Login
Tempur Sealy, among the world's largest providers of bedding, has notified the Securities and Exchange Commission of a digital burglary by cyber crims that forced it to isolate parts of the tech infrastructure.β¦
The US government is fighting a pair of cyber security incidents, one involving Chinese spies who potentially gained access to crucial American computer networks and the other related to an Air Force engineer allegedly compromised communications security by stealing sensitive equipment and taking it home.β¦
China introduced restrictions on Monday that mean would-be exporters will require a license to ship certain drones and related equipment out of the Middle Kingdom.β¦
The White House has weighed in on the Section 702 debate, urging lawmakers to reauthorize, "without new and operationally damaging restrictions," the controversial snooping powers before they expire at the end of the year.β¦
Updated Video surveillance equipment maker Hikvision was paid $6 million by the Chinese government last year to provide technology that could identify members of the nation's Uyghur people, a Muslim ethnic majority, according to physical security monitoring org IPVM.β¦
Opinion "There seems to be something wrong with our bloody ships today," fumed Admiral David Beatty during 1916's Battle of Jutland. Fair enough: three of the Royal Navy's finest vessels had just blown up and sank.β¦
Infosec in brief US senator Ron Wyden (D-OR) thinks it's Microsoft's fault that Chinese hackers broke into Exchange Online, and he wants three separate government agencies to launch investigations and hold the Windows giant "responsible for its negligent cyber security practices."Β β¦
Federal prosecutors have expanded their criminal case against a famous Floridian and his loyal minions for allegedly mishandling national security secrets and not being forthright about the storage and handling of hundreds of classified documents.β¦
Personal, financial, and health information belonging to millions of folks has been stolen via a particular class of website vulnerability, say cybersecurity agencies in the US and Australia. They're urging developers to review their code and squish these bugs for good.β¦
Nearly all of the FBI's technical intelligence on malicious "cyber actors" in the first half of this year was obtained via Section 702 searches, according to FBI Director Christopher Wray.β¦
Chinese companies, including state-owned defense companies, are evading tech sanctions and fueling Moscowβs war in Ukraine, according to a US report released on Thursday.β¦
NATO is investigating claims by miscreants that they broke into the military alliance's unclassified information-sharing and collaboration IT environment, stole information belonging to 31 nations, and leaked 845 MB of compressed data.β¦
Accounting giant Deloitte, pizza and birthday party chain Chuck E. Cheese, government contractor Maximus, and the Hallmark Channel are among the latest victims that the Russian ransomware crew Clop claims to have compromised via the MOVEit vulnerability.β¦
Chinese made AI-enabled products should spark similar concerns to Middle Kingdom sourced 5G equipment and therefore be regulated, said think tank Australian Strategic Policy Institute (ASPI) on Thursday.β¦
Public companies that suffer a computer crime likely to cause a "material" hit to an investor will soon face a four-day time limit to disclose the incident, according to rules approved today by the US Securities and Exchange Commission.β¦
A Russian court has sentenced Ilya Sachkov, the founder of security research house Group-IB, to 14 years in a maximum-security prison after finding the executive guilty of high treason.β¦
Several UK NHS ambulance organizations have been struggling to record patient data and pass it to other providers following a cyber-attack aimed at health software company Ortivus.β¦
Python security fixes often happen through "silent" code commits, without an associated Common Vulnerabilities and Exposures (CVE) identifier, according to a group of computer security researchers.β¦
A critical security flaw in Ivanti's mobile endpoint management code was exploited and used to compromise 12 Norwegian government agenciesΒ before the vendor plugged the hole.β¦
Apple has released fixes for several security flaws that affect its iPhones, iPads, macOS computers, and Apple TV and watches, and warned that some of these bugs have already been exploited.β¦
Updated Midnight Blue, a security firm based in the Netherlands, has found five vulnerabilities that affect Terrestrial Trunked Radio (TETRA), used in Europe, the United Kingdom, and many other countries by government agencies, law enforcement, and emergency services organizations.β¦
AMD has started issuing some patches for its processors affected by a serious silicon-level bug dubbed Zenbleed that can be exploited by rogue users and malware to steal passwords, cryptographic keys, and other secrets from software running on a vulnerable system.β¦
Infosec in brief Google Cloud has fixed an issue in which it gave away a little too much info in its audit logs to a service account.β¦
A stolen Microsoft security key may have allowed Beijing-backed spies to break into a lot more than just Outlook and Exchange Online email accounts.β¦
VirusTotal today issued a mea culpa, saying a blunder earlier this week by one of its staff exposed information belonging to 5,600 customers, including the email addresses of US Cyber Command, FBI, and NSA employees.β¦
The law firm that last month sent a Letter of Claim to Capita over a security breach in late March says it has signed up nearly 1,000 clients as it prepares a class action lawsuit aimed at the outsourcing giant.β¦
The number of victims and costs tied to the MOVEit file transfer hack continues to climb as the fallout from the massive supply chain attack enters week seven.β¦
Obit Kevin Mitnick, probably the world's most-famous computer hacker β and subsequently writer, public speaker, and security consultant β has succumbed to pancreatic cancer. He was 59.β¦
Microsoft announced on Wednesday it would provide all customers free access to cloud security logs β a service usually reserved for premium clients β within weeks of a reveal that government officials' cloud-based emails were targets of an alleged China-based hack.β¦
Ukrainian cops have disrupted a massive bot farm with more than 100 operators allegedly spreading fake news about the Russian invasion, leaking personal information belonging to Ukrainian citizens, and instigating fraud schemes.β¦
Cybercriminals are taking their business offline in a new approach to familiar technical support scams recently identified by the US Federal Bureau of Investigation.β¦
Sponsored Post Join Palo Alto Networks at the INTERSECT '23: Network Security Summit, on July 27, 2023 09:00 AM PDT in the Americas and on August 2, 2023, at 10:00 AM CEST in Europe.β¦
The US government on Tuesday added commercial spyware makers Intellexa and Cytrox to its Entity List, saying the duo are a possible threat to national security.β¦
Norwegian mining and recycling giant TOMRA says it has isolated tech systems as it deals with an "extensive cyberattack."β¦
Sponsored Post Kroll's latest State of Incident Response: APAC report suggests that over half of all organizations in Asia Pacific (59 percent) have experienced a cyber incident, of which a third (32 percent) have suffered multiple incidents.β¦
A vulnerability in Zimbra's software is being exploited right now by miscreants to compromise systems and attack selected government organizations, experts reckon.β¦
Over the weekend Chinese president Xi Jinping gave a directive to officials to build a Beijing-supervised "security barrier" around its internet.β¦
Infosec in brief Former UK prime minister Boris Johnson lobbed a wrench into the works of the country's COVID-19 inquiry by claiming he couldn't remember the passcode to unlock an old phone being sought by investigators.β¦
A criminal crew with a history of deploying malware to harvest credentials from Amazon Web Services accounts may expand its attention to organizations using Microsoft Azure and Google Cloud Platform.β¦
Alex Mashinsky, the now-former CEO of collapsed cryptocurrency concern Celsius, today faces charges of fraud as prosecutors and watchdogs pile in.β¦
Microsoft is causing a stir among some tech pros after confirming it plans to rename Azure AD to Entra.β¦
Patch Tuesday Microsoft today addressed 130 CVE-listed vulnerabilities in its products β and five of those bugs have already been exploited in the wild.β¦
Staff at one of the UK's largest hospital groups have spent a nervous week wondering if private data, stolen from their employer's IT systems by a ransomware gang, is going to be splurged online after a deadline to prevent publication passed.β¦
Infosec in brief With riots rocking the country, French parliamentarians have passed a bill granting law enforcement the right to snoop on suspects via "the remote activation of an electronic device without the knowledge or consent of its owner."Β β¦
Capita has informed some of its employees that its own pension fund was among the victims of a cybercrime attack on its system, resulting in the theft of their personal details, they say.β¦
Nickelodeon says it is probing claims that "decades old" material was stolen from it and leaked online. This follows reports on social media that someone had dumped 500GB of snatched animation files. Hilarity, and many SpongeBob SquarePants memes, ensued.β¦
Microsoft is having a rough week with troubles including an Outlook.com bug that prevented some email users from searching their messages for several hours on Thursday, and a Teams flaw that allows people to send phishing emails and malware to other Teams users.β¦
The port of Nagoya β which shifted 2.68 million shipping containers and 164 million tons of cargo in 2022 β has moved precious few in the last 24 hours after finding itself the latest victim of Russia's notorious LockBit ransomware gang.β¦
A North Korean satellite allegedly designed for reconnaissance was not viable for its alleged intended purpose, according to South Korea's military on Wednesday.β¦
A now-former Amazon manager described by prosecutors as the "mastermind" behind a nearly $10 million scheme to steal money from the online megaretailer using fake invoices has been sentenced to 16 years behind bars in federal prison.β¦
Boffins at the University of California, Davis have devised a purportedly practical way to apply a memory abuse technique called Rowhammer to build unique, stable device fingerprints.β¦
International cops have arrested a suspected "key figure" of a cybercrime group dubbed OPERA1ER that has stolen as much as $30 million from more than 30 banks and financial orgs across 15 countries.β¦
Singapore has joined the ranks of nations requiring digital payment operators to follow the same sort of regulations and customer protection requirements that apply to conventional financial institutions.β¦
Infosec outfit Checkpoint says it's spotted a Chinese actor targeting diplomatic facilities around Europe.β¦
More than 338,000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical bug Fortinet fixed last month that's being exploited in the wild.β¦
America's Transportation Security Agency (TSA) intends to expand its facial-recognition program used to screen US air travel passengers to 430 domestic airports in under a decade.β¦
It's an awkward Monday for Dublin Airport after pay and benefits details for some 2,000 staff were apparently "compromised" following a recent attack on professional service provider Aon.β¦
The United States' National Counterintelligence and Security Center (NCSC) has warned that China's updated Counter-Espionage law β which came into effect on July 1 β is dangerously ambiguous and could pose a risk to global business.β¦
Asia In Brief Japan's government last Friday rebuked Fujitsu for shabby cloud security.β¦
Following claims by ransomware gang LockBit that it has stolen data belonging to TSMC, the chip-making giant has said it was in fact one of its equipment suppliers, Kinmax, that was compromised by the crew, and not TSMC itself.β¦
FreshRSS