CIA accused of illegally spying on Americans visiting Assange in embassy
Lawyers, journalists sue super-snoop agency and Spanish security biz
Security15 Aug 2022 | 6
Security
Dutch authorities arrest 29-year-old dev with suspected ties to Tornado Cash
The arrest comes days after US Treasury levies sanctions against the crypto mixing service
Cyber-crime15 Aug 2022 | 8
Indian military ready to put long-range quantum key distribution on the line
Local startup can make it happen over 150km
Security15 Aug 2022 | 1
Black Hat and DEF CON visitors differ on physical risk management
Black Hat COVID, flood surfing, crowds – what to pick?
Security15 Aug 2022 | 11
Elon Musk wrote article for China's internet regulator, hinted at aged care robots
Asia in Brief PLUS Vietnam's massive infosec push; Philippines telco fight; Australia dumps COVID app; and more
Security14 Aug 2022 | 31
Ukraine's cyber chief comes to Black Hat in surprise visit
Black Hat In Brief Tl;DR - the news isn't good
Security13 Aug 2022 | 6
Let there be ambient light sensing, without fear of data theft
Six years on web devs finally settle on sensor privacy defenses
Security13 Aug 2022 | 19
Palo Alto bug used for DDoS attacks and there's no fix yet
There goes the weekend...
Security12 Aug 2022 | 4
Starlink satellite dish cracked on stage at Black Hat
Black Hat Once the modchip plans are live, you can, too
Security12 Aug 2022 | 19
US reveals 'Target' pic of Conti man with $10m reward offer
Fashion Police chipping in on the bounty related to costliest strain of ransomware on record
Security12 Aug 2022 | 4
Microsoft trumps Google for 2021-22 bug bounty payouts
Another $13.7m handed out to researchers, but then again it does have an awful lot of attack surfaces
Security12 Aug 2022 | 5
Intel ups protection against physical chip attacks in Alder Lake
Black Hat Repurposes logic originally used for spotting variations in voltage, timing in older circuits to help performance
Security12 Aug 2022 | 4
Emergency services call-handling provider: Ransomware forced it to pull servers offline
Advanced's infrastructure still down and out, recovery to take weeks or more
Security12 Aug 2022 | 20
FAANGs failing on keeping user data safe from bug hunters
Black Hat Time to call in the legal team
Security12 Aug 2022 | 3
Higher risks and premiums are creating critical gap in cyber insurance
Black Hat Most organizations don’t have the financial resources necessary to address ransomware and other cyberattacks, BlackBerry says
Security11 Aug 2022 | 4
Security needs to learn from the aviation biz to avoid crashing
Black Hat video 'Until someone has to go to jail for doing it wrong the teeth are not going to be the same'
Security11 Aug 2022 | 84
Russian invasion has dangerously destabilized cyber security norms
Black Hat The inside scoop on the Ukrainian IT army, and what could happen next
Security11 Aug 2022 | 33
AWS and Splunk partner for faster cyberattack response
Black Hat OCSF initiative will give enterprise security teams an open standard for moving and analyzing threat data
Security11 Aug 2022 |
Ex-CIA security boss predicts coming crackdown on spyware
Black Hat video Plus, spoiler alert: ransomware is gonna get a lot worse
Security11 Aug 2022 | 1
Sonatype spots another PyPI package behaving badly
Identity of a real person was used to lend credence to a package that dropped cryptominer in memory
Cyber-crime11 Aug 2022 |
Popular
Linux 6.0 debuts, missing some Rusty bits and a magic mushroom reference
Don't read the diffstat too closely, says Linus Torvalds – it's mostly another massive AMD update
Nuclear power is the climate superhero too nervous to wear its cape
Opinion Of all the non-carbon energy options we have, this is the only one which can keep the lights on
Elon Musk wrote article for China's internet regulator, hinted at aged care robots
Asia in Brief PLUS Vietnam's massive infosec push; Philippines telco fight; Australia dumps COVID app; and more
Keep your cables tidy. You never know when someone might need some wine
Who, Me? Brute force and ignorance does not win the day
Meta's AI internet chatbot demo quickly starts spewing fake news and racist remarks
In brief Plus: How Google is using language models to improve search, and watch Heinz's AI ketchup advert
Your AI-generated digital artwork may not be protected by US copyright
Do we want to recognise machines as authors?
Apple says 2017 MacBooks don't have FlexGate defect. Aussie tribunal orders a fix anyway
Presiding officer was not impressed by Cupertino's arguments or behavior
Black Hat and DEF CON visitors differ on physical risk management
Black Hat COVID, flood surfing, crowds – what to pick?
AI could save future firefighters from deadly flashover explosions
NIST-led engineers are working on building a real-time alert system
Microsoft's Secure Boot fix sends some PCs into BitLocker Recovery
Have your BitLocker key handy when updating, but maybe not on a Post-it stuck to the screen, OK?
STORIES
Keeping the enemy at the gate
Stop ransomware with Zero Trust security networks in place
Webinar
Don't be surprised if your organization suffers multiple cyberattacks
Black Hat Failing to fix flaws, a crowded threat group scene, RaaS, and dependencies among crooks are fueling the trend
Security11 Aug 2022 | 5
Making the cloud a safer place with SANS
Get advice from experts on how to nail cloud native security in a multi-cloud world
Sponsored Post
Cisco admits corporate network compromised by gang with links to Lapsus$
Voice-phished their way in, but Switchzilla claims no damage done
Security11 Aug 2022 | 7
Meta privacy red team lead: Does your business know its privacy adversaries?
Black Hat Ethical hackers, but for privacy programs
Security11 Aug 2022 | 4
Boffins rate npm and PyPI package security and it's not good
Guess what? Open source security still has gaps
Security11 Aug 2022 | 15
Ex-CISA chief Krebs calls for US to get serious on security
Black Hat Black Hat kicks off with call for single infosec agency with real clout and less confused crossover
Security10 Aug 2022 | 10
As Black Hat kicks off, the US government is getting the message on hiring security talent
Black Hat Katie Moussouris tells it like it is
Security10 Aug 2022 | 10
Maui ransomware linked to North Korean group Andariel
Attack origins point to April 2021 first strike on Japanese target
Security10 Aug 2022 | 1
Google's bug bounty boss: Finding and patching vulns? 'Totally useless'
Disclosing exploits, however, will earn you $100k
Security10 Aug 2022 | 13
Cloudflare: Someone tried to pull the Twilio phishing tactic on us too
Attack was foiled by content delivery network's hardware security keys
Security10 Aug 2022 | 10
Businesses should dump Windows for the Linux desktop
Opinion It makes perfect sense for enterprises as well as enthusiasts. Just ask GitLab
Security10 Aug 2022 | 249
Patch Tuesday: Yet another Microsoft RCE bug under active exploit
Oh, and that critical VMware auth bypass vuln? Miscreants found it, too
Security09 Aug 2022 | 7
APIC fail: Intel 'Sunny Cove' chips with SGX spill secrets
AMD Zen chips, meanwhile, are vulnerable to side-channel data scrying
Security09 Aug 2022 | 1
Malicious deepfakes used in attacks up 13% from last year, VMware finds
Plus: Crooks swimming around your network, looking for a way in, says Incident Response Threat Report
Security09 Aug 2022 |
Microsoft's fix for 'data damage' risk hits PC performance
'AES-based operations might be two times slower' without latest updates
Security09 Aug 2022 | 23
Chinese scammers target kids with promise of extra gaming hours
Cyberspace regulator's fraud report finds all is not well behind the Great Firewall
Cyber-crime09 Aug 2022 | 5
China-linked spies used six backdoors to steal info from defense, industrial enterprise orgs
We're 'highly likely' to see similar attacks, Kaspersky warned
Security09 Aug 2022 | 6
US treasury whips up sanctions for crypto mixer Tornado Cash
Being the money launderer for North Korea’s Lazarus Group comes at a price
Cyber-crime08 Aug 2022 | 21
Twilio customer data exposed after its staffers got phished
Comms giant says several other firms targeted in 'sophisticated attack'
Cyber-crime08 Aug 2022 | 13
Microsoft tightens Edge security for less visited websites
We're pretty sure that doesn't mean it's safe to click on sketchy popups
Security08 Aug 2022 | 13
Slack leaked hashed passwords from its servers for years
Users who created shared invitation links for their workspace had login details slip out among encrypted traffic
Security08 Aug 2022 | 11
Dark Utilities C2 service draws thousands of cyber criminals
Nascent platform provides miscreants an easier and cheaper way to launch remote access, DDoS, and other attacks
Security08 Aug 2022 | 1
DuckDuckGo says Hell, Hell, No to those Microsoft trackers after web revolt
In brief Plus: That Twitter privacy leak, scammers send Ubers for victims, critical flaw in Cisco gear, and more
Security06 Aug 2022 | 38
Hi, I'll be your ransomware negotiator today – but don't tell the crooks that
Interview What it's like bargaining with criminals ... and advising clients suffering their worst day yet
CSO06 Aug 2022 | 41
Nomad to crypto thieves: Please give us back 90%, keep 10% as a reward. Deal?
The Feds may see things differently
Cyber-crime05 Aug 2022 | 17
Warning! Critical flaws found in US Emergency Alert System
DEF CON may be about to blow lid off security hole
Patches05 Aug 2022 | 14
Critical flaws found in four Cisco SMB router ranges – for the second time this year
At least Switchzilla thinks they're salvageable, unlike the boxes it ordered binned back in June
Security05 Aug 2022 | 14
Bloke robbed of $800,000 in cryptocurrency by fake wallet app wants payback from Google
I got played via the Play store
Cyber-crime04 Aug 2022 | 57
Taiwanese military reports DDoS in wake of Pelosi visit
Controversial visit to Taiwan continues to reverberate through cyberspace, the real world, and the semiconductor industry
Security04 Aug 2022 | 36
India scraps data protection law in favor of better law coming … sometime
Tech giants and digital rights groups didn't like it, but at least it was a law
Security04 Aug 2022 | 5
Student crashes Cloudflare beta party, redirects email, bags a bug bounty
Simple to exploit, enough to pocket $3,000
Research04 Aug 2022 | 8
UK Parliament bins its TikTok account over China surveillance fears
Plan to educate the children turned out to be a 'won't someone think of the children?' moment
Security04 Aug 2022 | 42
Solana, Phantom blame Slope after millions in crypto-coins stolen from 8,000 wallets
SOL holders literally S.O.L.
Cyber-crime04 Aug 2022 | 35
Microsoft widens enterprise access to its threat intelligence pool
Organizations can be more proactive in tracking threats, finding holes in their protection
Security03 Aug 2022 |
Ex-T-Mobile US store owner phished staff, raked in $25m from unlocking phones
That's just the tip of the iceberg – and now he faces potentially years in the clink
Cyber-crime03 Aug 2022 | 15
Sonatype shines light on typosquatting ransomware threat in PyPI
It's all fun and games until somebody gets their files encrypted
Security03 Aug 2022 | 7
You can’t choose when you’ll be hit by ransomware, but you can choose how you prepare
Without a road to recovery, you’re just going to be roadkill
Sponsored Feature
NortonLifeLock and Avast $8.6b deal gets provisional yes from UK regulator
Plus: Even market authorities can't seem to keep up with Microsoft's Defender branding
Security03 Aug 2022 | 6
Post-quantum crypto cracked in an hour with one core of an ancient Xeon
NIST's nifty new algorithm looks like it's in trouble
Research03 Aug 2022 | 82
Nancy Pelosi ties Chinese cyber-attacks to need for Taiwan visit
And as if to confirm the link, a DDoS takes out Taiwan's presidential website ahead of senior politico's arrival
Security03 Aug 2022 | 113
VMware patches critical 'make me admin' auth bypass bug, plus nine other flaws
Meanwhile, a security update for rsync
Patches03 Aug 2022 | 1
How a crypto bridge bug led to a $200m 'decentralized crowd looting'
Flash mob exploits Nomad's validation code blunder
Security02 Aug 2022 | 24
Robinhood's crypto unit hit with $30m fine over security, anti-crime misses
Updated And just lays off about a quarter of staff
CSO02 Aug 2022 | 4
How cybercrims embrace messaging apps to spread malware, communicate
Underground forums are so last year. Telegram, Discord offer better privacy, functionality to criminals, says Intel 471
Security02 Aug 2022 | 5
Bot army risk as 3,000+ apps found spilling Twitter API keys
Please stop leaving credentials where miscreants can find them
Security02 Aug 2022 | 18
Miscreants aim to cause Discord discord with malicious npm packages
LofyLife campaign comes amid GitHub security lockdown
Research02 Aug 2022 | 2
Charges filed over $300m 'textbook pyramid and Ponzi scheme' crypto startup
Financial watchdog accuses 11 of playing role in alleged scam
Cyber-crime02 Aug 2022 | 17
Defence against the dark arts of ransomware
Locking in safeguards against incursion with Rubrik Zero Trust Security
Webinar
Akamai: We stopped record DDoS attack in Europe
A 'sophisticated, global botnet' held an Eastern European biz under siege over 30 days
Cyber-crime01 Aug 2022 | 12
Spyware developer charged by Australian Police after 14,500 sales
Asia In Brief PLUS: India open to space tourism; China/Indonesia infosec pact; Paytm denies breach; Infosys dodges government again; and more
Security01 Aug 2022 | 2
Tim Hortons offers free coffee and donut to settle data privacy invasion claims
In brief Also, malicious VBA macros are out and container files are in, Robin Banks helps criminals rob banks, and more
Security30 Jul 2022 | 36
This is what to expect when a managed service provider gets popped
MSP should just stand for My Server's Pwned!
Cyber-crime30 Jul 2022 | 11
Feds put $10m bounty on Putin pal accused of bankrolling US election troll farm
Just in time for the midterms
Cyber-crime29 Jul 2022 | 54
Decentralized IPFS networks forming the 'hotbed of phishing'
P2P file system makes it more difficult to detect and take down malicious content
Security29 Jul 2022 | 23
BreachForums booms on the back of billion-record Chinese data leak
Plenty of recent users appear to be from China, and hoping for more leaks of local data
Security29 Jul 2022 |
Businesses confess: We pass cyberattack costs onto customers
Cover an average of $4.4 million per raid ourselves? No chance, mate
Security29 Jul 2022 | 21
US court system suffered 'incredibly significant attack' – sealed files at risk
Effects still being felt today across US government
Security29 Jul 2022 | 15
JPMorgan, UBS among trio accused of shoddy ID theft protection
SEC extracts pocket change from bankers, wags finger, sends them on their way
Cyber-crime28 Jul 2022 | 2
Suspected radiation alert saboteurs cuffed by cops after sensors disabled
You might say the police were in their element
Security28 Jul 2022 | 22
Google brings Street View back to India following 2016 ban
This time local companies provide the images and there's no mention of national security worries
Security28 Jul 2022 | 10
FileWave fixes bugs that left 1,000+ orgs open to ransomware, data theft
Internet-connected MDM instances, each with an 'unrestricted number' of managed devices, were vulnerable
Security27 Jul 2022 | 5
We're likely only seeing 'the tip of the iceberg' of Pegasus spyware use against the US
House intel chair raises snoop tool concerns as Google and others call for greater crack down
Security27 Jul 2022 | 19
US puts $10 million bounty on North Korean cyber-crews
Kim will be shaking in his shoes
Security27 Jul 2022 | 7
Apple network traffic takes mysterious detour through Russia
Land of Putin capable of attacking routes in cyberspace as well as real world
Security27 Jul 2022 | 30
AWS ups security for Elastic Block Store, Kubernetes service
Stretching its security software a bit further
Security27 Jul 2022 |
Knotweed Euro cyber mercenaries attacking private sector, says Microsoft
Reports seeing 'offensive actor' flinging SubZero malware
Security27 Jul 2022 | 4
Time from vulnerability disclosures to exploits is shrinking
Palo Alto Networks Unit 42 incident response team warns of patch speedups
Security27 Jul 2022 |
Weak data protection helped China attack US Federal Reserve, report says
Details of adversarial tradecraft detailed, includes many email accounts
Cyber-crime27 Jul 2022 | 2
IBM puts NIST’s quantum-resistant crypto to work in Z16 mainframe
Big Blue says it helped developed the algos, so knows what it's doing
Security27 Jul 2022 | 10
Vietnamese attacker circumvents Facebook security with ‘DUCKTAIL’ malware
Session cookies and 2FA subversion allow takeover of biz and ad accounts, lead to unauthorized ad buys
Research27 Jul 2022 | 8
Charter told to pay $7.3b in damages after cable installer murders grandmother
Broadband giant says it will appeal jury verdict in negligence case
Cyber-crime27 Jul 2022 | 83
Crypto exchange Kraken reportedly hunted by the Feds for alleged sanctions busting
Plus: Coinbase said to face SEC wrath, blockchain scam CEO admits using victims' millions to fund Hawaiian condo
Cyber-crime26 Jul 2022 | 10
Culture shock: Ransomware gang sacks arts orgs' email lists
Don't worry, the crooks totally deleted the data and promised not to use it for evil
Cyber-crime26 Jul 2022 | 4
Luca Stealer malware spreads rapidly after code handily appears on GitHub
Cool, another Rust project ... Oh
Security26 Jul 2022 | 3
With ransomware, the road to recovery starts well before you’re attacked
Learn how to orchestrate your survival strategy here
Webinar
Ransomware less popular this year, but malware up: SonicWall cyber threat report
Be ready for a rebound, and protect yourself with patching and segmentation
Security26 Jul 2022 | 1
Cyber security training to fit your summer plans
A flexible approach to cyber security training and certification from SANS & GIAC
Sponsored Post
LockBit ransomware gang claims it ransacked Italy’s tax agency
Miscreants boast of 78GB haul, officials say everything's fine
Security26 Jul 2022 | 7
Node.js prototype pollution is bad for your app environment
Boffins find common code constructs that may be exploitable to achieve remote code execution
Research25 Jul 2022 | 5
