Login
US-based research group IPVM has accused Chinese video surveillance equipment company Hikvision of engaging with a contract to develop technology that can identify Muslim students that are fasting during Ramadan, based on their dining records.β¦
An academic study has shown how it's possible for someone to snoop on certain devices' SSH connections and, with a bit of luck, impersonate that equipment after silently figuring out the hosts' private RSA keys.β¦
Updated Google has sued three scammers for offering a fake download of its Bard AI chatbot that contained malware capable of stealing credentials for small business' social media accounts.β¦
Danish critical infrastructure faced the biggest online attack in the country's history in May, according to SektorCERT, Denmark's specialist organization for the cybersecurity of critical kit.β¦
Opinion Cybersecurity has many supremely annoying aspects. It soaks up talent, time, and money like the English men's football squad, and like that benighted institution, the results never seem to change.β¦
Webinar It seems counterintuitive to want to lock in a cybercriminal who has crept past all your defences to smuggle data out from under your nose.β¦
Infosec in brief After spending almost a year cleaning up after various security snafus, the UK's Royal Mail had an open redirect flaw on one of its sites, according to infosec types. We're told this vulnerability potentially exposes customers to malware infections and phishing attacks.β¦
Asia in brief Australia's National Cyber Security Coordinator has described an attack on logistics company DP World as a "nationally significant cyber incident."β¦
The LockBit crew is claiming to have leaked all of the data it stole from Boeing late last month, after the passenger jet giant apparently refused to pay the ransom demand.β¦
The founder of the Poloniex has offered to pay off thieves who drained an estimated $120 million of user funds from the cryptocurrency exchange in a raid on Friday.β¦
Short-lived ransomware outfit Ransomed.vc claims to have shut down for good after a number of suspected arrests.β¦
China's largest bank, ICBC, was hit by ransomware that resulted in disruption of financial services (FS) systems on Thursday Beijing time, according to a notice on its website.β¦
Intel has been sued by a handful of PC buyers who claim the x86 goliath failed to act when informed five years ago about faulty chip instructions that allowed the recent Downfall vulnerability, and during that period sold billions of insecure chips.β¦
SolarWinds has come out guns blazing to defend itself following the US Securities and Exchange Commission's announcement that it will be suing both the IT software maker and its CISO over the 2020 SUNBURST cyberattack.β¦
The cybercriminals behind the stream of MOVEit attacks from earlier this year are making use of a zero-day vulnerability in on-prem instances of IT service and help desk software-slinger SysAid.β¦
Blackouts in Ukraine last year were not just caused by missile strikes on the nation but also by a seemingly coordinated cyberattack on one of its power plants. That's according to Mandiant's threat intel team, which said Russia's Sandworm crew was behind the two-pronged power-outage and data-wiping attack.β¦
Infosec bods have detailed an underground cybersecurity tool dubbed Predator AI that not only can be used to compromise poorly secured cloud services and web apps, but has an optional chat-bot assistant that only kinda works.β¦
Microsoft and Meta have very different initiatives to combat misinformation in 2024, slated to be a busy election year all over the globe, but whether they'll be effective is another issue.β¦
Atlassian reassessed the severity rating of the recent improper authorization vulnerability in Confluence Data Center and Server, raising the CVSS score from 9.1 to a maximum of 10.β¦
The Monero Project is admitting that one of its wallets was drained by an unknown source in September, losing the equivalent of around $437,000 at today's exchange rate.β¦
Webinar Daily incursions are underway with the aim of removing every bit of data that you've got - the cyber criminals' aim is to break in and get out again laden with digital booty.β¦
Lawmakers in Europe are expected to adopt digital identity rules that civil society groups say will make the internet less secure and open up citizens to online surveillance.β¦
Microsoft is introducing three Conditional Access policies for sysadmins as it continues to promote the implementation of multi-factor authentication (MFA) in organizations.β¦
The UK government has set in train plans to introduce legislation requiring tech companies to let it know when they plan to introduce new security technologies and could potentially force them to disable when required.β¦
A brand-new macOS malware strain from North Korean state-sponsored hackers has been spotted in the wild.β¦
A 34-year-old woman has been jailed for 18 months after trying to use Rentahitman.com β no, really β to pay a contract killer to eliminate a rival she was beefing with. Her would-be assassin-for-hire unsurprisingly turned out to be an FBI agent.β¦
America's immigration cops have pushed back against an official probe that concluded their lax mobile device security potentially put sensitive government information at risk of being stolen by foreign snoops.β¦
A Russian woman the US accuses of being a career money launderer is the latest to be sanctioned by the country for her alleged role in moving hundreds of millions of dollars on behalf of oligarchs and ransomware criminals.β¦
Infosec in brief Okta has confirmed details of its October breach, reporting that the incident led to the compromise of files belonging to 134 customers, "or less than 1 percent of Okta customers."Β β¦
Webinar Organisations in multiple industries often face risks which can severely impact their operational resilience. Cyber criminals like to use ransomware and vulnerable third-party connections to hijack operational technology (OT) systems which can stop production in manufacturing environments, for example.β¦
A British court has sentenced a "corrupt" police analyst to almost four years behind bars for tipping off a friend that officers had compromised the EncroChat encrypted messaging app network.β¦
Hilb Group has warned more than 81,000 people that around the start of 2023 criminals broke into the work email accounts of its employees and may have stolen a bunch of sensitive personal information.β¦
A former software developer for Britain's cyberspy agency is facing years in the slammer after being sentenced for stabbing a National Security Agency (NSA) official multiple times.β¦
Microsoft has made fresh commitments to harden the security of its software and cloud services after a year in which numerous members of the global infosec community criticized the company's tech defenses.β¦
A "debt management company" is itself facing a bill from Britain's data regulator for sending hundreds of thousands of text messages to households that opted not to receive marketing junk mail.β¦
China's Cyberspace Administration (CAC) has punished Alibaba-owned search engine Quark and livestreaming platform NetEase for content it deemed vulgar.β¦
Sam Bankman-Fried, the founder and former CEO of crypto exchange FTX and trading firm Alameda Research, has been found guilty of seven criminal charges.β¦
The proportion of cybersecurity professionals reporting low "happiness ratings" has risen sharply over the last 12 months, raising concerns about increasing burnout rates in the industry.β¦
Security researchers have confirmed that ransomware criminals are capitalizing on a maximum-severity vulnerability in Apache ActiveMQ.β¦
Updated Okta has sent out breach notifications to almost 5,000 current and former employees, warning them that miscreants breached one of its third-party vendors and stole a file containing staff names, social security numbers, and health or medical insurance plan numbers.β¦
Boeing has acknowledged a cyber incident just days after ransomware gang LockBit reportedly exfiltrated sensitive data from the aerospace defence contractor.β¦
As the expiration date for the Feds' Section 702 surveillance powers draws closer, FBI Director Christopher Wray has warned a US Senate committee that his agents may not be able to stop the next major cyberattack if lawmakers allow the contentious spying authorization to lapse.β¦
Ransomware crooks claim they've stolen data from a firm that helps other organizations run medical trials after one of its executives had their cellphone number and accounts hijacked.β¦
The Mozi botnet has all but disappeared according to security folks who first noticed the prolific network's slowdown and then uncovered a kill switch for the IoT system. But they still have one unanswered question: "Who killed Mozi?"β¦
Three Russian nationals were arrested in New York yesterday on charges of moving electronics components worth millions to sanctioned entities in Russia, pieces of which were later recovered on battlefields in Ukraine.β¦
Vulnerabilities in F5's BIG-IP suite are already being exploited after proof of concept (PoC) code began circulating online.β¦
Cybercriminals are once again abusing macro-enabled Excel add-in (XLL) files in malware attacks at a vastly increased rate, according to new research.β¦
The short-lived RansomedVC ransomware operation is being shopped around by its owner, who is claiming to offer a 20 percent discount just a day after first listing it for sale.β¦
Webinar Cyberattacks on industrial control systems are becoming more common, and there isn't likely to be a let up any time soon.β¦
Indian politicians and media figures have reported that Apple has warned them their accounts may be under attack by state-sponsored actors.β¦
Top White House officials are working to secure an agreement between almost 50 countries to not pay ransom demands to cybercriminals as the international Counter Ransomware Initiative (CRI) summit gets underway in Washington DC Tuesday.β¦
Citrix Bleed, the critical information-disclosure bug that affects NetScaler ADC and NetScaler Gateway, is now under "mass exploitation," as thousands of Citrix NetScaler instances remain vulnerable, according to security teams.β¦
For a period of two years between September 2019 and September 2021, two Americans and two Russians allegedly compromising the taxi dispatch system at John F. Kennedy International Airport in New York to sell cabbies a place at the front of the dispatch line.β¦
Ace Hardware appears to have been the latest organization to succumb to a cyberattack, judging by its website and a message from CEO John Venhuizen.β¦
The US has approved mandatory data breach reporting requirements that impose a 30-day deadline for non-banking financial organizations to report incidents.β¦
The British Library has confirmed to The Register that a "cyber incident" is the cause of a "major" multi-day IT outage.β¦
A UK minister for policing has called for forces to double their use of algorithmic-assisted facial recognition in a bid to snare more criminals.β¦
From November, it will be possible to pay Meta to stop shoveling ads in your Instagram or Facebook feeds and slurping your data for marketing purposes so long as you live in the EU, EEA, or Switzerland.β¦
Atlassian has told customers they βmust take immediate actionβ to address a newly discovered flaw in its Confluence collaboration tool.β¦
A 20-year-old Florida man has been sentenced to 30 months behind bars for his role in a SIM-swapping ring that stole nearly $1 million in cryptocurrency from dozens of victims.β¦
FreshRSS