FBI: Look out, crooks stole $1.3b in cryptocurrency in just three months this year DeFi, as in, defying belief Cyber-crime01 Sep 2022 | 9
77% of security leaders fear we’re in perpetual cyberwar from now on In brief Also, Charming Kittens from Iran scrape email inboxes, France could fine Google again, and more CSO27 Aug 2022 | 32
80,000 internet-connected cameras still vulnerable after critical patch offered Just more IoT conscripts for the botnet armies Patches24 Aug 2022 | 15
Attacker snags account details from streaming service Plex 'Limited subset' of users have emails, usernames, and hashed passwords stolen from the platform Cyber-crime24 Aug 2022 | 18
Smartphone gyroscopes threaten air-gapped systems, researcher finds Network interface card LEDs are a risk too by blinking in Morse code CSO23 Aug 2022 | 54
LockBit gang hit by DDoS attack after threatening to leak Entrust ransomware data Prolific group pummeled days after claiming to be file thief behind attack on cybersecurity vendor Cyber-crime22 Aug 2022 | 7
Zoom patches make-me-root security flaw, patches patch In brief Plus: See if in-app browsers are monitoring you, a novel industrial network attack technique, and more Security22 Aug 2022 | 21
Ransomware attack on UK water company clouded by confusion Clop gang thought it hit Thames Water – but real victim was elsewhere Cyber-crime18 Aug 2022 | 44
PC store told it can't claim full cyber-crime insurance after social-engineering attack Two different kinds of fraud, says judge while throwing out lawsuit against insurer CSO16 Aug 2022 | 4
Ukraine's cyber chief comes to Black Hat in surprise visit Black Hat In Brief TL;DR: The news isn't good Security13 Aug 2022 | 6
Higher risks and premiums are creating critical gap in cyber insurance Black Hat Most organizations don’t have the financial resources necessary to address ransomware and other cyberattacks, BlackBerry says Security11 Aug 2022 | 4
AWS and Splunk partner for faster cyberattack response Black Hat OCSF initiative will give enterprise security teams an open standard for moving and analyzing threat data Security11 Aug 2022 |
Don't be surprised if your organization suffers multiple cyberattacks Black Hat Failing to fix flaws, a crowded threat group scene, RaaS, and dependencies among crooks are fueling the trend Security11 Aug 2022 | 5
Malicious deepfakes used in attacks up 13% from last year, VMware finds Plus: Crooks swimming around your network, looking for a way in, says Incident Response Threat Report Security09 Aug 2022 |
US treasury whips up sanctions for crypto mixer Tornado Cash Being the money launderer for North Korea’s Lazarus Group comes at a price Cyber-crime08 Aug 2022 | 21
DuckDuckGo says Hell, Hell, No to those Microsoft trackers after web revolt In brief Plus: That Twitter privacy leak, scammers send Ubers for victims, critical flaw in Cisco gear, and more Security06 Aug 2022 | 38
Warning! Critical flaws found in US Emergency Alert System DEF CON may be about to blow lid off security hole Patches05 Aug 2022 | 14
Microsoft widens enterprise access to its threat intelligence pool Organizations can be more proactive in tracking threats, finding holes in their protection Security03 Aug 2022 |
Akamai: We stopped record DDoS attack in Europe A 'sophisticated, global botnet' held an Eastern European biz under siege over 30 days Cyber-crime01 Aug 2022 | 12
Tim Hortons offers free coffee and donut to settle data privacy invasion claims In brief Also, malicious VBA macros are out and container files are in, Robin Banks helps criminals rob banks, and more Security30 Jul 2022 | 36
Decentralized IPFS networks forming the 'hotbed of phishing' P2P file system makes it more difficult to detect and take down malicious content Security29 Jul 2022 | 23
Businesses confess: We pass cyberattack costs onto customers Cover an average of $4.4 million per raid ourselves? No chance, mate Security29 Jul 2022 | 21
LockBit ransomware gang claims it ransacked Italy’s tax agency Miscreants boast of 78GB haul, officials say everything's fine Security26 Jul 2022 | 7
DoJ approves Google's acquisition of Mandiant In Brief Plus: Ukrainian fake news and Uber admits covering up data breach Security25 Jul 2022 | 2
DataDome looks to CAPTCHA the moment with test of humanity that doesn't hurt As the verification technology weathers ongoing criticism from users, one anti-bot security vendor rolls out its own tool Security21 Jul 2022 | 15
Botnet malware disguises itself as password cracker for industrial controllers Can't get into that machine? No problem, just trust this completely sketchy looking tool Research18 Jul 2022 | 8
Albanian government websites go dark after cyberattack Updated Citizen services only moved online in May. What could possibly go wrong? Security18 Jul 2022 | 3
North Koreans spotted harassing SMBs with malware In brief Also: Lawyers told to dissuade clients from paying off ransomware crooks, and more Security16 Jul 2022 | 16
How data on a billion people may have leaked from a Chinese police dashboard Record-breaking dump thanks to password-less Kibana endpoint? Research10 Jul 2022 | 24
FBI and MI5 bosses: China cheats and steals at massive scale Other US spooks chime in with similar warnings Security07 Jul 2022 | 82
Apple's latest security feature could literally save lives Cupertino is so sure of Lockdown Mode it's offering $2m to bug hunters to break it Personal Tech06 Jul 2022 | 57
Billion-record stolen Chinese database for sale on breach forum Appears to have leaked from a cloud thanks to sloppy coding Cyber-crime05 Jul 2022 | 15
Google location tracking to forget you were ever at that medical clinic In brief Plus: Cyber-mercenaries said to target legal world, backdoor found on web servers, and more Security02 Jul 2022 | 75
Cyberattack shuts down unemployment, labor websites across the US Software maker GSI took systems offline, affecting thousands of people in as many as 40 states Cyber-crime01 Jul 2022 | 8
Israel plans ‘Cyber-Dome’ to defeat digital attacks from Iran and others Already has 'Iron Dome' – does it need another hero? Security30 Jun 2022 | 20
Start using Modern Auth now for Exchange Online Before Microsoft shutters basic logins in a few months CSO29 Jun 2022 | 28
Carnival Cruises torpedoed by US states, agrees to pay $6m after wave of cyberattacks Now those are some phishing boats Cyber-crime28 Jun 2022 | 17
Contractor loses entire Japanese city's personal data in USB fail In brief Also, Chrome add-ons are great for fingerprinting, and hacked hot tubs splurge details CSO27 Jun 2022 | 14
$6b mega contract electronics vendor Sanmina jumps into zero trust Company was an early adopter of Google Cloud, which led to a search for a new security architecture CSO23 Jun 2022 | 1
Israeli air raid sirens triggered in possible cyberattack Source remains unclear, plenty suspect Iran Cyber-crime22 Jun 2022 | 2
There are 24.6 billion pairs of credentials for sale on dark web In brief Plus: Citrix ASM has some really bad bugs, and more Security20 Jun 2022 | 3
OMIGOD: Cloud providers still using secret middleware RSA Conference in brief All the news you may have missed from RSA this week Security11 Jun 2022 | 18
Symbiote Linux malware spotted – and infections are 'very hard to detect' Performing live forensics on hijacked machine may not turn anything up, warn researchers Research10 Jun 2022 | 21
Russia, China warn US its cyber support of Ukraine has consequences Countries that accept US infosec help told they could pay a price too Security10 Jun 2022 | 17
Facebook phishing campaign nets millions in IDs and cash Hundreds of millions of stolen credentials and a cool $59 million Cyber-crime09 Jun 2022 | 8
Google has more reasons why it doesn't like antitrust law that affects Google It'll ruin Gmail, claims web ads giant Security08 Jun 2022 | 13
Feds raid dark web market selling data on 24 million Americans SSNDOB sold email addresses, passwords, credit card numbers, SSNs and more Cyber-crime08 Jun 2022 | 9
IBM buys Randori to address multicloud security messes RSA Conference Big Blue joins the hot market for infosec investment Security07 Jun 2022 | 3
Costa Rican government held up by ransomware … again In brief Also US warns of voting machine flaws and Google pays out $100 million to Illinois Security06 Jun 2022 | 8
Healthcare organizations face rising ransomware attacks – and are paying up Via their insurance companies, natch Research03 Jun 2022 | 10
Ransomware attack sends US county back to 1977 In brief Also: Uni details its malware-catching AI, signs of China poking the Russian cyber-bear, and more Patches29 May 2022 | 8
This Windows malware uses PowerShell to inject malicious extension into Chrome And that's a bit odd, says Red Canary Research27 May 2022 | 13
Verizon: Ransomware sees biggest jump in five years We're only here for DBIRs Research26 May 2022 | 6
Ex-spymaster and fellow Brexiteers' emails leaked by suspected Russian op A 'Very English Coop (sic) d'Etat' Research26 May 2022 | 166
Vehicle owner data exposed in GM credential-stuffing attack Car maker says miscreants used stolen logins to break into folks' accounts Security25 May 2022 | 29
Quad nations pledge deeper collaboration on infosec, data-sharing, and more But think tank says its past attempts at working together haven't gone well Security25 May 2022 | 8
381,000-plus Kubernetes API servers 'exposed to internet' Firewall isn't a made-up word from the Hackers movie, people Devops23 May 2022 | 17
Protecting data now as the quantum era approaches Analysis Startup QuSecure is the latest vendor to jump into the field with its as-a-service offering Security20 May 2022 | 2
Hot glare of the spotlight doesn’t slow BlackByte ransomware gang Crew's raids continue worldwide, Talos team warns Research19 May 2022 | 4
Monero-mining botnet targets Windows, Linux web servers Sysrv-K malware infects unpatched tin, Microsoft warns Cyber-crime18 May 2022 | 10
Shopping for malware: $260 gets you a password stealer. $90 for a crypto-miner... We take a look at low, low subscription prices – not that we want to give anyone any ideas Research14 May 2022 | 6
'Peacetime in cyberspace is a chaotic environment' says senior US advisor Black Hat Asia The internet is now the first battleground of any new war – before the shooting starts Cyber-crime13 May 2022 | 2