Australia is building a top-secret cloud to host intelligence data and share it with the US and UK, which have their own clouds built for the same purpose.β¦
A years-old Bluetooth authentication bypass vulnerability allows miscreants to connect to Apple, Android and Linux devices and inject keystrokes to run arbitrary commands, according to a software engineer at drone technology firm SkySafe.β¦
Sponsored Post Edge security is a growing headache. The attack surface is expanding as more operational functions migrate out of centralized locations and into distributed sites and devices.β¦
A security vulnerability previously added to CISA's Known Exploited Vulnerability catalog (KEV), which was recognized by CVE Numbering Authorities (CNA), and included in reputable threat reports is now being formally rejected by infosec organizations.β¦
Sponsored Feature Every organisation must prioritise the protection of mission critical data, applications and workloads or risk disaster in the face of an ever-widening threat landscape.β¦
Atlassian has emailed its customers to warn of four critical vulnerabilities, but the message had flaws of its own β the links it contained weren't live for all readers at the time of despatch.β¦
Microsoft on Tuesday warned that full security support for Windows 10 will end on October 14, 2025, but offered a lifeline for customers unable or unwilling to upgrade two years hence.β¦
Cisco's executive veep for security Jeetu Patel has predicted that AI will change the infosec landscape, but that end users will eventually pay for the privilege of having a binary brainbox by their side when they go into battle.β¦
Fancy Bear, the Kremlin's cyber-spy crew, has been exploiting two previously patched bugs for large-scale phishing campaigns against high-value targets βΒ like government, defense, and aerospace agencies in the US and Europe β since March, according to Microsoft.Β β¦
CISA has released details about a federal agency that recently had at least two public-facing servers compromised by attackers exploiting a critical Adobe ColdFusion vulnerability.β¦
Partner Content There are plenty of technology acronyms in the alphabet soup of the cybersecurity industry, but DSPM is the latest one leading the charge; its recent buzz has brought scrutiny to various security concepts that have cluttered the meaning behind data security posture management.β¦
The AlphV/BlackCat ransomware group said it plans to "go direct" to the clients of a firm it allegedly attacked to extort them, claiming to have infiltrated the systems of accounting software vendor Tipalti.β¦
The UK's communications regulator has laid out guidance on how online services might perform age checks as part of the Online Safety Act.β¦
The government of the United Kingdom has issued a strongly worded denial of a report that the Sellafield nuclear complex has been compromised by malware for years.β¦
Iran-linked cyber thugs have exploited Israeli-made programmable logic controllers (PLCs) used in "multiple" water systems and other operational technology environments at facilities across the US, according to multiple law enforcement agencies .β¦
There's no sugarcoating this news: The Hershey Company has disclosed cyber crooks gobbled up 2,214 people's financial information following a phishing campaign that netted the chocolate maker's data.β¦
The bug that was very occasionally corrupting data on file copies in OpenZFS 2.2.0 has been identified and fixed, and there's a fix for the previous OpenZFS release too.β¦
Updated The API tokens of tech giants Meta, Microsoft, Google, VMware, and more have been found exposed on Hugging Face, opening them up to potential supply chain attacks.Β β¦
Infosec in brief The European Unionβs Parliament and Council have reached an agreement on the Cyber Resilience Act (CRA), setting the long-awaited security regulation on a path to final approval and adoption, along with new rules exempting open source software.β¦
Nine days after issuing a vaguely worded warning about a possible cyber security incident, web tracking and analytics outfit New Relic has revealed a two-front attack.β¦
A ransomware infection at a cloud IT provider has disrupted services for 60 or so credit unions across the US, all of which were relying on the attacked vendor.Β β¦
Apple has issued emergency fixes to plug security flaws in iPhones, iPads, and Macs that may already be under attack.β¦
Hundreds of consumer and enterprise devices are potentially vulnerable to bootkit exploits through unsecured BIOS image parsers.β¦
Another member of the Trickbot malware crew now faces a lengthy prison sentence amid US law enforcement's ongoing search for its leading members.β¦
NHS Fife is on the wrong end of a stern ticking off by Britain's data regulator after it made a howling privacy error that aided an as yet unknown person who had entered a hospital ward only to walk off with data on 14 patients.β¦
European police have for the first time made an arrest after remotely checking Interpol's trove of biometric data to identify a suspected smuggler.β¦
Meta and Google have disclosed what they allege are offensive cyber ops conducted by China.β¦
Google has rolled out six Chrome security fixes including one emergency patch for a bug for which exploit code is already out there. You're encouraged to thus grab the latest updates for the browser.β¦
A Ukrainian national is facing an eight year prison sentence for running an online marketplace that sold the personal data of approximately 24 million US citizens.β¦
The Black Basta ransomware group has reportedly generated upwards of $100 million in revenue since it started operations in April 2022.β¦
Sponsored Post Industrial Control Systems (ICS) which can automate processes, increase productivity and reduce labour costs, are rapidly gaining worldwide enterprise traction.β¦
Multiple Bluetooth chips from major vendors such as Qualcomm, Broadcom, Intel, and Apple are vulnerable to a pair of security flaws that allow a nearby miscreant to impersonate other devices and intercept data.β¦
A US congressional committee has questioned whether Chinese-made Light Detection and Ranging (LiDAR) devices might have a negative impact on national security, and suggested they may therefore be worthy of the same bans that prevent stateside adoption of other tech.β¦
An ex-Motorola Solutions technician in the US has admitted he tried to fraudulently obtain a passport while awaiting trial for a cyberattack on his former employer.β¦
CISA is investigating a cyberattack against a Pennsylvania water authority by suspected Iranian miscreants. The intrusion forced operators to switch a pumping station to manual control.β¦
Okta has admitted that the number of customers affected by its October customer support system data breach is far greater than previously thought.β¦
The Rhysida ransomware group has published most of the data it claimed to have stolen from the British Library a month after the attack was disclosed.β¦
The UK government plans to introduce new legislation to ban SIM farms, which it views as a widely abused means for carrying out cyber fraud.β¦
Reading Borough Council has securely restored its planning portal after facing criticism for recommending questionable tech security practices to users.β¦
Japan's Space Exploration Agency (JAXA) has reported a cyber incident.β¦
Updated A new Plex "feature" has infuriated some users after sharing with others what they are watching on the streaming service. This functionality is on by default.β¦
Partner Content Athena AI, the new generative AI layer that spans across the entire Varonis Data Security Platform, redefines how security teams protect data - from visibility to action.β¦
International law enforcement investigators have made a number of high-profile arrests after tracking a major cybercrime group for more than four years.β¦
Sponsored Post Building an effective cyber security defense involves protecting the assets you know you have as well as the ones you don't.β¦
India's government has granted its Computer Emergency Response Team, CERT-In, immunity from Right To Information (RTI) requests β the nation's equivalent of the freedom of information queries in the US, UK, or Australia.β¦
A Los Angeles man has been jailed after pulling off SIM-swap attacks on victims, hijacking social media accounts, committing fraud with Zelle payments, and impersonating Apple support.β¦
ownCloud has disclosed three critical vulnerabilities, the most serious of which leads to sensitive data exposure and carries a maximum severity score.β¦
Infosec in Brief Cybercriminals working out of Russia go to great lengths to conceal their real identities, and you won't ever find the state trying to unmask them either β as long as they keep supplying the attacks on Axis nations. It's the reason why we found it so amusing that of all the ways the identity of an organized cybercrime gang leader could be revealed, it was Russian state media that may have recently outed someone of note.β¦
Sponsored Post Every organisation needs to make cyber security training a high priority. Effective education is an essential part of improving security practices and fostering a sound security posture.β¦
Opinion The British Libraryβs showpiece site, in a listed red brick building in St Pancras, is presided over by a large bronze sculpture depicting Isaac Newton poring over a document heβs working with, measuring it with dividers.β¦
Terraform Labs founder Do Kwon β a wanted man in both South Korea and the United States β will soon face extradition from Montenegro after a court gave approval for his removal.β¦
China is offering foreign influencers access to its vast market in return for content that sings its praises and helps to spreads Beijing's desired narratives more widely around the world, according to think tank the Australian Strategic Policy Institute (ASPI).β¦
The owner of the e-commerce store management system OpenCart has responded with hostility to a security researcher disclosing a vulnerability in the product.β¦
Fortune 500 insurance biz Fidelity National Financial (FNF) has confirmed that it has fallen victim to a "cybersecurity incident."β¦
The national cybersecurity organizations of the UK and the Republic of Korea (ROK) have issued a joint advisory warning of an increased volume and sophistication of North Korean software supply chain attacks.Β β¦
A ransomware attack and resulting outages at direct debit collection company London & Zurich has forced at least one customer to take out a short-term loan as six-figure backlogs continue to cause cash flow mayhem.β¦
Sponsored Post Ransomware can hit any organization at any time, and hackers are proving adept at social engineering techniques to gain access to sensitive data in any way they can.β¦
Akamai has uncovered two zero-day bugs capable of remote code execution, both being exploited to distribute the Mirai malware and built a botnet army for distributed denial of service (DDoS) attacks.β¦
Web tracking and analytics outfit New Relic has issued a scanty security advisory warning customers it has experienced a scary cyber something.β¦
Palo Alto Networks' Unit 42 has detailed a pair of job market hacking schemes linked to state-sponsored actors in North Korea: one in which the threat actors pose as job seekers, the other as would-be employers.β¦