Cloudflare finds a way through China's network defences
Teams with locals to allow consistent security policy to make it through the Great Firewall
Security30 Nov 2022 |
Security
Criminals use trending TikTok challenge to make data-stealing malware invisible
PSA: Don't download unknown apps even if they promise naked people
Security29 Nov 2022 | 4
Lockheed Martin's Army cyber training platform goes civilian
Army civilian employees, that is, but aerospace biz says it could be used in the private sector, too
Security29 Nov 2022 | 1
The five cyber attack techniques of the apocalypse
Webinar Watch SANS experts discuss some of the most devious and dangerous methods employed by hackers in 2022
Webinar
Sandworm gang launches Monster ransomware attacks on Ukraine
The RansomBoggs campaign is the Russia-linked group’s latest assault on the smaller country
Security29 Nov 2022 | 13
International cops arrest hundreds of fraudsters, money launderers and cocaine kingpins
$155,000-a-month lifestyle ends in cuffs for suspected crim
Security29 Nov 2022 | 23
Blockchain couldn't stop TXT spam in India, regulator now trying AI
Maybe – just maybe – messages and calls from +91 might become more trustworthy
Security29 Nov 2022 | 11
Windows Server domain controllers may stop, restart after recent updates
Microsoft outlines a workaround while pulling together a fix to LSASS memory leak
Patches28 Nov 2022 | 18
Want to boost your cyber security skills by playing games this Christmas?
Register for this free SANS Holiday Hack Challenge to find out how
Sponsored Post
US bans Chinese telecoms imports – won't even consider authorizing them
Part bureaucratic box ticking, part crackdown that makes even Wi-Fi routers and smartphones off limits
Security27 Nov 2022 | 19
How advances in email encryption bring all-out security success
Listen in to our webinar on 30th November to find out
Webinar
Guess the most common password. Hint: We just told you
In brief Also, Another red team tool at risk of turning to the darkside, and Meta catches the US military behaving badly
CSO25 Nov 2022 | 108
Elon Musk to abused Twitter users: Your tormentors are coming back
Promises restoration of suspended accounts, despite previous pledge to do no such thing
Security25 Nov 2022 | 429
UK bans Chinese CCTV cameras on 'sensitive' government sites
Updated Agencies told to rip 'em off core networks and replace 'em whenever and wherever possible
Security25 Nov 2022 | 80
Meta links US military to fake social media influence campaigns
Didn't say they were good, though – covert ops apparently got 'little to no engagement' from targets
Research24 Nov 2022 | 20
European Parliament Putin things back together after cyber attack
DDoS started not long after Russia was declared a state sponsor of terrorism
Cyber-crime24 Nov 2022 | 55
Still using a discontinued Boa web server? Microsoft warns of supply chain attacks
Flaws in the open-source tool exploited – and India's power grid was a target
Research23 Nov 2022 | 10
'Pig butchering' romance scam domains seized and slaughtered by the Feds
'We allege these fraudsters bled dry each of their victims' of $10m
Security23 Nov 2022 | 13
DraftKings gamblers lose $300,000 to credential stuffing attack
Users of the sports betting site rolled the dice on reusing passwords and lost
Security22 Nov 2022 | 15
AWS fixes 'confused deputy' vulnerability in AppSync
Datadog security researchers found the flaw before miscreants did
Security22 Nov 2022 |
Popular
Epson zaps lasers into oblivion, in the name of the environment
Inkjet is the future, claims Japanese printer maker
Man wins court case against employer that fired him for not liking boozy, forced 'fun' culture
You gotta fight... for your right... to not be an idiot
'What's the point of me being in my office, just because they want to see me in the office?'
Workers ignoring calls to get back in swivel chair. Plus: more UK orgs sign up for 4-day work week
Spooky entanglement revealed between quantum AI and the BBC
Opinion QC: Still not actually useful, but it's increasingly intriguing
RIP Fred 'Mythical Man-Month' Brooks: IBM guru of software project management
Obit Turing Award winner who helped spread the eight-bit byte
Windows Server domain controllers may stop, restart after recent updates
Microsoft outlines a workaround while pulling together a fix to LSASS memory leak
Musk: Twitter will have 1 billion monthly users inside 18 months
Meanwhile reports say more ad buyers are staying away
Telecoms networks could provide next-gen GPS services without the need for satellites
Decimeter-level uncertainty, sub-nanosecond time synchronization – but what happens when there's no signal?
US chip war could hurt the West as Beijing moves to ramp up its own industry
Nine Chinese semiconductor companies have had IPO applications approved
Meta fined $275m after data-scraping fiasco leaked 533m Facebook users' profiles
Irish eyes aren't smiling
STORIES
Microsoft's attempts to harden Kerberos authentication broke it on Windows Servers
Emergency out-of-band updates to the rescue
Patches21 Nov 2022 | 36
World Cup phishing emails spike in Middle Eastern countries
That's where the money is
Security21 Nov 2022 | 6
US offshore oil and gas installation at 'increasing' risk of cyberattack
GAO says 2010 Deepwater Horizon disaster will look like a walk in the park
Cyber-crime21 Nov 2022 | 7
Cyber security pros: move to the next level next year
SANS’ 2023 cyber security training conferences provide the springboard to a new set of skills
Sponsored Post
Google looking outside the usual channels to fix security skills gap
'If your input continues to be monoculture, you can expect the same outcomes'
Security20 Nov 2022 | 25
Serendipitous discovery nets security researcher $70k bounty
In brief Also, a phishing gang goes Royal, while another employee at Snowden's old haunt gets caught nabbing data
Security20 Nov 2022 | 10
Hive ransomware crooks extort $100m from 1,300 global victims
FBI, CISA sound the alarm and detail IOCs
Security18 Nov 2022 | 4
Hardware-assisted encryption of data in use gets confidential
Our poll reveals how much organisations rely on the compliant storage and hosting sensitive data in their data centres
Reader Survey Results
Z-Library operators arrested, charged with criminal copyright infringement
There's a legal line between book borrowing and piracy
Cyber-crime18 Nov 2022 | 57
Israel sets robotic target-tracking turrets in the West Bank
Military says they'll save lives on both sides as tensions escalate
Security18 Nov 2022 | 88
Security firms hijack New York trees to monitor private workforce
Employee management tech raises eyebrows in the Big Apple
Security17 Nov 2022 | 57
Google wins lawsuit against alleged Russian botnet herders
Judge tells tale of two men, their lawyer, and a 'willful campaign... to mislead the court'
Cyber-crime17 Nov 2022 | 7
Notorious Emotet botnet returns after a few months off
And it's been sending out hundreds of thousands of malicious emails a day
Cyber-crime17 Nov 2022 | 3
Iranian cyberspies exploited Log4j to break into a US govt network
It's the gift to cybercriminals that keeps on giving
Security16 Nov 2022 | 8
Germany says nein to Qatari World Cup spyware, err, apps
Norway, France also sound data privacy alarms
Security16 Nov 2022 | 38
WASP malware stings Python developers
Info-stealing trojan hides in malicious PyPI packages on GitHub
Research16 Nov 2022 | 8
Cloud vendors should take some responsibility for stolen compute, says Canalys CEO
Canalys Forums APAC Crypto winter also attributed to semiconductor slumps in recent quarters
Cyber-crime16 Nov 2022 | 5
Swiss bankers warn: Three quarters of retail Bitcoin investors are in the red
Little fish lured into the market help whales cash out
Security16 Nov 2022 | 70
Boosting telcos’ 5G cyber resilience
ZTE reveals its open, transparent approach to minimizing cyber security risks in telecommunications networks
Sponsored Feature
Eggheads show how network flaw could lead to NASA crew pod loss. Key word: Could
Houston, we have a PCspooF problem
Security15 Nov 2022 | 23
Shocker: EV charging infrastructure is seriously insecure
What did we learn from the IoT days? Apparently nothing.
Security15 Nov 2022 | 40
Securing the mail
Making the business case for email encryption
Webinar
Country that still uses fax machines wants to lead the world on data standards at G7
Aiming for somewhere between US 'Wild West' and EU's strict GDPR
Security15 Nov 2022 | 35
Data sovereignty and compliance need help
It’s a critical issue which our poll suggests influences the choice of on and off prem hosting platforms
Reader Survey Results
Russia-based Pushwoosh tricks US Army and others into running its code – for a while
Updated Russian data trackers … what could possibly go wrong?
Security15 Nov 2022 | 20
GitHub sets up private vulnerability reports for public repos to avoid 'naming and shaming'
No need for ignominy when a flaw is found
Security14 Nov 2022 | 5
Another crypto shocker: Major player actually corrects $400m mistake instead of cratering
Fellow crypto-exchange Gate.io spots error, returns funds
Security14 Nov 2022 | 29
Australia to 'stand up and punch back' against cyber crims
Creates 100-strong squad comprising cops and spooks with remit to disrupt ransomware ops
Cyber-crime14 Nov 2022 | 27
LockBit suspect cuffed after ransomware forces emergency services to use pen and paper
In Brief Plus: CISA has a flowchart for patching, privacy campaign goes after face search engine
Cyber-crime12 Nov 2022 | 12
World Cup apps pose a data security and privacy nightmare
Unless you're fine with Qatar snoops remotely accessing your phone
Security11 Nov 2022 | 61
NSA urges orgs to use memory-safe programming languages
C/C++ on the bench, as US snoop HQ puts its trust in Rust, C#, Go, Java, Ruby, Swift
Security11 Nov 2022 | 149
Europe calls for joint cyber defense to ward off Russia
EC veep: 'Cyber is the new domain in warfare'
CSO11 Nov 2022 | 9
Australia blames Russia for harboring health insurance hackers
Crims accessed 10 million customer records and are releasing intimate medical details
Cyber-crime11 Nov 2022 | 21
Instagram star gets 11 years for $300m email scam plot
Hushpuppi swaps private jet, Dubai penthouse for prison duds and $1.7m to victims
Cyber-crime10 Nov 2022 | 33
Husband and wife nuclear warship 'spy' team get 20 years each
The Toebbes tried selling US Navy secrets, but handed them right to the FBI
Cyber-crime10 Nov 2022 | 27
Twitter CISO flies the coop
As social media giant grapples with Musk takeover, a safe pair of hands reaches for the door
Security10 Nov 2022 | 47
A roadmap to better cyber security training
SANS courses show you what’s useful and NICE
Sponsored Post
Windows breaks under upgraded IceXLoader malware
We're the malware of Nim!
Security10 Nov 2022 | 13
Wells Fargo, Zelle slammed by Liz Warren over rampant online banking fraud
Customers 'more than twice' as likely to be hit by scams, says Dem Senator
Cyber-crime09 Nov 2022 | 34
VMware warns of three critical holes in remote-control tool
Anyone can pretend to be your Windows IT support and take command of staff devices
Patches09 Nov 2022 |
Microsoft squashes six security bugs already exploited in the wild
Patch Tuesday Plus: Fixes from Intel, AMD, Citrix and more
Patches09 Nov 2022 | 5
Swiss Re wants government bail out as cybercrime insurance costs spike
Giant forecasts premiums rising to $23b by 2025
Security08 Nov 2022 | 33
Robin Banks crooks back at the table with fresh phish from Russia
Phishing-as-a-service group's toolset now includes ways to get around MFA
Research08 Nov 2022 | 1
Experian, T-Mobile US settle data spills for mere $16m
Two breaches: one in 2012, another in 2015 – saw 18m folks' records stolen
Cyber-crime08 Nov 2022 | 4
FBI: Russian hacktivists achieve only 'limited' DDoS success
OK, so you've got a botnet. That don't impress me much
Cyber-crime08 Nov 2022 | 6
Feds find Silk Road thief's $1b+ Bitcoin stash in popcorn tin, hidden safe
Uncle Sam follows the money ... all the way to a single-board computer
Cyber-crime07 Nov 2022 | 50
All the US midterm-related lies to expect when you're electing
Don't like the results? The election must have been rigged
Research07 Nov 2022 | 149
Microsoft hits the switch on password-free smartphone authentication
No more MF phish on this MFA cellphone as Azure AD CBA + YubiKey hits preview
Security07 Nov 2022 | 23
Oh, look: More malware in the Google Play store
in brief Also, US media hit with JavaScript supply chain attack, while half of govt employees use out-of-date mobile OSes
Research07 Nov 2022 | 25
Can confidential computing stop the next crypto heist?
Tech giants and startups hype next big thing in security
Cyber-crime07 Nov 2022 | 18
Japan officially joins NATO's cyber defense center
Already red-teaming and blue teaming in the international Locked Shields contest every year
Cyber-crime07 Nov 2022 | 4
China is likely stockpiling and deploying vulnerabilities, says Microsoft
Increase in espionage and cyberattacks since law requiring vulnerabilities first be reported to Beijing
Security07 Nov 2022 | 37
Red Cross seeks digital equivalent of its emblems to mark some tech as off-limits in war
Suggests tweaks to IP semantics as one way to identify protected tech and traffic
Security07 Nov 2022 | 25
Breached health insurer won't pay ransom to protect customers, warns of more attacks
Australia's Medibank uses a government-approved Band-Aid to cover a gaping 10-milion-record wound
Cyber-crime07 Nov 2022 | 14
SolarWinds reaches $26m settlement with shareholders, expects SEC action
One 8-K filing, two bombshells
Cyber-crime04 Nov 2022 | 14
Double-check demand payment emails from law firms: Convincing fakes surface
Crimson Kingsnake impersonates legit attorneys, fakes email threads from your colleagues in far-reaching BEC campaign
Research04 Nov 2022 | 15
French-speaking voleurs stole $30m in 15-country bank, telecoms cyber-heist spree
Smooth 'OPERA1ER' hit orgs around the world over four or more years
Cyber-crime04 Nov 2022 | 10
Multi-factor auth fatigue is real – and it's why you may be in the headlines next
Analysis Overwhelmed by waves of push notifications, worn-down users inadvertently let the bad guys in
Security03 Nov 2022 | 88
International summit agrees crack down on crypto to combat ransomware
Commitments include international wallet info sharing, KYC requirements, and an AML crackdown
Security03 Nov 2022 | 20
Royal Mail customer data leak shutters online Click and Drop
Customers complain of exposed order info, multiple charges — but still no postage
Security03 Nov 2022 | 25
US Treasury thwarts DDoS attack from Russian Killnet group
Yet another pathetic 'stunt' from pro-Kremlin criminals
Cyber-crime02 Nov 2022 | 5
Ransomware cost US banks $1.2 billion last year
Up 188% on 2020 but could be because financial institutions were encouraged to report incidents
Cyber-crime02 Nov 2022 | 2
Former Apple worker pleads guilty to $17m mail and wire fraud charges
Nefarious schemes included harvesting motherboard components and selling them back to Apple
Cyber-crime02 Nov 2022 | 12
Ritz cracker giant settles bust-up with insurer over $100m+ NotPetya cleanup
Deal could 'upend the entire cyber-insurance ecosystem and make it almost impossible to get meaningful cyber coverage'
CSO02 Nov 2022 | 57
Dropbox admits 130 of its private GitHub repos were copied after phishing attack
Personal info and data safe, stolen code not critical, apparently
Cyber-crime01 Nov 2022 | 2
OpenSSL downgrades horror bug after week of panic, hype
Relax, there's more chance of Babbage coming back to life to hack your system than this flaw being exploited
Patches01 Nov 2022 | 3
Government by Gmail catches up with UK minister... who is reappointed anyway
Home Secretary 'nominally in charge' of nation's security apologizes for breach of tech protocols
Security01 Nov 2022 | 156
Kioxia warns of potential cost of US chip policy over China
Nice NAND industry you have there, would be a shame if something happened to it
Security01 Nov 2022 | 10
German cops arrest student suspected of running infamous dark-web souk
Deutschland im Deep Web destroyed
Cyber-crime01 Nov 2022 | 11
Unofficial fix emerges for Windows bug abused to infect home PCs with ransomware
Broken code signature? LGTM, says Microsoft OS
Patches01 Nov 2022 | 17
India's Home Ministry cracks down on predatory lending apps following suicides
Local media say they're China backed, Ministry only mentions organized crime
Cyber-crime01 Nov 2022 | 4
Education tech giant gets an F for security after sensitive info on 40 million users stolen
Chegg it out: Four blunders in four years
CSO31 Oct 2022 | 6
The White House's global ransomware summit couldn't come at a better time
As cyber threats ramp up, businesses and organizations will be hoping for more than platitudes
Security31 Oct 2022 |
Ordinary web access request or command to malware?
Cranefly group unleashes nasty little technique using Microsoft Internet Information Services (IIS) logs
Research31 Oct 2022 | 4
Apple patches actively exploited iPhone, iPad kernel vulns
In brief Plus: Misconfigured server leaks Thomson Reuters data; VMware patches critical flaw in retired software; MalwareBytes apologies for a hoodie
Security31 Oct 2022 | 8
Indian government creates body with power to order social media content takedowns
Asia In Brief PLUS: China’s digital currency surges; Infosys tax portals wobble again; Singapore crypto protections; and more
Security30 Oct 2022 | 2
This Windows worm evolved into slinging ransomware. Here's how to detect it
Raspberry Robin hits 1,000 orgs in just one month
Research28 Oct 2022 | 12
Federal bans aren't stopping US states from buying forbidden Chinese kit
Report claims thousands of orgs are still happily writing checks
Security28 Oct 2022 | 26
Biden now wants to toughen up chemical sector's cybersecurity
Control panels facing the internet? Data stolen? You gotta keep an ion this stuff
CSO27 Oct 2022 | 6
The point solution IAM evolution under reform
A consolidation of IAM tools, suppliers and managed services providers is changing the default approach
Sponsored Feature
Biting the hand that feeds IT
