Facing sale or ban, TikTok tossed under national security bus by appeals court Video slinger looks to Supremes for salvation, though anything could happen under Trump Personal Tech06 Dec 2024 | 1
PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files updated Still unpatched 100+ days later, watchTowr says Cyber-crime06 Dec 2024 | 4
Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' Redmond threat intel maven talks explains this persistent pain to The Reg Security06 Dec 2024 | 10
T-Mobile US CSO: Spies jumped from one telco to another in a way 'I've not seen in my career' interview Security chief talks to El Reg as Feds urge everyone to use encrypted chat CSO05 Dec 2024 | 53
Major energy contractor reports 'limited' access to IT after ransomware locks files ENGlobal customers include the Pentagon as well as major oil and gas producers Security03 Dec 2024 | 11
Data on 760K workers from Xerox, Nokia, BofA, Morgan Stanley and more dumped online Yet another result of the MOVEit mess Cyber-crime03 Dec 2024 | 3
AWS unveils cloud security IR service for a mere $7K a month Re:Invent Tap into the infinite scalability... of pricing Security03 Dec 2024 | 5
Telco security is a dumpster fire and everyone's getting burned Opinion The politics of cybersecurity are too important to be left to the politicians Security02 Dec 2024 | 62
The only thing worse than being fired is scammers fooling you into thinking you're fired Scumbags play on victims' worst fears in phishing campaign referencing UK Employment Tribunal Cyber-crime28 Nov 2024 | 50
Salt Typhoon's surge extends far beyond US telcos Plus, a brand-new backdoor, GhostSpider, is linked to the cyber spy crew's operations Security27 Nov 2024 | 7
T-Mobile US takes a victory lap after stopping cyberattacks: 'Other providers may be seeing different outcomes' Funny what putting more effort and resources into IT security can do CSO27 Nov 2024 | 9
Data broker leaves 600K+ sensitive files exposed online Exclusive Researcher spotted open database before criminals … we hope Research27 Nov 2024 | 22
The workplace has become a surveillance state Cracked Labs report explores the use of motion sensors and wireless networking kit to monitor offices CxO27 Nov 2024 | 70
CrowdStrike still doesn't know how much its Falcon flame-out will cost Thinks customers may have forgiven it after revenue hits a record Security27 Nov 2024 | 19
US senators propose law to require bare minimum security standards In case anyone forgot about Change Healthcare Security26 Nov 2024 | 15
Britain Putin up stronger AI defences to counter growing cyber threats 'Be in no doubt: the UK and others in this room are watching Russia' Security26 Nov 2024 | 26
Supply chain management vendor Blue Yonder succumbs to ransomware And it looks like major UK retailers that rely on it are feeling the pinch Cyber-crime26 Nov 2024 | 9
Security? We've heard of it: How Microsoft plans to better defend Windows Ignite Did we say CrowdStrike? We meant, er, The July Incident... CSO25 Nov 2024 | 27
China has utterly pwned 'thousands and thousands' of devices at US telcos Senate Intelligence Committee chair says his 'hair is on fire' as execs front the White House Cyber-crime25 Nov 2024 | 51
Volunteer DEF CON hackers dive into America's leaky water infrastructure Six sites targeted for security clean-up, just 49,994 to go Security24 Nov 2024 | 13
We can clone you wholesale: Boffins build ML agents that respond like specific people Oh, AI wanna be like you, AI wanna walk like you, talk like you, too AI + ML24 Nov 2024 | 49
Trump taps border hawk to head DHS. Will Noem's 'enthusiasm' extend to digital domain? Analysis Meanwhile, CISA chief Jen Easterly will step down prior to inauguration Public Sector23 Nov 2024 | 51
Andrew Tate's site ransacked, subscriber data stolen He'll just have to take this one on the chin Cyber-crime22 Nov 2024 | 106
1,000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole Updated PAN-PAN! Intruders inject web shell backdoors, crypto-coin miners, more CSO22 Nov 2024 | 22
Here's what happens if you don't layer network security – or remove unused web shells TL;DR: Attackers will break in and pwn you, as a US government red team demonstrated Security22 Nov 2024 | 4
DARPA-backed voting system for soldiers abroad savaged VotingWorks, developer of the system, disputes critics' claims Security21 Nov 2024 | 5
Five Scattered Spider suspects indicted for phishing spree and crypto heists DoJ also shutters allleged crimeware and credit card mart PopeyeTools Cyber-crime21 Nov 2024 | 3
Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senator Meet Liminal Panda, which prowls telecom networks in South Asia and Africa CSO20 Nov 2024 | 32
Google's AI bug hunters sniff out two dozen-plus code gremlins that humans missed OSS-Fuzz is making a strong argument for LLMs in security research AI + ML20 Nov 2024 | 9
Data is the new uranium – incredibly powerful and amazingly dangerous Column CISOs are quietly wishing they had less data, because the cost of management sometimes exceeds its value CSO20 Nov 2024 | 46
Healthcare org Equinox notifies 21K patients and staff of data theft Ransomware scum LockBit claims it did the dirty deed Cyber-crime20 Nov 2024 | 1
China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer No word on when or if the issue will be fixed Security19 Nov 2024 | 2
Russian suspected Phobos ransomware admin extradited to US over $16M extortion This malware is FREE for EVERY crook ($300 decryption keys sold separately) Cyber-crime19 Nov 2024 | 5
Microsoft unleashes autonomous Copilot AI agents in public preview Ignite They can learn, adapt, and make decisions – but don't worry, they're not coming for your job PaaS + IaaS19 Nov 2024 | 9
iOS 18 added secret and smart security feature that reboots iThings after three days Security researcher's reverse engineering effort reveals undocumented reboot timer that will make life harder for attackers Security19 Nov 2024 | 43
Citrix gives its Platform a polish with enhanced management tools Admins promised they can get stuff done with fewer clicks this year … or maybe next Software19 Nov 2024 | 5
Ford 'actively investigating' after employee data allegedly parked on leak site Updated Plus: Maxar Space Systems confirms employee info stolen in digital intrusion Security18 Nov 2024 | 3
Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble If you didn't fix this a month ago, your to-do list probably needs a reshuffle Virtualization18 Nov 2024 | 4
T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears updated Un-carrier said to be among those hit by Salt Typhoon, including AT&T, Verizon Networks18 Nov 2024 | 2
Will passkeys ever replace passwords? Can they? Systems Approach Here's why they really should Security17 Nov 2024 | 125
Rust haters, unite! Fil-C aims to Make C Great Again It's memory-safe, with a few caveats Software16 Nov 2024 | 104
Letting chatbots run robots ends as badly as you'd expect LLM-controlled droids easily jailbroken to perform mayhem, researchers warn AI + ML16 Nov 2024 | 44
Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit Yank access to management interface, stat CSO15 Nov 2024 | 28
Microsoft Power Pages misconfigurations exposing sensitive data NHS supplier that leaked employee info fell victim to fiddly access controls that can leave databases dangling online Security15 Nov 2024 | 6
Fortinet patches VPN app flaw that could give rogue users, malware a privilege boost Plus a bonus hard-coded local API key Patches14 Nov 2024 |
Five Eyes infosec agencies list 2023's most exploited software flaws Slack patching remains a problem – which is worrying as crooks increasingly target zero-day vulns CSO14 Nov 2024 | 28
Reminder: China-backed crews compromised 'multiple' US telcos in 'significant cyber espionage campaign' Updated Feds don't name Salt Typhoon, but describe Beijing band's alleged deeds Research14 Nov 2024 | 5
ShrinkLocker ransomware scrambled your files? Free decryption tool to the rescue Plus: CISA's ScubaGear dives deep to fix M365 misconfigs CSO14 Nov 2024 | 3
Here's how a Trump presidency could change the tech industry Kettle Anything could happen in the next half ... decade Public Sector13 Nov 2024 | 123
Data broker amasses 100M+ records on people – then someone snatches, sells it We call this lead degeneration Cyber-crime13 Nov 2024 | 18
China's Volt Typhoon crew and its botnet surge back with a vengeance Ohm, for flux sake Public Sector13 Nov 2024 | 4
Here's what we know about the suspected Snowflake data extortionists A Canadian and an American living in Turkey 'walk into' cloud storage environments… Cyber-crime12 Nov 2024 | 5
To kill memory safety bugs in C code, try the TrapC fork Exclusive Memory-safe variant is planned for next year Software12 Nov 2024 | 73
Amazon confirms employee data exposed in leak linked to MOVEit vulnerability Over 5 million records from 25 organizations posted to black hat forum Cyber-crime12 Nov 2024 | 2
Scattered Spider, BlackCat claw their way back from criminal underground We all know by now that monsters never die, right? Cyber-crime08 Nov 2024 | 1
Canada closes TikTok's offices but leaves using the app a matter of 'personal choice' Govt order destroys 'hundreds of well-paying local jobs', eh Personal Tech08 Nov 2024 | 29
Winos4.0 abuses gaming apps to infect, control Windows machines 'Multiple' malware samples likely targeting education orgs Security08 Nov 2024 | 6
Operation Synergia II sees Interpol swoop on global cyber crims 22,000 IP addresses taken down, 59 servers seized, 41 arrests in 95 countries Cyber-crime06 Nov 2024 | 3
China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks updated Alleged intrusion spotted in June Security06 Nov 2024 | 5
Scumbag puts 'stolen' Nokia source code, SSH and RSA keys, more up for sale Data pinched from pwned outside supplier, thief claims Cyber-crime06 Nov 2024 | 6
Your air fryer might be snitching on you to China Report shines light on unexpected ways your devices sell you out Networks05 Nov 2024 | 170
Schneider Electric ransomware crew demands $125k paid in baguettes Hellcat crew claimed to have gained access via the company's Atlassian Jira system Cyber-crime05 Nov 2024 | 46