Crooks target top execs on Office 365 with MFA-bypass scheme
'Widespread' campaign hunts for multimillion-dollar transactions
Cyber-crime25 Aug 2022 | 9
Security
Twitter, Meta kill hundreds of pro-Western troll accounts
It turns out online chicanery aiming to destabilize foreign nations is a two-way street
Research25 Aug 2022 | 38
Ever present danger
Recognizing the signs of an impending ransomware attack with Red Canary
Webinar
Shout-out to whoever went to Black Hat and had North Korean malware on their PC
I am the one who NOCs
CSO25 Aug 2022 | 25
Block sued after ex-staffer siphons customer data
'Don't be such a Square' hits different these days
CSO24 Aug 2022 | 8
80,000 internet-connected cameras still vulnerable after critical patch offered
Just more IoT conscripts for the botnet armies
Patches24 Aug 2022 | 15
VMware confirms Carbon Black causes BSODs, boot loops on Windows
Well, you can't be attacked if your PC won't start
CSO24 Aug 2022 | 11
Attacker snags account details from streaming service Plex
'Limited subset' of users have emails, usernames, and hashed passwords stolen from the platform
Cyber-crime24 Aug 2022 | 18
Lloyd's to exclude certain nation-state attacks from cyber insurance policies
Updated Kim Jong-un has entered the chat
CSO24 Aug 2022 | 55
Twitter savaged by former security boss Mudge in whistleblower complaint
Loose access to production systems, out of date software, and more claimed
CSO23 Aug 2022 | 36
Smartphone gyroscopes threaten air-gapped systems, researcher finds
Network interface card LEDs are a risk too by blinking in Morse code
CSO23 Aug 2022 | 54
Microsoft finds critical hole in operating system that for once isn't Windows
Oh wow, get a load of Google using strcpy() all wrong – strcpy! Haha, you'll never ever catch us doing that
Research23 Aug 2022 | 65
If you haven't patched Zimbra holes by now, assume you're toast
Here's how to detect an intrusion via vulnerable email systems
Patches23 Aug 2022 |
Novant Health admits leak of 1.3m patients' info to Facebook
But don't worry, Zuck would never misuse this type of sensitive data
Security22 Aug 2022 | 12
Hiding a phishing attack behind the AWS cloud
Scammers are using cloud services to create and host web pages that can be used to lure victims into handing over their credentials
Security22 Aug 2022 | 7
Warning over Java libraries and deserialization security weaknesses
There is a madness to the methods
Security22 Aug 2022 | 6
LockBit gang hit by DDoS attack after threatening to leak Entrust ransomware data
Prolific group pummeled days after claiming to be file thief behind attack on cybersecurity vendor
Cyber-crime22 Aug 2022 | 7
Zoom patches make-me-root security flaw, patches patch
In brief Plus: See if in-app browsers are monitoring you, a novel industrial network attack technique, and more
Security22 Aug 2022 | 21
NSO Group CEO steps down, 100 employees let go too
Controversial Pegasus spyware maker to focus on NATO sales while battling various court cases
Security22 Aug 2022 | 19
Ex-HP finance manager jailed after going on $5m spending spree using company plastic
Tesla sedan, 46 Chanel bags, 16 Rolexes, and more equals three years behind bars
Cyber-crime19 Aug 2022 | 41
Two years on, Apple iOS VPNs still leak IP addresses
Privacy, it's a useful marketing term. *Offer does not apply in China
Research19 Aug 2022 | 18
The truth about that draft law banning Uncle Sam buying insecure software
There's always a get-out clause
CSO19 Aug 2022 | 43
Google blocks third record-breaking DDoS attack in as many months
46 million requests per second network flood comes as attacks increase by more than 200% compared to last year
CSO18 Aug 2022 | 11
Ransomware attack on UK water company clouded by confusion
Clop gang thought it hit Thames Water – but real victim was elsewhere
Cyber-crime18 Aug 2022 | 43
Deluge of of entries to Spamhaus blocklists includes 'various household names'
Nastymail tracking service blames sloppy sending practices for swelling lists of dangerous mailers
Security18 Aug 2022 | 115
Janet Jackson music video declared a cybersecurity exploit
Another reason not to play 1989's Rhythm Nation – it may mess with some hard disk drives
Security18 Aug 2022 | 134
Google, Apple squash exploitable browser bugs
Chrome flaw has public exploit, WebKit hole actively abused along with kernel escalation
Patches17 Aug 2022 | 8
Software developer cracks Hyundai car security with Google search
Top tip: Your RSA private key should not be copied from a public code tutorial
Research17 Aug 2022 | 81
After 7 years, long-term threat DarkTortilla crypter is still evolving
.NET-based malware can push wide range of malicious payloads, and evades detection, Secureworks says
CSO17 Aug 2022 | 2
How to stop the evil lurking in the shadows
Webinar
TikTok wants your trust around US midterm elections data
Misinformation's a concern, but Chinese media giant's own data privacy practices also have people worried
CSO17 Aug 2022 | 4
Mozilla finds 18 of 25 popular reproductive health apps share your data
Scary in post-Roe America, and Poland, and far too many other places
Research17 Aug 2022 | 44
Russian military uses Chinese drones and bots in combat, over manufacturers' protests
Testimonials from Russian generals not welcomed by DJI or Unitree Robotics
Security17 Aug 2022 | 46
RubyGems now requires multi-factor auth for top package maintainers
Sign-on you crazy diamond
Security16 Aug 2022 | 1
SEC says brokerage accounts hijacked for $1.3m pump-and-dump scam
18 people and businesses charged, one giant web of connections
Cyber-crime16 Aug 2022 | 3
PC store told it can't claim full cyber-crime insurance after social-engineering attack
Two different kinds of fraud, says judge while throwing out lawsuit against insurer
CSO16 Aug 2022 | 4
Do you know what’s happening on your users’ devices?
Head this way to find if your strategy’s on (end) point
Sponsored Post
Microsoft's macOS Tamper Protection hits general availability
A boon for administrators having to deal with Apple hardware while also keeping everything secure
CSO16 Aug 2022 | 5
1,900 Signal users exposed: Twilio attacker 'explicitly' looked for certain numbers
Updated Bad guy also got SMS verification codes, and re-registered one of the numbers they searched for
Cyber-crime16 Aug 2022 | 41
Reckon Russian spies are lurking in your inbox? Check for these IOCs, Microsoft says
Seaborgium targeted dozens of orgs this year alone
CSO16 Aug 2022 | 7
Digital Ocean dumps Mailchimp after attack leaked customer email addresses
Somebody went after crypto-centric companies’ outsourced email but the damage was felt in the cloud
Cyber-crime16 Aug 2022 | 19
It's 2022 and there are still thousands of public systems using password-less VNC
Let alone the ones with 123456 to login. How sophisticated do attackers really need to be?
CSO16 Aug 2022 | 8
Oh Deere: Farm hardware jailbroken to run Doom
Corn-y demo heralded as right-to-repair win
Research16 Aug 2022 | 51
CIA accused of illegally spying on Americans visiting Assange in embassy
Lawyers, journalists sue super-snoop agency and Spanish security biz
Security15 Aug 2022 | 20
Dutch authorities arrest 29-year-old dev with suspected ties to Tornado Cash
The arrest comes days after US Treasury levies sanctions against the crypto mixing service
Cyber-crime15 Aug 2022 | 20
Indian military ready to put long-range quantum key distribution on the line
Local startup can make it happen over 150km
Security15 Aug 2022 | 2
Black Hat and DEF CON visitors differ on physical risk management
Black Hat COVID, flood surfing, crowds – what to pick?
Security15 Aug 2022 | 17
Elon Musk wrote article for China's internet regulator, hinted at aged care robots
Asia in Brief PLUS Vietnam's massive infosec push; Philippines telco fight; Australia dumps COVID app; and more
Security14 Aug 2022 | 34
Ukraine's cyber chief comes to Black Hat in surprise visit
Black Hat In Brief TL;DR: The news isn't good
Security13 Aug 2022 | 6
Let there be ambient light sensing, without fear of data theft
Six years on web devs finally settle on sensor privacy defenses
Security13 Aug 2022 | 22
Palo Alto bug used for DDoS attacks and there's no fix yet
There goes the weekend...
Security12 Aug 2022 | 5
Starlink satellite dish cracked on stage at Black Hat
Black Hat Once the modchip plans are live, you can, too
Security12 Aug 2022 | 19
US reveals 'Target' pic of Conti man with $10m reward offer
Fashion Police chipping in on the bounty related to costliest strain of ransomware on record
Security12 Aug 2022 | 6
Microsoft trumps Google for 2021-22 bug bounty payouts
Another $13.7m handed out to researchers, but then again it does have an awful lot of attack surfaces
Security12 Aug 2022 | 5
Intel ups protection against physical chip attacks in Alder Lake
Black Hat Repurposes logic originally used for spotting variations in voltage, timing in older circuits to help performance
Security12 Aug 2022 | 4
Emergency services call-handling provider: Ransomware forced it to pull servers offline
Advanced's infrastructure still down and out, recovery to take weeks or more
Security12 Aug 2022 | 21
FAANGs failing on keeping user data safe from bug hunters
Black Hat Time to call in the legal team
Security12 Aug 2022 | 3
Higher risks and premiums are creating critical gap in cyber insurance
Black Hat Most organizations don’t have the financial resources necessary to address ransomware and other cyberattacks, BlackBerry says
Security11 Aug 2022 | 4
Security needs to learn from the aviation biz to avoid crashing
Black Hat video 'Until someone has to go to jail for doing it wrong the teeth are not going to be the same'
Security11 Aug 2022 | 90
Russian invasion has dangerously destabilized cyber security norms
Black Hat The inside scoop on the Ukrainian IT army, and what could happen next
Security11 Aug 2022 | 33
