Login
The CISO of Acronis has downplayed what appeared to be an intrusion into its systems, insisting only one customer was affected, using stolen credentials, and that all other data remains safe.β¦
A Catholic clergy conformance organization has reportedly been buying up tracking data from mobile apps to identify gay priests, and providing that information to bishops around America.β¦
International law enforcement agencies have claimed another victory over cyber criminals, after seizing the website, and taking down the infrastructure operated by crims linked to the NetWire remote access trojan (RAT).β¦
AT&T has confirmed that miscreants had access to nine million of its wireless customers' account details after a vendor's network was broken into in January.β¦
Health data and other personal information of members of Congress and staff were stolen during a breach of servers run by DC Health Care Link and are now up for sale on the dark web.β¦
Emotet is back. After another months-long lull since a spate of attacks in November 2022, the notorious malware operation that has already survived a law enforcement takedown and various periods of inactivity began sending out malicious emails on Tuesday morning.β¦
Suspected Chinese cyber criminals have zeroed in on unpatched SonicWall gateways and are infecting the devices with credential-stealing malware that persists through firmware upgrades, according to Mandiant.β¦
On Tuesday a bipartisan group of a dozen US senators introduced a bill to authorize the Commerce Department to ban information and communications technology products and services deemed threats to national security.β¦
Sponsored Feature When the first computer system passwords were set in 1961, few people needed to carry personal credentials to get through daily life. Nowadays, login credentials are ubiquitous across nearly every application, software and web service.β¦
Boeing said on Tuesday its anti-jam ground-based satellite communications system had passed the necessary tests to validate its design for use in the U.S. Space Forceβs Pathfinder program.β¦
Three of the principals of an Australian scheme that offered free payroll services to tech contractors have been found guilty of conspiring to defraud the Commonwealth and conspiring to deal with the proceeds of crime.β¦
Acer has confirmed someone broke into one of its servers after a miscreant put up for sale a 160GB database of what's claimed to be the Taiwanese PC maker's confidential information.β¦
If you're still using post-support DrayTek Vigor routers it may be time to junk them, see if they can be patched, or come up with some other workaround, as a malware variant is setting up shop in the kit.β¦
Pro-Russian scammers using social engineering and impersonation to trick prominent western commentators into conducting recorded video calls have kicked these campaigns "into high gear" over the past 12 months, according to security researchers.β¦
The US government is requiring states to assess the cyber security capabilities of their drinking water systems, part of the White House's broader efforts to protect the nation's critical infrastructure from attacks by nation-states and other cyber threats.β¦
German and Ukrainian cops have arrested suspected members of the DoppelPaymer ransomware crew and issued warrants for three other "masterminds" behind the global operation that extorted tens of millions of dollars and may have led to the death of a hospital patient.β¦
In Brief If you can't join them, then you may as well try to beat them β at least if you're a talented security engineer looking for a job and you happen to be a woman.Β β¦
The US Secret Service and Immigration and Customs Enforcement (ICE) agencies have failed to follow the law and official policy regarding the use of cell-site simulators, according to a government audit.β¦
SCSW On a scale of 1 to 10, 10 being the highest risk, Snap Chief Information Security Officer Jim Higgins rates software supply chain risk "about 9.9."β¦
Even if you don't know anyone who has used BetterHelp's services, podcast fans will recognize it from its annoying adverts for its online therapists. American regulators, however, allege the company's relationship with the advertising industry is more perverse than a mere irritating jingle, claiming it betrayed loyalties that should lie with customers by passing on their mental health info to Facebook, Snapchat and others.β¦
A malicious package discovered in the Python Package Index (PyPI) is the latest example of what threat hunters from Kroll called the continued "democratization of cybercrime," with the bad guys creating malware variants from the code of others.β¦
SCSW Back in 2020, Eric Scales led the incident response team investigating a state-backed software supply-chain attack that compromised application build servers and led to infections at government agencies and tech giants including Microsoft and Intel.β¦
Europe's proposed "Chat Control" legislation to automatically scan chat, email, and instant message communications for child sexual exploitation material (CSEM) ran up against broad resistance at a meeting of the German Parliament's (Bundestag) Digital Affairs Committee on Wednesday.β¦
Webinar Trying to keep on top of all the hype and complexity in cybersecurity can be more than an just an uphill struggle and more like a veritable mountain to climb every morning.β¦
Analysis Technology providers can expect more regulations, while cyber criminals can look for US law enforcement to step up their efforts to disrupt ransomware gangs and other illicit activities, under the Biden administration's computer security plan announced on Thursday.β¦
SCSW CI/CD over the past decade has become the cornerstone of modern software development.β¦
Less than a year after its online greetings card subsidiary Funky Pigeon was attacked, WH Smith has admitted someone broke into its systems.β¦
Interview It's a tough economy to ask for a bigger security team or larger budget to buy technology to protect against cyberattacks.Β β¦
BlackLotus, a UEFI bootkit that's sold on hacking forums for about $5,000, can now bypass Secure Boot, making it the first known malware to run on Windows systems even with the firmware security feature enabled.β¦
Cybercriminals are disguising the PlugX remote access trojan as a legitimate open-source Windows debugging tool to evade detection and compromise systems.β¦
Google continued its client-side encryption rollout, the feature generally available to some Gmail and Calendar users who can now send and receive encrypted messages and meeting invites.β¦
The White House has ordered all federal government employees to delete TikTok from work devices, over fears the video-sharing app could be used to spy on Americans.Β β¦
SCSW What's more dangerous than Chinese spy balloons? Unsafe software and other technology products, according to America's Cybersecurity and Infrastructure Agency (CISA) Director Jen Easterly.β¦
Dish has confirmed what everyone was suspecting, given the ongoing downtime experienced by some of its systems, that the US telco was hit by criminal hackers.β¦
The miscreants who infiltrated News Corporation's corporate IT network spent two years in the media monolith's system before being detected early last year.β¦
A series of distributed-denial-of-service (DDoS) attacks shut down nine Danish hospitals' websites for a few hours on Sunday, but did not have any life-threatening impact on the medical centers' operations or digital infrastructure.β¦
The US Marshals Service, the enforcement branch of the nationβs federal courts, has admitted a βmajorβ breach of its information security defenses led to a ransomware infection and exfiltration of βlaw-enforcement sensitive information."β¦
SCSW The vast majority of off-the-shelf software is composed of imported components, whether that's open source libraries or proprietary code. And that spells a security danger: if someone can subvert one of those components, they can infiltrate every installation of applications using those dependencies.β¦
US telco Dish said it is investigating a multi-day network "issue" that knocked some of its systems offline, leaving customers stranded from the web.β¦
Starting in June, companies operating in China must undergo a regulatory intervention when sending data abroad, thanks to the Cyberspace Administration of China (CAC).β¦
In brief A Russian national has been hit with a five-count indictment alleging he smuggled hardware and software used for counterintelligence operations out of the US to the Russian Federal Security Service (FSB) and North Korea.β¦
Microsoft is recommending that Exchange server users scan certain objects for viruses and other threats that until now had been excluded.β¦
Dutch police have arrested three men for their alleged involvement with a ransomware gang that stole sensitive data and extorted hundreds of thousands of euros from thousands of companies.β¦
Canadian communications giant Telus is investigating whether crooks have stolen employee data and its source code, all of which is being offered for sale on a criminal forum.β¦
Pics A Massachusetts man accused of using his job as a city's assistant facilities director to hide a cryptocurrency mining operation in the crawlspace of a school has surrendered himself to authorities on Friday morning after skipping his Thursday arraignment.Β β¦
The US Department of Justice (DoJ) asked the judge hearing its antitrust case against Google to sanction the search advertising giant for destruction of evidence.β¦
The European Commission on Thursday banned the use of the TikTok short video app on corporate devices and on the personal devices of employees enrolled in the commission's mobile device management service.β¦
At last year's Ignite show, Microsoft talked up a capability in its 365 Defender that automatically detects and disrupts a cyberattack while still in progress, hopefully stopping or reducing any resulting damage. Now it's extending that to include additional criminal areas.β¦
The so-called "brotherhood" or Russian-speaking cybercriminals is yet another casualty of the war in Ukraine, albeit one that few outside of Moscow are mourning.β¦
A Russian national accused of developing the NLBrute brute-force hacking tool has made his first court appearance this week in Florida over accusations he used the tool to spawn a criminal empire.β¦
Irish agricultural megacorp Dole has confirmed that it has fallen victim to a ransomware infection that reportedly shut down some of its North American production plants.β¦
FTX founder Sam Bankman-Fried's eight-count indictment related to the collapse of his crypto empire has been superseded by a new 12-count indictment unsealed in New York which provide graphic details about the extent the defunct biz paid off politicians.Β β¦
A hole in a US military email server operated by Microsoft left more than a terabyte of sensitive data exposed to the internet less than a month after Office 365 was awarded a higher level of government security accreditation.β¦
Millions of Russians in almost a dozen cities throughout the country were greeted Wednesday morning by radio alerts, text messages, and sirens warning of an air raid or missile strikes that never occurred. The warnings were later blamed on hackers.β¦
Criminals have targeted datacenter operators in Singapore and China, tapping into their CCTV cameras, accessing their tenant lists and then attacking those customers.β¦
More than 80 law firms say they are "deeply troubled" by the US Securities and Exchange Commission's demand that Covington & Burling hand over names of its clients whose information was stolen by Chinese state-sponsored hackers.β¦
Analysis Open source components play an increasingly central role in the software development scene, proving to be a boon in a time of continuous integration and deployment, DevOps, and daily software updates.β¦
Sponsored Post The global impact of cyber threats on businesses, governments, organisations and individuals around the world is ramping up exponentially, with experts warning that danger is set to dramatically worsen in coming months and years.β¦
A stranger may be receiving your private WhatsApp messages, and also be able to send messages to all of your contacts β if you have changed your phone number and didn't delete the WhatsApp account linked to it.β¦
Sponsored Feature As businesses journey deeper into an era of restless digital change, it's surprising how inventions from past decades still define the office environment.β¦
FreshRSS