An expert guide to securing APIs
Webinar How Web Application and API Protection (WAAP) can help you sleep at night
Webinar
Security
Noberus ransomware gets info-stealing upgrades, targets Veeam backup software
'One of the most dangerous and active malware developers operating at the moment'
Cyber-crime25 Sep 2022 | 6
Open up, it's the IRS. We're here about the crypto tax you dodged
'At least ten' people didn't declare coin income. Wow, what a bust
Cyber-crime23 Sep 2022 | 21
Significant customer data exposed in attack on Australian telco
Updated Subscribers have questions – like 'When were you going to tell us?'
Cyber-crime23 Sep 2022 | 9
Iran blocks Whatsapp, Instagram as citizens protest death of Mahsa Amini
Also: New 'magnet of threats' attackers and FBI has details on Iran's online incursion into Albania
Security23 Sep 2022 | 14
Keeping secrets safe off prem
Harness the power of hardware with Confidential Computing in the cloud
Webinar
Privacy watchdog steps up fight against Europol's hoarding of personal data
If you could stop storing records on people unconnected to any crimes, that would be great
Security23 Sep 2022 | 10
Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws
While issuing an emergency patch for Endpoint Configuration Manager
Cyber-crime22 Sep 2022 | 6
Cambodian authorities crack down on cyber slavery amid international pressure
Lured by fake jobs, victims are isolated abroad and forced to carry out crypto and romance scams, and more
Security22 Sep 2022 | 15
Fake sites fool Zoom users into downloading deadly code
Ah, the human touch
Security22 Sep 2022 | 5
Alert: 15-year-old Python tarfile flaw lurks in 'over 350,000' code projects
Oh cool, a 5,500-day security hole
Patches22 Sep 2022 | 53
San Francisco cops can use private cameras to live-monitor 'significant events'
All eyes on you, and you, and you
Security21 Sep 2022 | 22
Malwarebytes blocks Google, YouTube as malware
Updated Sounds like fair comment
Security21 Sep 2022 | 22
'I Don't Care About Cookies' extension sold to Avast
Users of cookie-warning-buster add-on already forking off due to privacy concerns
Security21 Sep 2022 | 22
WAAP it out for application security
APIs are everywhere, and WAAP can help you protect them
Webinar
ChromeLoader, what took you so long? Malvertising irritant now slings ransomware
Doesn't make cents, makes bigger bucks instead ... probably
Cyber-crime21 Sep 2022 | 10
Look who's fallen foul of Europe's data retention rules. France and Germany
'Indiscriminate' preemptive harvesting of personal info a big no-no. What a novel concept
Security21 Sep 2022 | 12
USA adds two more Chinese carriers to 'probably a national security threat' list
Pacific Network Corp and China Unicom join the likes of Huawei, Hytera, Hikvision on list of dangerous suppliers
Security21 Sep 2022 | 5
Crypto biz Wintermute loses $160m in cyber-heist, tells us not to stress out
The other Tessier-Ashpool AIs are surely disappointed
Cyber-crime20 Sep 2022 | 10
Meta, Twitter, Apple, Google urged to up encryption game in post-Roe America
Tech giants 'throwing their users to the wolves'
Security20 Sep 2022 | 14
Popular
Noberus ransomware gets info-stealing upgrades, targets Veeam backup software
'One of the most dangerous and active malware developers operating at the moment'
Ethereum Merge signals end of GPU shortage, but not necessarily high prices
Analysis What a mine field
Girls Who Code book series banned in some US classrooms
Culture wars may have come to gentle tales of tweens enjoying friends, fun, and programming
PC component scavenging queue jumper pulled into line with a screensaver
Who, Me? Fake BSOD became tool of revenge when a staffer ignored the sensible rules of seniority
India seeks verified IDs to register email accounts
Asia In Brief PLUS: Warnings on Chinese payment schemes; AWS brushes up its Cantonese; Hong Kong ponders digital dollar; and more!
Linus Torvalds predicts Linux Kernel 6.0 debut next week, dispels fear of delays
Hails unusually smooth development process despite travel complications
Rust is eating into our systems, and it's a good thing
Opinion Language wars, huh, what are they good for?
Darth Vader voice actor James Earl Jones allows AI to take over the role
Ukrainian outfit Respeecher's GAN-based neural audio enhancer embraces The Dark Side
AI won't take coders' jobs. Humans still rule for now
In brief Plus: ML career help, OpenAI releases free speech-recognition model, and more news
Alibaba Cloud reveals billion dollar 'ecosystem upgrade'
It's mostly a channel program with a fancy name, plus more outposts
STORIES
Uber explains how it was pwned this month, points finger at Lapsus$ gang
From annoying MFA alerts to 'several internal systems' infiltrated
CSO19 Sep 2022 | 27
Been hit by LockerGoga ransomware? A free fix is now out
Software nasty used to cause hundreds of millions of dollars in damages, cops say
Security19 Sep 2022 | 2
Grand Theft Auto 6 maker confirms source code, vids stolen in cyber-heist
So is that three or four stars?
Cyber-crime19 Sep 2022 | 22
GPT-3 'prompt injection' attack causes bad bot manners
In Brief Also, EA goes kernel-deep to stop cheaters, PuTTY gets hijacked by North Korea, and more.
Security19 Sep 2022 | 9
Indonesia accuses Google of abusing monopoly
Asia In Brief PLUS: Qualys CEO says APAC has infosec advantages; Singapore's Sea ebbs in Americas; Toshiba's tepid takeover update; and more
CSO19 Sep 2022 | 4
Can reflections in eyeglasses actually leak info from Zoom calls? Here's a study into it
About time someone shone some light onto this
Research17 Sep 2022 | 66
School chat app Seesaw abused to send 'inappropriate image' to parents, teachers
This is why we don't reuse passwords, kids
Cyber-crime16 Sep 2022 | 24
Turbo boost your career in cyber security
Access free SANS course demos to find out just how much you can learn
Sponsored Post
Eastern European org hit by second record-smashing DDoS attack
Cough, cough, U, cough, kraine
Security16 Sep 2022 | 7
China can destroy US space assets, Space Force ops nominee warns
Wants swarms of small satellites that are harder to destroy – and outsourcing to improve cybersecurity
Security16 Sep 2022 | 27
Uber reels from 'security incident' in which cloud systems seemingly hijacked
Updated AWS and G Suite admin accounts likely popped, HackerOne bug bounty page hit, and more
Cyber-crime16 Sep 2022 | 44
Ex-Broadcom engineer asks for house arrest over IP theft
Updated Admits guilt, but claims he took files to jog his memory, afraid he'd not keep up with 'younger engineers'
Cyber-crime15 Sep 2022 | 20
Building the barricades against identity-based attacks
Join our webinar to hear more about the value of Zero Trust unified identity protection platforms
Webinar
Iran steps up its cybercrime game and Uncle Sam punches back
Criminal charges, more sanctions, and a $10m bounty, oh my
Cyber-crime15 Sep 2022 | 13
WordPress-powered sites backdoored after FishPig suffers supply chain attack
And two other security snafus in this web publishing world
Patches15 Sep 2022 | 18
White House to tech world: Promise you'll write secure code – or Feds won't use it
Developers, why not simply build flawless software, thus solving all our vulnerability worries
Security14 Sep 2022 | 37
Nearly one in two industry pros scaled back open source use over security fears
Log4j being the main driver, this data science poll claims
CSO14 Sep 2022 | 17
Google and Meta fined over $70m for privacy violations in Korea
Both search giant and Facebook parent claim they play by the rules, will challenge decision
Security14 Sep 2022 | 4
Ransomware gang threatens 1m-plus medical record leak
Criminals continue to target some of the most vulnerable
Cyber-crime14 Sep 2022 | 4
Twitter whistleblower Zatko disses bird site as dysfunctional data dump
Mudge tells senators his former bosses are 'terrified' of the French, US regulators are toothless
CSO14 Sep 2022 | 38
Microsoft fixes Windows security hole likely widely exploited by miscreants
Patch Tuesday Plus: Nasty no-auth RCE in TCP/IP stack, Adobe flaws, and many more updates
Patches13 Sep 2022 | 14
Patch your Mitel VoIP systems, Lorenz ransomware gang is back on the prowl
Criminals do love that unpatched VoIP and IoT kit
Security13 Sep 2022 | 2
How to get inside the mind of hackers
Spanish speaking SANS experts can help the LATAM cyber community detect and respond to attacks
Sponsored Post
One month after Black Hat disclosure, HP's enterprise kit still unpatched
What could go wrong with leaving firmware open after world's biggest hacker convention talk?
Security13 Sep 2022 | 12
Cisco: Yes, Yanluowang leaked our data. No, it's not serious
Everything's fine!
Security13 Sep 2022 | 4
Chinese-linked cyber crims nab $529 million from Indian nationals
Authorities also bust a shell company scam operation with links to the Middle Kingdom
Security13 Sep 2022 | 6
Musk seeks yet another excuse to get out of Twitter buyout: This time it's Mudge's severance check
If at first you don't succeed...
CSO13 Sep 2022 | 54
Apple patches iPhone and macOS flaws under active attack
High-value targets tend to get hit
Security12 Sep 2022 | 13
Google Cloud closes $5.4b Mandiant acquisition
Now it's really got all eyes on you
Security12 Sep 2022 | 9
Security pros get ability to manually add incidents to Microsoft Sentinel
*Tappity tappity* Yes the NSA's on the phone. Well maybe the automated log check didn't pick it up yet, Chad!
Security12 Sep 2022 |
Boffins build microphone safety kit to detect eavesdroppers
TickTock mic lock won't work on Apple
Security12 Sep 2022 | 20
Retbleed slugs VM performance by up to 70 percent in kernel 5.19
VMware ran tests and saw some nasty numbers. Performance of next kernel otherwise uncontroversial
Security12 Sep 2022 | 25
Uncle Sam sanctions Iran's intel agency over Albanian cyberattack
Iranians won't be terrified, but US vendors need to check their customers
Security10 Sep 2022 | 10
Shape-shifting cryptominer savages Linux endpoints and IoT
In brief Also, Authorities seize WT1SHOP selling 5.8m sets of PII, The North Face users face tough security hike
Security10 Sep 2022 | 10
Data tracking poses a 'national security risk' FTC told
'We're making China's job easier'
Security09 Sep 2022 | 31
Feds freeze $30m in cryptocurrency stolen from Axie Infinity
But the North Korean criminals are still over half a billion digicash dollars up
Security09 Sep 2022 | 15
Meta disbands Responsible Innovation team, spreads it out over Facebook and co
Still unclear: Were members just screaming into a void for the past few years?
Security09 Sep 2022 | 20
US seeks standards dominance, lets Huawei access previously forbidden crypto tech
Beijing thinks standards should include central network controls. Washington does not
Security09 Sep 2022 | 16
Dump these small-biz routers, says Cisco, because we won't patch their flawed VPN
Nothing like an authentication bypass for your private IPSec network
CSO08 Sep 2022 | 56
Mandiant ‘highly confident’ foreign cyberspies will target US midterm elections
It is with a heavy heart that we must announce that the hackers are at it again
Security08 Sep 2022 | 14
Google urges open source community to fuzz test code
We'll even get our checkbook out, web giant says
Patches08 Sep 2022 | 10
Private equity suits at Thoma Bravo pull out of Darktrace acquisition
'Enterprise immune system' sees share price slump
Security08 Sep 2022 | 7
Lazarus Group unleashed a MagicRAT to spy on energy providers
Cisco finds custom malware in North Korea's latest cyberespionage effort
Security08 Sep 2022 |
Halfords slapped on wrist for breaching email marketing laws
Bike and car accessory slinger fined £30,000 for hitting send on more than 499k unsolicited emails
Security08 Sep 2022 | 39
DoJ charges pair over China-linked attempt to build semi-autonomous crypto haven on nuked Pacific atoll
Yes, that’s a lot to digest: Marshall Islands legislators allegedly bribed to make it possible
Cyber-crime08 Sep 2022 | 21
US school year opens with reading, writing, and ransomware
FBI warns that Vice Society threat group is ramping up attacks on the education sector
Cyber-crime07 Sep 2022 | 8
Mandiant links APT42 to Iranian 'terrorist org'
'It's hard to imagine a more dangerous scenario,' Mandiant Intel VP told The Reg
Research07 Sep 2022 | 27
Cybercriminals target games popular with kids to distribute malware
Kaspersky research finds Minecraft and Roblox have the most malicious files associated with them
Security07 Sep 2022 |
As Cybersecurity Week begins, Beijing claims US attacked Uni doing military research
National Security Agency apparently has tools that crack Solaris boxes
Security07 Sep 2022 | 11
Pakistan politicians label government cybersecurity team 'incompetent'
MP alleges taxpayer database – which holds personal info on millions – has come under attack
Security07 Sep 2022 | 9
Go programming language arrives at security warnings that are useful
Low-noise tool hopes to highlight vulnerabilities imported into projects
Patches06 Sep 2022 | 6
Cyberattack brings down InterContinental Hotels' booking systems
Online booking systems and other services knocked offline amid network intrusion
Cyber-crime06 Sep 2022 | 16
Ransomware gang hits second-largest US school district
Updated FBI and CISA on-site to assist with incident response over Labor Day weekend
Security06 Sep 2022 | 4
Newly discovered cyberspy crew targets Asian governments and corporations
Worok uses mix of publicly available tools, custom malware to steal info, gang active since 2020
Security06 Sep 2022 |
Unhappy about excluding nation-state attacks from cyberinsurance? Get ready to pay
Lloyd's defends stance as critics say policy tweaks make it less worthwhile to spend on premiums
Security06 Sep 2022 | 23
Maximum protection against hostile incursions
Want to hear more about the critical role of identity in Zero Trust security? Join our webinar on 20th September
Webinar
NATO investigates after criminals claim to be selling its stolen missile plans
In brief Also, Microsoft’s one-click TikTok trick, a 14-year old Aussie cracks ASD encryption in an hour, and more
Security05 Sep 2022 | 16
Nadine Dorries promotes 'Brexit rewards' of proposed UK data protection law
Culture secretary talks up pre-Commons reading as UK waits to hear who new leader will be
CSO05 Sep 2022 | 163
Microsoft mistakenly rated Chromium, Electron as malware
Windows Defender update fixed the mess after a weekend of false positive weirdness
Security05 Sep 2022 | 26
China orders tech companies to 'improve traceability' of users to control 'rumours and false information'
PLUS: Australia mints a physical crypto-coin; Alibaba Cloud claims world's biggest DC; India’s space airbags; and more
Security05 Sep 2022 | 3
Google, YouTube ban election trolls ahead of US midterms
Plus: Truth Social barred from Play until it shows just one iota of decency
Security02 Sep 2022 | 78
Convicted felon busted for 3D printing gun parts
Just days after US rules tackling homemade firearms take effect
Cyber-crime02 Sep 2022 | 66
Revealed: US telcos admit to storing, handing over location data
Letters to FCC confirm what many believed, don't address a bigger problem
Security02 Sep 2022 | 14
Indian court directs chat app Telegram to disclose details of copyright infringers
Judge says that servers being located in Singapore is not a get-out clause
Security02 Sep 2022 | 8
Ex-NSA trio who spied on Americans for UAE now banned from arms exports
From hero to zero-day ... to plain zero
Cyber-crime02 Sep 2022 | 9
Here's how 5 mobile banking apps put 300,000 users' digital fingerprints at risk
Spoiler: They used hard-coded AWS credentials
Security01 Sep 2022 | 53
Oh no, that James Webb Space Telescope snap might actually contain malware
Is nothing sacred?
Research01 Sep 2022 | 25
LabMD gets another shot at defamation claim against 'extortionate' infosec biz
But keep your attorney on a 'short leash' against Tiversa, court warns
Security01 Sep 2022 | 4
FBI: Look out, crooks stole $1.3b in cryptocurrency in just three months this year
DeFi, as in, defying belief
Cyber-crime01 Sep 2022 | 9
Decisions on health data sharing should not be taken by politicians, citizen juries find
Britain's National Data Guardian report also warns NHS needs to earn people’s trust, support for controversial data platform
Security31 Aug 2022 | 10
China-linked APT40 gang targets wind farms, Australian government
ScanBox installed after victims lured to fake Murdoch news sites with phishing emails
Cyber-crime31 Aug 2022 | 7
Find a security hole in Google's open source and you could bag a $31,337 reward
Will it be enough to prevent the next software supply-chain attack?
Research30 Aug 2022 | 5
That 'clean' Google Translate app is actually Windows crypto-mining malware
Ah, nothing like a classic Trojan horse
Cyber-crime30 Aug 2022 | 20
Google Play to ban Android VPN apps from interfering with ads
Developers say this is not the privacy protection it's made out to be
Security30 Aug 2022 | 39
Critical hole in Atlassian Bitbucket allows any miscreant to hijack servers
Grab and deploy this backend update if you offer even repo read access
Patches29 Aug 2022 | 6
77% of security leaders fear we’re in perpetual cyberwar from now on
In brief Also, Charming Kittens from Iran scrape email inboxes, France could fine Google again, and more
CSO27 Aug 2022 | 32
PyPI warns of first-ever phishing campaign against its users
On the bright side, top devs are getting hardware security keys
Cyber-crime26 Aug 2022 | 5
Now Oktapus gets access to some DoorDash customer info via phishing attack
Double check who exactly you're sending your username and password to, eh?
Cyber-crime26 Aug 2022 | 8
Twilio, Cloudflare just two of 135 orgs targeted by Oktapus phishing campaign
Updated This, this is more like what we mean by a sophisticated cyberattack
CSO25 Aug 2022 | 6
LastPass source code, blueprints stolen by intruder
Your passwords are still safe, biz says
Security25 Aug 2022 | 47
