If you got snubbed by the object of your affections on dating app Coffee Meets Bagel (CMB) in late August, don't feel bad, the company says its systems were down due to cyber baddies.β¦
Chief information security officers (or CISOs) see human error as the most significant risk to data protection compared to other UK board directors.β¦
It's generally accepted that security flaws in Microsoft's products are a top magnet for crooks and fraudsters: its sprawling empire of hardware and software is a target-rich ecosystem in that there is a wide range of bugs to exploit, and a huge number of vulnerable organizations and users.β¦
The power of the EU's Digital Services Act (DSA) to actually police the world's very large online platforms (VLOPs) has been tested in a new study focused on Russian social media disinformation.β¦
Updated Freecycle, the charity aimed at recycling detritus that would otherwise be headed for landfill, has become the latest organization to suffer at the hands of cyber attackers and admit to a breach.β¦
Northern Ireland's police chief, Simon Byrne, resigned last night after an emergency meeting of the Policing Board amid discontent in the rank and file over a data breach that exposed serving officers' info, as well as news he was considering appealing a court ruling linked to the Troubles.β¦
The risk of running obsolete code and hardware was highlighted after attackers exfiltrated data from a UK supplier of high-security fencing for military bases. The initial entry point? A Windows 7 PC.β¦
Microsoft has reminded users that TLS 1.0 and 1.1 will soon be disabled by default in Windows.β¦
Webinar It's sometimes easy to be lulled into a sense of false security and imagine that your organization or business will not become a target of highly professional cybercriminals, hacktivists and even nation-state actors. But the threat posed by DDoS attacks is very much on the rise.β¦
Nearly four weeks after the Police Service of Northern Ireland (PSNI) published data on 10,000 employees in a botched response to a Freedom of Information request, another two men, aged 21 and 22, have been released on bail after being arrested under the Terrorism Act.β¦
Infosec in brief The latest round of Apple's Security Research Device (SRD) program is open, giving security researchers a chance to get their hands on an unlocked device β and Apple's blessing to attack it and test its security capabilities.β¦
Video Efforts by cops to seize and shut down encrypted messaging apps favored by criminals, and then mine their conversations for evidence, appear to have led to more arrests β plus the seizure of about 2.7 tonnes of cocaine.β¦
Customers of cloudy identification vendor Okta are reporting social engineering attacks targeting their IT service desks in attempts to compromise user accounts with administrator permissions.β¦
Webinar Any organization can lose service, revenue, and reputation as a result. If you are particularly unlucky, a DDoS attack can defenestrate your network defences. You may find yourself facing an cyber criminal who wants to take your business for everything it's got - not an attractive prospect in anybody's book.β¦
Even ransomware operators make mistakes, and in the case of ransomware gang the Key Group, a cryptographic error allowed a team of security researchers to develop and release a decryption tool to restore scrambled files.β¦
Russia's Sandworm crew is using an Android malware strain dubbed Infamous Chisel to remotely access Ukrainian soldiers' devices, monitor network traffic, access files, and steal sensitive information, according to a Five Eyes report published Thursday.β¦
Nearly a third of organizations compromised by Chinese cyberspies via a critical bug in some Barracuda Email Security Gateways were government units, according to Mandiant.β¦
A controversial United Nations proposal has a new foe, Microsoft, which has joined the growing number of organizations warning delegates that the draft version of the UN cybercrime treaty only succeeds in justifying state surveillance β not stopping criminals, as originally intended.β¦
Toyota Japan has recovered from what it's described as a "malfunction in the production order system" that halted production on 28 lines across 14 plants starting on Monday evening.β¦
Russia appears to be "better" at running online trolling campaigns aimed at pushing its political narratives than China, according to Meta's latest Adversarial Threat Report.β¦
Updated The University of Michigan has isolated itself from the internet but, hey, everything's fine!β¦
An appeals court has reversed a 2021 decision to drop a bribery charge against Apple's head of global security, who is accused of donating iPads worth up to $80,000 to a sheriff's office in exchange for giving his Cupertino agents concealed carry weapon licenses.β¦
Uncle Sam today said an international law enforcement effort dismantled Qakbot, aka QBot, a notorious botnet and malware loader responsible for losses totaling hundreds of millions of dollars worldwide, and seized more than $8.6 million in illicit cryptocurrency.β¦
London's Metropolitan Police has said a third-party data breach exposed staff and officers' names, ranks, photos, vetting levels, and salary information.β¦
Purfoods has notified more than 1.2 million people that their personal and medical data βΒ including payment card and bank account numbers, security codes, and some protected health information β may have been stolen from its servers during what sounds like a ransomware infection earlier this year.β¦
Three malware loaders β QBot, SocGholish, and Raspberry Robin β are responsible for 80 percent of observed attacks on computers and networks so far this year.β¦
Infosec in Brief No one likes malware, but malicious code that tracks your location is particularly unlovable.β¦
Asia In Brief Taiwan-based infosec consultancy Team T5 has disputed Microsoft's alleged timeline of just when a Beijing-linked attack group named Flax Typhoon commenced its campaigns.β¦
Tor, which stands for The Onion Router, weathered a massive distributed denial-of-service (DDoS) storm from June last year through to May.β¦
The FBI has warned owners of Barracuda Email Security Gateway (ESG) appliances the devices are likely undergoing attack by snoops linked to China, and removing the machines from service remains the safest course of action.β¦
Webinar It's a fact of life that ransomware is a constant threat, like a dark cloud on every horizon. Recent research suggests that the volume of attacks has doubled in the last year.β¦
Two teenage members of the chaotic Lapsus$ cyber-crime gang helped compromise computer systems of Uber and Nvidia, and also blackmailed Grand Theft Auto maker Rockstar Games among other high-profile victims, a jury has decided.β¦
Two founders of Tornado Cash were formally accused by US prosecutors today of laundering more than $1 billion in criminal proceeds through their cryptocurrency mixer.β¦
Lazarus Group, the infamous cryptocurrency thieves backed by North Korea, may try to liquidate a stash of stolen Bitcoin worth more than $40 million, according to the FBI.β¦
CloudNordic has told customers to consider all of their data lost following a ransomware infection that encrypted the large Danish cloud provider's servers and "paralyzed CloudNordic completely," according to the IT outfit's online confession.β¦
Experian has agreed to cough up $650,000 after being accused of spamming people with no opt-out button.β¦
A New York fintech biz is set to pay $1 million in fines under a US Securities and Exchange Commission order that claims it advertised "annualized" returns on Titan Crypto of up to 2,700 percent, a number based on a "purely hypothetical account."β¦
Webinar You could be forgiven for wondering if anything can ever again be completely straightforward or demonstrably authentic in a world where generative AI can masquerade convincingly as your mother, or express itself in the exact language your best friend might use.β¦
Updated Apple last year introduced a security feature called App Management that's designed to prevent one application from modifying another without authorization under macOS Ventura β but a developer claims itβs not very good at its job under some circumstances.β¦
A critical authentication bypass bug in MobileIron Sentry has been exploited in the wild, its maker Ivanti said in an advisory on Monday.β¦
With America outspending the rest of the world on space technologies, those systems and their blueprints are a highly alluring and lucrative target for sticky-fingered spies, Uncle Sam has reminded industry.β¦
Insiders are to blame for a May data breach at Tesla, the company claimed in filings after news of the incident was reported months ago by German media.β¦
Users of the popular WinRAR compression and archiving tool should update now to avoid a vulnerability that allows code to be run when a user opens a RAR file.β¦
Opinion Information wants to be free. This usefully ambiguous battle cry has been the mischievous slogan of hackers since early networking thinker Stuart Brand coined it in the early 1980s. Intended as part of a discussion about the inherent contradictions of intellectual property, it has bestowed irony in many other places since.β¦
Infosec in brief Someone at Microsoft has some explaining to do after a messed-up DNS record caused emails sent from accounts using Microsoft's Outlook Hotmail service to be rejected and directed to spam folders starting on Thursday.β¦
An Interpol-led operation arrested 14 suspects and identified 20,674 "suspicious" networks spanning 25 African countries that international cops have linked to more than $40 million in cybercrime losses.β¦
Here's a heads up. Another version of BlackCat ransomware has been spotted extorting victims. This variant embeds two tools, we're told: the network toolkit Impacket for lateral movement within compromised environments, and Remcom for remote code execution.β¦
Analysis Despite the hype around criminals using ChatGPT and various other large language models to ease the chore of writing malware, it seems this generative AI technology isn't terribly good at helping with that kind of work.β¦
Updated Miscreants are actively exploiting critical bugs in two of Citrix's products, both of which the business IT player fixed earlier this summer.β¦
A man was arrested in Northern Ireland for suspected Collection of Terrorist Information following an incident where police mistakenly leaked details that identified 10,000 serving officers, but he has now been released on bail.β¦
Japanβs digital minister has doubled down on a June promise to penalize himself for the poor rollout of the countryβs digital ID, My Number Card, by offering up three months salary on Tuesday.β¦
Vietnamβs Ministry of Information and Communications has admitted the nation has a vast shortfall of infosec pros.β¦
Discord.io has shut down "for the foreseeable future," after crooks stole, and then put up for sale, data belonging to all 760,000 of the service's users.β¦
The Clorox Company has some cleaning up to do as some of its IT systems remain offline and operations "temporarily impaired" following a security breach.β¦
Sponsored Feature Securing the corporate network has never been a simple process, but years ago it was at least a bit more straightforward. Back then, the network perimeter was clear and well defined, and everything inside itΒ was considered trusted and safe. The security team defended against everything outside, established security protocols and deployed security tools, monitored the network gateways, and kept sensitive data as safe as possible.β¦
Norfolk and Suffolk police have stepped forward to admit that a βtechnical issueβ resulted in raw data pertaining to crime reports accidentally being included in Freedom of Information responses.β¦
The former chief executive of a company that was sold to Qualcomm for more than $150 million has pleaded guilty to one count of money laundering relating to a $1.5 million transaction involving proceeds from the deal.β¦
Authorities in the US state of Georgia have indicted a famous Floridian and his loyal associates on counts including theft of data, software, and personal information.β¦
China's Global Times, a state-controlled media outlet, has teased an imminent exposΓ© of alleged US attacks on seismic data measurement stations.β¦
Two Nigerian men have been extradited to the US and were scheduled to appear in deferral court on Monday, charged with sextortion and causing the death of one of their victims: a teen who was found dead from a self-inflicted gunshot wound.β¦