Badass Russian techie outsmarts FSB, flees Putinland all while being tracked with spyware Threatened with life in prison, Kyiv charity worker gives middle finger to state spies Security06 Dec 2024 | 13
Ransomware hangover, Putin grudge blamed for vodka maker's bankruptcy Stoli Group on the rocks in the US Security05 Dec 2024 | 27
Perfect 10 directory traversal vuln hits SailPoint's IAM solution Updated 20-year-old info disclosure class bug still pervades security software Patches03 Dec 2024 | 6
Severity of the risk facing the UK is widely underestimated, NCSC annual review warns National cyber emergencies increased threefold this year Cyber-crime03 Dec 2024 | 18
Interpol nabs thousands, seizes millions in global cybercrime-busting op Infosec in brief Also, script kiddies still a threat, Tornado Cash is back, UK firms lose billions to avoidable attacks, and more Security01 Dec 2024 | 7
RansomHub claims to net data hat-trick against Bologna FC Crooks say they have stolen sensitive files on managers and players Cyber-crime30 Nov 2024 | 2
Zabbix urges upgrades after critical SQL injection bug disclosure US agencies blasted 'unforgivable' SQLi flaws earlier this year Patches29 Nov 2024 | 7
NHS major 'cyber incident' forces hospitals to use pen and paper Systems are isolated and pulled offline, while scheduled procedures are canceled Cyber-crime28 Nov 2024 | 56
First-ever UEFI bootkit for Linux in the works, experts say Bootkitty doesn’t bite… yet Research27 Nov 2024 | 11
Man accused of hilariously bad opsec as alleged cybercrime spree detailed Complaint claims he trespassed, gave himself discounts, and sorted CCTV access… Cyber-crime26 Nov 2024 | 24
Another 'major cyber incident' at a UK hospital, outpatients asked to stay away Third time this year an NHS unit's IT systems have come under attack Cyber-crime26 Nov 2024 | 53
QNAP and Veritas dump 30-plus vulns over the weekend Updated Just what you want to find when you start a new week Patches26 Nov 2024 | 2
China has utterly pwned 'thousands and thousands' of devices at US telcos Senate Intelligence Committee chair says his 'hair is on fire' as execs front the White House Cyber-crime25 Nov 2024 | 51
Russian spies may have moved in next door to target your network Infosec in brief Plus: Microsoft seizes phishing domains; Helldown finds new targets; Illegal streaming with Jupyter, and more Security25 Nov 2024 | 22
'Alarming' security bugs lay low in Linux's needrestart utility for 10 years Update now: Qualys says flaws give root to local users, 'easily exploitable', default in Ubuntu Server Research21 Nov 2024 | 15
D-Link tells users to trash old VPN routers over bug too dangerous to identify Vendor offers 20% discount on new model, but not patches CSO20 Nov 2024 | 59
America's drinking water systems have a hard-to-swallow cybersecurity problem More than 100M rely on gear rife with vulnerabilities, says EPA OIG Public Sector19 Nov 2024 | 20
Palo Alto Networks tackles firewall-busting zero-days with critical patches Amazing that these two bugs got into a production appliance, say researchers Patches19 Nov 2024 | 4
Crook breaks into AI biz, points $250K wire payment at their own account Fastidious attacker then tidied up email trail behind them Cyber-crime19 Nov 2024 | 12
Sweden's 'Doomsday Prep for Dummies' guide hits mailboxes today First in six years is nearly three times the size of the older, pre-NATO version Security18 Nov 2024 | 39
Teen serial swatter-for-hire busted, pleads guilty, could face 20 years Infosec in brief PLUS: Cost of Halliburton hack disclosed; Time to dump old D-Link NAS; More UN cybercrime convention concerns; and more Security18 Nov 2024 | 23
Cybercriminal devoid of boundaries gets 10-year prison sentence Serial extortionist of medical facilities stooped to cavernous lows in search of small payouts Cyber-crime14 Nov 2024 | 6
Kids' shoemaker Start-Rite trips over security again, spilling customer card info Updated Full details exposed, putting shoppers at serious risk of fraud Cyber-crime14 Nov 2024 | 14
NatWest blocks bevy of apps in clampdown on unmonitorable comms From guidance to firm action... no more WhatsApp, Meta's Messenger, Signal, Telegram and more Security14 Nov 2024 | 25
Ransomware fiends boast they've stolen 1.4TB from US pharmacy network American Associated Pharmacies yet to officially confirm infection Cyber-crime13 Nov 2024 | 1
'Cybersecurity issue' at Food Lion parent blamed for US grocery mayhem Stores still open, but customers report delayed deliveries, invoicing issues, and more at Stop & Shop and others Cyber-crime12 Nov 2024 | 2
HTTP your way into Citrix's Virtual Apps and Desktops with fresh exploit code 'Once again, we've lost a little more faith in the internet,' researcher says CSO12 Nov 2024 | 3
FBI issues warning as crooks ramp up emergency data request scams Just because it's .gov doesn't mean that email is trustworthy Cyber-crime11 Nov 2024 | 12
Dark web crypto laundering kingpin sentenced to 12.5 years in prison Prosecutors hand Russo-Swede a half-billion bill Cyber-crime11 Nov 2024 | 24
Alleged Snowflake attacker gets busted by Canadians – politely, we assume Infosec in brief Also: Crypto hacks will continue; CoD hacker gets thousands banned, and more Security11 Nov 2024 |
Don't open that 'copyright infringement' email attachment – it's an infostealer Curiosity gives crims access to wallets and passwords Research07 Nov 2024 | 21
Cybercrooks are targeting Bengal cat lovers in Australia for some reason In case today’s news cycle wasn’t shocking enough, here’s a gem from Sophos Research06 Nov 2024 | 15
Cyberattackers stole Microlise staff data following DHL, Serco disruption Experts say incident has 'all the hallmarks of ransomware' Cyber-crime06 Nov 2024 | 5
A new city springs from the rainforest to become Indonesia's tech hub Jakarta who? Indonesia's new capital, Nusantara, is packed with tech On-Prem06 Nov 2024 | 17
Don't have MFA on a Google Cloud account? You'll have to from Jan Lock it up. Lock it up PaaS + IaaS05 Nov 2024 | 6
Washington courts grapple with statewide outage after 'unauthorized activity' Justice still being served, but many systems are down Security05 Nov 2024 | 1
Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack Victims were placed in serious danger following highly sensitive data dump Cyber-crime04 Nov 2024 | 5
Why the long name? Okta discloses auth bypass bug affecting 52-character usernames Mondays are for checking months of logs, apparently, if MFA's not enabled Security04 Nov 2024 | 14
Public sector cyber break-ins: Our money, our lives, our right to know Opinion Is that a walrus in your server logs, or aren't you pleased to see me? Cyber-crime04 Nov 2024 | 24
Six IT contractors accused of swindling Uncle Sam out of millions Infosec in brief Also, ecommerce fraud ring disrupted, another Operation Power Off victory, Sino SOHO botnet spotted, and more Security03 Nov 2024 | 11
Financial institutions told to get their house in order before the next CrowdStrike strikes Calls for improvements will soon turn into demands when new rules come into force Security02 Nov 2024 | 34
UK councils bat away DDoS barrage from pro-Russia keyboard warriors Local authority websites downed in response to renewed support for Ukraine Cyber-crime01 Nov 2024 | 34
Amazon adds MFA to its enterprise email service ... eight years after launch No rush, guys On-Prem31 Oct 2024 | 1
LottieFiles supply chain attack exposes users to malicious crypto wallet drainer A scary few Halloween hours for team behind hugely popular web plugin Cyber-crime31 Oct 2024 | 11
Chinese attackers accessed Canadian government networks – for five years India makes it onto list of likely threats for the first time Cybersecurity Month31 Oct 2024 | 15
Fired Disney staffer accused of hacking menu to add profanity, wingdings, removes allergen info If you're gonna come at the mouse, you need to be better at hiding your tracks Security30 Oct 2024 | 58
Russian spies use remote desktop protocol files in unusual mass phishing drive The prolific Midnight Blizzard crew cast a much wider net in search of scrummy intel Cyber-crime30 Oct 2024 | 18
Belgian cops cuff 2 suspected cybercrooks in Redline, Meta infostealer sting US also charges an alleged Redline dev, no mention of an arrest Cyber-crime29 Oct 2024 | 1
Admins better Spring into action over latest critical open source vuln Patch up: The Spring framework dominates the Java ecosystem Security29 Oct 2024 | 1
Skyscraper-high sewage plume erupts in Moscow Ukrainian hackers again, or just 50+ year old infrastructure showing its age? Either way, it's a mess Offbeat28 Oct 2024 | 80
Delta officially launches lawyers at $500M CrowdStrike problem Legal action comes months after alleging negligence by Falcon vendor Cybersecurity Month28 Oct 2024 | 23
Dutch cops pwn the Redline and Meta infostealers, leak 'VIP' aliases Legal proceedings underway with more details to follow Cybersecurity Month28 Oct 2024 | 5
Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns Infosec in brief Also, Change Healthcare sets a record, cybercrime cop suspect indicted, a new Mallox decryptor, and more Security27 Oct 2024 | 34
Here's a NIS2 compliance checklist since no one cares about deadlines anymore Only two EU members have completed the transposition into domestic law Cybersecurity Month24 Oct 2024 | 11
Samsung phone users under attack, Google warns Don't ignore this nasty zero day exploit says TAG Cyber-crime24 Oct 2024 | 10
Penn State pays DoJ $1.25M to settle cybersecurity compliance case Fight On, State? Not this time Security23 Oct 2024 | 3
Tech firms to pay millions in SEC penalties for misleading SolarWinds disclosures Unisys, Avaya, Check Point, and Mimecast settled with the agency without admitting or denying wrongdoing Software22 Oct 2024 | 7
Akira ransomware is encrypting victims again following pure extortion fling Crooks revert to old ways for greater efficiency Cybersecurity Month22 Oct 2024 | 2
Telcos find cloud migrations, security, are a pain in the IaaS Carriers consume less than half the cloud they committed to use PaaS + IaaS22 Oct 2024 | 17
Pixel perfect Ghostpulse malware loader hides inside PNG image files Miscreants combine it with an equally tricky piece of social engineering Cybersecurity Month22 Oct 2024 | 34
macOS HM Surf vuln might already be under exploit by major malware family Like keeping your camera and microphone private? Patch up Cybersecurity Month21 Oct 2024 | 16
Jetpack fixes 8-year-old flaw affecting millions of WordPress sites In Brief - Updated Also, new EU cyber reporting rules are live, exploiters hit the gas pedal, free PDNS for UK schools, and more Security18 Oct 2024 | 5