Two Indian nationals have each received 41-month prison sentences in the United States for their involvement in a $1.2 million robocall scam targeting the elderly, according to New Jersey prosecutors on Tuesday.β¦
A sysadmin and his partner pleaded guilty this week to being part of a "massive" international ring that sold software licenses worth $88 million for "significantly below the wholesale price."β¦
Sponsored Post Cyber security remains a top three priority for most, if not all, organisations. The risks associated with failure to implement adequate defences were once again highlighted by the ransomware incident which impacted several hospital computer systems across the US last month.β¦
Singapore officials announced on Monday that next month they will deliver a consultation paper detailing a split liability scheme that will mean both consumers and banks are on the hook for financial losses flowing from scams.β¦
Cavium, a maker of semiconductors acquired in 2018 by Marvell, was allegedly identified in documents leaked in 2013 by Edward Snowden as a vendor of semiconductors backdoored for US intelligence. Marvell denies it or Cavium placed backdoors in products at the behest of the US government.β¦
A Russian national helped smuggle, via shell companies in Hong Kong, more than $1.6 million in microelectronics to Moscow potentially to support its war against Ukraine, it is claimed.β¦
The Clorox Company, makers of bleach and other household cleaning products, doesn't expect operations to return to normal until near month end as it combs over "widescale disruption to operations" caused by cyber baddies.β¦
Australia will build "six cyber shields around our nation" declared home affairs minister Clare O'Neill yesterday, as part of a national cyber security strategy.β¦
About 79 percent of public-facing Juniper SRX firewalls remain vulnerable to a single security flaw can allow an unauthenticated attacker to remotely execute code on the devices, according to threat intelligence platform provider VulnCheck.β¦
Last October, Pennsylvania State University (Penn State) was sued by a former chief information officer for allegedly falsifying government security compliance reports.β¦
A Microsoft employee accidentally exposed 38 terabytes of private data while publishing a bucket of open-source AI training data on GitHub, according to Wiz security researchers who spotted the leaky account and reported it to the Windows giant.β¦
Infosec in brief Californians may be on their way to the nation's first "do not broker" list with the passage of a bill that would create a one-stop service for residents of the Golden State who want to opt out of being tracked by data brokers.Β β¦
As cloud native computing continues to gain popularity, so does the risk posed by criminals seeking to exploit the unwary. One newly spotted method targets services on the AWS platform, but not necessarily the ones you might think.β¦
Israeli software maker Insanet has reportedly developed a commercial product called Sherlock that can infect devices via online adverts to snoop on targets and collect data about them for the biz's clients.β¦
Scattered Spider, the crew behind at least one of the recent Las Vegas casino IT security breaches, has already hit some 100 organizations during its so-far brief tenure in the cybercrime scene, according to Mandiant.β¦
Google has been hit with another lawsuit alleging it deceived users about its collection, storage, and use of their location data, this time from the state of California.Β Yet it's over before it really began.β¦
The UK's Greater Manchester Police (GMP) has admitted that crooks have got their mitts on some of its data after a third-party supplier responsible for ID badges was attacked.β¦
The International Joint Commission, a body that manages water rights along the US-Canada border, has confirmed its IT security was targeted, after a ransomware gang claimed it stole 80GB of data from the organization.β¦
Updated Casino giant Caesars Entertainment has confirmed miscreants stole a database containing customer info, including driver license and social security numbers for a "significant number" of its loyalty program members, in a social engineering attack earlier this month.β¦
Cloud-based bug tracking and monitoring platform Rollbar has warned users that attackers have rifled through their data.β¦
Twice delayed and over budget, the US Department of Homeland Security (DHS) has been told by the Government Accountability Office (GAO) that it needs to correct shortcomings in its biometric identification program.β¦
Deepfakes are coming for your brand, bank accounts, and corporate IP, according to a warning from US law enforcement and cyber agencies.β¦
Aerospace giant Airbus has fallen victim to a data breach, thanks in part to the inattention of a third party.β¦
Researchers have found almost 15,000 automotive accounts for sale online and pointed at a credential-stuffing attack that targeted car makers.β¦
Some smart cookies at institutions in China and Singapore have devised a technique for reading keystrokes and pilfering passwords or passcodes from Wi-Fi-connected mobile devices on public networks, without any hardware hacking.β¦
The number of claimants signing up to a collective action against Capita over the infamous March cyber security break-in and subsequent data exposure keeps going up, according to the lawyer overseeing the case.β¦
Sri Lanka's Computer Emergency Readiness Team (CERT) is currently investigating a ransomware attack on the government's cloud infrastructure that affected around 5,000 email accounts, it revealed on Tuesday.β¦
Espionage-ware thought to have been developed by China has once again been spotted within the power grid of a neighboring nation.β¦
Patch Tuesday It's every Windows admin's favorite day of the month: Patch Tuesday. Microsoft emitted 59 patches for its September update batch, including two for bugs that have already been exploited.β¦
OpenSSL 1.1.1 has reached the end of its life, making a move to a later version essential for all, bar those with extremely deep pockets.β¦
Updated Google and Mozilla have rushed out a fix for a vulnerability within their browsers β Chrome and Firefox, respectively β noting an exploit already exists in the wild.β¦
Updated Cybercrime crew BianLian says it has broken into the IT systems of a top nonprofit and stolen a ton of files, including what the miscreants claim is financial, health, and medical data.β¦
MGM Resorts has shut down some of its IT systems following a "cybersecurity incident" that the casino-and-hotel giant says is currently under investigation.β¦
Akamai says it thwarted a major distributed denial-of-service (DDoS) attack aimed at a US bank that peaked atΒ 55.1 million packets per second earlier this month.β¦
Infosec in brief Watch out, cyber security researchers: Suspected North Korean-backed hackers are targeting members of the infosec community again, according to Google's Threat Analysis Group (TAG).β¦
Apple devices are again under attack, with a zero-click, zero-day vulnerability used to deliver Pegasus spyware to iPhones discovered in the wild.β¦
Microsoft, which earlier this week admitted not being able to detect a Chinese attack on its own infrastructure, has published a report [PDF] titled "Digital threats from East Asia increase in breadth and effectiveness." In the report, Redmond's Threat Intelligence group expounds on its fresh insight into evolving online aggressions from both China and North Korea.β¦
Vladislav Klyushin, the Russian owner of security penetration testing firm M-13, was jailed for nine years in the US on Thursday for his involvement in a cyber-crime operation that stole top corporations' confidential financial information to make $93 million through insider trading.β¦
The US and UK governments named and sanctioned 11 Russians said to be connected to the notorious Trickbot cybercrime crew this week.β¦
An ex-Tesla staffer has filed a proposed class action lawsuit that blames poor access control at the carmaker for a data leak, weeks after Tesla itself sued the alleged leakers, two former employees.β¦
Updated Depressingly predictable research from Which? serves as another reminder, if one was needed, that furnishing your home with internet-connected "smart" devices could be a dumb idea if you'd rather try to preserve your privacy.β¦
Comment Sanity appears to have prevailed in the debate over the UK's Online Safety Bill after the government agreed to ditch proposals β at least for the time being β to legislate the scanning of end-to-end encrypted messages.β¦
Analysis Chinese authorities have reportedly banned Apple's iPhones from some government offices.β¦
Remember that internal super-secret Microsoft security key that China stole and used to break into US government email accounts back in July?Β β¦
A California man has admitted he failed to bake anti-money laundering protections into his cryptocurrency exchange, thus allowing scammers and drug traffickers to launder millions of dollars through the service.β¦
If you got snubbed by the object of your affections on dating app Coffee Meets Bagel (CMB) in late August, don't feel bad, the company says its systems were down due to cyber baddies.β¦
Chief information security officers (or CISOs) see human error as the most significant risk to data protection compared to other UK board directors.β¦
It's generally accepted that security flaws in Microsoft's products are a top magnet for crooks and fraudsters: its sprawling empire of hardware and software is a target-rich ecosystem in that there is a wide range of bugs to exploit, and a huge number of vulnerable organizations and users.β¦
The power of the EU's Digital Services Act (DSA) to actually police the world's very large online platforms (VLOPs) has been tested in a new study focused on Russian social media disinformation.β¦
Updated Freecycle, the charity aimed at recycling detritus that would otherwise be headed for landfill, has become the latest organization to suffer at the hands of cyber attackers and admit to a breach.β¦
Northern Ireland's police chief, Simon Byrne, resigned last night after an emergency meeting of the Policing Board amid discontent in the rank and file over a data breach that exposed serving officers' info, as well as news he was considering appealing a court ruling linked to the Troubles.β¦
The risk of running obsolete code and hardware was highlighted after attackers exfiltrated data from a UK supplier of high-security fencing for military bases. The initial entry point? A Windows 7 PC.β¦
Microsoft has reminded users that TLS 1.0 and 1.1 will soon be disabled by default in Windows.β¦
Webinar It's sometimes easy to be lulled into a sense of false security and imagine that your organization or business will not become a target of highly professional cybercriminals, hacktivists and even nation-state actors. But the threat posed by DDoS attacks is very much on the rise.β¦
Nearly four weeks after the Police Service of Northern Ireland (PSNI) published data on 10,000 employees in a botched response to a Freedom of Information request, another two men, aged 21 and 22, have been released on bail after being arrested under the Terrorism Act.β¦
Infosec in brief The latest round of Apple's Security Research Device (SRD) program is open, giving security researchers a chance to get their hands on an unlocked device β and Apple's blessing to attack it and test its security capabilities.β¦
Video Efforts by cops to seize and shut down encrypted messaging apps favored by criminals, and then mine their conversations for evidence, appear to have led to more arrests β plus the seizure of about 2.7 tonnes of cocaine.β¦
Customers of cloudy identification vendor Okta are reporting social engineering attacks targeting their IT service desks in attempts to compromise user accounts with administrator permissions.β¦
Webinar Any organization can lose service, revenue, and reputation as a result. If you are particularly unlucky, a DDoS attack can defenestrate your network defences. You may find yourself facing an cyber criminal who wants to take your business for everything it's got - not an attractive prospect in anybody's book.β¦
Even ransomware operators make mistakes, and in the case of ransomware gang the Key Group, a cryptographic error allowed a team of security researchers to develop and release a decryption tool to restore scrambled files.β¦