Login
Consumer groups are filing legal complaints in the EU in a coordinated attempt to use data protection law to stop Meta from giving local users a "fake choice" between paying up and consenting to being profiled and tracked via data collection.β¦
Chinese PC maker Acemagic has admitted some of its products shipped with pre-installed malware.β¦
The director general of security at Australia's Security Intelligence Organisation (ASIO) has delivered his annual threat assessment, revealing ongoing attempts by adversaries to map digital infrastructure with a view to disrupting important services at delicate moments.β¦
Updated The ALPHV/BlackCat cybercrime gang has taken credit β if that's the word β for a ransomware infection at Change Healthcare that has disrupted thousands of pharmacies and hospitals across the US, and also claimed that the amount of sensitive data stolen and affected health-care organizations is much larger than the victims initially disclosed.β¦
Computer scientists have developed an efficient way to craft prompts that elicit harmful responses from large language models (LLMs).β¦
Updated Palo Alto Networks (PAN) is facing a proposed class action lawsuit that alleges investors were deceived about the traction of its platform tactics and hurt by an unexpectedly low billings forecast that crashed the share price.β¦
US President Joe Biden is expected to sign an executive order today that aims to prevent the sale or transfer of Americans' sensitive personal information and government-related data to adversarial countries including China and Russia.β¦
Authorities from eleven nations have delivered a sequel to the January takedown of a botnet run by Russia on compromised Ubiquiti Edge OS routers β in the form of a warning that Russia may try again, so owners of the devices should take precautions.β¦
The US Commerce Department has blacklisted Sandvine for selling its networking monitoring technology to Egypt, where the Feds say the gear was used to spy on political and human-rights activists.β¦
After ten years operating under the original model, and two years working to revise it, the National Institute of Standards and Technology (NIST) has released version 2.0 of its Cybersecurity Framework (CSF).β¦
Analysis Cybercriminals follow the money, and increasingly last year that led them to ransomware attacks against the manufacturing industry.β¦
Broadcom has delivered on its 2023 teaser of integration between VMware's SD-WAN and Symantec's Security Service Edge, by today debuting the "VMware VeloCloud SASE, Secured by Symantec" at Mobile World Congress in Barcelona.β¦
China's Ministry of Industry and Information Technology has warned local netizens that fake wallet apps for the nation's central bank digital currency (CBDC) are already circulating and being abused by scammers.β¦
A law firm acting on behalf of the Nevada Attorney General Aaron Ford has asked a state court to issue a temporary restraining order (TRO) denying minors access to encrypted communication in Meta's Messenger application.β¦
Updated The ALPHV/BlackCat ransomware gang is reportedly responsible for the massive Change Healthcare cyberattack that has disrupted pharmacies across the US since last week.β¦
Updated LockBit claims it's back in action just days after an international law enforcement effort seized the ransomware gang's servers and websites, and retrieved more than 1,000 decryption keys to assist victims.β¦
Webinar The original European Union Network and Information Security (NIS) Directive certainly led to an improvement in member states' cybersecurity defences, but it struggled to do everything required as cyberattacks and threats scaled up with the growth in digitalization.β¦
A data protection watchdog in the UK has issued an enforcement notice to stop Serco from using facial recognition tech and fingerprint scanning to monitor staff at 38 leisure centers it runs.β¦
Infosec in brief A Florida journalist has been arrested and charged with breaking into protected computer systems in a case his lawyers say was less "hacking," more "good investigative journalism."Β β¦
Systems Approach One refrain you often hear is that security must be built in from the ground floor; that retrofitting security to an existing system is the source of design complications, or worse, outright flawed designs.β¦
Authorities digging into LockBit's finances believe the group may have generated more than $1 billion in ransom fees over its four-year lifespan.β¦
U-Haul is alerting tens of thousands of folks that miscreants used stolen credentials to break into one of its systems and access customer records that contained some personal data.β¦
The grand finale of the week of LockBit leaks was slated to expose the real identity of LockBitSupp β the alias of the gang's public spokesperson β but the reveal has fallen short of expectations.β¦
Webinar Dealing with the double trouble of relentless cyber threats and regular technology refresh cycles can stretch already overworked security practitioners. And orchestrating the transition to cloud-native applications and multi-cloud architectures doesn't make things any easier.β¦
The global government affairs team at X (nΓ©e Twitter) has suspended some accounts and posts in India after receiving executive orders to do so from the country's government, backed by threat of penalties including significant fines and imprisonment.β¦
Avast has agreed to cough up $16.5 million after the FTC accused the antivirus vendor of selling customer information to third parties.β¦
Updated IT provider Change Healthcare has confirmed it shut down some of its systems following a cyberattack, disrupting prescription orders and other services at pharmacies across the US.β¦
Law enforcement's disruption of the LockBit ransomware crew comes as the criminal group was working on bringing a brand-new variant to market, research reveals.β¦
Today's edition of the week-long LockBit leaks reveals a father-son duo was apprehended in Ukraine as part of the series of takedown-related arrests this week.β¦
A cache of stolen documents posted to GitHub appears to reveal how a Chinese infosec vendor named I-Soon offers rent-a-hacker services for Beijing.β¦
President Biden has empowered the US Coast Guard (USCG) to get a tighter grip on cybersecurity at American ports β including authorizing yet another incident reporting rule.β¦
Apple says it's going to upgrade the cryptographic protocol used by iMessage to hopefully prevent the decryption of conversations by quantum computers, should those machines ever exist in a meaningful way.β¦
Two Chinese nationals are facing a maximum of 20 years in prison after being convicted of mailing thousands of fake iPhones to Apple for repair in the hope they'd be replaced with new handsets.β¦
Infosec researchers say urgent patching of the latest remote code execution (RCE) vulnerability in ConnectWise's ScreenConnect is required given its maximum severity score.β¦
The latest revelation from law enforcement authorities in relation to this week's LockBit leaks is that the ransomware group had registered nearly 200 "affiliates" over the past two years.β¦
Webinar The complexity facing businesses as they make the necessary transition to cloud-native applications and multi-cloud architectures keeps cloud teams firmly on the frontline when it comes to implementing security policies.β¦
Webinar It was growing threat levels and an increase in reported cybersecurity attacks since digitalization which pushed the European Union to introduce the original Network and Information Security (NIS) Directive in 2016.β¦
Identity-related threats pose an increasing risk to those protecting networks because attackers β ranging from financially motivated crime gangs and nation-state backed crews β increasingly prefer to log in using stolen credentials instead of exploiting vulnerabilities or social engineering.β¦
Europe's General Data Protection Regulation (GDPR) has led European firms to store and process less data, recent economic research suggests, because the privacy rules are making data more costly to manage.β¦
China's censorship regime remains pervasive and far reaching, but the bureaucratic apparatus implementing it is unevenly developed and is not always well funded, according to a report released on Tuesday.β¦
The Monetary Authority of Singapore (MAS) advised on Monday that financial institutions need to stay agile enough to adopt post-quantum cryptography (PQC) and quantum key distribution (QKD) technology, without significantly impacting systems as part of cyber security measures.β¦
In seizing and dismantling LockBit's infrastructure, Western cops are now making a mockery of the ransomware criminals by promising a long, drawn-out disclosure of the gang's secrets.β¦
Smart home security camera slinger Wyze is telling customers that a cybersecurity "incident" allowed thousands of users to see other people's camera feeds.β¦
A former council staff member in the district where William Shakespeare was born ransacked databases filled with residents' information to help drum up new business for their outside venture.β¦
Two days after its Digital Services Act (DSA) came into effect, the European Union used it to open an investigation into made-in-China social network TikTok.β¦
The Vietnamese government will begin collecting biometric information from its citizens for identification purposes beginning in July this year.β¦
Updated Notorious ransomware gang LockBit's website has been taken over by law enforcement authorities, who claim they have disrupted the group's operations and will soon reveal the extent of an operation against the group.β¦
The ALPHV/BlackCat ransomware group is claiming responsibility for attacks on both Prudential Financial and LoanDepot, making a series of follow-on allegations against them.β¦
Sponsored Feature Cyber-physical systems (CPS) have a vital role to play in our increasingly connected world.β¦
infosec in brief The US government is offering bounties up to $15 million as a reward for anyone willing to help it take out the APLHV/Blackcat ransomware gang.β¦
In time for the long Presidents' Day weekend in the US there have been multiple warnings about what will undoubtedly be a challenging and potentially dangerous year for voting processes and government workers.β¦
AI models, the subject of ongoing safety concerns about harmful and biased output, pose a risk beyond content emission. When wedded with tools that enable automated interaction with other systems, they can act on their own as malicious agents.β¦
Google has open sourced Magika, an in-house machine-learning-powered file identifier, as part of its AI Cyber Defense Initiative, which aims to give IT network defenders and others better automated tools.β¦
A Ukrainian cybercrime kingpin who ran some of the most pervasive malware operations faces 40 years in prison after spending nearly a decade on the FBI's Cyber Most Wanted List.β¦
The murder of 16-year-old schoolgirl Brianna Ghey has kickstarted a debate around limiting children's access to the dark web in the UK, with experts highlighting the difficulty in achieving this.β¦
Quest Diagnostics has agreed to pay almost $5 million to settle allegations it illegally dumped protected health information β and hazardous waste β at its facilities across California.β¦
The US government today said it disrupted a botnet that Russia's GRU military intelligence unit used for phishing expeditions, spying, credential harvesting, and data theft against American and foreign governments and other strategic targets.β¦
Updated Last night's launch of six Pentagon missile-detection satellites was well timed as fears mount that Russia is considering putting nuclear weapons into space.β¦
Webinar It has become possible to swiftly and inexpensively train, validate and deploy AI models and applications, yet while we embrace innovation, are we aware of the security risks?β¦
Video conferencing giant Zoom today opened up about a fresh batch of security vulnerabilities affecting its products, including a critical privilege escalation flaw.β¦
FreshRSS