King Charles III signs off on UK Online Safety Act, with unenforceable spying clause It's now up to Ofcom to sort out this messy legislation Security27 Oct 2023 | 150
Apple drops urgent patch against obtuse TriangleDB iPhone malware Kaspersky first found this software nasty on its own phones Patches26 Oct 2023 | 9
Forget the outside hacker, the bigger threat is inside by the coffee machine Kettle After a week of incidents, Register vultures pick over the innards Security26 Oct 2023 | 20
Side channel attacks take bite out of Apple silicon with iLeakage exploit Nearly six years on from Spectre and Meltdown, novel method steals passwords, emails, texts Research26 Oct 2023 | 10
ServiceNow quietly addresses unauthenticated data exposure flaw from 2015 Researcher who publicized issue brands company’s communication 'appalling' Research26 Oct 2023 | 3
Canada goosed as attackers shutter hospitals and China deepfakes its politicians Eh? Canucks cracked by cyber crims Cyber-crime25 Oct 2023 | 11
Pro-Russia group exploits Roundcube zero-day in attacks on European government emails With this zero-day, researchers say the 'scrappy' group is stepping up its operations Cyber-crime25 Oct 2023 | 4
Hunters International leaks pre-op plastic surgery pics in negotiation no-no No honor among thieves as group denies Hive ransomware links Cyber-crime25 Oct 2023 | 6
VMware reveals critical vCenter vuln that you may have patched already without knowing it Takes rare step of issuing patches for end-of-life versions, as some staff report end-of-career letters Patches25 Oct 2023 | 4
Hot fuzz: Cascade finds dozens of RISC-V chip bugs using random data storm Video ETH Zurich boffins say they've devised a better CPU fuzzer to find flaws Security24 Oct 2023 | 5
Citrix urges 'immediate' patch for critical NetScaler bug as exploit code made public At this point, just assume your kit is compromised Security24 Oct 2023 | 1
Ex-NSA techie pleads guilty to selling state secrets to Russia Wannabe spy undone by system logs, among other lapses in judgement Security24 Oct 2023 | 11
1Password confirms attacker tried to pull list of admin users after Okta intrusion Says logins are safe, as high-profile customers complain they knew about the breach before Okta Cyber-crime24 Oct 2023 | 9
Element users are asking for protection against government encryption busting NATO, United Nations, US DoD, and French government among its customer base Security24 Oct 2023 | 27
Irish cops data debacle exposes half a million motorist records Details of civilians and Garda officers were included, as well as high-res scans of identity documents Security24 Oct 2023 | 9
Scammers use India’s real-time payment system to siphon off money, send it to China Countries signed on for India’s stack might watch out Security24 Oct 2023 | 14
Cisco fixes critical IOS XE bug but malware crew way ahead of them Initial fall in infected devices indicates evolution, not extinction, of attack code Security23 Oct 2023 | 2
DC elections agency warns entire voting roll may have been stolen Home of the Republic seemingly hit by Sony/NTT Docomo ransomware crew Cyber-crime23 Oct 2023 | 13
Microsoft opens early access to AI assistant for infosec, Security Copilot Copilotization of all things continues... as helper offers incident reports to share with the boss and more Security23 Oct 2023 | 10
Admin behind E-Root stolen creds souk extradited to US There was a young man from Moldova, who the Feds just want to roll over, but with 20 inside, and nowhere to hide, he just wants it all to be over Cyber-crime20 Oct 2023 | 9
Casio keyed up after data loss hits customers in 149 countries Crooks broke into the ClassPad server and swiped online learning database Cyber-crime19 Oct 2023 | 12
Europol knocks RagnarLocker offline in second major ransomware bust this year Group will be remembered as staunch negotiator and a bullier of critical infrastructure orgs Cyber-crime19 Oct 2023 |
Cybercrim claims fresh 23andMe batch takes leaked records to 5 million Class action lawsuits abound after mega breach Cyber-crime19 Oct 2023 | 4
Ex-Navy IT manager gets 5 years in slammer for 2018 database heist Seafaring cybercrim's wife faces similar sentence next month Security19 Oct 2023 | 2
October Cybersecurity Awareness Month to target internal security risks SANS offers cyber security pros a valuable toolkit of resources to mitigate the potentially serious cybersecurity risks faced by internal staff Sponsored Post
D-Link clears up 'exaggerations' around data breach Who knew 3 million actually means 700 in cybercrime forum lingo? Cyber-crime18 Oct 2023 | 5
CIA exposed to potential intelligence interception due to X's URL bug Musk's mega-app-in-waiting goes from chopping headlines to profile URLs Security18 Oct 2023 | 25
US cybercops urge admins to patch amid ongoing Confluence chaos Do it now, no ifs or buts, says advisory Patches17 Oct 2023 | 3
British boffins say aircraft could fly on trash, cutting pollution debt by 80% Domestic jets can use 'municipal solid waste' to fly the friendly skies Research17 Oct 2023 | 115
We're not in e-Kansas anymore: State courts reel from 'unauthorized incursion' Fax, post, and human messengers can still be used for filing vital evidence Cyber-crime16 Oct 2023 | 4
BLOODALCHEMY provides backdoor to southeast Asian nations' secrets Sophisticated malware devs believed to be behind latest addition to toolset of China-aligned attackers Research16 Oct 2023 | 1
Regulator, insurers and customers all coming for Progress after MOVEit breach Infosec in brief Also, CISA cataloging new ransomware data points, 17k WP sites hijacked by malware in Sept., and more critical vulns Security16 Oct 2023 | 3
530K people's info feared stolen from cloud PC gaming biz Shadow Will players press start to continue with this outfit? Cyber-crime13 Oct 2023 | 10
Thwarted ransomware raid targeting WS_FTP servers demanded just 0.018 BTC Early attempt to exploit latest Progress Software bug spotted in the wild Cyber-crime13 Oct 2023 | 7
Calls for Visual Studio security tweak fall on deaf ears despite one-click RCE exploit Two years on and Microsoft refuses to address the issue Research13 Oct 2023 | 11
Squid games: 35 security holes still unpatched in proxy after 2 years, now public We'd like to say don't panic … but maybe? Research13 Oct 2023 | 10
Everest cybercriminals offer corporate insiders cold, hard cash for remote access The ransomware gang changes identities more than Jason Bourne Research12 Oct 2023 | 9
Building cyber resilience with data vaults How continuous data protection and isolated cyber recovery vaults provide effective defense against ransomware Sponsored Feature
US construction giant unearths concrete evidence of cyberattack Simpson Manufacturing yanks systems offline, warns of ongoing disruption Cyber-crime12 Oct 2023 | 11
US Navy sailor admits selling secret military blueprints to China for $15K Worth it for 20 years behind bars? Cyber-crime11 Oct 2023 | 26
curl vulnerabilities ironed out with patches after week-long tease Updated The coordinated disclosure didn’t quite go to plan, though Patches11 Oct 2023 | 16
It's 2023 and Microsoft WordPad can be exploited to hijack vulnerable systems Patch Tuesday Happy Halloween! Security bugs under attack squashed, more flaws fixed Patches10 Oct 2023 | 18
SBF on trial: The Python code that allegedly let Alameda hedge fund spend people's FTX deposits And Caroline Ellison says she was told by Bankman-Fried to take $10B from customer accounts Cyber-crime10 Oct 2023 | 22
HTTP/2 'Rapid Reset' zero-day exploited in biggest DDoS deluge seen yet Botnet storm drowned last record with 398 million requests per second CSO10 Oct 2023 | 13
Mirai reloads exploit arsenal as botnet embarks on another expansion drive With 13 new payloads it's the biggest update to the botnet in months Research10 Oct 2023 |
Researcher bags two-for-one deal on Linux bugs while probing GNOME component One-click exploit could potentially affect most major distros Research10 Oct 2023 | 12
Fresh curl tomorrow will patch 'worst' security flaw in ages Updated It’s bad, folks. Pair of CVEs incoming on October 11 Patches10 Oct 2023 | 11
Ransomware attacks register record speeds thanks to success of infosec industry Dwell times drop to hours rather than days for the first time Research10 Oct 2023 | 3
Exercise Cyber Star tests Singapore response How SANS is helping boost the island’s defenses against whole-of-nation cyber attacks Sponsored
DoJ: Ex-soldier tried to pass secrets to China after seeking a 'subreddit about spy stuff' FBI agent claims sergeant with top clearance offered access to DoD tech systems Security09 Oct 2023 | 50
Hacktivist attacks erupt in Middle East following Hamas assault on Israel Groups range from known collectives to new outfits eager to raise their profile Security09 Oct 2023 | 136
Datacenter cabling biz Volex confirms digital break-in All sites operational, no 'material' financial impact expected but stock markets still worried Cyber-crime09 Oct 2023 |
Chinese smart TV boxes infected with malware in PEACHPIT ad fraud campaign Infosec in brief PLUS: Sony admits to MoveITbreach; Blackbaud fined again, Qakbot's sorta back from the dead; and more Security09 Oct 2023 | 7
CISA reveals 'Admin123' as top security threat in cyber sloppiness chart Calls for wider adoption of security-by-design principles continue to ring loudly from Uncle Sam Security06 Oct 2023 | 8
MGM Resorts attackers hit personal data jackpot, but house lost $100M Racecars and cyber insurance will balance its books in no time, though Cyber-crime06 Oct 2023 | 2
CDW data to be leaked next week after negotiations with LockBit break down Ransomware spokesperson scoffs at IT reseller's offer of payment Cyber-crime06 Oct 2023 | 15
How to stop ransomware thieves WORMing their way into your data Stay immutable in the face of cyber crime adversity, says Object First Sponsored Feature
Google promises Germany to creep on users less after market power probe Regulation complements EU's Digital Markets Act to cover more services Security06 Oct 2023 | 6
GoldDigger Android trojan targets Vietnamese banking apps, code contains hints of wider targets More malware scum using acessibility features to steal personal info Security06 Oct 2023 |