France and Germany.β¦
The US Federal Communications Commission (FCC) has added two Chinese companies to its list of communications equipment suppliers rated a threat to national security: Pacific Network Corp, its wholly owned subsidiary ComNet (USA) LLC, and China Unicom (Americas).β¦
Cryptocurrency market maker Wintermute says $160 million in digital assets have been stolen from it in a cyber-heist, though it assures customers that everything's fine.β¦
Facebook, Twitter, Google, Apple, and others today faced renewed pressure to protect the privacy of messaging app users seeking healthcare treatment.β¦
Uber, four days after suffering a substantial cybersecurity breach, has admitted its attacker accessed "several internal systems" including the corporation's G Suite account, and downloaded internal Slack messages and a tool used by its finance department to manage "some" invoices.β¦
If you've been hit by the LockerGoga ransomware, an international law enforcement effort has publicly released a tool to fix the problem.β¦
Take-Two Interactive confirmed on Monday that its Rockstar Games subsidiary has been compromised and confidential data for Grand Theft Auto 6 has been stolen.β¦
In Brief OpenAI's popular natural language model GPT-3 has a problem: It can be tricked into behaving badly by doing little more than telling it to ignore its previous orders.β¦
Asia In Brief Indonesia's competition regulator, the Komisi Pengawas Persaingan Usaha (KPPU) has alleged that Google has violated local anti-monopoly laws by abusing its dominant position for the distribution of apps and its requirement that developers must use its payment systems.β¦
Boffins at the University of Michigan in the US and Zhejiang University in China want to highlight how bespectacled video conferencing participants are inadvertently revealing sensitive on-screen information via reflections in their eyeglasses.β¦
Parents and teachers received a link to an "inappropriate image" this week via Seesaw after miscreants hijacked accounts in a credential stuffing attack against the popular school messaging app.β¦
Sponsored Post Few segments of the IT industry change as quickly, or as often, as cyber security. But the perpetual, fast evolving battle to outwit the hackers presents a real challenge for security professionals tasked with protecting mission critical data, applications and services from disruption and theft.β¦
Akamai says it has absorbed the largest-ever publicly known distributed denial of service (DDoS) attack β an assault against an unfortunate Eastern European organization that went beyond 700 million packets per second.β¦
The Biden-nominated chief of space operations for the USA's Space Force (USSF) rates China his greatest challenge, as the Middle Kingdom has developed technologies to destroy space assets.β¦
Updated Uber is tonight reeling from what looks like a substantial cybersecurity breach.β¦
Updated A former Broadcom engineer who pleaded guilty to stealing his ex-employer's trade secrets has asked the court not to give him prison time, saying he stole the files for reference, fearing he would "be unable to keep up" with "more technical and younger engineers" at a new startup.β¦
Webinar The first six months of this year have been characterized by relentless cyber security attacks whether state-induced (Russia's attacks on Ukraine), or incidents of criminal extortion and data theft. In such a threatening environment it is vital that organizations and enterprises defend themselves from internet and identity-based attacks.β¦
The US has issued indictments against three Iranians linked to the country's Islamic Revolutionary Guard Corps (IRGC) for their alleged roles in plotting ransomware attacks against American critical infrastructure, and also sanctioned multiple individuals and two entities.β¦
It's only been a week or so, and obviously there are at least three critical holes in WordPress plugins and tools that are being exploited in the wild right now to compromise loads of websites.β¦
The White House has published software security rules for federal agencies as part of a larger push to shore up America's IT supply chains.β¦
About 40 percent of industry professionals say their organizations have reduced their usage of open source software due to concerns about security, according to a survey conducted by data science firm Anaconda.β¦
South Korea's Personal Information Protection Commission (PIPC) has issued two large fines for privacy violations: a $50 million penalty for Google and $22 million for Meta.β¦
Two recent ransomware attacks against healthcare systems indicate cybercriminals continue to put medical clinics and hospitals firmly in their crosshairs.β¦
Twitter's former head of security Peiter "Mudge" Zatko on Tuesday told the US Senate Judiciary Committee that the social media company's lax data handling and inability to present problems to its board of directors threaten the privacy, security, and democracy for Americans.β¦
Patch Tuesday September's Patch Tuesday is here and it brings, among other things, fixes from Microsoft for one security bug that miscreants have used to fully take over Windows systems along with details of a second vulnerability that, while not yet under attack, has already been publicly disclosed.β¦
The Lorenz ransomware gang is exploiting a vulnerability in Mitel VoIP appliances to break corporate networks.β¦
Sponsored Post No matter how hard organizations in Latin America try to stop malicious attackers from infiltrating their IT systems, breaches are inevitable β as recent events demonstrate.Β β¦
Elon Musk has come up with a new reason to get out of his acquisition of Twitter - a severance payment.β¦
Multiple high-severity firmware bugs in HP's business computers remain unpatched, some more than a year after Binarly security researchers disclosed the vulnerabilities to HP and then discussed them at the Black Hat security conference last month.β¦
The Yanluowang ransomware group behind the May attack on Cisco Systems has publicly leaked the stolen files on the dark web over the weekend, but the networking giant says there's nothing to worry about.β¦
Chinese scammers have reportedly stolen a whopping $529 million dollars from Indian residents using instant lending apps, lures of part-time jobs, and bogus cryptocurrency trading schemes, according to the cyber crime unit in the state of Uttar Pradesh.β¦
Apple has pushed out five security fixes including two vulnerabilities in its iPhones, iPads and Mac operating systems that are already being exploited.β¦
Google closed its $5.4 billion Mandiant acquisition today in a move that brings the threat intel and incident response giant under the Google Cloud umbrella.Β β¦
In an IT world that is increasingly automated, there are still occasions when manual operations are necessary. According to Microsoft, one of these times is when security events are reported to enterprise security operation centers (SOCs).β¦
Webinar Keeping data secure from ransomware attacks requires dedicated attention to constantly evolving risks. Zero Trust security is one of the many rungs on the IT team's Jacob's Ladder to data asset security heaven. But there are other steps you can take, not least making assured data recovery integral to an organization's cyber security.β¦
Scientists from the National University of Singapore and Yonsei University in the Republic of Korea have developed a device for verifying whether your laptop microphone is secretly recording your conversations.β¦
VMware engineers have tested the Linux kernel's fix for the Retbleed speculative execution bug, and report it can impact compute performance by a whopping 70 percent.β¦
The US Treasury Department has issued sanctions against Iran's intelligence agency in response to that country's cyberattack against Albania and other "cyber-enabled activities against the United States and its allies."β¦
In brief AT&T cybersecurity researchers have discovered a sneaky piece of malware targeting Linux endpoints and IoT devices in the hopes of gaining persistent access and turning victims into crypto-mining drones.β¦
The massive amounts of digital data being bought and sold β or sometimes freely shared β poses a grave national security risk, according to a former US policymaker and diplomat.β¦
Federal investigators and private companies seized $30 million in cryptocurrency stolen in March by North Korean-linked APT gang Lazarus Group from a video game developer, the latest example of the growing skills of government and cybersecurity experts to track and recover such ill-gotten gains.β¦
Facebook parent Meta has disbanded its Responsible Innovation Team (RIT) that it claimed last year was a central part of efforts to "proactively surface and address potential harms to society in all that we build."Β β¦
The US Commerce Department's Bureau of Industry and Security (BIS) has relaxed restrictions that barred export of some encryption technologies to Huawei, in the name of ensuring the United States is in a better position to negotiate global standards.β¦
Cisco patched three security vulnerabilities in its products this week, and said it will leave unpatched a VPN-hijacking flaw that affects four small business routers.β¦
Mandiant is "highly confident" that foreign cyberspies will target US election infrastructure, organizations, and individuals in the run-up to the November midterm elections.β¦
Google's open source security team says OSS-Fuzz, its community fuzzing service, has helped fix more than 8,000 security vulnerabilities and 26,000 other bugs in open source projects since its 2016 debut.β¦
US private equity investor Thoma Bravo has pulled out of its planned takeover of Darktrace, causing shares in the UK cybersecurity company to plummet.β¦
The North Korean state-sponsored crime ring Lazarus Group is behind a new cyberespionage campaign with the goal to steal data and trade secrets from energy providers across the US, Canada and Japan, according to Cisco Talos.β¦
Webinar Passwords are the first line of defense against bad actors gaining illegal access to data, a protective rampart that too often falls to common mistakes and increasingly sophisticated cyberattacks.β¦
Bike and car accessory retailer Halfords has found itself in the wrong lane with Britainβs data watchdog for sending hundreds of thousands of unsolicited marketing emails to members of the public.β¦
About halfway between The Philippines and Hawaii is a place called Rongelap Atoll thatβs infamous for having been unintentionally irradiated by nuclear weapons tests conducted by America at nearby Bikini Atoll in 1954.β¦
Webinar Statistics suggest that there was a ransomware attack on a company or organization every 11 seconds in 2021, but only 57 percent of the victims successfully retrieved their kidnapped data by using back up. And the 32 percent that paid a ransom only recovered 65 percent of their lost data.β¦
The Vice Society threat group is ramping up ransomware attacks on US school districts just as students around the country return to the classroom, the FBI and other federal agencies are warning.β¦