Fortinet: FortiGate config leaks are genuine but misleading Competition hots up with Ivanti over who can have the worst start to a year Cyber-crime17 Jan 2025 | 5
Medusa ransomware group claims attack on UK's Gateshead Council Pastes allegedly stolen documents on leak site with £600K demand Cyber-crime17 Jan 2025 | 8
Russia's Star Blizzard phishing crew caught targeting WhatsApp accounts updated FSB cyberspies venture into a new app for espionage, Microsoft says Security16 Jan 2025 | 2
Enzo Biochem settles lawsuit over 2023 ransomware attack for $7.5M That's in addition to the $4.5M fine paid to three state AGs last year Cyber-crime16 Jan 2025 | 1
Crypto klepto North Korea stole $659M over just 5 heists last year US, Japan, South Korea vow to intensify counter efforts Cyber-crime15 Jan 2025 | 12
FBI wipes Chinese PlugX malware from thousands of Windows PCs in America Hey, Xi: Zài jiàn! Cyber-crime14 Jan 2025 | 25
UK floats ransomware payout ban for public sector Stronger proposals may also see private sector applying for a payment 'license' Cyber-crime14 Jan 2025 | 25
Microsoft sues 'foreign-based' cyber-crooks, seizes sites used to abuse AI Scumbags stole API keys, then started a hacking-as-a-service biz, it is claimed Security13 Jan 2025 | 4
Chinese cyber-spies peek over shoulder of officials probing real-estate deals near American military bases Gee, wonder why Beijing is so keen on the – checks notes – Committee on Foreign Investment in the US Cyber-crime10 Jan 2025 | 7
Drug addiction treatment service admits attackers stole sensitive patient data Details of afflictions and care plastered online Cyber-crime10 Jan 2025 | 8
Security pros baited with fake Windows LDAP exploit traps Tricky attackers trying yet again to deceive the good guys on home territory Cyber-crime09 Jan 2025 | 7
Japanese police claim China ran five-year cyberattack campaign targeting local orgs ‘MirrorFace’ group found ways to run malware in the Windows sandbox, which may be worrying Security09 Jan 2025 | 6
Database tables of student, teacher info stolen from PowerSchool in cyberattack Class act: Cloud biz only serves 60M-plus folks globally, no biggie Cyber-crime09 Jan 2025 | 23
UN's aviation agency confirms attack on recruitment database Various data points compromised but no risk to flight security Cyber-crime08 Jan 2025 | 4
Turbulence at UN aviation agency as probe into potential data theft begins Crime forum-dweller claims to have leaked 42,000 documents packed with personal info Cyber-crime07 Jan 2025 |
Charter, Consolidated, Windstream reportedly join China's Salt Typhoon victim list Slow drip of compromised telecom networks continues Cyber-crime06 Jan 2025 | 4
After China's Salt Typhoon, the reconstruction starts now Opinion If 40 years of faulty building gets blown down, don’t rebuild with the rubble Cyber-crime06 Jan 2025 | 41
Encryption backdoor debate 'done and dusted,' former White House tech advisor says interview When the FBI urges E2EE, you know it's serious business Cyber-crime04 Jan 2025 | 72
Atos denies Space Bears' ransomware claims – with a 'but' updated Points finger at third-party infrastructure being breached Cyber-crime04 Jan 2025 | 3
Chinese cyber-spies reportedly targeted sanctions intel in US Treasury raid OFAC, Office of the Treasury Secretary feared hit in data-snarfing swoop CSO02 Jan 2025 | 3
Capital One two-day outage leaves customers in free-fall Third-party supplier blamed as folks left unable to access funds
Microsoft eggheads say AI can never be made secure – after testing Redmond's own products If you want a picture of the future, imagine your infosec team stamping on software forever
GM parks claims that driver location data was given to insurers, pushing up premiums We'll defo ask for permission next time, automaker tells FTC
FCC to telcos: By law you must secure your networks from foreign spies. Get on it Plus: Uncle Sam is cross with this one Chinese biz over Salt Typhoon mega-snooping
SpaceX resets ‘Days Since Starship Exploded’ counter to zero Updated Test flight seven did better on the ground with a successful booster catch – as aircraft divert from falling debris
IBM swoops in to rescue UK Emergency Services Network after Motorola shown the door With a near half-billion-pound price hike bringing contract value to £1.4B
Just as your LLM once again goes off the rails, Cisco, Nvidia are at the door smiling Some of you have apparently already botched chatbots or allowed ‘shadow AI’ to creep in
Tech support fill-in given no budget, no help, no training, and no empathy for his plight On Call Fixed the problem anyway – with no approval for a purchase and no permission to use a device
Biden signs sweeping cybersecurity order, just in time for Trump to gut it Analysis Ransomware, AI, secure software, digital IDs – there's something for everyone in the presidential directive
Fortinet: FortiGate config leaks are genuine but misleading Competition hots up with Ivanti over who can have the worst start to a year
US Army soldier who allegedly stole Trump's AT&T call logs arrested Brings the arrest count related to the Snowflake hacks to 3 Cyber-crime01 Jan 2025 | 16
US Treasury Department outs the blast radius of BeyondTrust's key leak Data pilfered as miscreants roamed affected workstations Cyber-crime31 Dec 2024 | 16
China's cyber intrusions took a sinister turn in 2024 From targeted espionage to pre-positioning - not that they are mutually exclusive Security31 Dec 2024 | 9
More telcos confirm China Salt Typhoon security breaches as White House weighs in Intrusions allowed Beijing to 'geolocate millions of individuals, record phone calls at will' Cyber-crime30 Dec 2024 | 36
It's only a matter of time before LLMs jump start supply-chain attacks Interview 'The greatest concern is with spear phishing and social engineering' Security29 Dec 2024 | 58
How cops taking down LockBit, ALPHV led to RansomHub's meteoric rise Cut off one head, two more grow back in its place Cyber-crime28 Dec 2024 | 4
How Androxgh0st rose from Mozi's ashes to become 'most prevalent malware' Botnet's operators 'driven by similar interests as that of the Chinese state' Cyber-crime24 Dec 2024 | 3
What do ransomware and Jesus have in common? A birth month and an unwillingness to die Feature 35 years since AIDS first borked a PC and we're still no closer to a solution Cyber-crime24 Dec 2024 | 23
Suspected LockBit dev, facing US extradition, 'did it for the money' Dual Russian-Israeli national arrested in August Cyber-crime23 Dec 2024 | 18
UK ICO not happy with Google's plans to allow device fingerprinting Infosec in brief Also, Ascension notifies 5.6M victims, Krispy Kreme bandits come forward, LockBit 4.0 released, and more Security23 Dec 2024 | 75
Don't fall for a mail asking for rapid Docusign action – it may be an Azure account hijack phish Recent campaign targeted 20,000 folk across UK and Europe with this tactic, Unit 42 warns Cyber-crime19 Dec 2024 | 17
Phishers cast wide net with spoofed Google Calendar invites Not that you needed another reason to enable the 'known senders' setting Cyber-crime18 Dec 2024 | 17
Interpol wants everyone to stop saying 'pig butchering' Victims' feelings might get hurt, global cops contend, and that could hinder reporting Cyber-crime17 Dec 2024 | 45
Ransomware scum blow holes in Cleo software patches, Cl0p (sort of) claims responsibility But can you really take crims at their word? Security16 Dec 2024 | 1
Trump administration wants to go on cyber offensive against China The US has never attacked Chinese critical infrastructure before, right? Cyber-crime16 Dec 2024 | 25
Deloitte says cyberattack on Rhode Island benefits portal carries 'major security threat' Personal and financial data probably stolen Cyber-crime16 Dec 2024 | 2
Scumbag gets 30 years in the clink for running CSAM dark-web chatrooms, abusing kids 'Today’s sentencing is more than just a punishment. It’s a message' Cyber-crime13 Dec 2024 | 42
North Korea's fake IT worker scam hauled in at least $88M over six years DoJ thinks it's found the folks that ran it, and some of the 'IT warriors' sent out to fleece employers Cyber-crime13 Dec 2024 | 2
Lights out for 18 more DDoS booters in pre-Christmas Operation PowerOFF push Holiday cheer comes in the form of three arrests and 27 shuttered domains Cyber-crime12 Dec 2024 | 5
Krispy Kreme Doughnut Corporation admits to hole in security Belly-busting biz says it's been hit by cowardly custards Security11 Dec 2024 | 33
US names Chinese national it alleges was behind 2020 attack on Sophos firewalls Also sanctions his employer – an outfit called Sichuan Silence linked to Ragnarok ransomware Cyber-crime11 Dec 2024 | 4
Heart surgery device maker's security bypassed, data encrypted and stolen Sounds like th-aorta get this sorted quickly Cyber-crime10 Dec 2024 | 20
Bitfinex heist gets the Netflix treatment after 'cringey couple' sentenced Streamer's trademark dramatic style takes on Bitcoin Bonnie and Clyde Cyber-crime10 Dec 2024 | 6
China's Salt Typhoon recorded top American officials' calls, says White House No word yet on who was snooped on. Any bets? CSO09 Dec 2024 | 24
OpenWrt orders router firmware updates after supply chain attack scare A couple of bugs lead to a potentially bad time CSO09 Dec 2024 | 9
Microsoft dangles $10K for hackers to hijack LLM email service Outsmart an AI, win a little Christmas cash CSO09 Dec 2024 | 12
Salt Typhoon forces FCC's hand on making telcos secure their networks Proposal pushes stricter infosec safeguards after Chinese state baddies expose vulns Security06 Dec 2024 | 4
PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files updated Still unpatched 100+ days later, watchTowr says Cyber-crime06 Dec 2024 | 4
Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' Redmond threat intel maven talks explains this persistent pain to The Reg Security06 Dec 2024 | 16
Solana blockchain's popular web3.js npm package backdoored to steal keys, funds Damage likely limited to those running bots with private PKI access Cyber-crime05 Dec 2024 | 7
British hospitals hit by cyberattacks still battling to get systems back online Updated Children's hospital and cardiac unit say criminals broke in via shared 'digital gateway service' Cyber-crime05 Dec 2024 | 21
BT Group confirms attackers tried to break into Conferencing division Sensitive data allegedly stolen from US subsidiary following Black Basta post Cyber-crime05 Dec 2024 | 8
Ransomware hangover, Putin grudge blamed for vodka maker's bankruptcy Stoli Group on the rocks in the US Security05 Dec 2024 | 35
Cops arrest suspected admin of German-language crime bazaar Drugs, botnets, forged docs, and more generated fortune for platform sellers Cyber-crime04 Dec 2024 | 24
Eurocops take down 'secure' criminal chat system known as Matrix Updated They took the red pill Cyber-crime04 Dec 2024 | 46
Major energy contractor reports 'limited' access to IT after ransomware locks files ENGlobal customers include the Pentagon as well as major oil and gas producers Security03 Dec 2024 | 11
Severity of the risk facing the UK is widely underestimated, NCSC annual review warns National cyber emergencies increased threefold this year Cyber-crime03 Dec 2024 | 18
Russia gives life sentence to Hydra dark web kingpin after seizing a ton of drugs No exaggeration – literally a ton. Plus, 15 co-conspirators also put behind bars Cyber-crime03 Dec 2024 | 27
Data on 760K workers from Xerox, Nokia, BofA, Morgan Stanley and more dumped online Yet another result of the MOVEit mess Cyber-crime03 Dec 2024 | 3
Russia arrests one of its own – a cybercrime suspect on FBI's most wanted list The latest in an unusual change of fortune for group once protected by the Kremlin Cyber-crime02 Dec 2024 | 58
RansomHub claims to net data hat-trick against Bologna FC Crooks say they have stolen sensitive files on managers and players Cyber-crime30 Nov 2024 | 2
Ransom gang claims attack on NHS Alder Hey Children's Hospital Second alleged intrusion on English NHS org systems this week Cyber-crime29 Nov 2024 | 21
NHS major 'cyber incident' forces hospitals to use pen and paper Systems are isolated and pulled offline, while scheduled procedures are canceled Cyber-crime28 Nov 2024 | 56
The only thing worse than being fired is scammers fooling you into thinking you're fired Scumbags play on victims' worst fears in phishing campaign referencing UK Employment Tribunal Cyber-crime28 Nov 2024 | 50
Telco engineer who spied on US employer for Beijing gets four years in the clink Provides insight to how China gets inside US systems, perhaps at Verizon and Infosys Cyber-crime27 Nov 2024 | 15
Man accused of hilariously bad opsec as alleged cybercrime spree detailed Complaint claims he trespassed, gave himself discounts, and sorted CCTV access… Cyber-crime26 Nov 2024 | 24
Another 'major cyber incident' at a UK hospital, outpatients asked to stay away Third time this year an NHS unit's IT systems have come under attack Cyber-crime26 Nov 2024 | 53
Supply chain management vendor Blue Yonder succumbs to ransomware And it looks like major UK retailers that rely on it are feeling the pinch Cyber-crime26 Nov 2024 | 9
China has utterly pwned 'thousands and thousands' of devices at US telcos Senate Intelligence Committee chair says his 'hair is on fire' as execs front the White House Cyber-crime25 Nov 2024 | 51
Andrew Tate's site ransacked, subscriber data stolen He'll just have to take this one on the chin Cyber-crime22 Nov 2024 | 106
SafePay ransomware gang claims Microlise attack that disrupted prison van tracking Fledgling band of crooks says it stole 1.2 TB of data Cyber-crime22 Nov 2024 | 3
Chinese ship casts shadow over Baltic subsea cable snipfest Danish military confirms it is monitoring as Swedish police investigate. Cloudflare says impact was 'minimal' Networks21 Nov 2024 | 47
Now Online Safety Act is law, UK has 'priorities' – but still won't explain 'spy clause' Draft doc struggles to describe how theoretically encryption-busting powers might be used Cyber-crime21 Nov 2024 | 56
Five Scattered Spider suspects indicted for phishing spree and crypto heists DoJ also shutters allleged crimeware and credit card mart PopeyeTools Cyber-crime21 Nov 2024 | 3
Mega US healthcare payments network restores system 9 months after ransomware attack Change Healthcare’s $2 billion recovery is still a work in progress Cyber-crime20 Nov 2024 | 5
Healthcare org Equinox notifies 21K patients and staff of data theft Ransomware scum LockBit claims it did the dirty deed Cyber-crime20 Nov 2024 | 1
Russian suspected Phobos ransomware admin extradited to US over $16M extortion This malware is FREE for EVERY crook ($300 decryption keys sold separately) Cyber-crime19 Nov 2024 | 5
Crook breaks into AI biz, points $250K wire payment at their own account Fastidious attacker then tidied up email trail behind them Cyber-crime19 Nov 2024 | 12
T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears updated Un-carrier said to be among those hit by Salt Typhoon, including AT&T, Verizon Networks18 Nov 2024 | 2
Swiss cheesed off as postal service used to spread malware QR codes arrive via an age-old delivery system Bootnotes16 Nov 2024 | 37
Bloke behind Helix Bitcoin launderette jailed for three years, hands over $400M Digital money laundering pays, until it doesn't Cyber-crime16 Nov 2024 | 7
Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit Yank access to management interface, stat CSO15 Nov 2024 | 28
Keyboard robbers steal 171K customers' data from AnnieMac mortgage house Names and social security numbers of folks looking for the biggest loan of their lives exposed Cyber-crime15 Nov 2024 | 6
Bitfinex burglar bags 5 years behind bars for Bitcoin heist A nervous wait for rapper wife who also faces a stint in the clink Cyber-crime15 Nov 2024 | 4
Cybercriminal devoid of boundaries gets 10-year prison sentence Serial extortionist of medical facilities stooped to cavernous lows in search of small payouts Cyber-crime14 Nov 2024 | 6
Kids' shoemaker Start-Rite trips over security again, spilling customer card info Updated Full details exposed, putting shoppers at serious risk of fraud Cyber-crime14 Nov 2024 | 14
Data broker amasses 100M+ records on people – then someone snatches, sells it We call this lead degeneration Cyber-crime13 Nov 2024 | 18
Ransomware fiends boast they've stolen 1.4TB from US pharmacy network American Associated Pharmacies yet to officially confirm infection Cyber-crime13 Nov 2024 | 1
Air National Guardsman gets 15 years after splashing classified docs on Discord 22-year-old talked of 'culling the weak minded' – hmm! Cyber-crime13 Nov 2024 | 93
Here's what we know about the suspected Snowflake data extortionists A Canadian and an American living in Turkey 'walk into' cloud storage environments… Cyber-crime12 Nov 2024 | 5
'Cybersecurity issue' at Food Lion parent blamed for US grocery mayhem Stores still open, but customers report delayed deliveries, invoicing issues, and more at Stop & Shop and others Cyber-crime12 Nov 2024 | 2
Amazon confirms employee data exposed in leak linked to MOVEit vulnerability Over 5 million records from 25 organizations posted to black hat forum Cyber-crime12 Nov 2024 | 2
FBI issues warning as crooks ramp up emergency data request scams Just because it's .gov doesn't mean that email is trustworthy Cyber-crime11 Nov 2024 | 12
Dark web crypto laundering kingpin sentenced to 12.5 years in prison Prosecutors hand Russo-Swede a half-billion bill Cyber-crime11 Nov 2024 | 24
Alleged Snowflake attacker gets busted by Canadians – politely, we assume Infosec in brief Also: Crypto hacks will continue; CoD hacker gets thousands banned, and more Security11 Nov 2024 |
Scattered Spider, BlackCat claw their way back from criminal underground We all know by now that monsters never die, right? Cyber-crime08 Nov 2024 | 1
Winos4.0 abuses gaming apps to infect, control Windows machines 'Multiple' malware samples likely targeting education orgs Security08 Nov 2024 | 6
Operation Synergia II sees Interpol swoop on global cyber crims 22,000 IP addresses taken down, 59 servers seized, 41 arrests in 95 countries Cyber-crime06 Nov 2024 | 3
Cyberattackers stole Microlise staff data following DHL, Serco disruption Experts say incident has 'all the hallmarks of ransomware' Cyber-crime06 Nov 2024 | 5
China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks updated Alleged intrusion spotted in June Security06 Nov 2024 | 5