AI built by Russian infosec firm Kaspersky was used in Russian drones for its war on Ukraine, volunteer intelligence gatherers claim.…
interview The more cybersecurity news you read, the more often you seem to see a familiar phrase: Software supply chain (SSC) vulnerabilities. Varun Badhwar, founder and CEO at security firm Endor Labs, doesn't believe that's by coincidence. …
A Europol-led operation dubbed “Pandora” has shut down a dozen phone scam centers, and arrested 21 suspects. The cops reckon the action prevented criminals from bilking victims out of more than €10 million (£8.6 million, $11 million).…
Indonesia has acquired spyware and surveillance technologies through a "murky network" that extends into Israel, Greece, Singapore and Malaysia for equipment sourcing, according to Amnesty International.…
Exclusive Five Chinese researchers examined the configurations of nearly 14,000 government websites across the country and found worrying lapses that could lead to malicious attacks, according to a not-yet-peer-reviewed study released last week.…
How many different angles can you have on one data breach? Facial recognition (which probably isn't actual biometrics), gambling, offshore developers, unpaid bills, extortion, sloppy password practices and now, an arrest. On pondering it more after today's livestream, it's the unfathomable stupidity of publishing this data publicly that really strikes me. By all means, have contractual disputes, get lawyers involved and showdown in the courts if you need to, but take data in this fashion and chuck it up online and you're well into criminal territory. It's just nuts, and I suspect there's a lot more yet to play out in this saga.
Microsoft today said it will now let us common folk — not just commercial subscribers — sign into their Microsoft accounts and apps using passkeys with their face, fingerprint, or device PIN.…
Miami resident Onur Aksoy has been sentenced to six and a half years in prison for running a multi-million-dollar operation selling fake Cisco equipment that ended up in the US military.…
Network admins are being urged to patch a bundle of critical vulnerabilities in ArubaOS that lead to remote code execution as a privileged user.…
The US Cybersecurity and Infrastructure Security Agency (CISA) is forcing all federal agencies to patch a critical vulnerability in GitLab's Community and Enterprise editions, confirming it is very much under "active exploit."…
Chinese tech companies that serve as important links in the world's digital supply chains are helping Beijing to execute and refine its propaganda strategy, according to an Australian think tank.…
A Ukrainian man has been sentenced to almost 14 years in prison and ordered to pay more than $16 million in restitution for his role in infecting thousands of victims with REvil ransomware.…
Updated Over a million records describing Australians who visited local pubs and clubs have apparently been posted online.…
Dropbox has revealed a major attack on its systems that saw customers' personal information accessed by unknown and unauthorized entities.…
Fintech biz Block is reportedly under investigation by US prosecutors over claims by a former employee that lax compliance checks mean its Square and Cash App services may have been used by terrorists – or in countries that US orgs are not permitted to do business.…
Jack Blount, the now-ex CEO of Intrusion, has settled with the SEC over allegations he made false and misleading statements about his infosec firm's product as well as his own background and experience.…
Sixteen people are facing charges from US prosecutors for allegedly preying on the elderly and scamming them out of millions of dollars.…
Aussie airline Qantas says its app is now stable following a data breach that saw boarding passes take off from passengers' accounts.…