US Air Force's new cyber, IT skill recruitment plan: Bring back warrant officer ranks Officer pay, limited command duties and writing 'code for your country' Security14 Feb 2024 | 10
Prudential Financial finds cybercrims lurking inside its IT systems Some company admin and customers data exposed, but bad guys were there for 'only' a day Cyber-crime14 Feb 2024 |
Romanian hospital ransomware crisis attributed to third-party breach Emergency impacting more than 100 facilities appears to be caused by incident at software provider Cyber-crime14 Feb 2024 | 1
Southern Water cyberattack expected to hit hundreds of thousands of customers Brit utility also curiously disappears from Black Basta leak site Cyber-crime14 Feb 2024 | 44
Bumblebee malware wakes from hibernation, forgets what year it is, attacks with macros Trying to break in with malicious Word documents? How very 2015 of you Cyber-crime14 Feb 2024 | 5
Australian Tax Office probed 150 staff over social media refund scam $1.3 billion lost as identity fraud – and greed – saw 57,000 or more seek unearned tax refunds Cyber-crime14 Feb 2024 | 3
Crims found and exploited these two Microsoft bugs before Redmond fixed 'em Patch Tuesday SAP, Adobe, Intel, AMD also issue fixes as well as Google for Android Patches14 Feb 2024 | 5
Just one bad packet can bring down a vulnerable DNS server thanks to DNSSEC Updated 'You don't have to do more than that to disconnect an entire network' El Reg told as patches emerge Patches13 Feb 2024 | 15
QNAP vulnerability disclosure ends up an utter shambles Two new flaws, one zero-day, countless different patches, but everything's fine! Patches13 Feb 2024 | 8
ALPHV blackmails Canadian pipeline after 'stealing 190GB of vital info' Updated Gang still going after critical infrastructure because it's, you know, critical Cyber-crime13 Feb 2024 | 11
Crooks hook hundreds of exec accounts after phishing in Azure C-suite pond Plenty of successful attacks observed with dangerous follow-on activity Cyber-crime13 Feb 2024 | 6
Meta says risk of account theft after phone number recycling isn't its problem to solve Leaves it to carriers, promoting a complaint to Irish data cops from Big Tech's bête noire Personal Tech13 Feb 2024 | 107
Infosys subsidiary named as source of Bank of America data leak Looks like LockBit took a swipe at an outsourced life insurance application Cyber-crime13 Feb 2024 | 15
Korean eggheads crack Rhysida ransomware and release free decryptor tool Great news for victims of gang behind the big British Library hit in October Cyber-crime13 Feb 2024 | 6
Dutch insurers demand nudes from breast cancer patients despite ban Updated No photos? No, second operation Security12 Feb 2024 | 20
FCC gets tough: Telcos must now tell you when your personal info is stolen Yep, cell carriers didn't have to do this before Security12 Feb 2024 | 8
Jet engine dealer to major airlines discloses 'unauthorized activity' Pulls part of system offline as Black Basta docs suggest the worst Cyber-crime12 Feb 2024 | 6
Europe's largest caravan club admits wide array of personal data potentially accessed Experts also put an end to social media security updates Cyber-crime12 Feb 2024 | 19
Mon Dieu! Nearly half the French population have data nabbed in massive breach Infosec In Brief PLUS: Juniper's support portal leaks customer info; Canada moves to ban Flipper Zero; Critical vulns Security12 Feb 2024 | 19
Meet VexTrio, a network of 70K hijacked websites crooks use to sling malware, fraud Some useful indicators of compromise right here Cyber-crime10 Feb 2024 | 9
Ivanti discloses fifth vulnerability, doesn't credit researchers who found it Software company's claim of there being no active exploits also being questioned Security09 Feb 2024 | 5
Fortinet's week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim An orchestra of fails for the security vendor Cyber-crime09 Feb 2024 | 6
India to make its digital currency programmable Reserve Bank also wants a national 2FA framework Cyber-crime09 Feb 2024 | 26
Crime gang targeted jobseekers across Asia, looted two million email addresses That listing for a gig that looked too good to be true may have been carrying SQL injection code Cyber-crime09 Feb 2024 | 1
Uncle Sam sweetens the pot with $15M bounty on Hive ransomware gang members Honor among thieves about to be put to the test Cyber-crime09 Feb 2024 | 3
FBI: Give us warrantless Section 702 snooping powers – or China wins Analysis Never mind the court orders obtained to thwart Volt Typhoon botnet Security09 Feb 2024 | 22
Fake LastPass lookalike made it into Apple App Store No walled garden can keep out every weed, we suppose Cyber-crime08 Feb 2024 | 10
Raspberry Robin devs are buying exploits for faster attacks One of most important malware loaders to cybercrims who are jumping on vulnerabilities faster than ever Research08 Feb 2024 | 2
Cybercrime duo accused of picking $2.5M from Apple's orchard Security researcher buddies allegedly tag team a four-month virtual gift card heist at Cupertino tech giant Cyber-crime08 Feb 2024 | 2
Rust can help make software secure – but it's no cure-all Security is a process, not a product. Nor a language Security08 Feb 2024 | 36
IT suppliers hacked off with Uncle Sam's demands in aftermath of cyberattacks Plan says to hand over keys to networks – and report intrusions within eight hours of discovery Public Sector08 Feb 2024 | 36
Volt Typhoon not the only Chinese crew lurking in US energy, critical networks Presumably American TLAs are all over Beijing's infrastructure, too ... right? Public Sector07 Feb 2024 | 4
Half of polled infosec pros say their degree was less than useful for real-world work The other half paid attention in class? CSO07 Feb 2024 | 18
US says China's Volt Typhoon is readying destructive cyberattacks 12 international govt agencies sound the alarm, critical infrastructure at the heart of threats Security07 Feb 2024 | 10
Iran's cyber operations in Israel a potential prelude to US election interference Tactics are more sophisticated and supported in greater numbers Security07 Feb 2024 | 25
Raspberry Pi Pico cracks BitLocker in under a minute Windows encryption feature defeated by $10 and a YouTube tutorial Research07 Feb 2024 | 143
JetBrains urges swift patching of latest critical TeamCity flaw Cloud version is safe, but no assurances offered about possible on-prem exploits Patches07 Feb 2024 |
The spyware business is booming despite government crackdowns Updated 'Almost zero data being shared across the industry on this particular threat,' we're told Security07 Feb 2024 | 35
DEF CON is canceled! No, really this time – but the show will go on Longtime host Caesars ends relationship at short notice Security07 Feb 2024 | 39
Mozilla adds paid-for data-deletion tier to Monitor, its privacy-breach radar Firefox maker promises to lean on personal info brokers to scrub records Personal Tech06 Feb 2024 | 15
Verizon says 63K employees' info fell into the wrong hands – an insider this time Telco says it's a private matter, data 'not shared externally' Security06 Feb 2024 |
Chinese Coathanger malware hung out to dry by Dutch defense department Attack happened in 2023 using a bespoke backdoor, confirming year-old suspicions CSO06 Feb 2024 | 13
EquiLend back in the saddle as ransom payment rumors swirl Still no word on how the intruders broke in or the full extent of any possible data compromise Cyber-crime06 Feb 2024 |
Double trouble for Fortinet as it issues critical FortiSIEM vulns Updated Please stand by 73 hours for vendor response...* Patches06 Feb 2024 | 3
New kids on the ransomware block in 2023: Akira and 8Base lead dozens of newbies How good are your takedowns when fresh gangs are linked to previous ops, though? Research06 Feb 2024 | 1
Google throws $1M at Rust Foundation to build C++ bridges Chocolate Factory matches Microsoft money for memory safety Devops05 Feb 2024 | 14
Ivanti devices hit by wave of exploits for latest security hole At this point you might be better off just shutting the stuff down Security05 Feb 2024 | 5
Ignore Uncle Sam's 'voluntary' cybersecurity goals for hospitals at your peril Interview What is on HHS paper will most likely become law, Google security boss says Cyber-crime05 Feb 2024 | 12
AnyDesk revokes signing certs, portal passwords after crooks sneak into systems Horse, meet stable door Cyber-crime05 Feb 2024 | 6
Lurie Children's Hospital back to pen and paper after cyberattack It's the second Chicago hospital to disclose a major incident in the same week Cyber-crime05 Feb 2024 | 9
SBF likely off the hook for misplaced FTX funds after cops bust SIM swap ring Infosec In Brief PLUS: more glibc vulns discovered; DraftKings hacker sentenced; and a hefty dose of critical vulnerabilities Security05 Feb 2024 | 4
Researchers remotely exploit devices used to manage safe aircraft landings and takeoffs The closest thing we may ever get to a real-life Die Hard 2 scenario Research03 Feb 2024 | 17
Blackbaud settles with FTC after that IT breach exposed millions of people's info Cloud software slinger admits no guilt, promises better basic security hygiene Cyber-crime02 Feb 2024 | 6
Critical vulnerability in Mastodon is pounced upon by fast-acting admins Danger of remote account takeovers leaves lead devs scared of releasing many details Security02 Feb 2024 | 20
Interpol's latest cybercrime intervention dismantles ransomware, banking malware servers Efforts part of internationally coordinated operations carried out in recent months Cyber-crime02 Feb 2024 | 2
Wikileaks source and former CIA worker Joshua Schulte sentenced to 40 years jail 'Vault 7' leak detailed cyber-ops including forged digital certs Cyber-crime02 Feb 2024 | 56
Managing the hidden risks of shadow APIs How F5 Distributed Cloud Services seal security gaps in modern app development amid growing attack surface Partner Content
Cloudflare sheds more light on Thanksgiving security breach in which tokens, source code accessed by suspected spies Atlassian systen compromised via October Okta intrusion CSO02 Feb 2024 | 14
Rise of deepfake threats means biometric security measures won't be enough Defenses need a rethink in face of increasing sophistication CSO01 Feb 2024 | 18
Biden will veto attempts to kill off SEC's security breach reporting rules Senate, House can try but won't make it past the Prez, says White House Security01 Feb 2024 | 18