Login
A third-party contractor running a database without password protection exposed more than 500,000 records related to vehicle seizures by the Irish National Police (An Garda SΓochΓ‘na, "Garda").β¦
Sponsored Post The job of the cyber security professional is never easy, and it gets progressively harder with the movement of sensitive data and applications across the multiple different on and off premise systems that make up modern hybrid cloud environments.β¦
China-based scammers are using a combination of fake loan apps and India's real-time mobile payment system, Unified Payments Interface (UPI), to separate victims from their cash, according to a report by threat intel firm CloudSEK.β¦
After a six-day wait, Cisco started rolling out a patch for a critical bug that miscreants had exploited to install implants in thousands of devices. Alas, it seems, the security results have been mixed since the attackers got wise.β¦
The US Capital's election agency says a ransomware crew might have stolen its entire voter roll, which includes the personal information of all registered voters in the District of Columbia.β¦
Microsoft is opening up the early access program for its flagship cybersecurity AI product, which marks the inevitable folding in of Copilot into its infosec suite.β¦
Webinar There is no longer an off button for businesses and organizations, no closed signs, or downtime. This means enterprise IT operations and data assets must be protected round the clock in all operating environments.β¦
A Moldovan who allegedly ran the compromised-credential marketplace E-Root has been extradited from the UK to America to stand trial.β¦
Japanese electronics giant Casio said miscreants broke into its ClassPad server and stole a database with personal information belonging to customers in 149 countries.β¦
Law enforcement agencies have taken over RagnarLocker ransomware group's leak site in an internationally coordinated takedown.β¦
A cybercriminal claims they've uploaded a second batch of stolen profile data from biotech company 23andMe, posting it to the same cybercrime forum that hosted the first batch two weeks ago.β¦
A former IT manager for the US Navy is facing a five-and-a-half year prison sentence for selling thousands of people's personal records on the dark web.β¦
Sponsored Post Organisations that fail to adequately address the potential vulnerabilities that internal employees sometimes encounter when developing an IT security strategy are exposing themselves to potentially catastrophic dangers, infosec experts have warned.β¦
D-Link has confirmed suspicions that it was successfully targeted by cyber criminals, but is talking down the scale of the impact.β¦
An ethical hacker has exploited a bug in the way X truncates URLs to take over a CIA Telegram channel used to receive intelligence.β¦
US authorities have issued an urgent plea to network admins to patch the critical vulnerability in Atlassian Confluence Data Center and Server amid ongoing nation-state exploitation.β¦
Sustainable aviation fuels (SAFs) made from sources other than fossil fuels have the potential to reduce emissions by up to 80 percent, UK researchers have found.β¦
Sponsored Post Imminent changes to cyber security regulations in the US and Europe demand that public and private sector organizations on both side of the Atlantic keep a close eye on their compliance.β¦
An unspecified security incident is forcing many state courts across Kansas to rely on paper filings, and it may have continue to do so for weeks, a state judge has warned.β¦
Security researchers have uncovered a backdoor used in attacks against governments and organizations in the Association of Southeast Asian Nations (ASEAN).β¦
Infosec in brief The fallout from the exploitation of bugs in Progress Software's MOVEit file transfer software continues, with the US Securities and Exchange Commission (SEC) now investigating the matter, and lots of affected parties seeking compensation.Β β¦
Shadow, which hosts Windows PC gaming in the cloud among other services, has confirmed criminals stole a database containing customer data following a social-engineering attack against one of its employees.β¦
An early ransomware campaign against organizations by exploiting the vulnerability in Progress Software's WS_FTP Server was this week spotted by security researchers.β¦
Perceived weaknesses in the security of Microsoft's Visual Studio IDE are being raised once again this week with a fresh single-click exploit.β¦
35 vulnerabilities in the Squid caching proxy remain unfixed more than two years after being found and disclosed to the open source project's maintainers, according to the person who reported them.β¦
The Everest ransomware group is stepping up its efforts to purchase access to corporate networks directly from employees amid what researchers believe to be a major transition for the cybercriminals.β¦
Sponsored Feature In August 2023, Danish hosting subsidiaries CloudNordic and AzeroCloud were on the receiving end of one of the most serious ransomware attacks ever made public by a cloud services company.β¦
Simpson Manufacturing Company yanked some tech systems offline this week to contain a cyberattack it expects will "continue to cause disruption."β¦
Partner Content According to the Cyber Security Breaches Survey 26 percent of medium businesses, 37 percent of large businesses and 25 percent of high-income charities have experienced cyber crime in the last 12 months.β¦
A US Navy service member pleaded guilty yesterday to receiving thousands of dollars in bribes from a Chinese spymaster in exchange for passing on American military secrets.β¦
Updated After a week of rampant speculation about the nature of the security issues in curl, the latest version of the command line transfer tool was finally released today.β¦
Opinion The UK Extension to the EU-US Data Privacy Framework (aka Data Bridge) will enter into force on October 12, allowing certifying entities to easily transfer personal data from the UK to the US.β¦
Patch Tuesday Microsoft on Tuesday issued more than 100 security updates to fix flaws in its products, including two bugs that are already under active attack, as well as addressing an HTTP/2 weakness that has also been exploited in the wild.β¦
At the fraud trial of former FTX head Sam Bankman-Fried, prosecutors presented the jury with Python code for the FTX backend that allowed flagged client accounts to spend money they didn't have on the cryptocurrency exchange.β¦
A zero-day vulnerability in the HTTP/2 protocol was exploited to launch the largest distributed denial-of-service (DDoS) attack on record, according to Cloudflare.β¦
The infamous Mirai botnet was spotted by researchers who say it is spinning up again, this time with an "aggressively updated arsenal of exploits."β¦
Researchers discovered a high-severity remote code execution (RCE) vulnerability in an inherent component of GNOME-based Linux distros, potentially impacting a huge number of users.β¦
Updated Start your patch engines β a new version of curl is due tomorrow that addresses a pair of flaws, one of which lead developer Daniel Stenberg describes as "probably the worst curl security flaw in a long time."β¦
The time taken by cyber attackers between gaining an initial foothold in a victim's environment and deploying ransomware has fallen to 24 hours, according to a study.β¦
Sponsored The cyber attack which culminated in the personal details of 1.5m patients being compromised after hackers broke into the databases of SingHealth in 2018 provides a stark illustration of why organizations in Singapore need to remain vigilant and well protected against further incidents.β¦
A former US Army Sergeant with Top Secret US military clearance created a Word document entitled "Important Information to Share with Chinese Government," according to an FBI agent's sworn declaration.β¦
Hacktivism efforts have proliferated rapidly in the Middle East following the official announcement of a war between Palestine and Israel.β¦
Volex, the British integrated maker of critical power and data transmission cables, confirmed this morning that intruders accessed data after breaking into its tech infrastructure.β¦
Infosec in brief Bot defense software vendor Human Security last week detailed an attack that "sold off-brand mobile and Connected TV (CTV) devices on popular online retailers and resale sites β¦ preloaded with a known malware called Triada."β¦
The US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) are blaming unchanged default credentials as the prime security misconfiguration that leads to cyberattacks.β¦
MGM Resorts has admitted that the cyberattack it suffered in September will likely cost the company at least $100 million.β¦
CDW, one of the largest resellers on the planet, will have its data leaked by LockBit after negotiations over the ransom fee broke down, a spokesperson for the cybercrime gang says.β¦
Sponsored Feature Most of us dislike cyber criminals, but not many of us dislike them quite as much as Anthony Cusimano.β¦
Google has committed to being a little less creepy with user data in response to proceedings from the German Federal Cartel Office (Bundeskartellamt).β¦
Singapore-based infosec outfit Group-IB on Thursday released details of a new Android trojan that exploits the operating system's accessibility features to steal info that enables theft of personal information.β¦
Cisco has issued a security advisory about a vulnerability in its Emergency Responder software that would allow an unauthenticated remote attacker to log in to an affected device using the root account.β¦
Apple has demonstrated that it can more than hold its own among the tech giants, at least in terms of finding itself on the wrong end of zero-day vulnerabilities.β¦
The Lorenz ransomware group leaked the details of every person who contacted it via its online contact form over the course of the last two years.β¦
South Korea's National Intelligence Service (NIS) has warned North Korea is attacking its shipbuilding sector.β¦
Atlassian today said miscreants have exploited a critical bug in on-premises instances of Confluence Server and Confluence Data Center to create and abuse admin accounts within the enterprise colab software.Β Β β¦
Grab security updates for your Linux distributions: there's a security hole that can be fairly easily exploited by rogue users, intruders, and malicious software to gain root access and take over the box.β¦
NATO is "actively addressing" multiple IT security incidents after a hacktivist group claimed it once again breached some of the military alliance's websites, this time stealing what's claimed to be more than 3,000 files and 9GB of data.β¦
New guidelines have been codified to govern the rules of engagement concerning hacktivists involved in ongoing cyber warfare.β¦
The US Fifth Circuit Court of Appeals has modified a ruling from last month to add the Cybersecurity and Infrastructure Security Agency (CISA) to a list of US government entities prohibited from working with social media outfits to curtail the spread of misinformation.Β β¦
A trio of now-patched security issues in TorchServe, an open-source tool for scaling PyTorch machine-learning models in production, could lead to server takeover and remote code execution (RCE), according to security researchers.β¦
FreshRSS