Chipmaker Microchip reveals cyber attack whacked manufacturing capacity Defense contractor gets hacked – what's the worst that could happen Security21 Aug 2024 | 3
Plane tracker app FlightAware admits user data exposed for years Updated Privacy blunder alert omits number of key details Security20 Aug 2024 | 42
Iran named as source of Trump campaign phish, leaks Political stirrer Roger Stone may have been a weak link after personal emails cracked Security20 Aug 2024 | 40
Digital wallets can allow purchases with stolen credit cards Researchers find it's possible to downgrade authentication checks, and shabby token refresh policies Research20 Aug 2024 | 36
OpenAI kills Iranian accounts using ChatGPT to write US election disinfo 12 on X and one on Instagram caught in the crackdown Cyber-crime19 Aug 2024 | 5
Multiple flaws in Microsoft macOS apps unpatched despite potential risks Windows giant tells Cisco Talos it isn't fixing them Research19 Aug 2024 | 21
National Public Data tells officials 'only' 1.3M people affected by intrusion Investigators previously said the number was much, much higher Cyber-crime19 Aug 2024 | 6
RansomHub-linked EDR-killing malware spotted in the wild Infosec in brief Also: Your external-facing NetSuite sites need a review; five popular malware varieties for Q2, and more Security19 Aug 2024 | 1
After nearly 3B personal records leak online, Florida data broker confirms it was ransacked by cyber-thieves Names, addresses, Social Security numbers, more all out there Cyber-crime16 Aug 2024 | 43
Unicoin hints at potential data meddling after G-Suite compromise Attacker locked out all staff for four days Cyber-crime16 Aug 2024 | 9
DARPA, ARPA-H award $14m to 7 AIxCC semifinalists, with a catch Teams wanting the cash have to commit to handing their models to OpenSSF after next year's final Security15 Aug 2024 | 4
Google raps Iran's APT42 for raining down spear-phishing attacks US politicians and Israeli officials among the top targets for the IRGC’s cyber unit Research15 Aug 2024 | 1
Russian man who sold logins to nearly 3,000 accounts gets 40 months in jail He’ll also have to pay back $1.2 million from fraudulent transactions he facilitated Cyber-crime15 Aug 2024 | 5
Mad Liberator extortion crew emerges on the cyber-crook scene Anydesk is its access tool of choice Cyber-crime15 Aug 2024 | 4
Over 40 million Kakao Pay users' data somehow ended up with Alipay Payment arm of Korean messaging app denies any illegal activity Security15 Aug 2024 | 10
China-linked cyber-spies infect Russian govt, IT sector No, no, go ahead, don't let us stop you, Xi Research15 Aug 2024 | 17
Russian cyber snoops linked to massive credential-stealing campaign Citizen Lab also spots a COLDWASTREL swimming in the Rivers of Phish Cyber-crime14 Aug 2024 |
Texas sues GM for selling driver data to analytics, insurance companies Lone Star State alleges GM cashed in with "millions in lump sum payments" from the sale Security14 Aug 2024 | 30
Enzo Biochem ordered to cough up $4.5 million over lousy security that led to ransomware disaster Three state attorneys general probed the company and found plenty to chastise Cyber-crime14 Aug 2024 | 3
Palo Alto Networks execs apologize for 'hostesses' dressed as lamps at Black Hat booth Biz admits turning human women into faceless, sexualized furniture was a 'tone deaf' marketing ploy Security14 Aug 2024 | 202
Is Lenovo a blind spot in US anti-China security measures? Opinion Questions raised as one of the world's largest PC makers joins America's critical defense team Security14 Aug 2024 | 47
Indian telcos to cut off scammy, spammy, telemarketers for two whole years There's a blockchain involved so it's totally going to stop you getting those calls Public Sector14 Aug 2024 | 33
NIST finalizes trio of post-quantum encryption standards Nicely ahead of that always-a-decade-away moment when all our info becomes an open book Security14 Aug 2024 | 18
Microsoft patches scary wormable hijack-my-box-via-IPv6 security bug and others Patch Tuesday Plus more pain for Intel which fixed 43 bugs, SAP and Adobe also in on the action Patches14 Aug 2024 | 24
Six ransomware gangs behind over 50% of 2024 attacks Plus many more newbies waiting in the wings Cyber-crime13 Aug 2024 |
US accuses man of being 'elite' ransomware pioneer they've hunted for years Authorities allege 'J.P. Morgan' practiced ‘extreme operational and online security’ Cyber-crime13 Aug 2024 | 7
Feds bust minor league Radar/Dispossessor ransomware gang The takedown may be small but any ransomware gang sent to the shops is good news in our book Cyber-crime13 Aug 2024 | 5
Orion SA says scammers conned company out of $60 million Incident sounds like a BEC fraud targeting an unwitting staffer Cyber-crime13 Aug 2024 | 7
Who uses LLM prompt injection attacks IRL? Mostly unscrupulous job seekers, jokesters and trolls Because apps talking like pirates and creating ASCII art never gets old AI + ML13 Aug 2024 | 17
'Digital arrest' scams are big in India and may be spreading Bad guys claim they're cops, keep you on hold for hours until you pay to make loved ones' crimes go away Cyber-crime13 Aug 2024 | 5
AMD won’t patch Sinkclose security bug on older Zen CPUs Updated Kernel mode not good enough for you? Maybe you'll like SMM of this Patches13 Aug 2024 | 14
Attacker steals personal data of 200K+ people with links to Arizona tech school Nearly 50 different data points were accessed by cybercrim Cyber-crime12 Aug 2024 | 7
Mega money, unfathomable violence pervade thriving underground doxxing scene Black Hat It also attracts exactly the type of unempathetic people you would think it does Cyber-crime12 Aug 2024 | 8
Trump campaign cites Iran election phish claim as evidence leaked docs were stolen Dots have been joined, but hard evidence is not apparent Security12 Aug 2024 | 74
The UN unanimously agrees that cybercrime is bad, mkay? Infosec in brief Also: British nuke subs get code from Russia; and BlackSuit begs for $500M Security12 Aug 2024 | 7
Raptor Lake microcode limits Intel chips to a mere 1.55 volts to prevent CPU destruction Is that a lot? Depends on the context. GHz, no. Voltage, yes Personal Tech09 Aug 2024 | 28
Pro-Iran groups lay groundwork for 'chaos and violence' as US election meddling attempts intensify Political officials, advisors targeted in cyber attacks as fake news sites deliver lefty zingers Security09 Aug 2024 | 23
It's 2024 and we're just getting round to stopping browsers insecurely accessing 0.0.0.0 Can't reach someone's private server on localhost from outside? No problem Research09 Aug 2024 | 39
Hello? Are you talking on a Cisco SPA300 or SPA500 IP phone? Now's the time to junk 'em Multiple critical flaws found and they won't be fixed Security09 Aug 2024 | 31
Delta: CrowdStrike's offer to help in Falcon meltdown was too little, too late Airline unimpressed with 'unhelpful and untimely' phone call from CEO, Falcon maker says claims untrue CxO08 Aug 2024 | 32
US 'laptop farm' man accused of outsourcing his IT jobs to North Korea to fund weapons programs American and Brit firms thought they were employing a Westerner, but not so, it's alleged CSO08 Aug 2024 | 19
Using 1Password on Mac? Patch up if you don’t want your Vaults raided Hundreds of thousands of users potentially vulnerable Patches08 Aug 2024 | 23
US elections have never been more secure, says CISA chief Black Hat Election tech is fine – it's all those idiots buying into the propaganda that's worrying Jen Easterly Security08 Aug 2024 | 45
Report: Tech misconceptions plague the IT world Just snapping the webcam shutter closed won't keep a user safe online Personal Tech08 Aug 2024 | 74
Entrust faces years of groveling to regain browsers' trust, say rival chiefs Sectigo bosses claim it's only a matter of time before Microsoft and Apple drop Big E from their root stores too Security08 Aug 2024 | 4
Cloud storage lockers from Microsoft and Google used to store and spread state-sponsored malware Black Hat Why run your own evil infrastructure when Big Tech offers robust tools hosted at trusted URLs? Black Hat and DEF CON08 Aug 2024 | 2
Samsung boosts bug bounty to a cool million for cracks of the Knox Vault subsystem Good luck, crackers: It's an isolated processor and storage enclave, and top dollar only comes from a remote attack Security08 Aug 2024 | 5
Faulty instructions in Alibaba's T-Head C910 RISC-V CPUs blow away all security Black Hat Let's get physical, physical ... I don't wanna hear your MMU talk Black Hat and DEF CON07 Aug 2024 | 48
Small CSS tweaks can help nasty emails slip through Outlook's anti-phishing net A simple HTML change and the warning is gone! Research07 Aug 2024 | 13
Police take just 2 days to recover $40M stolen in business email scam Timor-Leste is a known cybercrime hotspot Cyber-crime07 Aug 2024 | 9
EQT buys majority share in Swiss cybersecurity biz Acronis Went at equivalent of $3.5B+ valuation for entire firm, though portion sold not specified Security07 Aug 2024 | 3
UK health services call-handling vendor faces $7.7M fine over 2022 ransomware attack Nearly 83,000 people had their data stolen amid chaos that struck NHS healthcare Cyber-crime07 Aug 2024 | 11
SharpRhino malware targets IT admins – Hunters International gang suspected Fake Angry IP Scanner will make you furious - or maybe remind you of how the Hive gang went about its banal business Security07 Aug 2024 |
Georgia's voter portal gets a crash course in client versus backend input validation Trying to cancel a citizen's registration would be caught by humans no matter what the page said, officials say Research07 Aug 2024 | 36
Microsoft punches back at Delta Air Lines and its legal threats SatNad himself offered CrowdStrike recovery help, Redmond says, before suggesting airline's IT is in a mess CxO07 Aug 2024 | 39
CrowdStrike hires outside security outfits to review troubled Falcon code And reveals more and more about small mistake that bricked 8.5M Windows boxes Security07 Aug 2024 | 55
Google splats device-hijacking exploited-in-the-wild Android kernel bug among others And Qualcomm addresses 'permanent denial of service' flaw in its stuff Patches06 Aug 2024 | 8
Sonic Automotive says ransomware-linked CDK software outage cost it $30M Misery loves company – all of its competitors were also negatively impacted Cyber-crime06 Aug 2024 | 2
Bad apps bypass Windows security alerts for six years using newly unveiled trick Windows SmartScreen and Smart App Control both have weaknesses of which to be wary Research06 Aug 2024 | 16
Users call on Microsoft to update Outlook's friendly name feature That one weird thing in Outlook that gives phishers and scammers an in to an inbox Security06 Aug 2024 | 76