Login
President Biden has empowered the US Coast Guard (USCG) to get a tighter grip on cybersecurity at American ports β including authorizing yet another incident reporting rule.β¦
Apple says it's going to upgrade the cryptographic protocol used by iMessage to hopefully prevent the decryption of conversations by quantum computers, should those machines ever exist in a meaningful way.β¦
Two Chinese nationals are facing a maximum of 20 years in prison after being convicted of mailing thousands of fake iPhones to Apple for repair in the hope they'd be replaced with new handsets.β¦
Infosec researchers say urgent patching of the latest remote code execution (RCE) vulnerability in ConnectWise's ScreenConnect is required given its maximum severity score.β¦
The latest revelation from law enforcement authorities in relation to this week's LockBit leaks is that the ransomware group had registered nearly 200 "affiliates" over the past two years.β¦
Webinar The complexity facing businesses as they make the necessary transition to cloud-native applications and multi-cloud architectures keeps cloud teams firmly on the frontline when it comes to implementing security policies.β¦
Webinar It was growing threat levels and an increase in reported cybersecurity attacks since digitalization which pushed the European Union to introduce the original Network and Information Security (NIS) Directive in 2016.β¦
Identity-related threats pose an increasing risk to those protecting networks because attackers β ranging from financially motivated crime gangs and nation-state backed crews β increasingly prefer to log in using stolen credentials instead of exploiting vulnerabilities or social engineering.β¦
Europe's General Data Protection Regulation (GDPR) has led European firms to store and process less data, recent economic research suggests, because the privacy rules are making data more costly to manage.β¦
China's censorship regime remains pervasive and far reaching, but the bureaucratic apparatus implementing it is unevenly developed and is not always well funded, according to a report released on Tuesday.β¦
The Monetary Authority of Singapore (MAS) advised on Monday that financial institutions need to stay agile enough to adopt post-quantum cryptography (PQC) and quantum key distribution (QKD) technology, without significantly impacting systems as part of cyber security measures.β¦
In seizing and dismantling LockBit's infrastructure, Western cops are now making a mockery of the ransomware criminals by promising a long, drawn-out disclosure of the gang's secrets.β¦
Smart home security camera slinger Wyze is telling customers that a cybersecurity "incident" allowed thousands of users to see other people's camera feeds.β¦
A former council staff member in the district where William Shakespeare was born ransacked databases filled with residents' information to help drum up new business for their outside venture.β¦
Two days after its Digital Services Act (DSA) came into effect, the European Union used it to open an investigation into made-in-China social network TikTok.β¦
The Vietnamese government will begin collecting biometric information from its citizens for identification purposes beginning in July this year.β¦
Updated Notorious ransomware gang LockBit's website has been taken over by law enforcement authorities, who claim they have disrupted the group's operations and will soon reveal the extent of an operation against the group.β¦
The ALPHV/BlackCat ransomware group is claiming responsibility for attacks on both Prudential Financial and LoanDepot, making a series of follow-on allegations against them.β¦
Sponsored Feature Cyber-physical systems (CPS) have a vital role to play in our increasingly connected world.β¦
infosec in brief The US government is offering bounties up to $15 million as a reward for anyone willing to help it take out the APLHV/Blackcat ransomware gang.β¦
In time for the long Presidents' Day weekend in the US there have been multiple warnings about what will undoubtedly be a challenging and potentially dangerous year for voting processes and government workers.β¦
AI models, the subject of ongoing safety concerns about harmful and biased output, pose a risk beyond content emission. When wedded with tools that enable automated interaction with other systems, they can act on their own as malicious agents.β¦
Google has open sourced Magika, an in-house machine-learning-powered file identifier, as part of its AI Cyber Defense Initiative, which aims to give IT network defenders and others better automated tools.β¦
A Ukrainian cybercrime kingpin who ran some of the most pervasive malware operations faces 40 years in prison after spending nearly a decade on the FBI's Cyber Most Wanted List.β¦
The murder of 16-year-old schoolgirl Brianna Ghey has kickstarted a debate around limiting children's access to the dark web in the UK, with experts highlighting the difficulty in achieving this.β¦
Quest Diagnostics has agreed to pay almost $5 million to settle allegations it illegally dumped protected health information β and hazardous waste β at its facilities across California.β¦
The US government today said it disrupted a botnet that Russia's GRU military intelligence unit used for phishing expeditions, spying, credential harvesting, and data theft against American and foreign governments and other strategic targets.β¦
Updated Last night's launch of six Pentagon missile-detection satellites was well timed as fears mount that Russia is considering putting nuclear weapons into space.β¦
Webinar It has become possible to swiftly and inexpensively train, validate and deploy AI models and applications, yet while we embrace innovation, are we aware of the security risks?β¦
Video conferencing giant Zoom today opened up about a fresh batch of security vulnerabilities affecting its products, including a critical privilege escalation flaw.β¦
Cybercriminals are targeting iOS users with malware that steals face scans from the users of Apple devices to break into and pilfer money from bank accounts β thought to be a world first.β¦
Cyber baddies have turned to ad networks to measure malware deployment and to avoid detection, according to HP Wolf Security.β¦
The European Court of Human Rights (ECHR) has ruled that laws requiring crippled encryption and extensive data retention violate the European Convention on Human Rights β a decision that may derail European data surveillance legislation known as Chat Control.β¦
North Korea's latest money-making venture is the production and sale of gambling websites that come pre-infected with malware, according to South Korea's National Intelligence Service (NIS).β¦
OpenAI has shut down five accounts it asserts were used by government agents to generate phishing emails and malicious software scripts as well as research ways to evade malware detection.β¦
The Chinese government's Volt Typhoon spy team has apparently already compromised a large US city's emergency services network and has been spotted snooping around America's telecommunications' providers as well.β¦
Skilled IT professionals considering a career change have a new option, as the US Air Force is reintroducing warrant officer ranks exclusively "within the cyber and information technology professions."Β β¦
Prudential Financial, the second largest life insurance company in the US and eight largest worldwide, is dealing with a digital break-in that exposed some internal company and customer records to a criminal group.β¦
The Romanian national cybersecurity agency (DNSC) has pinned the outbreak of ransomware cases across the country's hospitals to an incident at a service provider.β¦
Southern Water has admitted between five and ten percent of its customers had their details stolen from the British utilities giant during a January cyberattack.β¦
The Bumblebee malware loader seemingly vanished from the internet last October, but it's back and - oddly - relying on a vintage vector to try and gain access.β¦
One hundred and fifty people who worked for the Australian Taxation Office (ATO) have been investigated β and some prosecuted β for participating in a tax refund scam promoted on Facebook and TikTok.β¦
Patch Tuesday Microsoft fixed 73 security holes in this February's Patch Tuesday, and you better get moving because two of the vulnerabilities are under active attack.β¦
Updated A single packet can exhaust the processing capacity of a vulnerable DNS server, effectively disabling the machine, by exploiting a 20-plus-year-old design flaw in the DNSSEC specification.β¦
Network-attached storage (NAS) specialist QNAP has disclosed and released fixes for two new vulnerabilities, one of them a zero-day discovered in early November.β¦
Updated Canada's Trans-Northern Pipelines has allegedly been infiltrated by the ALPHV/BlackCat ransomware crew, which claims to have stolen 190 GB of data from the oil distributor.β¦
The number of senior business executives stymied by an ongoing phishing campaign continues to rise with cybercriminals registering hundreds of cloud account takeovers (ATOs) since spinning it up in November.β¦
Meta has acknowledged that phone number reuse that allows takeovers of its accounts "is a concern," but the ad biz insists the issue doesn't qualify for its bug bounty program and is a matter for telecom companies to sort out.β¦
Indian tech services giant Infosys has been named as the source of a data leak suffered by the Bank of America.β¦
Some smart folks have found a way to automatically unscramble documents encrypted by the Rhysida ransomware, and used that know-how to produce and release a handy recovery tool for victims.β¦
Updated Dutch health insurers are reportedly forcing breast cancer patients to submit photos of their breasts prior to reconstructive surgery despite a government ban on precisely that.β¦
The FCC's updated reporting requirements mean telcos in America will have just seven days to officially disclose that a criminal has broken into their systems.β¦
Willis Lease Finance Corporation has admitted to US regulators that it fell prey to a "cybersecurity incident" after data purportedly stolen from the biz was posted to the Black Basta ransomware group's leak blog.β¦
The Caravan and Motorhome Club (CAMC) and the experts it drafted to help clean up the mess caused by a January cyberattack still can't figure out whether members' data was stolen.β¦
Infosec In Brief Nearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week.β¦
More than 70,000 presumably legit websites have been hijacked and drafted into a network that crooks use to distribute malware, serve phishing pages, and share other dodgy stuff, according to researchers.β¦
In disclosing yet another vulnerability in its Connect Secure, Policy Secure, and ZTA gateways, Ivanti has confused the third-party researchers who discovered it.β¦
We've had to write the word "Fortinet" so often lately that we're considering making a macro just to make our lives a little easier after what the company's reps will surely agree has been a week sent from hell.β¦
Webinar As artificial intelligence (AI) technology becomes increasingly complex so do the threats from bad actors. It is like a forever war.β¦
The Reserve Bank of India (RBI) announced on Thursday it would make its digital currency programmable, and ensure it can be exchanged when citizens are offline.β¦
FreshRSS