AnyDesk revokes signing certs, portal passwords after crooks sneak into systems Horse, meet stable door Cyber-crime05 Feb 2024 | 6
Lurie Children's Hospital back to pen and paper after cyberattack It's the second Chicago hospital to disclose a major incident in the same week Cyber-crime05 Feb 2024 | 9
SBF likely off the hook for misplaced FTX funds after cops bust SIM swap ring Infosec In Brief PLUS: more glibc vulns discovered; DraftKings hacker sentenced; and a hefty dose of critical vulnerabilities Security05 Feb 2024 | 4
Interpol's latest cybercrime intervention dismantles ransomware, banking malware servers Efforts part of internationally coordinated operations carried out in recent months Cyber-crime02 Feb 2024 | 2
LockBit shows no remorse for ransomware attack on children's hospital It even had the gall to set the ransom demand at $800K … for a nonprofit Cyber-crime01 Feb 2024 | 42
Congress told how Chinese goons plan to incite 'societal chaos' in the US American public is way ahead of them Security01 Feb 2024 | 83
FBI confirms it issued remote kill command to blow out Volt Typhoon's botnet Disinfects Cisco and Netgear routers to thwart Chinese critters Security31 Jan 2024 | 43
Nearly 4-year-old Cisco vuln linked to recent Akira ransomware attacks Evidence mounts of an exploit gatekept within Russia's borders Research31 Jan 2024 |
US shorts China's Volt Typhoon crew targeting America's criticals Invaders inveigle infrastructure Security30 Jan 2024 | 7
Microsoft sheds some light on Russian email heist – and how to learn from Redmond's mistakes Step one, actually turn on MFA CSO27 Jan 2024 | 17
Guess the company: Takes your DNA, blames you when criminals steal it, can’t spot a cyberattack for 5 months Breach filings show Reddit post led to the discovery rather than any sophisticated cyber defenses Cyber-crime26 Jan 2024 | 36
Akira ransomware gang says it stole passport scans from Lush in 110 GB data heist Updated Cosmetics brand goes from Jackson Pollocking your bathwater to cleaning up serious a digital mess Cyber-crime26 Jan 2024 | 35
Trickbot malware scumbag gets five years for infecting hospitals, businesses Most of the crew still at large Cyber-crime25 Jan 2024 | 8
EquiLend drags systems offline after admitting attacker broke in Securities lender processes trillions of dollars worth of Wall Street transactions every day Cyber-crime25 Jan 2024 | 1
Psst … wanna jailbreak ChatGPT? Thousands of malicious prompts for sale Turns out it's pretty easy to make the model jump its own guardrails AI + ML25 Jan 2024 | 25
HPE joins the 'our executive email was hacked by Russia' club Moscow-backed Cozy Bear may have had access to the green rectangular email cloud for six months Cyber-crime25 Jan 2024 | 7
What Microsoft's latest email breach says about this IT security heavyweight Comment Senator Wyden tells The Reg this latest infosec lapse is 'inexcusable' CSO24 Jan 2024 | 45
GCHQ's NCSC warns of 'realistic possibility' AI will help state-backed malware evade detection That means Brit spies want the ability to do exactly that, huh? Cyber-crime24 Jan 2024 | 25
CISA boss swatted: 'While my own experience was certainly harrowing, it was unfortunately not unique' Election officials, judges, politicians, and gamers are in swatters' crosshairs Cyber-crime23 Jan 2024 | 46
Accused PII seller faces jail for running underground fraud op More than 5,000 victims claimed over a 3-year period but filing reckons accused didn't even use a VPN Security23 Jan 2024 | 2
UK water giant admits attackers broke into system as gang holds it to ransom Comes mere months after Western intelligence agencies warned of attacks on water providers Cyber-crime23 Jan 2024 | 35
Australia imposes cyber sanctions on Russian it says ransomwared health insurer 'Aleksandr Ermakov' isn't allowed down under after being linked to ten-million-record leak Cyber-crime23 Jan 2024 | 9
Atlassian Confluence Server RCE attacks underway from 600+ IPs If you're still running a vulnerable instance then 'assume a breach' Security22 Jan 2024 | 5
Slug slimes aerospace biz AerCap with ransomware, brags about 1TB theft Loanbase admits massive loss of customer data to thieves, too Security22 Jan 2024 | 1
Subway's data torpedoed by LockBit, ransomware gang claims Fast food chain could face a footlong recovery process if allegations are true Cyber-crime22 Jan 2024 | 8
Russians invade Microsoft exec mail while China jabs at VMware vCenter Server Plus: Uncle Sam says Ivanti exploits 'consistent with PRC' snoops Cyber-crime20 Jan 2024 | 9
Five ripped off IT giant with $7M+ in bogus work expenses, prosecutors claim Account manager and pals blew it on hotels, cruise, fancy meals and more allegedly Cyber-crime19 Jan 2024 | 37
Thieves steal 35.5M customers’ data from Vans sneakers maker But what kind of info was actually compromised? None of your business Cyber-crime19 Jan 2024 | 8
Two more Citrix NetScaler bugs exploited in the wild Just when you thought you had recovered from Bleed Cyber-crime18 Jan 2024 | 2
Google TAG: Kremlin cyber spies move into malware with a custom backdoor The threat hunters believe COLDRIVER has used SPICA since at least November 2022 Research18 Jan 2024 | 5
Vast botnet hijacks smart TVs for prime-time cybercrime Updated 8-year-old op responsible for DDoS attacks and commandeering broadcasts to push war material Research18 Jan 2024 | 7
What's worse than paying an extortion bot that auto-pwned your database? Paying one that lied to you and only saved the first 20 rows of each table Research17 Jan 2024 | 17
FBI: Beware of thieves building Androxgh0st botnets using stolen creds Infecting networks via years-old CVEs that should have been patched by now CSO17 Jan 2024 |
Ivanti zero-day exploits explode as bevy of attackers get in on the act Customers still patchless and mitigation only goes so far Cyber-crime16 Jan 2024 | 6
Number of orgs compromised via Ivanti VPN zero-days grows as Mandiant weighs in Snoops had no fewer than five custom bits of malware to hand to backdoor networks CSO13 Jan 2024 | 4
Why we update... Data-thief malware exploits SmartScreen on unpatched Windows PCs Phemedrone Stealer loots drives for passwords, cookies, login tokens, etc Patches12 Jan 2024 | 20
Secret multimillion-dollar cryptojacker snared by Ukrainian police Criminal scored $2M in crypto proceeds but ends up in ‘cuffs following property raid Cyber-crime12 Jan 2024 | 8
eBay to cough up $3M after cyber-stalking couple who dared criticize the souk Staff sent live cockroaches, porno – and more – in harassment campaign to silence pair Cyber-crime11 Jan 2024 | 24
Mandiant's brute-forced X account exposes perils of skimping on 2FA Speculation builds over whether a nearly year-old policy change was to blame Cyber-crime11 Jan 2024 | 25
Infoseccers think attackers backed by China are behind Ivanti zero-day exploits Customers currently left patchless while attacks are expected to increase Cyber-crime11 Jan 2024 | 6
Fidelity National now says 1.3M customers had data stolen by cyber-crooks It's still not calling it ransomware Cyber-crime10 Jan 2024 | 1
Cybercrooks play dress-up as 'helpful' researchers in latest ransomware ruse Posing as cyber samaritans, scumbags are kicking folks when they're down Cyber-crime10 Jan 2024 | 2
ShinyHunters chief phisherman gets 3 years, must cough up $5M Sebastien Raoult developed various credential-harvesting websites over more than 2 years Cyber-crime10 Jan 2024 | 5
And that's a wrap for Babuk Tortilla ransomware as free decryptor released Experts' job made 'straightforward' by crooks failing to update encryption schema after three years Research09 Jan 2024 | 3
British Library: Finances remain healthy as ransomware recovery continues Authors continue to lose out on owed payments as rebuild of digital services drags on Cyber-crime08 Jan 2024 | 16
After injecting cancer hospital with ransomware, crims threaten to swat patients Remember the good old days when ransomware crooks vowed not to infect medical centers? CSO05 Jan 2024 | 70
Uncle Sam will pay for your big ideas to end AI voice-cloning fraud The advent of generative AI has made the attack far more pervasive AI + ML05 Jan 2024 | 35
BreachForums boss busted for bond blunders – including using a VPN Fitzpatrick faces potentially decades in prison later this month, so may as well get some foreign Netflix in beforehand Cyber-crime05 Jan 2024 | 2
Infostealer malware, weak password leaves Orange Spain RIPE for plucking Updated No 2FA or special characters to prevent database takeover and BGP hijack Cyber-crime04 Jan 2024 | 6
As lawmakers mull outlawing poor security, what can they really do to tackle online gangs? Comment Headline-grabbing takedowns are nice, but long-term solutions require short-term sacrifices Cyber-crime04 Jan 2024 | 19
Copy that? Xerox confirms 'security incident' at subsidiary Company’s removal from ransomware gang’s leak blog could mean negotiations underway Cyber-crime03 Jan 2024 |
Google password resets not enough to stop these info-stealing malware strains Updated Now every miscreant is jumping on Big G's OAuth account security hole Research02 Jan 2024 | 12
Court hearings become ransomware concern after justice system breach From legal proceedings to potential YouTube fodder Cyber-crime02 Jan 2024 | 6
Cyber sleuths reveal how they infiltrate the biggest ransomware gangs Feature How do you break into the bad guys' ranks? Master the lingo and research, research, research Cyber-crime22 Dec 2023 | 14
Lapsus$ teen sentenced to indefinite detention in hospital for Nvidia, GTA cyberattacks Arion Kurtaj will remain hospitalized until a mental health tribunal says he can leave Cyber-crime21 Dec 2023 | 53
Something nasty injected login-stealing JavaScript into 50K online banking sessions Why keeping your PC secure and free of malware remains paramount Cyber-crime20 Dec 2023 | 26
Cybercrooks book a stay in hotel email inboxes to trick staff into spilling credentials Research highlights how major attacks like those exploiting Booking.com are executed Cyber-crime20 Dec 2023 | 20
Philippines, South Korea, Interpol cuff 3,500 suspected cyber scammers, seize $300M Alleged crims used AI to pose as friends, family, romantic partners – and sold dodgy NFTs Cyber-crime20 Dec 2023 | 5
Millions of Xfinity customers' info, hashed passwords feared stolen in cyberattack 35M-plus Comcast user IDs accessed by intruder via Citrix Bleed Cyber-crime19 Dec 2023 | 29
Qakbot's backbot: FBI-led takedown keeps crims at bay for just 3 months Experts say malware strain make take years to die off completely Cyber-crime19 Dec 2023 | 2
Hacktivists boast: We shut down Iran's gas pumps today Predatory Sparrow previously knocked out railways and a steel plant Security18 Dec 2023 | 9
Cyber-crooks slip into Vans, trample over operations IT systems encrypted, personal data pilfered from North Face parent, we're told Cyber-crime18 Dec 2023 | 6