Updated Ever given a colleague a quick Signal call so you can sidestep a monitored workplace app? Well, we'd hope you're not in a highly regulated industry like staff at eleven of the world's most powerful financial firms, who yesterday were fined nearly $2 billion for off-channel comms.โฆ
All of the materials and tools needed to make deepfake videos โ from source code to publicly available images and account authentication bypass services โ are readily available and up for sale on the public internet and underground forums.ย โฆ
+Comment Australian authorities have asked the United States Federal Bureau of Investigation (FBI) to assist with investigations into the data breach at local telco Optus.โฆ
Video There's no getting away from it, identity is key - the prima materia for creating security and trust in your multi-cloud universe.โฆ
A critical code-injection vulnerability in Sophos Firewall has been fixed โย but not before miscreants found and exploited the bug.โฆ
A lawsuit has accused Samsung of failing to address a cyber-intrusion in early 2022, leading to the theft of US customers' personally identifiable information (PII) in a second attack months later in July.โฆ
Meta says it has disrupted a misinformation network targeting US political discourse ahead of the 2022 midterm elections โ and one that sought to influence public opinion in Europe about the conflict in Ukraine.โฆ
In the latest version of Windows 11, namely 22H2, Microsoft has introduced a feature in its Defender SmartScreen tool designed to, hopefully, keep passwords safer.โฆ
In brief As it rolled out a laundry list of features in the latest version of Windows 11, namely version 22H2, this month, Microsoft has also detailed some of the added security mechanisms.โฆ
The number of vulnerability reports provided by Chinese information security researchers has fallen sharply, according to research by think tank The Atlantic Council, which also found a strangely commensurate increase in bug reports from unknown sources.โฆ
Russia plans to conduct "massive cyberattacks" on Ukraine and its allies' critical infrastructure and energy sector, according to Kyiv.โฆ
Organizations are being warned about a wave of attacks targeting Microsoft SQL Server with ransomware known as Fargo, which encrypts files and threatens victims that their data may be published online if they do not pay up.โฆ
Asia In Brief India's government last week released a draft telco law that defines all over-the-top services as telecoms providers and therefore makes them subject to the same regulations imposed on carriers.โฆ
Webinar It's critical to protect data from infection or exposure to ransomware. The risks are all too clear and the consequences of inattention, weak foundations, and lack of strategic preparation can be catastrophic.โฆ
Webinar The application programming interface (API) has been around pretty much as long as computing itself, but it's perhaps only since the early years of the millennium that its use exploded with a mass shift to web applications.โฆ
Crooks spreading the Noberus ransomware are adding weapons to their malware to steal data and credentials from compromised networks.โฆ
The IRS has been granted a court order to collect records from a bank the agency said will help it identify US taxpayers who failed to report taxable income from crypto trades.ย โฆ
Updated Australian telecommunications company Optus has fallen victim to a significant cyberattack and data breach.โฆ
Iran is experiencing a near-total internet service disruption in the west and intermittent interruptions nationwide, with access to Instagram, Whatsapp and some mobile networks being blocked, says Netblocks.โฆ
Webinar Keeping data confidential in a cloud environment requires the highest possible privacy levels. It's only then that your most sensitive workloads can survive the burgeoning risks to data security that every organisation faces.โฆ
An EU watchdog says rules that allow Europol cops to retain personal data on individuals with no links to criminal activity go against Europe's own data privacy protections, not to mention undermining the regulator's powers and role.โฆ
Data-stealing spyware disguised as a banking rewards app is targeting Android users, Microsoft's security team has warned.โฆ
Authorities in Sihanoukville, Cambodia announced on Sunday that a raid last week uncovered evidence of forced labor cybercrime syndicates that participated in human trafficking and torture.โฆ
Beware the Zoom site you don't recognize, as a criminal gang is creating multiple fake versions aimed at luring users to download malware that can steal banking data, IP addresses, and other information.โฆ
At least 350,000 open source projects are believed to be potentially vulnerable to exploitation via a Python module flaw that has remained unfixed for 15 years.โฆ
San Francisco police are now set to use non-city-owned video cameras for real-time surveillance under a rule approved by the Board of Supervisors.โฆ
Updated Google and its Youtube domains are being flagged as malicious by Malwarebytes as of Wednesday morning, blocking users from accessing a whole range of websites.โฆ
The lone developer of anti-cookie-warning browser add-on "I Don't Care About Cookies" has sold it to Avast, resulting in both concern โ and new forks.โฆ
Webinar The latest Data Breach Investigations Report (DBIR) states that applications are the 'main attack vector,' responsible for over 80 percent of breaches. Hardly welcome news since APIs are in use everywhere and have direct access to data in a way which web applications do not.โฆ
ChromeLoader โ the malware that exploded onto the scene this year by hijacking browsers to redirect users to pages of ads โ is apparently evolving into a more significant threat by deploying malicious payloads that go beyond malvertising.โฆ
On Tuesday, the European Court of Justice (ECJ) issued rulings that limit indiscriminate data retention in France and Germany.โฆ
The US Federal Communications Commission (FCC) has added two Chinese companies to its list of communications equipment suppliers rated a threat to national security: Pacific Network Corp, its wholly owned subsidiary ComNet (USA) LLC, and China Unicom (Americas).โฆ
Cryptocurrency market maker Wintermute says $160 million in digital assets have been stolen from it in a cyber-heist, though it assures customers that everything's fine.โฆ
Facebook, Twitter, Google, Apple, and others today faced renewed pressure to protect the privacy of messaging app users seeking healthcare treatment.โฆ
Uber, four days after suffering a substantial cybersecurity breach, has admitted its attacker accessed "several internal systems" including the corporation's G Suite account, and downloaded internal Slack messages and a tool used by its finance department to manage "some" invoices.โฆ
If you've been hit by the LockerGoga ransomware, an international law enforcement effort has publicly released a tool to fix the problem.โฆ
Take-Two Interactive confirmed on Monday that its Rockstar Games subsidiary has been compromised and confidential data for Grand Theft Auto 6 has been stolen.โฆ
In Brief OpenAI's popular natural language model GPT-3 has a problem: It can be tricked into behaving badly by doing little more than telling it to ignore its previous orders.โฆ
Asia In Brief Indonesia's competition regulator, the Komisi Pengawas Persaingan Usaha (KPPU) has alleged that Google has violated local anti-monopoly laws by abusing its dominant position for the distribution of apps and its requirement that developers must use its payment systems.โฆ
Boffins at the University of Michigan in the US and Zhejiang University in China want to highlight how bespectacled video conferencing participants are inadvertently revealing sensitive on-screen information via reflections in their eyeglasses.โฆ
Parents and teachers received a link to an "inappropriate image" this week via Seesaw after miscreants hijacked accounts in a credential stuffing attack against the popular school messaging app.โฆ
Sponsored Post Few segments of the IT industry change as quickly, or as often, as cyber security. But the perpetual, fast evolving battle to outwit the hackers presents a real challenge for security professionals tasked with protecting mission critical data, applications and services from disruption and theft.โฆ
Akamai says it has absorbed the largest-ever publicly known distributed denial of service (DDoS) attack โ an assault against an unfortunate Eastern European organization that went beyond 700 million packets per second.โฆ
The Biden-nominated chief of space operations for the USA's Space Force (USSF) rates China his greatest challenge, as the Middle Kingdom has developed technologies to destroy space assets.โฆ
Updated Uber is tonight reeling from what looks like a substantial cybersecurity breach.โฆ
Updated A former Broadcom engineer who pleaded guilty to stealing his ex-employer's trade secrets has asked the court not to give him prison time, saying he stole the files for reference, fearing he would "be unable to keep up" with "more technical and younger engineers" at a new startup.โฆ
Webinar The first six months of this year have been characterized by relentless cyber security attacks whether state-induced (Russia's attacks on Ukraine), or incidents of criminal extortion and data theft. In such a threatening environment it is vital that organizations and enterprises defend themselves from internet and identity-based attacks.โฆ
The US has issued indictments against three Iranians linked to the country's Islamic Revolutionary Guard Corps (IRGC) for their alleged roles in plotting ransomware attacks against American critical infrastructure, and also sanctioned multiple individuals and two entities.โฆ
It's only been a week or so, and obviously there are at least three critical holes in WordPress plugins and tools that are being exploited in the wild right now to compromise loads of websites.โฆ
The White House has published software security rules for federal agencies as part of a larger push to shore up America's IT supply chains.โฆ
About 40 percent of industry professionals say their organizations have reduced their usage of open source software due to concerns about security, according to a survey conducted by data science firm Anaconda.โฆ
South Korea's Personal Information Protection Commission (PIPC) has issued two large fines for privacy violations: a $50 million penalty for Google and $22 million for Meta.โฆ
Two recent ransomware attacks against healthcare systems indicate cybercriminals continue to put medical clinics and hospitals firmly in their crosshairs.โฆ
Twitter's former head of security Peiter "Mudge" Zatko on Tuesday told the US Senate Judiciary Committee that the social media company's lax data handling and inability to present problems to its board of directors threaten the privacy, security, and democracy for Americans.โฆ
Patch Tuesday September's Patch Tuesday is here and it brings, among other things, fixes from Microsoft for one security bug that miscreants have used to fully take over Windows systems along with details of a second vulnerability that, while not yet under attack, has already been publicly disclosed.โฆ
The Lorenz ransomware gang is exploiting a vulnerability in Mitel VoIP appliances to break corporate networks.โฆ
Sponsored Post No matter how hard organizations in Latin America try to stop malicious attackers from infiltrating their IT systems, breaches are inevitable โ as recent events demonstrate.ย โฆ
Elon Musk has come up with a new reason to get out of his acquisition of Twitter - a severance payment.โฆ
Multiple high-severity firmware bugs in HP's business computers remain unpatched, some more than a year after Binarly security researchers disclosed the vulnerabilities to HP and then discussed them at the Black Hat security conference last month.โฆ
The Yanluowang ransomware group behind the May attack on Cisco Systems has publicly leaked the stolen files on the dark web over the weekend, but the networking giant says there's nothing to worry about.โฆ