Cybersecurity

NatWest blocks bevy of apps in clampdown on unmonitorable comms

From guidance to firm action... no more WhatsApp, Meta's Messenger, Signal, Telegram and more

Security14 Nov 2024 | 25

Ransomware fiends boast they've stolen 1.4TB from US pharmacy network

American Associated Pharmacies yet to officially confirm infection

Cyber-crime13 Nov 2024 | 1

'Cybersecurity issue' at Food Lion parent blamed for US grocery mayhem

Stores still open, but customers report delayed deliveries, invoicing issues, and more at Stop & Shop and others

Cyber-crime12 Nov 2024 | 2

HTTP your way into Citrix's Virtual Apps and Desktops with fresh exploit code

'Once again, we've lost a little more faith in the internet,' researcher says

CSO12 Nov 2024 | 3

FBI issues warning as crooks ramp up emergency data request scams

Just because it's .gov doesn't mean that email is trustworthy

Cyber-crime11 Nov 2024 | 12

Dark web crypto laundering kingpin sentenced to 12.5 years in prison

Prosecutors hand Russo-Swede a half-billion bill

Cyber-crime11 Nov 2024 | 23

Alleged Snowflake attacker gets busted by Canadians – politely, we assume

Infosec in brief Also: Crypto hacks will continue; CoD hacker gets thousands banned, and more

Security11 Nov 2024 |

Don't open that 'copyright infringement' email attachment – it's an infostealer

Curiosity gives crims access to wallets and passwords

Research07 Nov 2024 | 21

Cybercrooks are targeting Bengal cat lovers in Australia for some reason

In case today’s news cycle wasn’t shocking enough, here’s a gem from Sophos

Research06 Nov 2024 | 15

Cyberattackers stole Microlise staff data following DHL, Serco disruption

Experts say incident has 'all the hallmarks of ransomware'

Cyber-crime06 Nov 2024 | 5

A new city springs from the rainforest to become Indonesia's tech hub

Jakarta who? Indonesia's new capital, Nusantara, is packed with tech

On-Prem06 Nov 2024 | 17

Don't have MFA on a Google Cloud account? You'll have to from Jan

Lock it up. Lock it up

PaaS + IaaS05 Nov 2024 | 6

Washington courts grapple with statewide outage after 'unauthorized activity'

Justice still being served, but many systems are down

Security05 Nov 2024 | 1

Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack

Victims were placed in serious danger following highly sensitive data dump

Cyber-crime04 Nov 2024 | 5

Why the long name? Okta discloses auth bypass bug affecting 52-character usernames

Mondays are for checking months of logs, apparently, if MFA's not enabled

Security04 Nov 2024 | 14

Public sector cyber break-ins: Our money, our lives, our right to know

Opinion Is that a walrus in your server logs, or aren't you pleased to see me?

Cyber-crime04 Nov 2024 | 24

Six IT contractors accused of swindling Uncle Sam out of millions

Infosec in brief Also, ecommerce fraud ring disrupted, another Operation Power Off victory, Sino SOHO botnet spotted, and more

Security03 Nov 2024 | 11

Financial institutions told to get their house in order before the next CrowdStrike strikes

Calls for improvements will soon turn into demands when new rules come into force

Security02 Nov 2024 | 29

UK councils bat away DDoS barrage from pro-Russia keyboard warriors

Local authority websites downed in response to renewed support for Ukraine

AI Infrastructure Month01 Nov 2024 | 34

Amazon adds MFA to its enterprise email service ... eight years after launch

No rush, guys

On-Prem31 Oct 2024 | 1

LottieFiles supply chain attack exposes users to malicious crypto wallet drainer

A scary few Halloween hours for team behind hugely popular web plugin

Cyber-crime31 Oct 2024 | 11

Chinese attackers accessed Canadian government networks – for five years

India makes it onto list of likely threats for the first time

Cybersecurity Month31 Oct 2024 | 15

Fired Disney staffer accused of hacking menu to add profanity, wingdings, removes allergen info

If you're gonna come at the mouse, you need to be better at hiding your tracks

Security30 Oct 2024 | 58

Russian spies use remote desktop protocol files in unusual mass phishing drive

The prolific Midnight Blizzard crew cast a much wider net in search of scrummy intel

Cyber-crime30 Oct 2024 | 17

Belgian cops cuff 2 suspected cybercrooks in Redline, Meta infostealer sting

US also charges an alleged Redline dev, no mention of an arrest

Cyber-crime29 Oct 2024 | 1

Admins better Spring into action over latest critical open source vuln

Patch up: The Spring framework dominates the Java ecosystem

Security29 Oct 2024 | 1

Skyscraper-high sewage plume erupts in Moscow

Ukrainian hackers again, or just 50+ year old infrastructure showing its age? Either way, it's a mess

Offbeat28 Oct 2024 | 80

Delta officially launches lawyers at $500M CrowdStrike problem

Legal action comes months after alleging negligence by Falcon vendor

Cybersecurity Month28 Oct 2024 | 23

Dutch cops pwn the Redline and Meta infostealers, leak 'VIP' aliases

Legal proceedings underway with more details to follow

Cybersecurity Month28 Oct 2024 | 5

Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns

Infosec in brief Also, Change Healthcare sets a record, cybercrime cop suspect indicted, a new Mallox decryptor, and more

Security27 Oct 2024 | 34

Here's a NIS2 compliance checklist since no one cares about deadlines anymore

Only two EU members have completed the transposition into domestic law

Cybersecurity Month24 Oct 2024 | 11

Samsung phone users under attack, Google warns

Don't ignore this nasty zero day exploit says TAG

Cyber-crime24 Oct 2024 | 10

Penn State pays DoJ $1.25M to settle cybersecurity compliance case

Fight On, State? Not this time

Security23 Oct 2024 | 3

Tech firms to pay millions in SEC penalties for misleading SolarWinds disclosures

Unisys, Avaya, Check Point, and Mimecast settled with the agency without admitting or denying wrongdoing

Software22 Oct 2024 | 7

Akira ransomware is encrypting victims again following pure extortion fling

Crooks revert to old ways for greater efficiency

Cybersecurity Month22 Oct 2024 | 2

Telcos find cloud migrations, security, are a pain in the IaaS

Carriers consume less than half the cloud they committed to use

PaaS + IaaS22 Oct 2024 | 17

Pixel perfect Ghostpulse malware loader hides inside PNG image files

Miscreants combine it with an equally tricky piece of social engineering

Cybersecurity Month22 Oct 2024 | 31

macOS HM Surf vuln might already be under exploit by major malware family

Like keeping your camera and microphone private? Patch up

Cybersecurity Month21 Oct 2024 | 16

Jetpack fixes 8-year-old flaw affecting millions of WordPress sites

In Brief - Updated Also, new EU cyber reporting rules are live, exploiters hit the gas pedal, free PDNS for UK schools, and more

Security18 Oct 2024 | 5

Spectre flaws continue to haunt Intel and AMD as researchers find fresh attack method

The indirect branch predictor barrier is less of a barrier than hoped

Cybersecurity Month18 Oct 2024 | 28

Alleged Bitcoin crook faces 5 years after SEC's X account pwned

SIM swappers strike again, warping cryptocurrency prices

Cybersecurity Month18 Oct 2024 | 13

ESET denies it was compromised as Israeli orgs targeted with 'ESET-branded' wipers

Says 'limited' incident isolated to 'partner company'

Cybersecurity Month18 Oct 2024 | 3

Healthcare Services Group discloses 'cybersecurity incident' in SEC filing

Laundry and dining provider still investigating cause and scope

Cybersecurity Month18 Oct 2024 | 5

Troubled US insurance giant hit by extortion after data leak

Globe Life claims blackmailers shared stolen into with short sellers

Security17 Oct 2024 |

WeChat devs introduced security flaws when they modded TLS, say researchers

No attacks possible, but enough issues to cause concern

Cybersecurity Month17 Oct 2024 | 15

US contractor pays $300K to settle accusation it didn't properly look after Medicare users' data

Resolves allegations it improperly stored screenshots containing PII that were later snaffled

Cybersecurity Month16 Oct 2024 | 7

Microsoft says more ransomware stopped before reaching encryption

Volume of attacks still surging though, according to Digital Defense Report

Cyber-crime15 Oct 2024 | 6

Microsoft says tougher punishments needed for state-sponsored cybercriminals

Although it also reaffirmed commitment to secure-by-design initiatives

AI Infrastructure Month15 Oct 2024 | 17

US healthcare org admits up to 400,000 people's personal info was snatched

It waited till just before Columbus Day weekend to make mandated filing, but don't worry, we saw it

Cybersecurity Month14 Oct 2024 | 3

Thousands of Fortinet instances vulnerable to actively exploited flaw

No excuses for not patching this nine-month-old issue

Cybersecurity Month14 Oct 2024 | 8

Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption

With an off-the-shelf D-Wave machine, but only against very short keys

Cybersecurity Month14 Oct 2024 | 22

US and UK govts warn: Russia scanning for your unpatched vulnerabilities

in brief Also, phishing's easier over the phone, and your F5 cookies might be unencrypted, and more

Security12 Oct 2024 | 11

INC ransomware rebrands to Lynx – same code, new name, still up to no good

Researchers point to evidence that scumbags visited the strategy boutique

Cybersecurity Month11 Oct 2024 | 9

Ukraine cyber cops collar man who allegedly hooked citizens up to Russian internet

'Self-taught hacker' facing a possible 15 years in the slammer

Cybersecurity Month11 Oct 2024 | 10

Keir Starmer hands ex-Darktrace boss investment minister gig

What's harder? Convincing people to invest in a beleaguered security business or a tiny island everybody hates?

Public Sector11 Oct 2024 | 53

Healthcare attacks spread beyond US – just ask India's Star Health

Updated Acknowledges bulk customer data leak weeks after Telegram channels dangled it online

Cyber-crime11 Oct 2024 | 1