Login
A brand-new macOS malware strain from North Korean state-sponsored hackers has been spotted in the wild.β¦
A 34-year-old woman has been jailed for 18 months after trying to use Rentahitman.com β no, really β to pay a contract killer to eliminate a rival she was beefing with. Her would-be assassin-for-hire unsurprisingly turned out to be an FBI agent.β¦
America's immigration cops have pushed back against an official probe that concluded their lax mobile device security potentially put sensitive government information at risk of being stolen by foreign snoops.β¦
A Russian woman the US accuses of being a career money launderer is the latest to be sanctioned by the country for her alleged role in moving hundreds of millions of dollars on behalf of oligarchs and ransomware criminals.β¦
Infosec in brief Okta has confirmed details of its October breach, reporting that the incident led to the compromise of files belonging to 134 customers, "or less than 1 percent of Okta customers."Β β¦
Webinar Organisations in multiple industries often face risks which can severely impact their operational resilience. Cyber criminals like to use ransomware and vulnerable third-party connections to hijack operational technology (OT) systems which can stop production in manufacturing environments, for example.β¦
A British court has sentenced a "corrupt" police analyst to almost four years behind bars for tipping off a friend that officers had compromised the EncroChat encrypted messaging app network.β¦
Hilb Group has warned more than 81,000 people that around the start of 2023 criminals broke into the work email accounts of its employees and may have stolen a bunch of sensitive personal information.β¦
A former software developer for Britain's cyberspy agency is facing years in the slammer after being sentenced for stabbing a National Security Agency (NSA) official multiple times.β¦
Microsoft has made fresh commitments to harden the security of its software and cloud services after a year in which numerous members of the global infosec community criticized the company's tech defenses.β¦
A "debt management company" is itself facing a bill from Britain's data regulator for sending hundreds of thousands of text messages to households that opted not to receive marketing junk mail.β¦
China's Cyberspace Administration (CAC) has punished Alibaba-owned search engine Quark and livestreaming platform NetEase for content it deemed vulgar.β¦
Sam Bankman-Fried, the founder and former CEO of crypto exchange FTX and trading firm Alameda Research, has been found guilty of seven criminal charges.β¦
The proportion of cybersecurity professionals reporting low "happiness ratings" has risen sharply over the last 12 months, raising concerns about increasing burnout rates in the industry.β¦
Security researchers have confirmed that ransomware criminals are capitalizing on a maximum-severity vulnerability in Apache ActiveMQ.β¦
Updated Okta has sent out breach notifications to almost 5,000 current and former employees, warning them that miscreants breached one of its third-party vendors and stole a file containing staff names, social security numbers, and health or medical insurance plan numbers.β¦
Boeing has acknowledged a cyber incident just days after ransomware gang LockBit reportedly exfiltrated sensitive data from the aerospace defence contractor.β¦
As the expiration date for the Feds' Section 702 surveillance powers draws closer, FBI Director Christopher Wray has warned a US Senate committee that his agents may not be able to stop the next major cyberattack if lawmakers allow the contentious spying authorization to lapse.β¦
Ransomware crooks claim they've stolen data from a firm that helps other organizations run medical trials after one of its executives had their cellphone number and accounts hijacked.β¦
The Mozi botnet has all but disappeared according to security folks who first noticed the prolific network's slowdown and then uncovered a kill switch for the IoT system. But they still have one unanswered question: "Who killed Mozi?"β¦
Three Russian nationals were arrested in New York yesterday on charges of moving electronics components worth millions to sanctioned entities in Russia, pieces of which were later recovered on battlefields in Ukraine.β¦
Vulnerabilities in F5's BIG-IP suite are already being exploited after proof of concept (PoC) code began circulating online.β¦
Cybercriminals are once again abusing macro-enabled Excel add-in (XLL) files in malware attacks at a vastly increased rate, according to new research.β¦
The short-lived RansomedVC ransomware operation is being shopped around by its owner, who is claiming to offer a 20 percent discount just a day after first listing it for sale.β¦
Webinar Cyberattacks on industrial control systems are becoming more common, and there isn't likely to be a let up any time soon.β¦
Indian politicians and media figures have reported that Apple has warned them their accounts may be under attack by state-sponsored actors.β¦
Top White House officials are working to secure an agreement between almost 50 countries to not pay ransom demands to cybercriminals as the international Counter Ransomware Initiative (CRI) summit gets underway in Washington DC Tuesday.β¦
Citrix Bleed, the critical information-disclosure bug that affects NetScaler ADC and NetScaler Gateway, is now under "mass exploitation," as thousands of Citrix NetScaler instances remain vulnerable, according to security teams.β¦
For a period of two years between September 2019 and September 2021, two Americans and two Russians allegedly compromising the taxi dispatch system at John F. Kennedy International Airport in New York to sell cabbies a place at the front of the dispatch line.β¦
Ace Hardware appears to have been the latest organization to succumb to a cyberattack, judging by its website and a message from CEO John Venhuizen.β¦
The US has approved mandatory data breach reporting requirements that impose a 30-day deadline for non-banking financial organizations to report incidents.β¦
The British Library has confirmed to The Register that a "cyber incident" is the cause of a "major" multi-day IT outage.β¦
A UK minister for policing has called for forces to double their use of algorithmic-assisted facial recognition in a bid to snare more criminals.β¦
From November, it will be possible to pay Meta to stop shoveling ads in your Instagram or Facebook feeds and slurping your data for marketing purposes so long as you live in the EU, EEA, or Switzerland.β¦
Atlassian has told customers they βmust take immediate actionβ to address a newly discovered flaw in its Confluence collaboration tool.β¦
A 20-year-old Florida man has been sentenced to 30 months behind bars for his role in a SIM-swapping ring that stole nearly $1 million in cryptocurrency from dozens of victims.β¦
Three unpatched high-severity bugs in the NGINX ingress controller can be abused by miscreants to steal credentials and other secrets from Kubernetes clusters.Β β¦
Security researchers have uncovered a multi-year cryptojacking campaign they claim autonomously clones GitHub repositories and steals their exposed AWS credentials.β¦
Stanford University has confirmed it is "investigating a cybersecurity incident" after an attack last week by the Akira ransomware group.β¦
Security In Brief Notorious ransomware gang LockBit has reportedly exfiltrated βa tremendous amount of sensitive data from aerospace outfit Boeing.β¦
Three years after Apple introduced a menu setting called Private Wi-Fi Address, a way to spoof network identifiers called MAC addresses, the privacy protection may finally work as advertised, thanks to a software fix.β¦
F5 has issued a fix for a remote code execution (RCE) bug in its BIG-IP suite carrying a near-maximum severity score.β¦
Microsoft's latest report on "one of the most dangerous financial criminal groups" operating offers security pros an abundance of threat intelligence to protect themselves from its myriad tactics.β¦
With the assent of King Charles, the United Kingdom's Online Safety Act has become law, one that the British government says will "make the UK the safest place in the world to be online."β¦
Apple pushed several security fixes on Wednesday, including one for all iPhone and iPads used before September last year that has already been exploited by cyber snoops.β¦
Kettle In this week's Kettle the topic is one that's been much in the news this week - the much-underrated insider threat issue.β¦
University researchers have developed a novel exploit that can steal information from virtually all modern Apple Macs, iPhones, and iPads.β¦
ServiceNow is issuing a fix for a flaw that exposes data after a researcher published a method for unauthenticated attackers to steal an organization's sensitive files.β¦
Cybercriminals have Canada in the crosshairs, with five Ontario hospitals and a fresh Spamoflague disinformation campaign targeting "dozens" of Canadian government officials, including the PM.β¦
The Winter Vivern cyber spy group is exploiting an XSS zero-day vulnerability in attacks on European governments.β¦
Webinar It's a challenge to maintain the availability and security of mission critical data in today's environment. As IT teams know only too well, there's no quiet season for enterprise IT operations or cyber threats.β¦
A newly emerged ransomware gang claims to have successfully gained access to the systems of a US plastic surgeon's clinic, leaking patients' pre-operation pictures in an attempt to hurry a ransom payment.β¦
VMware has disclosed a critical vulnerability in its vCenter Server β and that it issued an update to fix it weeks ago, along with patches for unsupported versions of the software.β¦
Video Boffins from ETH Zurich have devised a novel fuzzer for finding bugs in RISC-V chips and have used it to find more than three dozen.β¦
Citrix has urged admins to "immediately" apply a fix for CVE-2023-4966, a critical information disclosure bug that affects NetScaler ADC and NetScaler Gateway, admitting it has been exploited.β¦
A former US National Security Agency techie has plead guilty to six counts of violating the Espionage Act after being caught handing classified information to FBI agents he thought were Russian spies.Β β¦
1Password is confirming it was attacked by cyber criminals after Okta was breached for the second time in as many years, but says customers' login details are safe.β¦
Element, one of the companies behind decentralized comms platform Matrix, says customers are asking it to insert a protective clause from the encryption-busting element of UK government's Online Safety Bill (OSB).β¦
A third-party contractor running a database without password protection exposed more than 500,000 records related to vehicle seizures by the Irish National Police (An Garda SΓochΓ‘na, "Garda").β¦
Sponsored Post The job of the cyber security professional is never easy, and it gets progressively harder with the movement of sensitive data and applications across the multiple different on and off premise systems that make up modern hybrid cloud environments.β¦
FreshRSS