The Tail Of The MOVEit Hack May Be Longer Than We Realize

July 19^th 2023 at 14:39

Naked Security

Microsoft hit by Storm season – a tale of two semi-zero days

By Paul Ducklin — July 18^th 2023 at 20:59

The first compromise didn't get the crooks as far as they wanted, so they found a second one that did...

News ≈ Packet Storm

Dating App Spills 340GB Of Steamy Data And 260,000 User Profiles

July 17^th 2023 at 13:32

News ≈ Packet Storm

JumpCloud Says Nation State Hackers Targeted Customers

July 17^th 2023 at 13:32

Naked Security

Zimbra Collaboration Suite warning: Patch this 0-day right now (by hand)!

By Paul Ducklin — July 14^th 2023 at 19:58

Zimbra didn't actually say, "Do not delay/Do it today," but they did say, "We kindly request your cooperation to apply the fix manually."

News ≈ Packet Storm

Microsoft Warns That A Chinese Cyberattack Breached Government Email Accounts

July 12^th 2023 at 16:21

News ≈ Packet Storm

Data For 11 Million Patients Stolen In Breach Of HCA Healthcare

July 11^th 2023 at 14:39

News ≈ Packet Storm

Nickelodeon Probes Massive Data Leak As SpongeBob Fans Rejoice

July 7^th 2023 at 15:01

News ≈ Packet Storm

Shell Confirms MOVEit-Related Breach After Ransomware Group Leaks Data

July 7^th 2023 at 15:01

News ≈ Packet Storm

How We Found Another GitHub Action Environment Injection Vulnerability In A Google Project

July 7^th 2023 at 01:48

Naked Security

S3 Ep141: What was Steve Jobs’s first job?

By Paul Ducklin — June 29^th 2023 at 16:58

Latest episode - listen now! (Full transcript inside.)

Naked Security

Interested in $10,000,000? Ready to turn in the Clop ransomware crew?

By Naked Security writer — June 28^th 2023 at 18:59

Technically, it's "up to $10 million", but it's potentially a LOT of money, nevertheless...

News ≈ Packet Storm

Submarine Cables At Risk Of Nation State Sabotage, Spying

June 28^th 2023 at 15:54

News ≈ Packet Storm

Siemens Energy, UCLA Latest Confirmed Victims In MOVEit Hack

June 27^th 2023 at 15:37

News ≈ Packet Storm

American And Southwest Airlines Pilot Candidate Data Exposed

June 27^th 2023 at 15:37

Naked Security

Aussie PM says, “Shut down your phone every 24 hours for 5 mins” – but that’s not enough on its own

By Paul Ducklin — June 23^rd 2023 at 16:10

Don't treat rebooting your phone once a day as a cybersecurity talisman... here are 8 additional tips for better mobile phone security.

News ≈ Packet Storm

Japan's Digital ID Card Gets Emergency Review Amid Data Leaks

June 22^nd 2023 at 12:46

News ≈ Packet Storm

Reddit Confirms BlackCat Gang Pinched Some Data

June 21^st 2023 at 15:39

News ≈ Packet Storm

Progress Software Hit With Class Action Suit Over MOVEit Hack

June 21^st 2023 at 15:39

News ≈ Packet Storm

Oreo Cookie Maker Says Crooks Gobbled Up Staff Info

June 21^st 2023 at 15:39

News ≈ Packet Storm

Over 100,000 ChatGPT Accounts Found For Sale On Dark Web

June 20^th 2023 at 13:26

News ≈ Packet Storm

Data Leak At Law Firm Sets Australia's Elites Scrambling

June 20^th 2023 at 13:26

News ≈ Packet Storm

Progress Software Rushes To Patch Another MOVEit SQL Vulnerability

June 16^th 2023 at 15:34

News ≈ Packet Storm

Feds Arrest, Charge Russian National In Arizona For LockBit Attacks

June 16^th 2023 at 15:33

News ≈ Packet Storm

Hacker Gang Clop Publishes Victim Names On Dark Web

June 16^th 2023 at 15:33

Naked Security

Gozi banking malware “IT chief” finally jailed after more than 10 years

By Paul Ducklin — June 13^th 2023 at 18:43

Gozi threesome from way back in the late 2000s and early 2010s now all charged, convicted and sentenced. The DOJ got there in the end...

News ≈ Packet Storm

Nvidia's AI Software Tricked Into Leaking Data

June 12^th 2023 at 04:53

Naked Security

More MOVEit mitigations: new patches published for further protection

By Paul Ducklin — June 9^th 2023 at 21:54

Good news... more patches, this time available proactively

News ≈ Packet Storm

People Are Pirating GPT-4 By Scraping Exposed API Keys

June 8^th 2023 at 14:07

News ≈ Packet Storm

What's Really Changed 10 Years After The Snowden Revelations

June 7^th 2023 at 15:48

News ≈ Packet Storm

BBC, BA, And Boots Issued With Ultimatum By Cyber Gang Clop

June 7^th 2023 at 15:48

News ≈ Packet Storm

MoveIt Hack: What Actions Can Data Breach Victims Take?

June 6^th 2023 at 15:59

News ≈ Packet Storm

Crypto Catastrophe Stikes Some Atomic Wallet Users, Over $35 Million Thought Stolen

June 6^th 2023 at 15:59

News ≈ Packet Storm

Ransomware Attacks Have Room To Grow, Verizon Report Shows

June 6^th 2023 at 15:59

Naked Security

MOVEit zero-day exploit used by data breach gangs: The how, the why, and what to do…

By Paul Ducklin — June 5^th 2023 at 19:59

Little Bobby Tables is back!

mi-1200

News ≈ Packet Storm

British Airways, Boots, And BBC Staff Details Targeted In Russia-Linked Cyber Attack

June 5^th 2023 at 17:00

Naked Security

S3 Ep137: 16th century crypto skullduggery

By Paul Ducklin — June 1^st 2023 at 16:45

Lots to learn, clearly explained in plain English... listen now! (Full transcript inside.)

s3-ep137-feat-1200

News ≈ Packet Storm

Amazon To Pay $30.8M For Alexa And Ring Privacy Violations

June 1^st 2023 at 14:14

News ≈ Packet Storm

War Crimes Evidence Erased By Social Media Firms

June 1^st 2023 at 14:14

Naked Security

Serious Security: That KeePass “master password crack”, and what we can learn from it

By Paul Ducklin — May 31^st 2023 at 19:39

Here, in an admittedly discursive nutshell, is the fascinating story of CVE-2023-32784. (Short version: Don't panic.)

News ≈ Packet Storm

Critical Barracuda 0-Day Was Used To Backdoor Networks For 8 Months

May 31^st 2023 at 16:11

News ≈ Packet Storm

Software Liability And Hard Truths Of Manufacturer Responsibility

May 31^st 2023 at 16:11

Naked Security

Serious Security: Verification is vital – examining an OAUTH login bug

By Paul Ducklin — May 30^th 2023 at 16:59

What good is a popup asking for your approval if an attacker can bypass it simply by suppressing it?

News ≈ Packet Storm

ABB Confirms Data Stolen In Black Basta Ransomware Attack

May 30^th 2023 at 16:08

News ≈ Packet Storm

OneMain Pays $4.5M After Ignored Security Flaws Caused Data Breaches

May 29^th 2023 at 14:18

News ≈ Packet Storm

Is Cybersecurity An Unsolvable Problem?

May 29^th 2023 at 14:18

News ≈ Packet Storm

Dutch Watchdog Looking Into Alleged Tesla Data Breach

May 26^th 2023 at 14:19

News ≈ Packet Storm

Reflections On Ten Years Past The Snowden Revelations

May 25^th 2023 at 16:22

News ≈ Packet Storm

Why Are 1.8M Apria Patients Just Now Being Notified Of A 2021 Breach?

May 25^th 2023 at 14:30

News ≈ Packet Storm

KeePass Bug Lets Attackers Extract The Master Password From Memory

May 23^rd 2023 at 13:48

News ≈ Packet Storm

Amazon's PillPack Reports Data Breach Affecting More Than 19,000

May 23^rd 2023 at 13:47

Naked Security

Phone scamming kingpin gets 13 years for running “iSpoof” service

By Naked Security writer — May 22^nd 2023 at 16:58

Site marketing video promised total anonymity, but that was a lie. 170 arrested already. Potentially 1000s more to follow.

ispoof-1200

News ≈ Packet Storm

Google Settles Location Tracking Lawsuit For Only $39.9M

May 22^nd 2023 at 16:20

News ≈ Packet Storm

More UK Councils Caught By Capita's Open AWS Bucket Blunder

May 22^nd 2023 at 16:20

News ≈ Packet Storm

Meta Fined $1.3 Billion, Ordered To Stop Sending EU Data To US

May 22^nd 2023 at 16:20

News ≈ Packet Storm

FTC To Crack Down On Biometric, Health Privacy Violations

May 19^th 2023 at 14:39

News ≈ Packet Storm

Six Million Patients' Data Feared Stolen From PharMerica

May 18^th 2023 at 13:25

News ≈ Packet Storm

DOJ Links Iran, China, And Russia To Five IP-Theft Related Cases

May 18^th 2023 at 13:25

News ≈ Packet Storm

US Charges, Sanctions Russian Ransomware Operator Who Leaked Stolen DC Police Data

May 17^th 2023 at 13:59

News ≈ Packet Storm

Ex-Apple Engineer Accused Of Stealing Self-Driving Car Secrets

May 17^th 2023 at 13:59