The US Treasury Department is levying sanctions against Tornado Cash, a notorious cryptocurrency mixer that it says has been used by threat groups like ransomware gang Lazarus to launder stolen digital assets.β¦
Twilio confirmed a breach of the communication giant's network and accessed "a limited number" of customer accounts after tricking some employees into falling for a phishing attack.β¦
Microsoft wants to make it safer for Edge users to browse and visit unfamiliar websites by automatically applying stronger security settings.β¦
Did Slack send you a password reset link last week? The company has admitted to accidentally exposing the hashed passwords of workspace users.β¦
A platform that makes it easier for cyber criminals to establish command-and-control (C2) servers has already attracted 3,000 users since launching earlier this year, and will likely expand its client list in the coming months.β¦
In brief DuckDuckGo has finally mostly cracked down on the third-party Microsoft tracking scripts that got the alternative search engine into hot water earlier this year.β¦
Interview The first rule of being a ransomware negotiator is that you don't admit you're a ransomware negotiator β at least not to LockBit or another cybercrime gang.Β β¦
Cryptocurrency bridge Nomad sent a message to the looters who drained nearly $200 million in tokens from its coffers earlier this week: return at least 90 percent of the ill-gotten gains, keep 10 percent as a bounty for discovering the security flaw, and Nomad will consider this a "white-hat" hack, as opposed to plain old theft, and not take legal action.β¦
The US government is warning of critical vulnerabilities in its Emergency Alert System (EAS) systems that, if exploited, could enable intruders to send fake alerts out over television, radio, and cable networks.β¦
Cisco has revealed four of its small business router ranges have critical flaws β for the second time in 2022 alone.β¦
Last October, California resident Jacob Pearlman downloaded an Android version of a cryptocurrency wallet app called Phantom from the Google Play app store.β¦
Taiwan's Ministry of National Defense confirmed it was hit by a DDoS attack on Wednesday in what has been an eventful week for the island nation, US-Sino relations, and semiconductors.β¦
The government of India has scrapped the Personal Data Protection Bill it's worked on for three years, and announced it will β eventually β unveil a superior bill.β¦
A Danish ethical hacker was able to work his way uninvited into a closed Cloudflare beta and found a vulnerability that could have been exploited by a cybercriminal to hijack and steal someone else's email.β¦
The UK's Parliament has ended its presence on TikTok after MPs pointed out the made-in-China social media service probably sends data about its users back to Beijing.β¦
Millions of dollars worth of Solana cryptocurrency and other tokens were stolen from seemingly thousands of netizens this week by thieves exploiting some kind of security weakness or blunder.β¦
Microsoft says it will give enterprise security operation centers (SOCs) broader access to the massive amount of threat intelligence it collects every day.β¦
A now-former T-Mobile US store stole at least 50 employees' work credentials to run a phone unlocking and unblocking service that prosecutors said netted $25 million.β¦
Miscreants making use of typosquatting are being spotted by researchers at Sonatype, emphasizing the need to check that the package is really the one you meant to download.β¦
Sponsored Feature What sort of disaster would you rather prepare for? Hurricanes are destructive, but you know when one's coming, giving you time to take defensive action. Earthquakes vary in their destructive power, but you never know when they're going to hit, meaning your ability to recover after the impact is critical.β¦
The UK's Competition and Markets Authority has given a provisional nod to the proposed merger of British cybersecurity company Avast and US rival NortonLifeLock.β¦
One of the four encryption algorithms America's National Institute of Standards and Technology (NIST) considered as likely to resist decryption by quantum computers has had holes kicked in it by researchers using a single core of a regular Intel Xeon CPU, released in 2013.β¦
Speaker of the US House of Representatives Nancy Pelosi has tied her controversial visit to Taiwan to an alleged barrage of China-directed cyber-attacks against the territory.β¦
VMware has fixed a critical authentication bypass vulnerability that hits 9.8 out of 10 on the CVSS severity scale and is present in multiple products.β¦
Cryptocurrency bridge service Nomad, which describes itself as "an optimistic interoperability protocol that enables secure cross-chain communication," has been drained of tokens notionally worth $190.7 million if exchanged for US dollars.β¦
Updated Robinhood's cryptocurrency operations has been formally fined $30 million for violating New York's anti-money-laundering and cybersecurity regulations.β¦
Cybercriminals are turning to messaging apps like Telegram and Discord as alternatives to popular underground forums: not only for the private communications and security features but also as avenues for spreading malware.β¦
Want to build your own army? Engineers at CloudSEK have published a report on how to do just that in terms of bots and Twitter, thanks to API keys leaking from applications.β¦
Cybercriminals continue to use npm packages to drop malicious packages on unsuspecting victims, most recently to steal Discord login tokens, bank card data, and other user information from infected systems.β¦
Forsage, an alleged crypto Ponzi scheme purporting to be a decentralized smart contract platform, bilked millions of investors worldwide out of more than $300 million, according to America's securities watchdog.β¦
Webinar It's just any old Monday, already you are mentally ticking off the to do list, and then, as you reach for your morning coffee and switch on your screen. Devastation. You've been hacked.β¦
Akamai Technologies squelched the largest-ever distributed denial-of-service (DDoS) attack in Europe earlier this month against a company that was being consistently hammered over a 30-day period.β¦
Asia In Brief Australia's federal police (AFP) on Friday charged a man with creating and profiting from spyware that allowed total remote control of victims' computers.β¦
In brief Canadian fast food chain Tim Hortons is settling multiple data privacy class-action lawsuits against it by offering something it knows it's good for: a donut and coffee.β¦
A Russian-language miscreant claims to have hacked their way into a managed service provider, and has asked for help monetizing what's said to be access to the networks and computers of that MSP's 50-plus US customers.β¦
The Feds have put up a $10 million reward for information about foreign interference in US elections in general, and more specifically a Russian oligarch and close friend of President Vladimir Putin accused of funding an organization that meddled in the 2016 presidential elections.β¦
Threat groups are increasingly turning to InterPlanetary File System (IPFS) peer-to-peer data sites to host their phishing attacks because the decentralized nature of the sharing system means malicious content is more effective and easier to hide.β¦
The popularity of stolen data bazaar BreachForums surged after it was used to sell a giant database of stolen information describing Chinese citizens, threat intelligence firm Cybersixgill said on Thursday.β¦
The costs incurred by organizations suffering data losses continue to go up, and 60 percent of companies surveyed by IBM said they were passing them onto customers.β¦
The United States' federal court system "faced an incredibly significant and sophisticated cyber security breach, one which has since had lingering impacts on the department and other agencies."β¦
JPMorgan Securities, UBS Financial Services, and TradeStation Securities aren't doing enough to thwart crooks who want to steal customers' identity, says America's financial watchdog.β¦
Spain's national police say they have arrested two former government workers suspected of breaking into the computer network of the country's radioactivity alert system (RAR) and disabling more than a third of its sensors.β¦
Google has brought its Street View service β which offers photographs of most locations on Google Maps β back to India, six years after the nation rejected it as an invasion of privacy and a threat to national security.β¦
FileWave has fixed a couple vulnerabilities in its endpoint management software that could allow a remote attacker to bypass authentication and take full control of the deployment and associated devices.β¦
Google and internet rights groups have called on Congress to weigh in on spyware, asking for sanctions and increased enforcement against so-called legit surveillanceware makers.β¦
The US is offering up to $10 million for information on members of state-sponsored North Korean threat groups, double the amount that the State Department announced in April.β¦
Apple's internet traffic took an unwelcome detour through Russian networking equipment for about twelve hours between July 26 and July 27.β¦
Amazonβs cloud platform is extending security capabilities for a couple of its widely used services; Amazon Elastic Block Store (EBS) and Amazon Elastic Kubernetes Service (EKS).β¦
Microsoft has published an analysis of a Europe-based "private-sector offensive actor" with a view to helping its customers spot signs of attacks by money-hungry gangsters.β¦
Palo Alto Networks' annual Unit 42 incident response report is out, warning of an ever-decreasing gap between vulnerability disclosures and an increase in cybercrime.β¦
China's cyber espionage activities are extensive and sophisticated but when the Middle Kingdom tried to steal sensitive economic data from the US Fed, poor security meant its operatives didn't have to dip too far into their bags of tricks.β¦
IBM has started offering quantum-resistant crypto β using the quantum-resistant crypto recommended by the US National Institute of Standards and Technology (NIST).β¦
Security vendor WithSecure, which was spun out in March 2022 as F-Secureβs enterprise security arm, claims itβs found malware that targets Facebook Business accounts.β¦
Charter Communications must pay out $7 billion in damages after one of its Spectrum cable technicians robbed and killed an elderly woman, a jury decided Tuesday.β¦
The US government is reportedly investigating Kraken, a massive cryptocurrency exchange suspected of violating sanctions against Iran, and is expected to slap the crypto behemoth with a fine in the near future.β¦
A ransomware gang has not only taken down WordFly, a mailing list provider for top arts organizations among others, but also siphoned data belonging to the US-based Smithsonian, Canada's Toronto Symphony Orchestra, and the Courtauld Institute of Art in London.β¦
A new info-stealer malware is spreading rapidly in the wild as the developer behind it continues to add capabilities and recently released the source code on GitHub.β¦
Webinar Ensuring your data is protected is the first step in dealing with cyber-attacks and outages. But that's only half the job.Β β¦
SonicWall has published its latest threat report, showing a drop in ransomware but an increase in malware attacks in the first half of 2022.β¦
Sponsored Post Keeping the world safe from cyber threats requires both passion and skills. And you can grow both with training that makes you battle-ready as soon as you leave the classroom.β¦