AI amplifies systemic risk to financial sector, says India's Reserve Bank boss Who also worries misinformation on social media could threaten liquidity AI + ML15 Oct 2024 | 5
China again claims Volt Typhoon cyber-attack crew was invented by the US to discredit it Enough with the racist-sounding 'dragons' and 'pandas', Beijing complains – then points the finger at koalas Cybersecurity Month15 Oct 2024 | 11
US healthcare org admits up to 400,000 people's personal info was snatched It waited till just before Columbus Day weekend to make mandated filing, but don't worry, we saw it Cybersecurity Month14 Oct 2024 | 3
Leveraging AI/ML for next-gen SOC environments Sponsored Post Technologies that help SOCs detect, analyze, and respond to emerging threats faster and more accurately Sponsored Post
Trump campaign arms up with 'unhackable' phones after Iranian intrusion Florida man gets his hands on 'the best ever' Cybersecurity Month14 Oct 2024 | 86
Thousands of Fortinet instances vulnerable to actively exploited flaw No excuses for not patching this nine-month-old issue Cybersecurity Month14 Oct 2024 | 8
How to head off data breaches with CIAM Let Okta lift the lid on customer identity in this series of webinars Sponsored Post
Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption With an off-the-shelf D-Wave machine, but only against very short keys Cybersecurity Month14 Oct 2024 | 20
Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between Reading, writing, and cyber mayhem, amirite? Cybersecurity Month13 Oct 2024 | 30
US and UK govts warn: Russia scanning for your unpatched vulnerabilities in brief Also, phishing's easier over the phone, and your F5 cookies might be unencrypted, and more Security12 Oct 2024 | 10
INC ransomware rebrands to Lynx – same code, new name, still up to no good Researchers point to evidence that scumbags visited the strategy boutique Cybersecurity Month11 Oct 2024 | 10
US lawmakers seek answers on alleged Salt Typhoon breach of telecom giants Cyberspies abusing a backdoor? Groundbreaking Cyber-crime11 Oct 2024 | 10
RAC duo busted for stealing and selling crash victims' data Roadside assistance biz praised for deploying security monitoring software and reporting workers to cops Security11 Oct 2024 | 21
Keir Starmer hands ex-Darktrace boss investment minister gig What's harder? Convincing people to invest in a beleaguered security business or a tiny island everybody hates? Public Sector11 Oct 2024 | 52
FBI created a cryptocurrency so it could watch it being abused It worked – alleged pump and dump schemers arrested in UK, US and Portugal this week Cybersecurity Month11 Oct 2024 | 50
Healthcare attacks spread beyond US – just ask India's Star Health Updated Acknowledges bulk customer data leak weeks after Telegram channels dangled it online Cyber-crime11 Oct 2024 | 1
Crooks stole personal info of 77k Fidelity Investments customers But hey, no worries, the firm claims no evidence of data misuse Cyber-crime10 Oct 2024 | 2
Fore-get about privacy, golf tech biz leaves 32M data records on the fairway Researcher spots 110 TB of sensitive info sitting in unprotected database Cybersecurity Month10 Oct 2024 | 36
CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame Usual three-week window to address significant risks to federal agencies applies Cybersecurity Month10 Oct 2024 |
One-year countdown to 'biggest Ctrl-Alt-Delete in history' as Windows 10 approaches end of support Microsoft's hardware compatibility gamble still hasn't paid off
WordPress saga escalates as WP Engine plugin forcibly forked and legal letters fly WP Engine seems to be excluded from sponsoring events, too
Compression? What's that? And why is the network congested and the PCs frozen? Who, Me? The only thing worse than a Reply All storm is a Send All storm
Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption With an off-the-shelf D-Wave machine, but only against very short keys
Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between Reading, writing, and cyber mayhem, amirite?
Smart homes may be a bright idea, just not for the dim bulbs who live in 'em Opinion How many Reg hacks does it take to change a light fitting...?
Trump campaign arms up with 'unhackable' phones after Iranian intrusion Florida man gets his hands on 'the best ever'
Indonesia orders Apple, Google to take down Chinese bargain app Temu Plus: Infosys stops sending job offer emails; Singtel outage; Australia to require ransomware payment reveals
Thousands of Fortinet instances vulnerable to actively exploited flaw No excuses for not patching this nine-month-old issue
Mozilla patches critical Firefox vuln that attackers are already exploiting Firefixed: It's maintenance time for low-complexity, high-impact security flaw Cybersecurity Month10 Oct 2024 | 25
How to enable secure use of AI Let the SANS AI Toolkit promote secure and responsible use of AI tools in the workplace Sponsored Post
How should CISOs respond to the rise of GenAI? Apply comprehensive security with access control, secure coding, infrastructure protection and AI governance Partner Content
Dutch cops reveal takedown of 'world's largest dark web market' Two arrested after allegedly trying to make off with their ill-gotten gains Cybersecurity Month10 Oct 2024 | 15
Internet Archive user info stolen in cyberattack, succumbs to DDoS 31M folks' usernames, email addresses, salted-encrypted passwords now out there Cybersecurity Month10 Oct 2024 | 22
Moscow-adjacent GoldenJackal gang strikes air-gapped systems with custom malware USB sticks help, but it's unclear how tools that suck malware from them are delivered Cybersecurity Month09 Oct 2024 | 22
Smart TVs are spying on everyone Regulators know this is a nightmare and have done little to stop it. Privacy advocacy group wants that to change Cybersecurity Month09 Oct 2024 | 124
Marriott settles for a piddly $52M after series of breaches affecting millions Intruders stayed for free on the network between 2014 and 2020 Cyber-crime09 Oct 2024 | 9
National Public Data files for bankruptcy, admits 'hundreds of millions' potentially affected One-man-band faces a mountain of lawsuits but has few assets Cyber-crime09 Oct 2024 | 64
Microsoft cleans up hot mess of Patch Tuesday preview Go forth and install your important security fixes Cybersecurity Month09 Oct 2024 | 5
Ransomware gang Trinity joins pile of scumbags targeting healthcare As if hospitals and clinics didn't have enough to worry about Cybersecurity Month09 Oct 2024 | 6
Microsoft issues 117 patches – some for flaws already under attack Patch Tuesday Plus: SAP re-patches a failed patch for critical-rated flaw Cybersecurity Month08 Oct 2024 | 6
Qualcomm urges device makers to push patches after 'targeted' exploitation Given Amnesty's involvement, it's a safe bet spyware is in play Patches08 Oct 2024 |
Using iPhone Mirroring at work? You might have just overshared to your boss What does IT glimpse but a dating app on your wee little screen Software08 Oct 2024 | 26
Happy birthday, Putin – you've been pwned Pro-Ukraine hackers claim credit for Russian state broadcasting shutdown Security08 Oct 2024 | 79
Google brings better bricking to Androids, to curtail crims Improved security features teased in May now appearing around the world Cybersecurity Month08 Oct 2024 | 23
Feds reach for sliver of crypto-cash nicked by North Korea's notorious Lazarus Group A couple million will do for a start … but Kim's crews are suspected of stealing much more Cybersecurity Month08 Oct 2024 | 2
American Water rinsed in cyber attack, turns off app Updated It's still safe to drink, top provider tells us Cybersecurity Month07 Oct 2024 | 12
Cops love facial recognition, and withholding info on its use from the courts Withholding exculpatory evidence from suspects isn't a great look when the tech is already questionable Security07 Oct 2024 | 22
Chinese cyberspies reportedly breached Verizon, AT&T, Lumen Salt Typhoon may have accessed court-ordered wiretaps and US internet traffic Security07 Oct 2024 | 6
Embattled users worn down by privacy options? Let them eat code Opinion Struggle ye not with cookies, lest ye become a cookie monster Security07 Oct 2024 | 66
Ryanair faces GDPR turbulence over customer ID checks Irish data watchdog opens probe after 'numerous complaints' Security05 Oct 2024 | 69
UK's Sellafield nuke waste processing plant fined £333K for infosec blunders Radioactive hazards and cyber failings ... what could possibly go wrong? Cybersecurity Month05 Oct 2024 | 21
About a quarter million Comcast subscribers had their data stolen from debt collector Cable giant says ransomware involved, FBCS keeps schtum Cybersecurity Month04 Oct 2024 | 6
Visit CyberThreat 2024 to hone your cybersecurity skills Get together with the European cybersecurity community at a two-day conference in London this December Sponsored Post
Harvard duo hacks Meta Ray-Bans to dox strangers on sight in seconds 'You can build this in a few days – even as a very naïve developer' Cybersecurity Month04 Oct 2024 | 114
Big brands among thousands infected by payment-card-stealing CosmicSting crooks Updated Gangs hit 5% of all Adobe Commerce, Magento-powered stores, Sansec says Cybersecurity Month04 Oct 2024 | 6
Average North American CISO pay now $565K, mainly thanks to one weird trick Best way to boost your package is to leave, or pretend to Cybersecurity Month03 Oct 2024 | 12
Two British-Nigerian men sentenced over multimillion-dollar business email scam Fraudsters targeted local government, colleges, and construction firms in Texas and North Carolina Cybersecurity Month03 Oct 2024 | 13
Ransomware crew infects 100+ orgs monthly with new MedusaLocker variant Exclusive Crooks 'like a sysadmin, with a malicious slant' Cybersecurity Month03 Oct 2024 | 3
Brits hate how big tech handles their data, but can't be bothered to do much about it Managing the endless stream of cookie banners leaves little energy for anything else Cybersecurity Month03 Oct 2024 | 38
700K+ DrayTek routers are sitting ducks on the internet, open to remote hijacking With 14 serious security flaws found, what a gift for spies and crooks Cybersecurity Month02 Oct 2024 | 21
Two simple give-me-control security bugs found in Optigo network switches used in critical manufacturing Poor use of PHP include() strikes again Cybersecurity Month02 Oct 2024 | 4
NIST's security flaw database still backlogged with 17K+ unprocessed bugs. Not great Logjam 'hurting infosec processes world over' one expert tells us as US body blows its own Sept deadline Cybersecurity Month02 Oct 2024 | 8
'Patch yesterday': Zimbra mail servers under siege through RCE vuln Attacks began the day after public disclosure Cybersecurity Month02 Oct 2024 | 5
The fix for BGP's weaknesses has big, scary, issues of its own, boffins find Bother, given the White House has bet big on RPKI – just like we all rely on immature internet infrastructure that usually works Security02 Oct 2024 | 9
Euro cops arrest 4 including suspected LockBit dev chilling on holiday And what looks like proof stolen data was never deleted even after ransom paid Cybersecurity Month01 Oct 2024 | 15
Evil Corp's deep ties with Russia and NATO member attacks exposed Ransomware criminals believed to have taken orders from intel services Cyber-crime01 Oct 2024 | 9
NCA unmasks man it suspects is both 'Evil Corp kingpin' and LockBit affiliate Aleksandr Ryzhenkov alleged to have extorted around $100M from victims, built 60 LockBit attacks Cybersecurity Month01 Oct 2024 |
Australian e-tailer digiDirect customers' info allegedly stolen and dumped online Full names, contact details, and company info – all the fixings for a phishing holiday Cybersecurity Month01 Oct 2024 |
Rackspace internal monitoring web servers hit by zero-day Exclusive Intruders accessed machines via tool bundled with ScienceLogic, 'limited' info taken, customers told not to worry Cybersecurity Month30 Sep 2024 | 10
Ransomware forces hospital to turn away ambulances Only level-one trauma unit in 400 miles crippled Cybersecurity Month30 Sep 2024 | 19
T-Mobile US to cough up $31.5M after that long string of security SNAFUs At least seven intrusions in five years? Yeah, those promises of improvement more than 'long overdue' CSO30 Sep 2024 | 4
If you're holding important data, Iran is probably trying spearphish it It's election year for more than 50 countries and the Islamic Republic threatens a bunch of them Cyber-crime30 Sep 2024 | 6
Remote ID verification tech is often biased, bungling, and no good on its own Only 2 out of 5 tested products were equitable across demographics Public Sector30 Sep 2024 | 10
Cloud threats have execs the most freaked out because they're not prepared Ransomware? More like 'we don't care' for everyone but CISOs Research30 Sep 2024 | 3
AI code helpers just can't stop inventing package names LLMs are helpful, but don't use them for anything important AI + ML30 Sep 2024 | 64
Forget the Kia Boyz: Crooks could hijack your car with just a smartphone Infosec In Brief Plus: UK man charged with compromising firms for stock secrets; ransomware actor foils self; and more Security30 Sep 2024 | 17
Binance claims it helped to bust Chinese crypto scam app in India ASIA IN BRIEF Plus: SpaceX plans Vietnam investment; Yahoo! Japan content moderation secrets; LG offloads Chinese display factory; and more Cyber-crime30 Sep 2024 | 5
Red team hacker on how she 'breaks into buildings and pretends to be the bad guy' Interview Alethe Denis exposes tricks that made you fall for that return-to-office survey Cybersecurity Month29 Sep 2024 | 68
Feds charge 3 Iranians with 'hack-and-leak' of Trump 2024 campaign Snoops allegedly camped out in inboxes well into September Cyber-crime27 Sep 2024 | 12
Recall the Recall recall? Microsoft thinks it can make that Windows feature palatable AI screengrab service to be opt-in, features encryption, biometrics, enclaves, more OSes27 Sep 2024 | 119
Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud Defenders beware: Data theft, extortion, and backdoors on Storm-0501's agenda Research27 Sep 2024 | 6
Patch now: Critical Nvidia bug allows container escape, complete host takeover 33% of cloud environments using the toolkit impacted, we're told Patches26 Sep 2024 | 16
HPE patches three critical security holes in Aruba PAPI More 9.8 bugs? Ay, papi! Patches26 Sep 2024 | 1
That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking of devices Final update No patches yet, can be mitigated, requires user interaction Security26 Sep 2024 | 104
Victims lose $70K to one single wallet-draining app on Google's Play Store Attackers got 10K people to download 'trusted' web3 brand cheat before Mountain View intervened Cyber-crime26 Sep 2024 | 22
Public Wi-Fi operator investigating cyberattack at UK's busiest train stations Updated See it, say it… not sorted just yet as network access remains offline Cyber-crime26 Sep 2024 | 62
UK government's bank data sharing plan slammed as 'financial snoopers' charter' Access to account info needed to tackle benefit fraud, latest bill claims Security26 Sep 2024 | 145
WordPress.org denies service to WP Engine, potentially putting sites at risk Updated That escalated quickly Software26 Sep 2024 | 58
China's Salt Typhoon cyber spies are deep inside US ISPs Updated Expecting a longer storm season this year? Networks25 Sep 2024 | 4
RansomHub genius tries to put the squeeze on Delaware Libraries Extorting underfunded public services for $1M isn't a good look Cyber-crime25 Sep 2024 | 5
China claims Taiwan, not civilians, behind web vandalism Taipei laughs it off – and so does Beijing, which says political slurs hit sites nobody reads anyway Cyber-crime25 Sep 2024 | 2
CrowdStrike apologizes to Congress for 'perfect storm' that caused global IT outage Argues worse could happen if it loses kernel access Security25 Sep 2024 | 29
Who’s watching you the closest online? Google, duh Four Chocolate Factory trackers cracked the Top 25 in all regions Security24 Sep 2024 | 16
Russia's digital warfare on Ukraine shows no signs of slowing: Malware hits surge Severe incidents may be down, but Putin had to throw one in for good measure Cyber-crime24 Sep 2024 | 9
10 nasty software bugs put thousands of fuel storage tanks at risk of cyberattacks Thousands of devices remain vulnerable, US most exposed to the threat Security24 Sep 2024 | 18
How to spot a North Korean agent before they get comfy inside payroll Mandiant publishes cheat sheet for weeding out fraudulent IT staff Cyber-crime24 Sep 2024 | 19
Some US Kaspersky customers find their security software replaced by 'UltraAV' Back story to replacement for banned security app isn't enormously reassuring Security24 Sep 2024 | 38
Telegram will now hand over IP addresses, phone numbers of suspects to cops Maybe a spell in a French cell changed Durov's mind Personal Tech23 Sep 2024 | 36
'Cybersecurity issue' takes MoneyGram offline for three days – and counting Still no ‘R’ word, but smells like ransomware from here Cyber-crime23 Sep 2024 | 6
Necro malware continues to haunt side-loaders of dodgy Android mods Updated 11M devices exposed to trojan, Kaspersky says Cyber-crime23 Sep 2024 | 2
US proposes ban on Chinese, Russian connected car tech over security fears No room for your spy mobiles on our streets Software23 Sep 2024 | 28
So how's Microsoft's Secure Future Initiative going? 34,000 engineers pledged to the cause, but no word on exec pay Security23 Sep 2024 | 7
UPS supplier's password policy flip-flops from unlimited, to 32, then 64 characters That 'third party' person sure is responsible for a lot of IT blunders, eh? Security23 Sep 2024 | 38
Move over, Cobalt Strike. Splinter’s the new post-exploit menace in town No malware crew linked to this latest red-teaming tool yet Research23 Sep 2024 |
Apple's latest macOS release is breaking security software, network connections Infosec In Brief PLUS: Payer of $75M ransom reportedly identified; Craigslist founder becomes security philanthropist, and more Security23 Sep 2024 | 22
US indicts two over socially engineered $230M+ crypto heist Just one victim milked of nearly a quarter of a billion bucks Cyber-crime20 Sep 2024 | 26
Ivanti patches exploited admin command execution flaw Fears over chained attacks affecting EOL product Patches20 Sep 2024 | 8