Panic over the risk of deepfake scams is completely overblown, according to a senior security adviser for UK-based infosec company Sophos.β¦
Asia In Brief Chinese president Xi Jinping has opened the 20th Congress of the Chinese Communist Party with a call for the nation he leads to win the race for development of βcore technologiesβ and to become self-reliant in strategic tech.β¦
Feature The infosec industry remains mostly a boys club. And while there are some indications that it's becoming more diverse, bringing women into the room continues to move at a glacial pace.β¦
A man who lost $24 million in cryptocurrency in an elaborate SIM swapping scam has won a multi-million-dollar judgment against the thief, who was 15 at the time of the hustle.β¦
Microsoft Office 365 Message Encryption claims to offer a way "to send and receive encrypted email messages between people inside and outside your organization."β¦
Online retailer Zoetop will fork out $1.9 million after account data belonging to 46 million customers was stolen in 2018.β¦
Sponsored Feature We hear the term data sovereignty more and more these days. That's strange in some ways because the rules for flinging data around the world have been a challenge for decades β particularly since the internet hit critical mass in the late 1990s and early 2000s and international data transfers went from being a rarity to the norm.β¦
Advanced, a managed software provider to the UK National Health Service, has confirmed that customer data was indeed lifted as part of the attack by cyber baddies that has disrupted operations for months.β¦
India's minister of state for electronics and information technology, Rajeev Chandrasekhar, has hinted strongly that he will again extend the deadline to comply with sweeping new information security reporting rules that were imposed as an essential national defence mechanism.β¦
Miscreants broke into the Church of Jesus Christ of Latter-day Saints' computer systems and stole personal data belonging to "some" members, employees, contractors and friends, the church has confirmed.β¦
Interview Crimeware targeting banks and other financial-services organizations today features sophisticated capabilities and evasion tools, according to Kaspersky's lead security researcher Sergey Lozhkin.β¦
Medibank, a private health insurer in Australia with 3.7 million customers, has confirmed today it is the latest business down under to fall victim to a digital break-in.β¦
Sponsored Post Cybercrime and cyber attacks across the world are on the increase, and the best form of defence against whatever they might throw at you isΒ to assume you're going to be attacked and beef up your operational resilience to better deal with the fallout before it actually happens.β¦
Authorities in the US and the UK are taking a keen interest in the contents of WhatsApp messages among bank employees and their associates in the financial services industry.β¦
Exclusive Laws in the UK and Europe have been proposed that would give authorities the power to undermine strong end-to-end encryption in the pursuit of, in their minds, justice.β¦
A US prisoner has been charged with orchestrating an $11 million scam from his cell using a hidden β¦ cellphone.β¦
Election workers in US battleground states have been hit by a surge in phishing and malware-laced emails in the run up to their primaries and the upcoming 2022 midterm elections.β¦
Updated Computer systems are still down at CommonSpirit Health β America's second-largest nonprofit hospital network β more than a week after it was hit by a somewhat mystery cyberattack.β¦
Ignite Microsoft is rolling out its usual host of cloud security features and services at this week's Ignite 2022 conference, with the focus on what's happening in and outside the firewall.β¦
Modified off-the-shelf drones have been found carrying wireless network-intrusion kit in a very unlikely place.β¦
Bittrex will cough up $53 million after being accused of flouting US sanctions and breaking federal money laundering laws and other banking rules.β¦
Patch Tuesday Microsoft fixed more than 80 security flaws in its products for October's Patch Tuesday. But let's start off with what Redmond didn't fix: two Exchange Server bugs dubbed ProxyNotShell that have been exploited by snoops as far back as August.β¦
UK intelligence agency GCHQ says China is "learning lessons" from the war in Ukraine and could make use of a centralized digital currency to partly get around the type of sanctions being imposed on Putin's Russia.β¦
GCN Mandiant, now officially owned by Google, has the scale (not to mention the deep pockets) to be the "brain" across organizations' myriad security products and automate protection on top of these controls, according to the security shop's CEO Kevin Mandia.β¦
Security appliance vendor Fortinet has become the subject of a bug report by its own FortiGuard Labs after the discovery of a critical-rated flaw in three of its products.β¦
Sponsored Feature Underwriters are continuing to feel the pinch as cyber insurance claims mount. That means customers are hurting too, with policies becoming more costly and insurers demanding more proof of cybersecurity. So how do organizations make better use of identity and access management to demonstrate their competency in protecting people's sensitive personal and financial data?β¦
Australian carrier Optus's recent data breach will be investigated by two regulators, the double trouble likely an indicator of the nation's displeasure at the incident β which saw almost ten million locals' personal data exposed online.β¦
Toyota has admitted it put 296,019 email addresses and customer management numbers of folks who signed up for its T-Connect assistance website at risk of online theft by bungling its security.β¦
Updated Russian miscreants claimed responsibility for knocking more than a dozen US airports' websites offline on Monday morning in what appeared to be a large-scale, distributed-denial-of-service (DDoS) attack.β¦
Source code for the BIOS used with Intel's 12th-gen Core processors has been leaked online, possibly including details of undocumented model-specific registers (MSRs) and even the private signing key for Intel's Boot Guard security technology.β¦
Red Hat is backing a Cloud Native Computing Foundation (CNCF) project that aims to improve the security of containers in Kubernetes clusters by running them inside hardware-enforced enclaves.β¦
End users, often viewed by infosec specialists as a corporation's weakest link, appear to be finally understanding the importance of good security and privacy practices.β¦
Singtel has confirmed that another Australian business it owns, consulting unit Dialog, has fallen victim to a cyber burglary just weeks after the mammoth data leak at telco Optus was revealed.β¦
A Russia based threat group that set up a malware distribution shop earlier this year is behind a Swiss Army knife-like botnet that comes with a range of other malicious capabilities, from stealing information to mining cryptocurrency.β¦
Opinion People are the biggest problem in corporate infosec. Make them the biggest asset.Β β¦
Supposedly ingenious schemes to revolutionize the finance industry with crypto are not hard to find β nor are their failures. And scarcely a day passes on which a cryptocurrency venture's infosec is not found wanting. That sad situation is causing financial institutions sufficient pain that Mastercard thinks the time is ripe for a service that helps lenders to understand if their customers' crypto purchases are dangerous.β¦
An internet security mechanism called Resource Public Key Infrastructure (RPKI), intended to safeguard the routing of data traffic, can be broken.β¦
Comment It's getting difficult these days to find a ransomware group that doesn't steal data and promise not to sell it if a ransom is paid off. What's more, these criminals are going down the extortion-only route, and not even bothering to scramble your files with encryption.β¦
In brief An executive order signed by President Biden on Friday to setting out fresh rules on how the US and Europe share people's private personal info may still fall short of the EU's wishes, says the privacy advocate who defeated the previous regulations in court.β¦
A couple of vulnerabilities in Ikea smart lighting systems can be exploited to make lights annoyingly flicker for hours.β¦
Cryptocurrency exchange Binance temporarily halted its blockchain network on Thursday in response to a cyberattack that led to the theft of two million BNB tokens, notionally exchangeable for $566 million in fiat currency.β¦
The US Department of Energy has proposed regulations to financially reward cybersecurity modernization at power plants by offering rate deals for everything from buying new hardware to paying for outside help.β¦
China appears to have upgraded its Great Firewall, the instrument of pervasive real-time censorship it uses to ensure that ideas its government doesnβt like donβt reach Chinaβs citizens.β¦
Only a third of PostgreSQL databases connected to the internet use SSL for encrypted messaging, according to a cloud database provider.β¦
Sponsored Feature As enterprises continue to migrate applications into the cloud, security concerns about the data those workloads store and process are inevitable. But how can IT departments be certain that sensitive information covered by stringent data protection laws hosted in public, private and hybrid cloud environments spanning multiple servers and locations is adequately protected from both internal and external threats?β¦
Three US national security agencies - CISA, the FBI and the NSA - on Thursday issued a joint advisory naming the 20 infosec exploited by state-sponsored Chinese threat actors since 2020.β¦
Updated Lloyd's of London has cut off its IT systems and is probing a possible cyberattack against it after detecting worrisome network behavior this week.β¦
America's second-largest nonprofit healthcare org is suffering a security "issue" that has diverted ambulances and shut down electronic records systems at hospitals around the country.β¦
Papa John's is being sued by a customer β not for its pizza but for allegedly breaking the US Wiretap Act by snooping on the way he browsed the pie-slinger's website.β¦
The FBI and the US government's Cybersecurity and Infrastructure Security Agency (CISA) claim any foreign interference in the 2022 US midterm elections is unlikely to disrupt or prevent voting, compromise ballot integrity, or manipulate votes at scale.β¦
South Korea issued a publicly available notice on Wednesday to wanted man and Terraform Labs founder Do Kwon, demanding he return his passport.β¦
Aussie police have cuffed a 19-year-old Sydney resident accused of trying to extort money from victims of the recent cyberattack and digital burglary at national telecommunications provider Optus.β¦
Sponsored Post There's nothing much to be said in favour of cybercrime. It ruins legitimate endeavours and wrecks livelihoods. It does, though, build a sense togetherness among the people whose job is to stop it.β¦
Joe Sullivan, Uber's former chief security officer, has been found guilty of illegally covering up the theft of Uber drivers and customers' personal information.β¦
An ex-Canadian government worker who extorted tens of millions of dollars from organizations worldwide using the NetWalker ransomware has been sent down for 20 years.β¦
Spies for months hid inside a US military contractor's enterprise network and stole sensitive data, according to a joint alert from the US government's Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and NSA.β¦
Webinar "You are the weakest link, goodbye!". One of the most famous catchphrases in television history. Popularized by the BBC gameshow and delivered by caustic TV presenter Anne Robinson, it is still the ultimate put down.β¦
Cybersecurity biz Kaspersky has spotted a modified version of the Tor Browser it says collects sensitive data on Chinese users.β¦
Convicted wire fraud perpetrator Paige Thompson (aka "erratic") has been sentenced to time served and five years of probation with location and computer monitoring, prompting U.S. Attorney Nick Brown to label the sanctions unsatisfactory.β¦
Video Digital transformation requires far-reaching and innovative business solutions, frequently tailormade.β¦