Login
Extortionists are now threatening to swat hospital patients β calling in bomb threats or other bogus reports to the police so heavily armed cops show up at victims' homes β if the medical centers don'tΒ pay the crooks' ransom demands.β¦
The cybercriminal behind BreachForums was this week arrested for violating the terms of his pretrial release and will now be held in custody until his sentencing hearing.β¦
Russia's Sandworm crew appear to have been responsible for knocking out mobile and internet services to about 24 million users in Ukraine last month with an attack on telco giant Kyivstar.β¦
Miscreants took over security giant Mandiant's Twitter account for several hours on Wednesday in an attempt to steal cryptocurrency, then trolled the Google-owned security shop, telling its admins to change the password.β¦
23andMe users' godawful password practices were supposedly to blame for the biotech company's October data disaster, according to its legal reps.β¦
Updated A weak password exposed by infostealer malware is being blamed after a massive outage at Orange Spain disrupted around half of its network's traffic.β¦
Comment In some ways, the ransomware landscape in 2023 remained unchanged from the way it looked in previous years. Vendor reports continue to show a rise in attacks, major organizations are still getting hit, and the inherent issues that enable it as a business model remain unaddressed.β¦
Four Chinese balloons have reportedly floated over the Taiwan Strait, three of them crossing over the island's land mass and near its Ching-Chuan-Kang air base before disappearing, according to the Taiwan's defense ministry.β¦
Microsoft has disabled a protocol that allowed the installation of Windows apps after finding that miscreants were abusing the mechanism to install malware.β¦
One of America's biggest private freight shippers, Estes Express Lines, has told more than 20,000 customers that criminals stole their personal information.β¦
French IT services provider Atos has entered talks with Airbus to sell its tech security division in an effort to ease its financial burdens.β¦
Xerox has officially confirmed that a cyber baddie broke into the systems of its US subsidiary - a week after INC Ransom claimed to have exfiltrated data from the copier and print giant.β¦
Emsisoft has called for a complete ban on ransom payments following another record-breaking year of digital extortion.β¦
Updated Security researchers say info-stealing malware can still access victims' compromised Google accounts even after passwords have been changed.β¦
The court system of Victoria, Australia, was subject to a suspected ransomware attack in which audiovisual recordings of court hearings may have been accessed.β¦
US prosecutors do not plan to proceed with a second trial of convicted and imprisoned crypto-villain Sam Bankman-Fried (SBF), according to a Southern District of New York court letter filed on December 29.β¦
On Call Itβs the last Friday of 2023, but because the need for tech support never goes away neither does On Call, The Registerβs Friday column in which readers share their tales of being asked to fix the unfeasible, in circumstances that are often indefensible.β¦
Feature The same cybercrime crew broke into two high-profile Las Vegas casino networks over the summer, infected both with ransomware, and stole data belonging to tens of thousands of customers from the mega-resort chains.β¦
Kaspersky's Global Research and Analysis Team (GReAT) has exposed a previously unknown "feature" in Apple iPhones that allowed malware to bypass hardware-based memory protection.β¦
Infosec in brief Iranian cyberspies are targeting defense industrial base organizations with a new backdoor called FalseFont, according to Microsoft.β¦
Feature When AlphV/BlackCat's website went dark this month, it was like Chrimbo came early for cybersecurity defenders, some of whom seemingly believed law enforcement had busted one of the most menacing cyber criminal crews.β¦
Two British teens who were members of the Lapsus$ gang have been sentenced for their roles in a cyber-crime spree that included compromising Uber, Nvidia, and fintech firm Revolut, and also blackmailing Grand Theft Auto maker Rockstar Games.β¦
Security vendor Sonatype believes developers are failing to address the critical remote code execution (RCE) vulnerability in the Apache Struts 2 framework, based on recent downloads of the code.β¦
Mozilla last week revised its position on a web security technology called Trusted Types, which it has decided to implement in its Firefox browser.β¦
NASA's Office of Inspector General has run its eye over the aerospace agency's privacy regime and found plenty to like β but improvements are needed.β¦
IBM Security has dissected some JavaScript code that was injected into people's online banking pages to steal their login credentials, saying 50,000 user sessions with more than 40 banks worldwide were compromised by the malicious software in 2023.β¦
Cybercriminals are preying on the inherent helpfulness of hotel staff during the sector's busy holiday season.β¦
Updated Greater Manchester Police (GMP) must clear the backlog of hundreds of Freedom of Information (FOI) Act requests β some years old β or find itself in contempt of court.β¦
A vulnerability in the SSH protocol can be exploited by a well-placed adversary to weaken the security of people's connections, if conditions are right.β¦
A transnational police operation has resulted in the arrest of 3,500 alleged cybercriminals and the seizure of $300 million in cash and digital assets.β¦
Millions of Comcast Xfinity subscribers' personal data β including potentially their usernames, hashed passwords, contact details, and secret security question-answers β was likely stolen by one or more miscreants exploiting Citrix Bleed in October.β¦
Four vulnerabilities in Perforce Helix Core Server, including one critical remote code execution bug, should be patched "immediately," according to Microsoft, which spotted the flaws and disclosed them to the software vendor.β¦
Updated The FBI created a decryption tool for the ransomware used by the gang known as BlackCat and/or AlphV, as part of a wider disruption campaign against the extortionists.β¦
Multiple sources are confirming the resurgence of Qakbot malware mere months after the FBI and other law enforcement agencies shuttered the Windows botnet.β¦
Hacktivists reportedly disrupted services at about 70 percent of Iran's gas stations in a politically motivated cyberattack.β¦
Mortgage lender Mr Cooper has now admitted almost 14.7 million people's private information, including addresses and bank account numbers, were stolen in an earlier IT security breach, which is expected to cost the business at least $25 million to clean up.β¦
A digital break-in has disrupted VF Corp's operations and its ability to fulfill orders, according to the apparel and footwear giant.β¦
The National Grid is reportedly the latest organization in the UK to begin pulling China-manufactured equipment from its network over cybersecurity fears.β¦
Infosec in brief MongoDB on Saturday issued an alert warning of "a security incident involving unauthorized access to certain MongoDB corporate systems, which includes exposure of customer account metadata and contact information."β¦
Asia In Brief Think tank Australian Strategic Policy Institute (ASPI) last week published details of a campaign that spreads English language pro-China and anti-US narratives on YouTube.β¦
Cryptocurrency wallet maker Ledger says someone slipped malicious code into one of its JavaScript libraries to steal more than half a million dollars from victims.β¦
The Kraft Heinz Company says its systems are all up and running as usual as it probes claims that some of its data was stolen by ransomware crooks.β¦
Incident responders say they've found a new type of multi-platform malware abusing the New Kind of Network (NKN) protocol.β¦
A data regulator has reminded companies they need to take care while writing emails to avoid unintentionally blurting out personal data.β¦
Microsoft has taken down US-based infrastructure and websites used by a cybercrime group to sell fraudulent online accounts to other crooks including Scattered Spider, the infamous social-engineering and extortion crew that hacked two Las Vegas casinos over the summer.β¦
Updated The offensive cyber unit linked to Russia's Foreign Intelligence Service (SVR) is exploiting the critical vulnerability affecting the JetBrains TeamCity CI/CD server at scale, and has been since September, authorities warn.β¦
Multiple miscreants are misusing OAuth to automate financially motivated cyber crimes β such as business email compromise (BEC), phishing, large-scale spamming campaigns β and deploying virtual machines to illicitly mine for cryptocurrencies, according to Microsoft.β¦
Karakurt, a particularly nasty extortion gang that uses "extensive harassment" to pressure victims into handing over millions of dollars in ransom payments after compromising their IT infrastructure, pose a "significant challenge" for network defenders, we're told.β¦
Sponsored Post Whether you are considering a career in cyber security or you already work in the industry, the 2023 SANS Holiday Hack Challenge is a great way of combining festive fun and learning. Who knows, the skills you acquire this holiday season might even help you foil a nefarious hacker at Yuletide next year.β¦
Webinar In China, clouds are a symbol of luck. See multiple layering of clouds in a blue sky can mean you are in line to receive eternal happiness.β¦
Close to a million records containing personally identifiable information belonging to donors that sent money to non-profits were found exposed in an online database.β¦
Sponsored Feature Most experts agree cybersecurity is now so complex that managing it has become a security problem in itself.β¦
Cybercrime gangs like the notorious Lazarus group and spyware vendors like Israel's NSO should be considered cyber mercenaries β and become the subject of a concerted international response β according to a Monday report from Delhi-based think tank Observer Research Foundation (ORF).β¦
It's the last Patch Tuesday of 2023, which calls for celebration βΒ just as soon as you update Windows, Adobe, Google, Cisco, FortiGuard, SAP, VMware, Atlassian and Apple products, of course.β¦
An ex-First Republic Bank cloud engineer was sentenced to two years in prison for causing more than $220,000 in damage to his former employer's computer network after allegedly using his company-issued laptop to watch pornography.β¦
There was only one US Air National Guardsman behind the leak of top-secret US military documents on Discord, but his chain of command bears some responsibility for letting it happen on their watch.β¦
An official review of the Police Service of Northern Ireland's (PSNI) August data breach has revealed the full extent of the impact on staff.β¦
BlackBerry has decided its plan to split into two separate companies is not a good idea and will instead reorganize itself into two independent divisions.β¦
Hundreds of suspected people smugglers have been arrested, and 163 potential victims rescued from servitude, as part of an Interpol-coordinated operation dubbed "Turquesa V" that targeted cyber criminals who lure workers into servitude to carry out their scams.β¦
Many US businesses may be required to assist in government-directed surveillance β depending upon which of two reform bills before Congress is approved.β¦
FreshRSS