A woman and her husband, who both copped to trying to sell nuclear warship secrets to a foreign government, have been sentenced to prison, with each set to spend around two decades behind bars.β¦
Troubled social media giant Twitter has lost the services of its chief information security officer to cap off another chaotic week following its acquisition by Elon Musk.β¦
Sponsored Post It's a common problem when it comes to finding a new job or landing that all important promotion. You need to upgrade your CV to show some knowledge and experience of systems, tools and frameworks that your current role doesn't require but the next step up the ladder does. But how do you learn what you need if you're current role focuses on a different set of priorities, or even know what areas of speciality different organisations prize most highly in the first place?β¦
A malware loader deemed in June to be a "work in progress" is now fully functional and infecting thousands of Windows corporate and home PCs.β¦
Wells Fargo customers who use Zelle to send and request payments suffer more than twice the rate of fraud and other online scams as people using other big banks, according to US Senator Elizabeth Warren (D-MA).β¦
VMware has revealed a terrible trio of critical-rated flaws in Workspace ONE Assist for Windows β a product used by IT and help desk staff to remotely take over and manage employees' devices.β¦
Patch Tuesday November's Patch Tuesday also falls on election day in the US, so let's hope that democracy fares better than Microsoft, which reported six of today's bugs are already being exploited in the wild by miscreants.β¦
As insurance companies struggle to stay afloat amid rising cyber claims, Swiss Re has recommended a public-private partnership insurance scheme with one option being a government-backed fund to help fill the coverage gap.β¦
Robin Banks, the phishing-as-a-service (PHaaS) platform that was kicked off Cloudflare for malicious activity, is back in action with a Russian service provider and new tools to make it easier to bypass security measures.β¦
Experian and T-Mobile US have reached separate settlements with 40 states in America following a pair of data security breaches in 2012 and 2015. The settlement will net authorities $16 million, along with assurances it won't happen again.β¦
Pro-Russia hacktivists' recent spate of network-flooding bot traffic aimed at US critical infrastructure targets, while annoying, have had "limited success," according to the FBI.β¦
A crook who stole more than 50,000 Bitcoins from the dark web souk Silk Road in 2012 has pleaded guilty and lost the lot, with a stretch behind bars likely ahead of him.Β β¦
Misinformation related to tomorrow's US midterm elections hasn't slowed, according to security researchers.Β β¦
Microsoft is rolling out another way for smartphone and tablet users to protect themselves from phishing attacks as post-pandemic hybrid work pulls more and more workers under bring-your-own-device (BYOD) policies.β¦
in brief A quartet of malware-laden Android apps from a single developer have been caught with malicious code more than once, yet the infected apps remain on Google Play and have collectively been downloaded more than one million times.Β β¦
Amid the theft of billions of dollars in cryptocurrency over recent months, confidential computing may have a role in protecting people's money in future.β¦
Japanβs Ministry of Defence (JMOD) announced on Friday that it has formally joined NATOβs Cooperative Cyber Defense Centre of Excellence (CCDCOE).β¦
Microsoft has asserted that China's offensive cyber capabilities have improved, thanks to a law that has allowed Beijing to create an arsenal of unreported software vulnerabilities.β¦
The International Committee of the Red Cross (ICRC) wants to devise a digital equivalent of its emblems (the red cross and red crescent), to signify that certain digital resources are protected and must not be targeted during cyberwarfare.β¦
Australian health insurer Medibank β which spent October discovering a security incident was worse than it first thought β has announced it will not pay a ransom to attackers that made off with personal info describing nearly ten million customers.β¦
SolarWinds has agreed to pay $26 million to settle a shareholder lawsuit, and it's also expecting to be slapped with an enforcement action by Uncle Sam β both related to its infamous 2020 supply chain security fiasco, according to the software maker's most recent US regulatory filing.β¦
A new threat group called Crimson Kingsnake is impersonating real law companies and debt recovery services to intimidate businessess into paying bogus overdue invoices.β¦
A French-speaking criminal group codenamed OPERA1ER has pulled off more than 30 cyber-heists against telecom organizations and banks across Africa, Asia, and Latin America, stealing upwards of $30 million over four years, according to security researchers.β¦
Analysis The September cyberattack on ride-hailing service Uber began when a criminal bought the stolen credentials of a company contractor on the dark web.β¦
The White House's second International Counter Ransomware Initiative summit has concluded, and this year the 36-nation group has made clear it intends to crack down on how cryptocurrencies are used to finance ransomware operations.β¦
A technical SNAFU shut down the UK's Royal Mail Click and Drop website on Tuesday after a security "issue" allowed some customers to see others' order information.Β β¦
The US Treasury Department has thwarted a distributed denial of service (DDoS) attack that officials attributed to Russian hacktivist group Killnet.β¦
Banks in the US paid out nearly $1.2 billion in 2021 as a result of ransomware attacks, a marked rise over the year before though it may simply be due to more financial institutions being asked to report incidents.β¦
A one-time Apple employee working as a buyer within the iGiant's supply chain department has pleaded guilty to mail and wire fraud charges spanning multiple years, ultimately costing the company $17 million.β¦
Mondelez International has settled its lawsuit against Zurich American Insurance Company, which it brought because the insurer refused to cover the snack giant's $100-million-plus cleanup bill following the 2017 NotPetya outbreak.β¦
Dropbox has said it was successfully phished, resulting in someone copying 130 of its private GitHub code repositories and swiping some of its secret API credentials.β¦
OpenSSL today issued a fix for a critical-turned-high-severity vulnerability that project maintainers warned about last week.Β β¦
The UK's Home Secretary β the minister in charge of policing and internal security β has been forced to apologize for breaching IT security protocols in government.β¦
Attempts to reorganize supply chains to cut out China and foil its attempts to build a high-tech chip industry will be costly and may simply cause the Middle Kingdom to redouble its efforts, says memory maker Kioxia.β¦
A 22-year-old student German federal police believe to be the administrator of one of the largest German-speaking, dark-web forums has been arrested.Β β¦
A cybersecurity firm has issued another unofficial patch to squash a bug in Windows that Microsoft has yet to fix, with this hole being actively exploited to spread ransomware.β¦
India's Home Ministry has asked state governments to crack down on illegal lending apps it says have led to "multiple suicides by citizens owing to harassment, blackmail, and harsh recovery methods."β¦
Sloppy data security at education tech giant Chegg exposed students and workers' personal information not once but four times in various ways over four years, according to the FTC.Β β¦
The White House has begun its second annual International Counter Ransomware Summit in which Biden administration officials will convene with representatives of three dozen nations, the EU, and private business to discuss the growing threat posed by data-destroying cyber attacks.β¦
A threat group that targets corporate emails is delivering dropper malware through a novel technique that uses Microsoft Internet Information Services (IIS) logs to send commands disguised as web access requests.β¦
In brief Apple has patched an iOS and iPad OS vulnerability that's already been exploited.β¦
Sponsored Post Cybercriminals generally respect no limits or boundaries, but there is evidence to suggest that they are singling out industrial control systems (ICS) and operational technology (OT) systems such as supervisory control and data acquisition (SCADA) platforms in the Asia Pacific region which may represent easier targets for their attention.β¦
Asia In Brief India's government has given itself the power to compel social networks to take down content.β¦
Raspberry Robin, a worm that spreads through Windows systems via USB drives, has rapidly evolved: now backdoor access is being sold or offered to infected machines so that ransomware, among other code, can be installed by cybercriminals.β¦
Only a "handful" of US states have stopped buying Chinese technologies deemed by the government to pose security threats, according to a report from a Washington policy research group.β¦
Webinar The cloud is constantly in flux, and with its continual growth comes an equally rapid acceleration of threats and vulnerabilities direct towards it. You could say the cloud environment resembles the wild west where even hired guns carefully guarding your wagon train are not always enough to prevent an ambush by a gang of determined outlaws.β¦
The White House is adding the chemical sector to a program launched last year to improve cybersecurity capabilities within America's critical infrastructure industries.β¦
Sponsored Feature The inexorable pace of technological innovation in response to the unrelenting growth of cyber attacks has led to fragmentation within cyber security provision. Things generally follow a common pattern, starting with a new security requirement being identified, whether a response to a novel threat, or a compliance or regulation challenge. This leads buyers to specialized tools, usually from smaller vendors that do one thing well. But inevitably over time, buyers end up using a mishmash of systems and tools, each with its own job and management processes.β¦
A stealthy cryptocurrency mining operation has been spotted using thousands of free accounts on GitHub, Heroku and other DevOps outfits to craft digital tokens. GitHub, for one, forbids the mining of coins using its cloud resources.β¦
Japan's plan to phase out public health insurance cards in favor of linking the services to a digital ID card could compel those who oppose the digitization to sign up.β¦
The prolific pro-Beijing Dragonbridge crew has apparently stepped up its activity ahead of the US 2022 midterms by trying to discourage Americans from voting as well as pinning the Nord Stream pipeline explosion on Uncle Sam.β¦
Mark Sokolovsky, 26, a Ukrainian national, is being held in the Netherlands while he awaits extradition to America on cybercrime charges, the US Justice Department said on Tuesday.β¦
Cisco says miscreants are exploiting two vulnerabilities in its AnyConnect Secure Mobility Client for Windows, which is supposed to ensure safe VPN access for remote workers.β¦
Microsoft appears to have woken up and realized it may have left certain Windows Server and Windows 10 systems exposed to exploitable drivers for years.β¦
Sponsored Post The turn of the year is always a good time to take stock and think about where you are heading. Many hard working cybersecurity professionals will be keeping as close an eye on the calendar as they are on cyber criminals.β¦
The number of ransomware attacks worldwide dropped 31 percent year-over-year during the first nine of months 2022, at least as far as SonicWall has observed. But don't get too excited.β¦
Microsoft is bringing Azure Active Directory Identity Protection alerts to Microsoft 365 Defender to seemingly help IT folks thwart criminals infiltrating corporate networks via compromised users.β¦
Australian health insurer Medibank's data breach was today revealed to be even worse than first thought, with a regulatory filing stating that info describing all four million customers has been accessed.β¦
Analysis Drizly CEO James Cory Rellas is in the firing line after his company exposed about 2.5 million customers' personal information in a computer security blunder.Β β¦
PayPal has added passkeys for passwordless login to accounts across Apple devices.β¦