Rapid7 throws JetBrains under the bus for 'uncoordinated vulnerability disclosure' Updated Exploits began within hours of the original disclosure, so patch now Patches05 Mar 2024 | 37
Spam crusade lands charity in hot water with data watchdog Penny Appeal sent more than 460,000 texts asking for money to help war-torn countries, no opt out Security05 Mar 2024 | 72
Cloudflare wants to put a firewall in front of your LLM Claims to protect against DDoS, sensitive data leakage Security05 Mar 2024 | 2
American Express admits card data exposed and blames third party Don't leave home without … IT security Security04 Mar 2024 | 9
Change Healthcare attack latest: ALPHV bags $22M in Bitcoin amid affiliate drama No honor among thieves? Cyber-crime04 Mar 2024 | 7
Seoul accuses North Korea of stealing southern chipmakers' designs Kim Jong Un's all in for home-built silicon says warning Cyber-crime04 Mar 2024 | 1
German defense chat overheard by Russian eavesdroppers on Cisco's WebEx Officials can't tell whether the tape was edited, but fear Kremlin has more juicy bits to release in the future Security04 Mar 2024 | 116
Ransomware ban backers insist thugs must be cut off from payday Increasingly clear number of permanent solutions is narrowing Cyber-crime04 Mar 2024 | 22
The federal bureau of trolling hits LockBit, but the joke's on us Opinion When you can't lock 'em up, lock 'em out Cyber-crime04 Mar 2024 | 27
LockBit's contested claim of fresh ransom payment suggests it's been well hobbled Infosec in brief ALSO: CISA warns Ivanti vuln mitigations might not work, SAML hijack doesn't need ADFS, and crit vulns Security04 Mar 2024 | 1
Ahead of Super Tuesday, US elections face existential and homegrown threats Feature Misinformation is rife, AI makes it easier to create, and 42 percent of the planet’s inhabitants get to vote this year Security04 Mar 2024 | 68
Air National Guardsman Teixeira to admit he was Pentagon files leaker Updated Turns out bragging on Discord has unfortunate consequences Security01 Mar 2024 | 48
Judge orders NSO to cough up Pegasus super-spyware source code /* Hope no one ever reads these functions lmao */ Security01 Mar 2024 | 62
Iranian charged over attacks against US defense contractors, government agencies $10M bounty for anyone with info leading to Alireza Shafie Nasab's identification or location Security01 Mar 2024 | 3
Cops visit school of 'wrong person's child,' mix up victims and suspects in epic data fail Data watchdog reprimands police force for confusing 2 people with same name and birthday to disastrous results Security01 Mar 2024 | 118
NTT boss takes early retirement to atone for data leak No mere mea culpa would suffice after 9.2 million records leaked over a decade, warnings were ignored, and lies were told Security01 Mar 2024 | 8
GitHub struggles to keep up with automated malicious forks Cloned then compromised, bad repos are forked faster than they can be removed Security01 Mar 2024 | 26
Turns out cops are super interested in subpoenaing suspects' push notifications Those little popups may reveal location, device details, IP address, and more Public Sector29 Feb 2024 | 10
White House goes to court, not Congress, to renew warrantless spy powers Choose your own FISA Section 702 adventure: End-run around lawmakers or business as usual? Public Sector29 Feb 2024 | 14
Chinese 'connected' cars are a national security threat, says Biden China's automakers don't sell in America, but the Feds are still going to investigate whether they're a threat Security29 Feb 2024 | 113
Ransomware gangs are paying attention to infostealers, so why aren't you? Analysts warn of big leap in cred-harvesting malware activity last year Cyber-crime29 Feb 2024 | 2
Meta's pay-or-consent model hides 'massive illegal data processing ops': lawsuit GDPR claim alleges Facebook parent's 'commercial surveillance practices are fundamentally illegal' Security29 Feb 2024 | 38
Chinese PC-maker Acemagic customized its own machines to get infected with malware Tried to speed boot times, maybe by messing with 'Windows source code', ended up building a viral on-ramp Security29 Feb 2024 | 24
Australian spy chief fears sabotage of critical infrastructure And accuses a former Australian politician of having 'sold out their country' Cyber-crime29 Feb 2024 | 17
ALPHV/BlackCat claims responsibility for Change Healthcare attack Updated Brags it lifted 6TB of data, but let's remember these people are criminals and not worthy of much trust Cyber-crime29 Feb 2024 | 4
BEAST AI needs just a minute of GPU time to make an LLM fly off the rails Talk about gone in 60 seconds AI + ML28 Feb 2024 | 10
Palo Alto investor sues over 28% share tumble Updated Lawsuit alleges it misled investors with claims new AI products were 'facilitating greater platformization' and more Security28 Feb 2024 | 23
Uncle Sam tells nosy nations to keep their hands off Americans' personal data Biden readies executive order targeting China, Russia, and pals Security28 Feb 2024 | 32
That home router botnet the Feds took down? Moscow's probably going to try again Non-techies told to master firmware upgrades and firewall rules. For the infosec hardheads: have some IOCs Security28 Feb 2024 | 37
Sandvine put on America's export no-fly list after Egypt used network tech for spying Canadian network box maker floats in denial CSO27 Feb 2024 | 11
NIST updates Cybersecurity Framework after a decade of lessons The original was definitely getting a bit long in the tooth for modern challenges Security27 Feb 2024 | 5
Cybercrims: When we hit IT, they sometimes pay, but when we hit OT... jackpot Analysis Or so says opsec firm, which confirms 70% of all industrial org ransomware in 2023 targeted manufacturers Cyber-crime27 Feb 2024 | 19
Broadcom builds a SASE out of VMware VeloCloud and Symantec First integration across properties, as end user compute division readies to leave home Security27 Feb 2024 | 8
China warns of fake digital currency wallets fleecing netizens Scammers' tactics are tiresomely familiar: get-rich-quick schemes and data harvesting Security27 Feb 2024 | 5
Nevada sues to deny kids access to Meta's Messenger encryption State government says it's thinking of the children Security26 Feb 2024 | 37
ALPHV/BlackCat responsible for Change Healthcare cyberattack Updated US government's bounty hasn't borne fruit as whack-a-mole game goes on Security26 Feb 2024 | 2
Back from the dead: LockBit taunts cops, threatens to leak Trump docs Updated Officials have until March 2 to cough up or stolen data gets leaked Security26 Feb 2024 | 11
Data watchdog tells off outsourcing giant for scanning staff biometrics despite 'power imbalance' 2,000 employees at 38 facilities had data processed 'unlawfully', ICO says Security26 Feb 2024 | 9
Fox News 'hacker' turns out to be journalist whose lawyers say was doing his job Infosec in brief Also, another fake iOS app slips into the store, un-cybersafe EV chargers leave UK shelves, and critical vulns Security26 Feb 2024 | 31
Security is hard because it has to be right all the time? Yeah, like everything else Systems Approach It takes only one bottleneck or single point of failure to ruin your week CSO25 Feb 2024 | 28
LockBit extorted billions of dollars from victims, fresh leaks suggest Investigating LockBit’s finances has blown previous estimates of the operation’s wealth out of the water Cyber-crime23 Feb 2024 | 1
U-Haul tells 67K customers that cyber-crooks drove away with their personal info Thieves broke into IT system using stolen login Cyber-crime23 Feb 2024 | 13
LockBit identity reveal a bigger letdown than Game of Thrones Season 8 NCA still left enough for onlookers to wonder if there's anything more to come Cyber-crime23 Feb 2024 | 7
X protests forced suspension of accounts on orders of India's government Nonprofit SFLC links orders to farming protests Public Sector23 Feb 2024 | 20
Avast shells out $17M to shoo away claims it peddled people's personal data A name that's commonly shouted by pirates might be a clue, me hearties! Security23 Feb 2024 | 18
Cyberattack downs pharmacies across America Updated Prescription orders hit after IT supplier Change Healthcare pulls plug on systems Cyber-crime22 Feb 2024 | 10
Authorities dismantled LockBit before it could unleash revamped variant New features aimed to stamp out problems of the past Cyber-crime22 Feb 2024 | 2
Ukrainian police arrest father and son in suspected LockBit affiliate double act If they did it, it gives new meaning to quality family time. Meanwhile, key LockBit leaders remain at large Cyber-crime22 Feb 2024 | 5
Giant leak reveals Chinese infosec vendor I-Soon is one of Beijing's cyber-attackers for hire Trove reveals RATs that can pop major OSes, campaigns against offshore and local targets Security22 Feb 2024 | 8
Biden asks Coast Guard to create an infosec port in a stormy sea of cyber threats Oh hear us when we cry to thee for those in peril on the sea Public Sector21 Feb 2024 | 8
Apple promises to protect iMessage chats from quantum computers Easy to defend against stuff that may never actually work – oh there we go again, being all cynical like Research21 Feb 2024 | 30
Duo face 20 years in prison over counterfeit iPhone scam Sent 5,000+ fake handsets to Apple for repair in hope of getting real ones back Personal Tech21 Feb 2024 | 19
Exploiting the latest max-severity ConnectWise bug is 'embarrassingly easy' Urgent patching advised to protect attacks against setup wizards Security21 Feb 2024 | 6
LockBit leaks expose nearly 200 affiliates and bespoke data-stealing malware Operation Cronos's 'partners' continue to trickle the criminal empire's secrets Cyber-crime21 Feb 2024 | 15
Orgs are having a major identity crisis while crims reap the rewards Hacking your way in is so 2022 – logging in is much easier Security21 Feb 2024 | 8
China could be doing better at censorship, think tank finds Complex overlapping bureaucracy sometimes lacks the funds and skills to do it right Security21 Feb 2024 | 10
Singapore's monetary authority advises banks to get busy protecting against quantum decryption No time like the present, says central bank Security21 Feb 2024 | 9
Cops turn LockBit ransomware gang's countdown timers against them Authorities dismantle cybercrime royalty by making mockery of their leak site Cyber-crime20 Feb 2024 | 17
Wyze admits 13,000 users could have viewed strangers' camera feeds Customers report feeling violated following the security snafu Security20 Feb 2024 | 31
Insider steals 79,000 email addresses at work to promote own business After saying they're very sorry, they escape with a slap on the wrist Security20 Feb 2024 | 38