Don't be like these 900+ websites and expose millions of passwords via Firebase Warning: Poorly configured Google Cloud databases spill billing info, plaintext credentials CSO18 Mar 2024 | 5
Fujitsu reveals malware installed on internal systems, risk of customer data spill Sneaky software slips past shields, spurring scramble Security18 Mar 2024 | 3
Cyber baddies leak 70M+ files online, claim they're from AT&T Telco reckons data is old, isn't from its systems Security18 Mar 2024 | 2
Infosec teams must be allowed to fail, argues Gartner But failing to recover from incidents is unforgivable because 'adrenalin does not scale' Security18 Mar 2024 | 13
In the rush to build AI apps, please, please don't leave security behind Feature Supply-chain attacks are definitely possible and could lead to data theft, system hijacking, and more AI + ML17 Mar 2024 | 18
Forget TikTok – Chinese spies want to steal IP by backdooring digital locks Updated Uncle Sam can use this snooping tool, too, but that's beside the point Security14 Mar 2024 | 21
LockBit ransomware kingpin gets 4 years behind bars Canadian-Russian said to have turned to a life of cybercrime during pandemic, now must pay the price – literally Cyber-crime14 Mar 2024 | 11
Google gooses Safe Browsing with real-time protection that doesn't leak to ad giant Rare occasion when you do want Big Tech to make a hash of it Personal Tech14 Mar 2024 | 14
International effort to disrupt cybercrime moves into operational phase Will the WEF experiment work? Cyber-crime14 Mar 2024 | 22
Poking holes in Google tech bagged bug hunters $10M A $2M drop from previous year. So … things are more secure? Security13 Mar 2024 | 4
Microsoft Copilot for Security prepares for April liftoff Automated AI helper intended to make security more manageable Security13 Mar 2024 | 22
Whizkids jimmy OpenAI, Google's closed models Infosec folk aren’t thrilled that if you poke APIs enough, you learn AI's secrets AI + ML13 Mar 2024 | 43
March Patch Tuesday sees Hyper-V join the guest-host escape club Patch Tuesday Critical bugs galore among 61 Microsoft fixes, 56 from Adobe, a dozen from SAP, and a fistful from Fortinet Patches13 Mar 2024 | 8
Biden's budget proposal boosts CISA funding to $3B Plus almost $1.5b for health-care cybersecurity Security12 Mar 2024 | 5
French government sites disrupted by très grande DDoS Russia and Sudan top the list of suspects Public Sector12 Mar 2024 | 7
White House and lawmakers increase pressure on UnitedHealth to ease providers' pain US senator calls cyber attack 'inexcusable,' calls for mandatory security rules Security12 Mar 2024 | 2
Kremlin accuses America of plotting cyberattack on Russian voting systems Don't worry, we have a strong suspicion Putin's still gonna win Security11 Mar 2024 | 48
AI models show racial bias based on written dialect, researchers find Those using African American vernacular more likely to be sentenced to death, if LLMs were asked to decide AI + ML11 Mar 2024 | 72
The S in IoT stands for security. You'll never secure all the Things Opinion All too many 'smart' devices are security stupid Edge + IoT09 Mar 2024 | 58
Microsoft confirms Russian spies stole source code, accessed internal systems Still 'no evidence' of any compromised customer-facing systems, we're told Cyber-crime08 Mar 2024 | 50
Font security 'still a Helvetica of a problem' says Australian graphics outfit Canva Who knew that unzipping a font archive could unleash a malicious file Security08 Mar 2024 | 38
Securing open source software: Whose job is it, anyway? CISA announces more help, and calls on app makers to step up CSO08 Mar 2024 | 21
Chrome users – get an alert when extensions are in danger of falling into wrong hands Under New Management is an early-warning system for potential poisoning of add-ons with malware Applications07 Mar 2024 | 22
Possible China link to Change Healthcare ransomware attack Alleged crim bought SmartScreen Killer, Cobalt Strike on dark-web markets Cyber-crime07 Mar 2024 | 3
The DMA hasn't changed Big Tech's anticompetitive DNA, says Free Software Foundation Europe Advocacy group wants more changes, starting with Device Neutrality Public Sector07 Mar 2024 | 1
VMware urges emergency action to blunt hypervisor flaws Critical vulns in USB under ESXi and desktop hypervisors found by Chinese researchers at cracking contest Virtualization07 Mar 2024 | 16
Lawsuit claims gift card fraud is the gift that keeps on giving, to Google Play Store commissions are a nice little earner, wherever they come from Cyber-crime07 Mar 2024 | 19
FBI: Critical infrastructure suffers spike in ransomware attacks Jump in overall cybercrime reports, $60M-plus reportedly lost to extortionists alone, Feds reckon CSO06 Mar 2024 | 4
Uncle Sam intervenes as Change Healthcare ransomware fiasco creates mayhem As the crooks behind the attack - probably ALPHV/BlackCat - fake their own demise Cyber-crime06 Mar 2024 | 6
Fidelity customers' financial info feared stolen in suspected ransomware attack Insurance giant blames Infosys, LockBit claims credit Cyber-crime05 Mar 2024 | 13
Cloudflare wants to put a firewall in front of your LLM Claims to protect against DDoS, sensitive data leakage Security05 Mar 2024 | 2
Change Healthcare attack latest: ALPHV bags $22M in Bitcoin amid affiliate drama No honor among thieves? Cyber-crime04 Mar 2024 | 7
Seoul accuses North Korea of stealing southern chipmakers' designs Kim Jong Un's all in for home-built silicon says warning Cyber-crime04 Mar 2024 | 1
Ahead of Super Tuesday, US elections face existential and homegrown threats Feature Misinformation is rife, AI makes it easier to create, and 42 percent of the planet’s inhabitants get to vote this year Security04 Mar 2024 | 68
Air National Guardsman Teixeira to admit he was Pentagon files leaker Updated Turns out bragging on Discord has unfortunate consequences Security01 Mar 2024 | 48
GitHub struggles to keep up with automated malicious forks Cloned then compromised, bad repos are forked faster than they can be removed Security01 Mar 2024 | 26
Turns out cops are super interested in subpoenaing suspects' push notifications Those little popups may reveal location, device details, IP address, and more Public Sector29 Feb 2024 | 10
Ransomware gangs are paying attention to infostealers, so why aren't you? Analysts warn of big leap in cred-harvesting malware activity last year Cyber-crime29 Feb 2024 | 2
Chinese PC-maker Acemagic customized its own machines to get infected with malware Tried to speed boot times, maybe by messing with 'Windows source code', ended up building a viral on-ramp Security29 Feb 2024 | 24
Australian spy chief fears sabotage of critical infrastructure And accuses a former Australian politician of having 'sold out their country' Cyber-crime29 Feb 2024 | 17
ALPHV/BlackCat claims responsibility for Change Healthcare attack Updated Brags it lifted 6TB of data, but let's remember these people are criminals and not worthy of much trust Cyber-crime29 Feb 2024 | 4
BEAST AI needs just a minute of GPU time to make an LLM fly off the rails Talk about gone in 60 seconds AI + ML28 Feb 2024 | 10
That home router botnet the Feds took down? Moscow's probably going to try again Non-techies told to master firmware upgrades and firewall rules. For the infosec hardheads: have some IOCs Security28 Feb 2024 | 36
Sandvine put on America's export no-fly list after Egypt used network tech for spying Canadian network box maker floats in denial CSO27 Feb 2024 | 11
Boffins caution against allowing robots to run on AI models Before building the Torment Nexus, consider the risks AI + ML27 Feb 2024 | 9
Cybercrims: When we hit IT, they sometimes pay, but when we hit OT... jackpot Analysis Or so says opsec firm, which confirms 70% of all industrial org ransomware in 2023 targeted manufacturers Cyber-crime27 Feb 2024 | 19
Broadcom builds a SASE out of VMware VeloCloud and Symantec First integration across properties, as end user compute division readies to leave home Security27 Feb 2024 | 8
China warns of fake digital currency wallets fleecing netizens Scammers' tactics are tiresomely familiar: get-rich-quick schemes and data harvesting Security27 Feb 2024 | 5
Russia's Cozy Bear dives into cloud environments with a new bag of tricks Kremlin's spies tried out the TTPs on Microsoft, and now they're off to the races Spotlight on Databases27 Feb 2024 | 4
Nevada sues to deny kids access to Meta's Messenger encryption State government says it's thinking of the children Security26 Feb 2024 | 37
ALPHV/BlackCat responsible for Change Healthcare cyberattack Updated US government's bounty hasn't borne fruit as whack-a-mole game goes on Security26 Feb 2024 | 2
Back from the dead: LockBit taunts cops, threatens to leak Trump docs Updated Officials have until March 2 to cough up or stolen data gets leaked Security26 Feb 2024 | 11
Security is hard because it has to be right all the time? Yeah, like everything else Systems Approach It takes only one bottleneck or single point of failure to ruin your week CSO25 Feb 2024 | 28
Some Intel Core chips keep crashing, game devs complain Oodles of problems with data decompression and suchlike, depending on system settings Personal Tech23 Feb 2024 | 25
U-Haul tells 67K customers that cyber-crooks drove away with their personal info Thieves broke into IT system using stolen login Cyber-crime23 Feb 2024 | 13
Google sends Gemini AI back to engineering to adjust its White balance Comment Big Tech keeps poisoning the well without facing any consequences for its folly AI + ML23 Feb 2024 | 50
Giant leak reveals Chinese infosec vendor I-Soon is one of Beijing's cyber-attackers for hire Trove reveals RATs that can pop major OSes, campaigns against offshore and local targets Security22 Feb 2024 | 8
Apple promises to protect iMessage chats from quantum computers Easy to defend against stuff that may never actually work – oh there we go again, being all cynical like Research21 Feb 2024 | 30
Orgs are having a major identity crisis while crims reap the rewards Hacking your way in is so 2022 – logging in is much easier Security21 Feb 2024 | 8
VMware takes a swing at Nutanix, Red Hat with KVM conversion tool Also urges customers to remove some of its software due to a critical vulnerability Virtualization21 Feb 2024 | 23
Election security threats in 2024 range from AI to … anthrax? Unsettling reading as Presidents' Day approaches Public Sector18 Feb 2024 | 39
How to weaponize LLMs to auto-hijack websites We speak to professor who with colleagues tooled up OpenAI's GPT-4 and other neural nets Research17 Feb 2024 | 24