Login
URSNIF, the malware also known as Gozi that attempts to steal online banking credentials from victims' Windows PCs, is evolving to support extortionware.β¦
A hospital network in Wisconsin and Illinois fears visitor tracking code on its websites may have transmitted personal information on as many as 3 million patients to Meta, Google, and other third parties.β¦
Sponsored Post Shifting workloads and applications to the cloud is on every forward-thinking CIO's wish list. It is also their worst nightmare. If they get it right, they've helped to transform and modernize their organization's operations and everyone's happy. If they get it wrong, it's a different story, made much worse if a seriously expensive data breach is involved.β¦
Microsoft has confirmed one of its own misconfigured cloud systems led to customer information being exposed to the internet, though it disputes the extent of the leak.β¦
The Biden administration is pushing ahead with its drive to add cyber security labeling to consumer Internet of Things (IoT) devices, and may join other nations in adopting the scheme pioneered by Singapore.β¦
Sponsored Feature The concept behind Confidential Computing isn't new β organisations have been using hardware-assisted technology to encrypt and decrypt data for a while now. But fresh impetus from the Confidential Computing Consortium , new technology, and greater reliance on off prem public clouds to host and process sensitive information is prompting a more widespread re-evaluation of its benefits.β¦
Updated Australian health insurer Medibank has revealed it's been contacted by a group that claims to have its customers' data and is threatening to distribute it.β¦
This week, the US government's Cybersecurity and Infrastructure Security Agency (CISA) expanded its ever-growing list of vulnerability in industrial control systems (ICS) and critical infrastructure technology.β¦
New York regulators continue turning the screws on organizations with slapdash computer security.β¦
Verizon has notified some prepaid customers that their accounts were compromised and their phone numbers potentially hijacked by crooks via SIM swaps.β¦
It's just as you suspected: your Gen Z and millennial coworkers just aren't taking cybersecurity at work seriously enough.Β β¦
Cyber-diplomats from around the world say they want the internet to be safe, secure, and free of interference. Of course, they believe it's the fault of other nations that the internet is not safe, secure or free of interference.β¦
A proof-of-concept exploit has been published detailing a spoofing vulnerability in Microsoft Azure Service Fabric. The flaw allows attackers to gain full administrator permissions and then perform any manner of malicious activity.β¦
Webinar The individual memory of a bee is the repository for one facet of the collective memory of the beehive - the hive mind. Working together each bee feeds into the collective consciousness of the hive to optimize the production of the very best honey.β¦
Germany's government has stood down the president of its Federal Office for Information Security, Arne SchΓΆnbohm, over his links to Russia.β¦
In what can only be described as inevitable, the FBI is warning those eligible for student loan debt relief to keep an eye out for scammers trying to take advantage of President's Biden program.β¦
Sponsored Post We're all looking for a way to get the best cyber security training on the market, so we can push ahead in our careers. But we want to do it at our own pace, and in a location that suits us.β¦
SafeBreach Labs says it has detected a novel fully undetectable (FUD) PowerShell backdoor, which calls into question the accuracy of threat naming.β¦
Tensions between the US, China, and Taiwan have far-reaching impacts beyond semiconductor saber-rattling and trade restrictions. There is an enterprise security angle that CISOs should be on guard to tackle, according to US intelligence.β¦
Webinar If there was a tablet of stone inscribed with ten commandments for the fundamental requirements of an operating environment, the first would almost certainly be 'thou shalt have security and stability.'β¦
It has been almost a year since the ransomware gang Ransom Cartel was first detected and the crew over that time has racked up a steady drumbeat of victims in such countries as the United States and France and from a broad array of industry sectors.β¦
Sponsored Feature The steady migration of applications and infrastructure out of in-house data centres and server farms and into the cloud looks unstoppable at this moment in time. Research firm Gartner has estimated that by 2025, 51 percent of IT spending on application and infrastructure software, business process services and system infrastructure will have shifted to the public cloud, up from 41 percent in 2022. And you can bet that large volumes of the data that those applications and systems host and process will go with them.β¦
Organizations hit earlier by the HermeticWiper malware have reportedly been menaced by ransomware unleashed this month against transportation and logistics industries in Ukraine and Poland.β¦
Japanese industrial giants NTT Communications Corporation and Denso Corporation have decided to start a business βto respond to the threat of increasingly sophisticated cyber-attacks against vehicles.ββ¦
Europol this week said it has arrested 31 people in a crackdown on a car-theft ring that developed and used a technique to steal keyless vehicles.β¦
A former Wall Street Journal reporter has sued a multinational law firm, some of its attorneys, and others for allegedly stealing his emails and spreading the messages to wrongly discredit him, leading to his firing.β¦
Interpol arrested 75 suspected members of the Black Axe West African crime syndicate, and intercepted over $1 million in various bank accounts as part of a wide-ranging multi-country operation aimed at thwarting the group's cyber-fraud efforts that fund its criminal operations.β¦
In brief Advanced persistent threat group (APT) Budworm has shifted targets after hitting the Middle East, Europe and Asia, and was caught this week trying to break into the systems of an unnamed US state legislature.β¦
Panic over the risk of deepfake scams is completely overblown, according to a senior security adviser for UK-based infosec company Sophos.β¦
Asia In Brief Chinese president Xi Jinping has opened the 20th Congress of the Chinese Communist Party with a call for the nation he leads to win the race for development of βcore technologiesβ and to become self-reliant in strategic tech.β¦
Feature The infosec industry remains mostly a boys club. And while there are some indications that it's becoming more diverse, bringing women into the room continues to move at a glacial pace.β¦
A man who lost $24 million in cryptocurrency in an elaborate SIM swapping scam has won a multi-million-dollar judgment against the thief, who was 15 at the time of the hustle.β¦
Microsoft Office 365 Message Encryption claims to offer a way "to send and receive encrypted email messages between people inside and outside your organization."β¦
Online retailer Zoetop will fork out $1.9 million after account data belonging to 46 million customers was stolen in 2018.β¦
Sponsored Feature We hear the term data sovereignty more and more these days. That's strange in some ways because the rules for flinging data around the world have been a challenge for decades β particularly since the internet hit critical mass in the late 1990s and early 2000s and international data transfers went from being a rarity to the norm.β¦
Advanced, a managed software provider to the UK National Health Service, has confirmed that customer data was indeed lifted as part of the attack by cyber baddies that has disrupted operations for months.β¦
India's minister of state for electronics and information technology, Rajeev Chandrasekhar, has hinted strongly that he will again extend the deadline to comply with sweeping new information security reporting rules that were imposed as an essential national defence mechanism.β¦
Miscreants broke into the Church of Jesus Christ of Latter-day Saints' computer systems and stole personal data belonging to "some" members, employees, contractors and friends, the church has confirmed.β¦
Interview Crimeware targeting banks and other financial-services organizations today features sophisticated capabilities and evasion tools, according to Kaspersky's lead security researcher Sergey Lozhkin.β¦
Medibank, a private health insurer in Australia with 3.7 million customers, has confirmed today it is the latest business down under to fall victim to a digital break-in.β¦
Sponsored Post Cybercrime and cyber attacks across the world are on the increase, and the best form of defence against whatever they might throw at you isΒ to assume you're going to be attacked and beef up your operational resilience to better deal with the fallout before it actually happens.β¦
Authorities in the US and the UK are taking a keen interest in the contents of WhatsApp messages among bank employees and their associates in the financial services industry.β¦
Exclusive Laws in the UK and Europe have been proposed that would give authorities the power to undermine strong end-to-end encryption in the pursuit of, in their minds, justice.β¦
A US prisoner has been charged with orchestrating an $11 million scam from his cell using a hidden β¦ cellphone.β¦
Election workers in US battleground states have been hit by a surge in phishing and malware-laced emails in the run up to their primaries and the upcoming 2022 midterm elections.β¦
Updated Computer systems are still down at CommonSpirit Health β America's second-largest nonprofit hospital network β more than a week after it was hit by a somewhat mystery cyberattack.β¦
Ignite Microsoft is rolling out its usual host of cloud security features and services at this week's Ignite 2022 conference, with the focus on what's happening in and outside the firewall.β¦
Modified off-the-shelf drones have been found carrying wireless network-intrusion kit in a very unlikely place.β¦
Bittrex will cough up $53 million after being accused of flouting US sanctions and breaking federal money laundering laws and other banking rules.β¦
Patch Tuesday Microsoft fixed more than 80 security flaws in its products for October's Patch Tuesday. But let's start off with what Redmond didn't fix: two Exchange Server bugs dubbed ProxyNotShell that have been exploited by snoops as far back as August.β¦
UK intelligence agency GCHQ says China is "learning lessons" from the war in Ukraine and could make use of a centralized digital currency to partly get around the type of sanctions being imposed on Putin's Russia.β¦
GCN Mandiant, now officially owned by Google, has the scale (not to mention the deep pockets) to be the "brain" across organizations' myriad security products and automate protection on top of these controls, according to the security shop's CEO Kevin Mandia.β¦
Security appliance vendor Fortinet has become the subject of a bug report by its own FortiGuard Labs after the discovery of a critical-rated flaw in three of its products.β¦
Sponsored Feature Underwriters are continuing to feel the pinch as cyber insurance claims mount. That means customers are hurting too, with policies becoming more costly and insurers demanding more proof of cybersecurity. So how do organizations make better use of identity and access management to demonstrate their competency in protecting people's sensitive personal and financial data?β¦
Australian carrier Optus's recent data breach will be investigated by two regulators, the double trouble likely an indicator of the nation's displeasure at the incident β which saw almost ten million locals' personal data exposed online.β¦
Toyota has admitted it put 296,019 email addresses and customer management numbers of folks who signed up for its T-Connect assistance website at risk of online theft by bungling its security.β¦
Updated Russian miscreants claimed responsibility for knocking more than a dozen US airports' websites offline on Monday morning in what appeared to be a large-scale, distributed-denial-of-service (DDoS) attack.β¦
Source code for the BIOS used with Intel's 12th-gen Core processors has been leaked online, possibly including details of undocumented model-specific registers (MSRs) and even the private signing key for Intel's Boot Guard security technology.β¦
Red Hat is backing a Cloud Native Computing Foundation (CNCF) project that aims to improve the security of containers in Kubernetes clusters by running them inside hardware-enforced enclaves.β¦
End users, often viewed by infosec specialists as a corporation's weakest link, appear to be finally understanding the importance of good security and privacy practices.β¦
FreshRSS