Meta, Twitter, Apple, Google urged to up encryption game in post-Roe America
Tech giants 'throwing their users to the wolves'
Security20 Sep 2022 | 1
Security
Uber explains how it was pwned this month, points finger at Lapsus$ gang
From annoying MFA alerts to 'several internal systems' infiltrated
CSO19 Sep 2022 | 13
Been hit by LockerGoga ransomware? A free fix is now out
Software nasty used to cause hundreds of millions of dollars in damages, cops say
Security19 Sep 2022 | 2
Grand Theft Auto 6 maker confirms source code, vids stolen in cyber-heist
So is that three or four stars?
Cyber-crime19 Sep 2022 | 19
GPT-3 'prompt injection' attack causes bad bot manners
In Brief Also, EA goes kernel-deep to stop cheaters, PuTTY gets hijacked by North Korea, and more.
Security19 Sep 2022 | 8
Indonesia accuses Google of abusing monopoly
Asia In Brief PLUS: Qualys CEO says APAC has infosec advantages; Singapore's Sea ebbs in Americas; Toshiba's tepid takeover update; and more
CSO19 Sep 2022 | 4
Can reflections in eyeglasses actually leak info from Zoom calls? Here's a study into it
About time someone shone some light onto this
Research17 Sep 2022 | 65
School chat app Seesaw abused to send 'inappropriate image' to parents, teachers
This is why we don't reuse passwords, kids
Cyber-crime16 Sep 2022 | 23
Turbo boost your career in cyber security
Access free SANS course demos to find out just how much you can learn
Sponsored Post
Eastern European org hit by second record-smashing DDoS attack
Cough, cough, U, cough, kraine
Security16 Sep 2022 | 7
China can destroy US space assets, Space Force ops nominee warns
Wants swarms of small satellites that are harder to destroy – and outsourcing to improve cybersecurity
Security16 Sep 2022 | 26
Uber reels from 'security incident' in which cloud systems seemingly hijacked
Updated AWS and G Suite admin accounts likely popped, HackerOne bug bounty page hit, and more
Cyber-crime16 Sep 2022 | 43
Ex-Broadcom engineer asks for house arrest over IP theft
Admits guilt, but claims he took files to jog his memory, afraid he'd not keep up with 'younger engineers'
Cyber-crime15 Sep 2022 | 20
Building the barricades against identity-based attacks
Join our webinar to hear more about the value of Zero Trust unified identity protection platforms
Webinar
Iran steps up its cybercrime game and Uncle Sam punches back
Criminal charges, more sanctions, and a $10m bounty, oh my
Cyber-crime15 Sep 2022 | 13
WordPress-powered sites backdoored after FishPig suffers supply chain attack
And two other security snafus in this web publishing world
Patches15 Sep 2022 | 18
White House to tech world: Promise you'll write secure code – or Feds won't use it
Developers, why not simply build flawless software, thus solving all our vulnerability worries
Security14 Sep 2022 | 35
Nearly one in two industry pros scaled back open source use over security fears
Log4j being the main driver, this data science poll claims
CSO14 Sep 2022 | 17
Google and Meta fined over $70m for privacy violations in Korea
Both search giant and Facebook parent claim they play by the rules, will challenge decision
Security14 Sep 2022 | 4
Ransomware gang threatens 1m-plus medical record leak
Criminals continue to target some of the most vulnerable
Cyber-crime14 Sep 2022 | 4
Popular
Document Foundation starts charging €8.99 for 'free' LibreOffice
Only in the Mac App Store, as part of FOSS-for-biz strategy software org admits may not quickly deliver results
By Jove! Jupiter to make closest approach to Earth in 70 years next Monday
Gas giant to come within just 365 million miles. Viewing conditions will be ideal even if you only have binoculars
Bad UI killed the radio star
Who, Me? Rules, it turns out, are not meant to be broken. Especially by the person who wrote the rule about how to protect data
Grand Theft Auto 6 maker confirms source code, vids stolen in cyber-heist
So is that three or four stars?
iPhone 14 iFixit teardown shows Apple's learning on repairs
Video Or was forced into a rethink by legislation
GPT-3 'prompt injection' attack causes bad bot manners
In Brief Also, EA goes kernel-deep to stop cheaters, PuTTY gets hijacked by North Korea, and more.
Cisco SMB revolution: selling hardware with no subscription required
In Cisco's world this makes a $125 Wi-Fi AP 'easier to buy' – maybe easier than its own Meraki kit?
Indonesia accuses Google of abusing monopoly
Asia In Brief PLUS: Qualys CEO says APAC has infosec advantages; Singapore's Sea ebbs in Americas; Toshiba's tepid takeover update; and more
Don't want to get run over by a Ford car? There's a Bluetooth app for that
That is, if the driver and/or car has very quick reflexes and a clear signal
Uber explains how it was pwned this month, points finger at Lapsus$ gang
From annoying MFA alerts to 'several internal systems' infiltrated
STORIES
Twitter whistleblower Zatko disses bird site as dysfunctional data dump
Mudge tells senators his former bosses are 'terrified' of the French, US regulators are toothless
CSO14 Sep 2022 | 38
Microsoft fixes Windows security hole likely widely exploited by miscreants
Patch Tuesday Plus: Nasty no-auth RCE in TCP/IP stack, Adobe flaws, and many more updates
Patches13 Sep 2022 | 14
Patch your Mitel VoIP systems, Lorenz ransomware gang is back on the prowl
Criminals do love that unpatched VoIP and IoT kit
Security13 Sep 2022 | 2
How to get inside the mind of hackers
Spanish speaking SANS experts can help the LATAM cyber community detect and respond to attacks
Sponsored Post
One month after Black Hat disclosure, HP's enterprise kit still unpatched
What could go wrong with leaving firmware open after world's biggest hacker convention talk?
Security13 Sep 2022 | 12
Cisco: Yes, Yanluowang leaked our data. No, it's not serious
Everything's fine!
Security13 Sep 2022 | 4
Chinese-linked cyber crims nab $529 million from Indian nationals
Authorities also bust a shell company scam operation with links to the Middle Kingdom
Security13 Sep 2022 | 6
Musk seeks yet another excuse to get out of Twitter buyout: This time it's Mudge's severance check
If at first you don't succeed...
CSO13 Sep 2022 | 54
Apple patches iPhone and macOS flaws under active attack
High-value targets tend to get hit
Security12 Sep 2022 | 13
Google Cloud closes $5.4b Mandiant acquisition
Now it's really got all eyes on you
Security12 Sep 2022 | 9
Security pros get ability to manually add incidents to Microsoft Sentinel
*Tappity tappity* Yes the NSA's on the phone. Well maybe the automated log check didn't pick it up yet, Chad!
Security12 Sep 2022 |
Boffins build microphone safety kit to detect eavesdroppers
TickTock mic lock won't work on Apple
Security12 Sep 2022 | 20
Retbleed slugs VM performance by up to 70 percent in kernel 5.19
VMware ran tests and saw some nasty numbers. Performance of next kernel otherwise uncontroversial
Security12 Sep 2022 | 25
Uncle Sam sanctions Iran's intel agency over Albanian cyberattack
Iranians won't be terrified, but US vendors need to check their customers
Security10 Sep 2022 | 10
Shape-shifting cryptominer savages Linux endpoints and IoT
In brief Also, Authorities seize WT1SHOP selling 5.8m sets of PII, The North Face users face tough security hike
Security10 Sep 2022 | 10
Data tracking poses a 'national security risk' FTC told
'We're making China's job easier'
Security09 Sep 2022 | 31
Feds freeze $30m in cryptocurrency stolen from Axie Infinity
But the North Korean criminals are still over half a billion digicash dollars up
Security09 Sep 2022 | 14
Meta disbands Responsible Innovation team, spreads it out over Facebook and co
Still unclear: Were members just screaming into a void for the past few years?
Security09 Sep 2022 | 20
US seeks standards dominance, lets Huawei access previously forbidden crypto tech
Beijing thinks standards should include central network controls. Washington does not
Security09 Sep 2022 | 16
Dump these small-biz routers, says Cisco, because we won't patch their flawed VPN
Nothing like an authentication bypass for your private IPSec network
CSO08 Sep 2022 | 56
Mandiant ‘highly confident’ foreign cyberspies will target US midterm elections
It is with a heavy heart that we must announce that the hackers are at it again
Security08 Sep 2022 | 14
Google urges open source community to fuzz test code
We'll even get our checkbook out, web giant says
Patches08 Sep 2022 | 10
Private equity suits at Thoma Bravo pull out of Darktrace acquisition
'Enterprise immune system' sees share price slump
Security08 Sep 2022 | 7
Lazarus Group unleashed a MagicRAT to spy on energy providers
Cisco finds custom malware in North Korea's latest cyberespionage effort
Security08 Sep 2022 |
Halfords slapped on wrist for breaching email marketing laws
Bike and car accessory slinger fined £30,000 for hitting send on more than 499k unsolicited emails
Security08 Sep 2022 | 39
DoJ charges pair over China-linked attempt to build semi-autonomous crypto haven on nuked Pacific atoll
Yes, that’s a lot to digest: Marshall Islands legislators allegedly bribed to make it possible
Cyber-crime08 Sep 2022 | 21
US school year opens with reading, writing, and ransomware
FBI warns that Vice Society threat group is ramping up attacks on the education sector
Cyber-crime07 Sep 2022 | 8
Mandiant links APT42 to Iranian 'terrorist org'
'It's hard to imagine a more dangerous scenario,' Mandiant Intel VP told The Reg
Research07 Sep 2022 | 27
Cybercriminals target games popular with kids to distribute malware
Kaspersky research finds Minecraft and Roblox have the most malicious files associated with them
Security07 Sep 2022 |
As Cybersecurity Week begins, Beijing claims US attacked Uni doing military research
National Security Agency apparently has tools that crack Solaris boxes
Security07 Sep 2022 | 11
Pakistan politicians label government cybersecurity team 'incompetent'
MP alleges taxpayer database – which holds personal info on millions – has come under attack
Security07 Sep 2022 | 9
Go programming language arrives at security warnings that are useful
Low-noise tool hopes to highlight vulnerabilities imported into projects
Patches06 Sep 2022 | 6
Cyberattack brings down InterContinental Hotels' booking systems
Online booking systems and other services knocked offline amid network intrusion
Cyber-crime06 Sep 2022 | 16
Ransomware gang hits second-largest US school district
Updated FBI and CISA on-site to assist with incident response over Labor Day weekend
Security06 Sep 2022 | 4
Newly discovered cyberspy crew targets Asian governments and corporations
Worok uses mix of publicly available tools, custom malware to steal info, gang active since 2020
Security06 Sep 2022 |
Unhappy about excluding nation-state attacks from cyberinsurance? Get ready to pay
Lloyd's defends stance as critics say policy tweaks make it less worthwhile to spend on premiums
Security06 Sep 2022 | 23
Maximum protection against hostile incursions
Want to hear more about the critical role of identity in Zero Trust security? Join our webinar on 20th September
Webinar
NATO investigates after criminals claim to be selling its stolen missile plans
In brief Also, Microsoft’s one-click TikTok trick, a 14-year old Aussie cracks ASD encryption in an hour, and more
Security05 Sep 2022 | 16
Nadine Dorries promotes 'Brexit rewards' of proposed UK data protection law
Culture secretary talks up pre-Commons reading as UK waits to hear who new leader will be
CSO05 Sep 2022 | 163
Microsoft mistakenly rated Chromium, Electron as malware
Windows Defender update fixed the mess after a weekend of false positive weirdness
Security05 Sep 2022 | 26
China orders tech companies to 'improve traceability' of users to control 'rumours and false information'
PLUS: Australia mints a physical crypto-coin; Alibaba Cloud claims world's biggest DC; India’s space airbags; and more
Security05 Sep 2022 | 3
Google, YouTube ban election trolls ahead of US midterms
Plus: Truth Social barred from Play until it shows just one iota of decency
Security02 Sep 2022 | 78
Convicted felon busted for 3D printing gun parts
Just days after US rules tackling homemade firearms take effect
Cyber-crime02 Sep 2022 | 66
Revealed: US telcos admit to storing, handing over location data
Letters to FCC confirm what many believed, don't address a bigger problem
Security02 Sep 2022 | 14
Indian court directs chat app Telegram to disclose details of copyright infringers
Judge says that servers being located in Singapore is not a get-out clause
Security02 Sep 2022 | 8
Ex-NSA trio who spied on Americans for UAE now banned from arms exports
From hero to zero-day ... to plain zero
Cyber-crime02 Sep 2022 | 9
Here's how 5 mobile banking apps put 300,000 users' digital fingerprints at risk
Spoiler: They used hard-coded AWS credentials
Security01 Sep 2022 | 53
Oh no, that James Webb Space Telescope snap might actually contain malware
Is nothing sacred?
Research01 Sep 2022 | 25
LabMD gets another shot at defamation claim against 'extortionate' infosec biz
But keep your attorney on a 'short leash' against Tiversa, court warns
Security01 Sep 2022 | 4
FBI: Look out, crooks stole $1.3b in cryptocurrency in just three months this year
DeFi, as in, defying belief
Cyber-crime01 Sep 2022 | 9
Decisions on health data sharing should not be taken by politicians, citizen juries find
Britain's National Data Guardian report also warns NHS needs to earn people’s trust, support for controversial data platform
Security31 Aug 2022 | 10
China-linked APT40 gang targets wind farms, Australian government
ScanBox installed after victims lured to fake Murdoch news sites with phishing emails
Cyber-crime31 Aug 2022 | 7
Find a security hole in Google's open source and you could bag a $31,337 reward
Will it be enough to prevent the next software supply-chain attack?
Research30 Aug 2022 | 5
That 'clean' Google Translate app is actually Windows crypto-mining malware
Ah, nothing like a classic Trojan horse
Cyber-crime30 Aug 2022 | 20
Google Play to ban Android VPN apps from interfering with ads
Developers say this is not the privacy protection it's made out to be
Security30 Aug 2022 | 39
Critical hole in Atlassian Bitbucket allows any miscreant to hijack servers
Grab and deploy this backend update if you offer even repo read access
Patches29 Aug 2022 | 6
77% of security leaders fear we’re in perpetual cyberwar from now on
In brief Also, Charming Kittens from Iran scrape email inboxes, France could fine Google again, and more
CSO27 Aug 2022 | 32
PyPI warns of first-ever phishing campaign against its users
On the bright side, top devs are getting hardware security keys
Cyber-crime26 Aug 2022 | 5
Now Oktapus gets access to some DoorDash customer info via phishing attack
Double check who exactly you're sending your username and password to, eh?
Cyber-crime26 Aug 2022 | 8
Twilio, Cloudflare just two of 135 orgs targeted by Oktapus phishing campaign
Updated This, this is more like what we mean by a sophisticated cyberattack
CSO25 Aug 2022 | 6
LastPass source code, blueprints stolen by intruder
Your passwords are still safe, biz says
Security25 Aug 2022 | 47
Crooks target top execs on Office 365 with MFA-bypass scheme
'Widespread' campaign hunts for multimillion-dollar transactions
Cyber-crime25 Aug 2022 | 9
Twitter, Meta kill hundreds of pro-Western troll accounts
It turns out online chicanery aiming to destabilize foreign nations is a two-way street
Research25 Aug 2022 | 38
Ever present danger
Recognizing the signs of an impending ransomware attack with Red Canary
Webinar
Shout-out to whoever went to Black Hat and had North Korean malware on their PC
I am the one who NOCs
CSO25 Aug 2022 | 25
Block sued after ex-staffer siphons customer data
'Don't be such a Square' hits different these days
CSO24 Aug 2022 | 8
80,000 internet-connected cameras still vulnerable after critical patch offered
Just more IoT conscripts for the botnet armies
Patches24 Aug 2022 | 15
VMware confirms Carbon Black causes BSODs, boot loops on Windows
Well, you can't be attacked if your PC won't start
CSO24 Aug 2022 | 11
Attacker snags account details from streaming service Plex
'Limited subset' of users have emails, usernames, and hashed passwords stolen from the platform
Cyber-crime24 Aug 2022 | 18
Lloyd's to exclude certain nation-state attacks from cyber insurance policies
Updated Kim Jong-un has entered the chat
CSO24 Aug 2022 | 55
Twitter savaged by former security boss Mudge in whistleblower complaint
Loose access to production systems, out of date software, and more claimed
CSO23 Aug 2022 | 36
Smartphone gyroscopes threaten air-gapped systems, researcher finds
Network interface card LEDs are a risk too by blinking in Morse code
CSO23 Aug 2022 | 54
Microsoft finds critical hole in operating system that for once isn't Windows
Oh wow, get a load of Google using strcpy() all wrong – strcpy! Haha, you'll never ever catch us doing that
Research23 Aug 2022 | 65
If you haven't patched Zimbra holes by now, assume you're toast
Here's how to detect an intrusion via vulnerable email systems
Patches23 Aug 2022 |
Novant Health admits leak of 1.3m patients' info to Facebook
But don't worry, Zuck would never misuse this type of sensitive data
Security22 Aug 2022 | 12
Hiding a phishing attack behind the AWS cloud
Scammers are using cloud services to create and host web pages that can be used to lure victims into handing over their credentials
Security22 Aug 2022 | 7
Warning over Java libraries and deserialization security weaknesses
There is a madness to the methods
Security22 Aug 2022 | 6
LockBit gang hit by DDoS attack after threatening to leak Entrust ransomware data
Prolific group pummeled days after claiming to be file thief behind attack on cybersecurity vendor
Cyber-crime22 Aug 2022 | 7
Zoom patches make-me-root security flaw, patches patch
In brief Plus: See if in-app browsers are monitoring you, a novel industrial network attack technique, and more
Security22 Aug 2022 | 21
NSO Group CEO steps down, 100 employees let go too
Controversial Pegasus spyware maker to focus on NATO sales while battling various court cases
Security22 Aug 2022 | 19
