FBI: Cyber-scams cost victims $6.9b-plus worldwide in 2021 Another banner year for criminals. For everyone else, not so much Cyber-crime05 May 2022 | 8
Microsoft, Apple, Google accelerate push to eliminate passwords Analysis Passphrases PIP'd, FIDO and W3C projects promoted CSO05 May 2022 | 76
Google chases sovereignty market with EU Workspace Data product Woos European firms who don't want their data caught in the US Cloud Act dragnet Security05 May 2022 | 1
Phishing operation hits NHS email accounts to harvest Microsoft credentials You've won $2m! Now just send me a small fee Security05 May 2022 | 44
Biden orders new quantum push to ensure encryption isn't cracked by rivals Domestic action and international collaboration to make sure you-know-who – OK, China – doesn't get ahead of the game Security05 May 2022 | 10
Beijing-backed gang looted IP around the world for years, claims Cybereason Infosec outfit says group avoided detection by hiding payloads in undocumented Windows logs Security05 May 2022 | 13
GitHub to require two-factor authentication for code contributors by late 2023 Code locker has figured out it's a giant honeypot for miscreants planning supply chain attacks Security05 May 2022 | 17
US Cyber Command shored up nine nations' defenses last year 'Hunt forward' operations push US capabilities across borders Security04 May 2022 | 15
Communication around Heroku security incident dubbed 'train wreck' Users claim lack of transparency following compromise of Github tokens Security04 May 2022 | 5
Putin threatens supply chains with counter-sanction order ‘Certain organizations’ to be named in ten days and denied access to Russian resources Security04 May 2022 | 77
Cyber-spies target Microsoft Exchange to steal M&A info If a network snoop probes like a Kremlin agent, exploits like a Kremlin agent, it might be... Cyber-crime04 May 2022 | 5
SEC nearly doubles cryptocurrency cop roles in special cyber unit Policing digital assets sounds more Mission Impossible than NCIS Cyber-crime03 May 2022 | 7
Zero trust is more than just vendors and products – it requires process Dell Technologies World IT orgs need to adapt their procedures to make it all work, says Dell Security03 May 2022 | 3
Microsoft's standalone Defender for Business hits GA Security suite for the orgs unwilling to stump up for a Microsoft 365 Business Premium subscription Security03 May 2022 | 3
Critical vulnerabilities found in 'millions of Aruba and Avaya switches' Airports, hospitals, hotels, and more need to deploy patches for hijack bugs Patches03 May 2022 | 31
Privacy pathology: It's time for the users to gather a little data – evidence Opinion If Sherlock was alive today, he’d pack a Pi next to pistol and pipe Security03 May 2022 | 30
Google starts testing fenced frames to guard its Privacy Sandbox Oh, serve me ads, lots of ads, under clouded eyes above, just fence me in Security03 May 2022 | 7
Security is a pain for American Dental Association: Ransomware infection feared In brief Plus: Another university hit with malware, and more Research02 May 2022 | 5
SSE kicks the ‘A’ out of SASE Analysis Security Service Edge separates cloud-delivered defenses from SD-WAN as debate rages Security02 May 2022 | 3
Dell brings data recovery tools to Apex and the cloud Dell shows off full stack of cyber recovery SaaS, partners with Snowflake for data analytics Security02 May 2022 |
Spanish PM, defense minister latest Pegasus spyware victims Latest Spanish officials to detect Pegasus spyware on mobile devices Security02 May 2022 | 22
Facebook's Meta, tracking code, and the student financial aid website Also: Oculus virtual reality apps fail to detail info collection Research30 Apr 2022 | 15
Data-wiper malware strains surge as Ukraine battles ongoing invasion Besides files being erased, another thing being deleted: Any sense this is a coincidence Research29 Apr 2022 | 11
Microsoft Edge's 'Secure Network' sounds a lot like a built-in VPN Only works with signed-in users, but could lure more into using the browser Security29 Apr 2022 | 30
Don’t expect to get your data back from the Onyx ransomware group The cybercriminals trash files larger than 2MB, forever losing them to the void Security29 Apr 2022 | 13
Interpol: We can't arrest our way out of cybercrime Especially when gangs are better funded than local police Cyber-crime29 Apr 2022 | 11
India gives local techies 60 days to hit 6-hour deadline for infosec incident reporting Customer data collection and retention requirements also increased, including for crypto operators Security29 Apr 2022 | 3
Sina Weibo, China's Twitter analog, reveals users' locations and IP addresses Sssshhhh! Nobody tell Elon Musk Security29 Apr 2022 | 9
Bumblebee malware loader emerges as Conti's BazarLoader fades At least three threat groups are using the loader in malicious email campaigns Research29 Apr 2022 | 3
Cloudflare stomps huge DDoS attack on crypto platform At 15.3 million requests per second, the assault was the largest HTTPS blitz on record lasting 15 seconds Security28 Apr 2022 | 15
Money or your business: Ensure your ransomware defense strategy beats off disruptions, extortions Multi-layered protection from Huawei curbs ransomware attacks Sponsored Feature
Five Eyes nations reveal 2021's fifteen most-exploited flaws Malicious cyber actors go after 2021's biggest misses, spend less time on the classics Security28 Apr 2022 | 10
Microsoft points at Linux and shouts: Look, look! Privilege-escalation flaws here, too! Will Redmond start code-naming Windows make-me-admin bugs? Patches27 Apr 2022 | 110
Looking for the latest insight to ensure cyber security in the long term? It’s right here Because digital transformation means transforming security first Sponsored Post
Feds offer big rewards for info on suspected Russian Sandworm intel officers A different type of bug bounty Cyber-crime27 Apr 2022 | 4
China turns cyber-espionage eyes to Russia as Ukraine invasion grinds on State-sponsored Bronze President group launches cyber-espionage malware campaign against notional ally Security27 Apr 2022 | 18
Chinese drone-maker DJI suspends ops in Russia, Ukraine First Middle Kingdom company to take a stance says it doesn't want anyone weaponizing its flying machines Security27 Apr 2022 | 12
Should security teams be giving service with a smile? Our Vectra Masked CISO series tackles some of the biggest issues in security and how to overcome them Advertorial
Study: How Amazon uses Echo smart speaker conversations to target ads Updated Web giant milks advertisers with data harvested from digital assistant Research27 Apr 2022 | 167
Who is exploiting VMware right now? Probably Iran's Rocket Kitten, to name one We hope you've patched that 9.8/10 severity bug Research26 Apr 2022 | 5
Coca-Cola probes pro-Kremlin gang's claims of 161GB data theft Life tastes not so good right now Cyber-crime26 Apr 2022 | 18
USA's plan to decouple its tech with China lacks a strategy – report The Schmidt hits the fan Security26 Apr 2022 | 17
DDoS attacks at an all-time-high in Q1 2022, says Kaspersky More attacks and more targeted attacks than ever before. What could have happened to cause that uptick? Security26 Apr 2022 | 2
Microsoft fixes Point of Sale bug that delayed Windows 11 startup for 40 minutes You thought hunting for discount vouchers took a while? That's nothing compared to Windows booting on a till Security26 Apr 2022 | 41
India inks tech pact with EU – only the US has the same deal Meanwhile, UK and India finally explain Cyber Security Partnership agreed to in May 2021 Cyber-crime26 Apr 2022 | 8
Crooks steal NFTs worth '$3m' in Bored Ape Yacht Club heist Worth doing a lot of heavy lifting there, we know Cyber-crime26 Apr 2022 | 59
Intuit sued over alleged cryptocurrency thefts via Mailchimp intrusion Financial software giant slammed for 'poor security practices' Cyber-crime25 Apr 2022 | 13
Homeland Security bug bounty program uncovers 122 holes in its systems Thinking of another word for this US govt department's name CSO25 Apr 2022 | 4
Flaw could have granted criminals control over Ever Surf crypto wallets Check Point uncovers web vulnerability that could have led to cryptocurrency theft Security25 Apr 2022 | 1
FBI: BlackCat ransomware scratched 60-plus orgs In brief Plus: Cisco Umbrella flaw patched, lid blown off TeamTNT, and ICS security folks join JCDC party Security25 Apr 2022 | 1
Now Mandiant says 2021 was a record year for exploited zero-day security bugs Now that's a race condition Research23 Apr 2022 | 4
US DOJ probes Google's $5.4b Mandiant acquisition Not a social network or an instant-chat app used by tens of millions, so scrutiny it is, then Security22 Apr 2022 | 5
Hive ransomware affiliate zeros in on Exchange servers Threat actor exploited known vulnerabilities in the Microsoft software to compromise multiple systems Cyber-crime22 Apr 2022 | 4
REvil resurrected? Ransomware crew appears to be back. Keyword: Appears Months after arrests, gang – or someone mimicking them – now active Cyber-crime22 Apr 2022 | 9
YouTube terminates account for Hong Kong's presumed next head of government Google cites US sanctions while Beijing and John Lee Ka-chiu are miffed Security21 Apr 2022 | 34
Emotet reestablishes itself at the top of the malware world Botnet infrastructure shut down last year, now central to a fast-spreading email scam, researchers say Security21 Apr 2022 | 5
Five Eyes nations fear wave of Russian attacks against critical infrastructure If this is surprising to operators, we are doomed Cyber-crime21 Apr 2022 | 25
AWS's Log4j patches blew holes in its own security Remote code exec is so 2014. Have this container escape and privilege escalation, instead Patches20 Apr 2022 | 10
Oracle already wins 'crypto bug of the year' with Java digital signature bypass Whole new meaning for zero consequences Security20 Apr 2022 | 47
Russian-linked Shuckworm crew ramps up Ukraine attacks Cyber-espionage gang using multiple variants of its custom backdoor to ensure persistence, Symantec warns Security20 Apr 2022 | 4