Suspect in Finnish psychotherapy center blackmail hack arrested Suomi sentence expected for shrink records theft Security08 Feb 2023 | 6
Eurocops shut down Exclu encrypted messaging app, arrest dozens German and Dutch authorities say the app was a favorite of organized criminals and drug smugglers Security07 Feb 2023 | 33
Embarrassment as US cyber ambassador's Twitter account is hacked 'Perils of the job' we're told Security06 Feb 2023 | 9
Here's a list of proxy IPs to help block KillNet's DDoS bots Put pro-Putin bots on the do not call list Security06 Feb 2023 | 6
Trust, not tech, is holding back a safer internet Opinion Excuse me, citizen, did you packet this data yourself? CSO06 Feb 2023 | 56
School laptop auction devolves into extortion allegation Also: Atlassian says Jira has a 9.4 severity bug and the TSA issues milquetoast no-fly list security advisory Security06 Feb 2023 | 52
Ransomware scum launch wave of attacks on critical, but old, VMWare ESXi vuln You’ve had almost two years to patch and some of the software is EOL, now attackers déployer un rançongiciel Security06 Feb 2023 | 15
Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears From frameworks to new federal offices it's time to get busy Security05 Feb 2023 | 26
Iran crew stole Charlie Hebdo database, says Microsoft Same gang pestered US voters during 2020 presidential election Cyber-crime04 Feb 2023 | 7
HeadCrab bots pinch 1,000+ Redis servers to mine coins We devoting full time to floating under /etc Security04 Feb 2023 | 8
Fast-evolving Prilex POS malware can block contactless payments ... forcing users to insert their cards into less-secure PIN systems Research03 Feb 2023 | 15
Guy accused of wrecking crypto exchange now hauled into court Mango Markets still offline for now ... but v4 comeback release looms Cyber-crime03 Feb 2023 | 14
Another RAC staffer nabbed for storing, sharing car crash data Once is an accident. Twice is coincidence. Surely there won't be a third for roadside assistance biz Security03 Feb 2023 | 35
LockBit brags it pumped ION full of ransomware Crims put a February 4 deadline for software slinger to pay up Cyber-crime03 Feb 2023 | 3
Chinese surveillance balloon over US causes fearful gasbagging Updated Floats over missile silos, shooting it down ruled more dangerous than whatever it's up to Security03 Feb 2023 | 128
Former Ubiquiti dev pleads guilty in data theft and extortion case Nickolas Sharp now faces up to 35 years in prison Cyber-crime03 Feb 2023 | 4
Malvertising attacks are distributing .NET malware loaders The campaign illustrates another option for miscreants who had relied on Microsoft macros Research02 Feb 2023 | 7
Super Bock says 'cyber' nasty 'disrupting computer services' Portugal's biggest exporter of beer warns of restrictions to supply chain Cyber-crime02 Feb 2023 | 12
Google boosts bounties for open source flaws found via fuzzing Max reward per project integration is now $30k Security01 Feb 2023 | 2
Microsoft sweeps up after breaking .NET with December security updates XPS doc display issues fixed – until the next patch, at least Patches01 Feb 2023 | 3
Mozilla, like Google, is looking ahead to the end of Apple's WebKit rule Updated Work on a Gecko-based version of Firefox for iOS is underway, again
Surprise! China's top Android phones collect way more info Best to revisit that plan to bring home a cheap OnePlus, Xiaomi, Oppo, or Realme handset from your holiday
Take the morning off because Outlook has already We're down to Microsoft 364 again by first week of February
Warning: Microsoft Teams Free (classic) will be gone in 2 months You may have already known this... but did you know you'll lose data migration unless you switch to paid?
Here's a list of proxy IPs to help block KillNet's DDoS bots Put pro-Putin bots on the do not call list
Power grid worries force Amazon to run Oregon datacenters using fuel cells And not the green hydrogen kind
Google unleashes fightback against ChatGPT, a Bard by any other name Competition for AI-powered search between Microsoft and Google heats up
China’s Baidu reveals generative AI chatbot based on language model bigger than GPT-3 Probably bilingual bot will be called ERNIE outside China, Wenxin Yiyan within
Attackers abuse Microsoft’s 'verified publisher' status to steal data Malicious OAuth apps were the tickets into victims' systems Security01 Feb 2023 | 7
Microsoft upgrades Defender to lock down Linux gear for its own good Ballmer thought this kernel was cancer, Nadella may disagree Security31 Jan 2023 | 27
Amid FTX's burning wreckage, Japan outpost promises asset withdrawals in February Well what do you know – plenty of hard-nosed regulation by central authorities actually protected investors Cyber-crime31 Jan 2023 | 10
South Korea makes crypto crackdown a national justice priority It's listed alongside issues like tackling gang violence, drugs, and sex crimes Cyber-crime31 Jan 2023 | 2
Chromebook SH1MMER exploit promises admin jailbreak Schools' laptops are out if this one gets around, tho beware bricking Security30 Jan 2023 | 14
The wages of sin aren't that great if you're a developer choosing the dark side Salary report shows OKish pay, plus the possibility of getting ripped off and the whole prison thing Cyber-crime30 Jan 2023 | 18
Gootloader malware updated with PowerShell, sneaky JavaScript Perhaps a good time to check for unwelcome visitors Cyber-crime30 Jan 2023 | 5
JD Sports admits intruder accessed 10 million customers' data No payment details exposed in breach, says retailer, but shoppers told to be 'vigilant about potential scams' Cyber-crime30 Jan 2023 | 25
Gee, tanks: Russian hackers DDoS Germany for aiding Ukraine in brief Also: a week of leaks; Riot Games says 'LoL' to source code ransom demands; and Yandex source also appears online Security30 Jan 2023 | 12
Mon Dieu! Suspected French ShinyHunters gang member in the dock Man seized in Morocco is now presumably sleepless in Seattle Cyber-crime28 Jan 2023 | 6
Microsoft to enterprises: Patch your Exchange servers If you want to keep the miscreants out, put the updates in, Redmond says Patches28 Jan 2023 | 14
Uncle Sam slaps $10m bounty on Hive while Russia ban-hammers FBI, CIA New meaning to sweetening the pot Cyber-crime27 Jan 2023 | 5
Savvy cybersecurity pros benefit from host of free resources to step up fight against hackers and cyber threats Sign up to SANS Institute to keep up to speed with all aspects of the fast-evolving infosec sector Sponsored Post
UK Cyber Security Centre's scary new story: One phish, two phish, Russia phish, Iran phish Nice people on LinkedIn want to harvest logins from politicians, boffins, and defense types Cyber-crime27 Jan 2023 | 10
Google slays thousands of fake news vids posted by pro-China group Dragonbridge If you yell 'death to America' and no one watches the video, does it make a sound? Security27 Jan 2023 | 13
FBI smokes ransomware Hive after secretly buzzing around gang's network for months Uncle Sam doles out decryption keys to 300+ victims amid sting op Cyber-crime26 Jan 2023 | 3
Bloke allegedly stole, sold private info belonging to 'tens of millions' globally If true, was it worth the $500k and prison jumpsuit? Cyber-crime26 Jan 2023 | 7
Months after NSA disclosed Microsoft cert bug, datacenters remain unpatched You know when we all said quit using MD5? We really meant it CSO26 Jan 2023 | 3
Microsoft closes another door to attackers by blocking Excel XLL files from the internet More of them used by baddies since Redmond blocked VBA macros Research25 Jan 2023 | 6
Cybersecurity professionals upskill in Brazil and Mexico SANS Institute meets fast-growing demand for cyber security training in Latin America Sponsored Post
Go to security school, GoTo – theft of encryption keys shows you need it Ongoing probe into cloud storage attack finds customer data exfiltrated Security25 Jan 2023 | 49
Logfile management is no fun. Now it's a nightmare thanks to critical-rated VMware flaws You know the drill: patch before criminals use these bugs in vRealize to sniff your systems Patches25 Jan 2023 |
FBI catches up with infosec and crypto communities, blames Lazarus Group for $100 million heist Well played, feds. What's next? Ransomware is rampant? Strong passwords are important? Cyber-crime25 Jan 2023 | 3
Apple emits emergency patch for older iPhones after snoops pounce on WebKit hole Also: Yay for Data Privacy Day! Security24 Jan 2023 | 14
Fujitsu: Quantum computers no threat to encryption just yet Heavily hyped tech bound for some sort of milestone by decade end Security24 Jan 2023 |
Microsoft took its macros and went home, so miscreants turned to Windows LNK files Adapt or die Research23 Jan 2023 | 6
US authorities release asylum seekers after leaking their data online In brief Also: US terrorist no-fly list found left on unsecured server, Russian dark web drug markets go to war Security23 Jan 2023 | 4
India floats plan to make big tech pay for news, walks back government censorship Asia In Brief PLUS: Taiwan’s new supercomputer; China-linked cybercrims strike; Australian content clampdown; and more Security23 Jan 2023 | 2
Ireland’s privacy watchdog fines WhatsApp €5.5 million You’ve got 6 months to get into compliance, it tells yak-yak app Security20 Jan 2023 | 5
Miscreants sure do love ransacking cloud networks, more so than before Thanks for putting all your data in one basket CSO20 Jan 2023 | 9
Happy Lunar New Year: Beijing warns of enhanced surveillance during celebrations Censors are on the lookout for showering under a waterfall of money, overeating, and more conventional sins Security20 Jan 2023 | 8
Crims steal data on 40 million T-Mobile US customers Sixth snafu in five years? Crooks have this useless carrier on speed dial Cyber-crime20 Jan 2023 | 12
PayPal says crooks poked around 35,000 accounts in credential stuffing attack That passwordless option is looking really good right about now Security19 Jan 2023 | 14
Finally, ransomware victims are refusing to pay up Near 50% drop in extorted dosh ... or so it says here Cyber-crime19 Jan 2023 | 18
University of Texas latest US school to ban TikTok Great, now staff and students can stop scrolling and get back to work Security19 Jan 2023 | 27
Mailchimp 'fesses up to second digital burglary in five months Social engineering helped intruders break into customers' inboxes again Cyber-crime19 Jan 2023 | 11
Ransomware severs 1,000 ships from on-shore servers Get your eyepatch out: Cyber attacks on the high seas are trending Cyber-crime19 Jan 2023 | 24
Thousands of Sophos firewalls still vulnerable out there to hijacking Updated As hundreds of staff axed this week Security18 Jan 2023 | 3
Period-tracking apps, search engines on notice by draft law And no more geofencing around health clinics either Security18 Jan 2023 | 9
Been hit by BianLian ransomware? Here's your get-out-of-jail-free card Avast issues a free decryptor so victims can get their data back Security18 Jan 2023 | 3
Russian criminals can't wait to hop over OpenAI's fence, use ChatGPT for evil Scriptkiddies rush to machine intelligence to make up for lack in skills Security18 Jan 2023 | 10
Nearly 300 MSI motherboards will run any old code in Secure Boot, no questions asked Updated 'I believe they made this change deliberately' claims researcher Security17 Jan 2023 | 13
Microsoft locks door to default guest authentication in Windows Pro Bringing OS version into sync with Enterprise and Education editions CSO17 Jan 2023 | 23
Crypto exchanges freeze accounts tied to North Korea’s notorious Lazarus Group Well whaddya know, the crypto ecosystem did the right thing by stiffing the WannaCry bandits Cyber-crime17 Jan 2023 | 11
Tencent fired 100 people for corruption during 2022 A couple have already been jailed, others shown the door for embezzling or arranging sham contracts Security17 Jan 2023 | 7
For password protection, dump LastPass for open source Bitwarden Opinion After the security breach last summer, staying put is playing with fire Cyber-crime16 Jan 2023 | 131
China aims to grow local infosec industry by 30 percent a year, to $22 billion by 2025 Optimistically suggests international collaboration – including on standards – will help it get there Government Tech Week16 Jan 2023 | 9
NSA asks Congress to let it get on with that warrantless data harvesting, again In brief Also: That Pokemon is actually a RAT, Uncle Sam fails a password audit Security14 Jan 2023 | 24
Russians say they can grab software from Intel again And Windows updates from Microsoft, too Patches14 Jan 2023 | 52
Canadian owes bosses for 'time theft' after work-tracking app sinks tribunal bid She hoped to score thousands but laptop app had other ideas Security13 Jan 2023 | 35
Microsoft Defender ASR rules strip icons, app shortcuts from Taskbar, Start Menu Happy Friday 13th sysadmins! Techies find workarounds but Redmond still 'investigating' Security13 Jan 2023 | 40
Long data privacy notices aren't foolproof, Euro watchdog tells Meta As Meta reels from €390 million EU fine, the 'personalized ads' case might not be over, Max Schrem’s legal group says Security13 Jan 2023 | 4
This can’t be a real bomb threat: You've called a modem, not a phone On-Call Security was nonetheless very, very, interested in hearing this comms engineer tell his tale Security13 Jan 2023 | 178
Euro-cops shut down crypto scam that bilked millions from unwitting punters If the investment opportunity sounds too good to be true … Security13 Jan 2023 | 26
Microsoft fumbles zero trust upgrade for some Asian customers Enhanced access privileges for partners choke on double-byte characters, contribute to global delays Security13 Jan 2023 | 4
Lawyers slam SEC for 'blatant fishing expedition' after Exchange mega-attack Not a 'whiff of wrongdoing' here, says attorney now fighting off Uncle Sam Security12 Jan 2023 | 4
VALL-E AI can mimic a person’s voice from a three-second snippet Are you really saying what I’m hearing? Security12 Jan 2023 | 17
US think tank says China would probably lose if it tries to invade Taiwan But even a short conflict would wreck the economy, which would be bad news for semiconductor supplies Government Tech Week12 Jan 2023 | 60
Royal Mail, cops probe 'cyber incident' that's knackered international mail Final update Don't go postal and call it a cyberattack because nobody knows (yet) what knocked out key system Cyber-crime11 Jan 2023 | 57
AI-generated phishing emails just got much more convincing Did a criminally minded robot write this? In part, yes. Security11 Jan 2023 | 31
Microsoft fixes Windows database connections it broke in November January Patch Tuesday update resolves issue caused by Patch Tuesday update late in '22 Patches11 Jan 2023 | 3
German cartel watchdog objects to the way Google processes user data Not transparent, not specific, and too easy to say yes to Security11 Jan 2023 | 16
Swiss Army's Threema messaging app was full of holes – at least seven At least the penknives are still secure Security11 Jan 2023 | 17
Health insurer Aflac blames US partner for leak of Japanese cancer policy info Zurich’s Japanese outpost also leaks a couple of million records Cyber-crime11 Jan 2023 | 2
Privacy on the line: Boffins break VoLTE phone security Call metadata can be ferreted out Security11 Jan 2023 | 24
First Patch Tuesday of the year explodes with in-the-wild exploit fix Patch Tuesday Plus: Intel, Adobe, SAP and Android bugs Patches11 Jan 2023 | 20
Russian meddling in 2016 US presidential election was weak sauce Boffins find Twitter foreign influence campaign didn't have much pull Security10 Jan 2023 | 59
How to track equipped cars via exploitable e-ink platemaker Miscreants could have tracked, modified, deleted digital plates Research10 Jan 2023 | 90
Wiretap lawsuit accuses Apple of tracking iPhone users who opted out This is the company that claims: 'Privacy. That's iPhone' Security10 Jan 2023 | 10
Pakistan’s government to agencies: Dark web is dangerous, please don’t go there Advice follows embarrassing leak of audio from Prime Minister’s office Security10 Jan 2023 | 12
Homeland Security, CISA builds AI-based cybersecurity analytics sandbox High-spec system is crucial to defending against the latest threats Government Tech Week10 Jan 2023 | 5
US Supremes deny Pegasus spyware maker's immunity claim NSO maintains that it's all legit Security09 Jan 2023 | 28
No more holidays for US telcos, FCC is cracking down In Brief Also, LastPass faces class action, and Louisiana says that, while the internet may be for porn, ID is still required Security08 Jan 2023 | 41
Chinese researchers' claimed quantum encryption crack looks unlikely Near-term vulnerability of RSA-2048 keys not so near, says quantum boffin Scott Aaronson Security07 Jan 2023 | 31
Here's how to remotely take over a Ferrari...account, that is Connected cars. What could possibly go wrong? Security07 Jan 2023 | 86
Freedom for MegaCortex ransomware victims – the fix is out Criminals hit 1,800 victims across 71 countries to the tune of $100m+ Security06 Jan 2023 | 4
Dridex malware pops back up and turns its attention to macOS Malware testers spot attempt to attack Macs. But (try not to weep for the bad guys) there are still compatibility issues with MS exe files Research06 Jan 2023 | 6
JP Morgan must face suit from Ray-Ban maker after crooks drained $272m from accounts Don't masquerade with the guy in shades, oh no Cyber-crime06 Jan 2023 | 17
Rackspace blames ransomware woes on zero-day attack Play gang blamed, ProxyNotShell cleared and hosted Exchange doomed Security05 Jan 2023 | 13