Wyze admits 13,000 users could have viewed strangers' camera feeds Customers report feeling violated following the security snafu Security20 Feb 2024 | 31
Insider steals 79,000 email addresses at work to promote own business After saying they're very sorry, they escape with a slap on the wrist Security20 Feb 2024 | 38
Vietnam to collect biometrics - even DNA - for new ID cards Iris scan, voice samples and blood type to be included in database Public Sector20 Feb 2024 | 23
LockBit ransomware gang disrupted by global operation Updated Website has been seized and replaced with law enforcement logos from eleven nations Security20 Feb 2024 | 12
ALPHV gang claims it's the attacker that broke into Prudential Financial, LoanDepot Ransomware group continues to exploit US regulatory requirements to its advantage Cyber-crime19 Feb 2024 |
Safeguarding cyber-physical systems for a smart future A useful buyers checklist can ascertain whether solutions can meet certain sets of key requirements Sponsored Feature
Feds post $15 million bounty for info on ALPHV/Blackcat ransomware crew infosec in brief ALSO: EncroChat crims still getting busted; ransomware takes down CO public defenders office; and crit vulns Security19 Feb 2024 |
Election security threats in 2024 range from AI to … anthrax? Unsettling reading as Presidents' Day approaches Public Sector18 Feb 2024 | 39
How to weaponize LLMs to auto-hijack websites We speak to professor who with colleagues tooled up OpenAI's GPT-4 and other neural nets Research17 Feb 2024 | 24
Google open sources file-identifying Magika AI for malware hunters and others Cool, but it's 2024 – needs more hype, hand wringing, and flashy staged demos to be proper ML CSO17 Feb 2024 | 10
Zeus, IcedID malware kingpin faces 40 years in slammer Nearly a decade on the FBI’s Cyber Most Wanted List after getting banks to empty vics' accounts Cyber-crime16 Feb 2024 | 1
Cutting kids off from the dark web – the solution can only ever be social Expert weighs in after Brianna Ghey murder amid worrying rates of child cybercrime Cyber-crime16 Feb 2024 | 93
Quest Diagnostics pays $5M after mixing patient medical data with hazardous waste Will cough up less than two days of annual profit in settlement – and California calls this a win CSO16 Feb 2024 | 12
Feds dismantle Russian GRU botnet built on 1,000-plus home, small biz routers Beijing, now Moscow.… Who else is hiding in broadband gateways? Security15 Feb 2024 | 14
Pentagon launches nuke-spotting satellites amid Russian space bomb rumors Updated Dungeons and Dragons, high-waisted jeans, Cold War sabre rattling – the '80s are back, baby Public Sector15 Feb 2024 | 69
Zoom stomps critical privilege escalation bug plus 6 other flaws All desktop and mobile apps vulnerable to at least one of the vulnerabilities Patches15 Feb 2024 |
Cybercriminals are stealing iOS users' face scans to break into mobile banking accounts Deepfake-enabled attacks against Android and iPhone users are netting criminals serious cash Research15 Feb 2024 | 30
Miscreants turn to ad tech to measure malware metrics Now that's what you call dual-use tech Research15 Feb 2024 | 4
European Court of Human Rights declares backdoored encryption is illegal Surprising third-act twist as Russian case means more freedom for all Security15 Feb 2024 | 212
North Korea running malware-laden gambling websites as-a-service $5k a month for the site. $3k for tech support. Infection with malware and funding a despot? Priceless Cyber-crime15 Feb 2024 | 3
OpenAI shuts down China, Russia, Iran, N Korea accounts caught doing naughty things You don't need us to craft phishing emails or write malware, super-lab sniffs AI + ML15 Feb 2024 | 5
China's Volt Typhoon spies broke into emergency network of 'large' US city Jeez, not now, Xi. Can't you see we've got an election and Ukraine and Gaza and cost of living and layoffs and ... Security14 Feb 2024 | 9
US Air Force's new cyber, IT skill recruitment plan: Bring back warrant officer ranks Officer pay, limited command duties and writing 'code for your country' Security14 Feb 2024 | 10
Prudential Financial finds cybercrims lurking inside its IT systems Some company admin and customers data exposed, but bad guys were there for 'only' a day Cyber-crime14 Feb 2024 |
Romanian hospital ransomware crisis attributed to third-party breach Emergency impacting more than 100 facilities appears to be caused by incident at software provider Cyber-crime14 Feb 2024 | 1
Southern Water cyberattack expected to hit hundreds of thousands of customers Brit utility also curiously disappears from Black Basta leak site Cyber-crime14 Feb 2024 | 44
Bumblebee malware wakes from hibernation, forgets what year it is, attacks with macros Trying to break in with malicious Word documents? How very 2015 of you Cyber-crime14 Feb 2024 | 5
Australian Tax Office probed 150 staff over social media refund scam $1.3 billion lost as identity fraud – and greed – saw 57,000 or more seek unearned tax refunds Cyber-crime14 Feb 2024 | 3
Crims found and exploited these two Microsoft bugs before Redmond fixed 'em Patch Tuesday SAP, Adobe, Intel, AMD also issue fixes as well as Google for Android Patches14 Feb 2024 | 5
Just one bad packet can bring down a vulnerable DNS server thanks to DNSSEC Updated 'You don't have to do more than that to disconnect an entire network' El Reg told as patches emerge Patches13 Feb 2024 | 15
QNAP vulnerability disclosure ends up an utter shambles Two new flaws, one zero-day, countless different patches, but everything's fine! Patches13 Feb 2024 | 8
ALPHV blackmails Canadian pipeline after 'stealing 190GB of vital info' Updated Gang still going after critical infrastructure because it's, you know, critical Cyber-crime13 Feb 2024 | 11
Crooks hook hundreds of exec accounts after phishing in Azure C-suite pond Plenty of successful attacks observed with dangerous follow-on activity Cyber-crime13 Feb 2024 | 6
Meta says risk of account theft after phone number recycling isn't its problem to solve Leaves it to carriers, promoting a complaint to Irish data cops from Big Tech's bête noire Personal Tech13 Feb 2024 | 107
Infosys subsidiary named as source of Bank of America data leak Looks like LockBit took a swipe at an outsourced life insurance application Cyber-crime13 Feb 2024 | 15
Korean eggheads crack Rhysida ransomware and release free decryptor tool Great news for victims of gang behind the big British Library hit in October Cyber-crime13 Feb 2024 | 6
Dutch insurers demand nudes from breast cancer patients despite ban Updated No photos? No, second operation Security12 Feb 2024 | 20
FCC gets tough: Telcos must now tell you when your personal info is stolen Yep, cell carriers didn't have to do this before Security12 Feb 2024 | 8
Jet engine dealer to major airlines discloses 'unauthorized activity' Pulls part of system offline as Black Basta docs suggest the worst Cyber-crime12 Feb 2024 | 6
Europe's largest caravan club admits wide array of personal data potentially accessed Experts also put an end to social media security updates Cyber-crime12 Feb 2024 | 19
Mon Dieu! Nearly half the French population have data nabbed in massive breach Infosec In Brief PLUS: Juniper's support portal leaks customer info; Canada moves to ban Flipper Zero; Critical vulns Security12 Feb 2024 | 19
Meet VexTrio, a network of 70K hijacked websites crooks use to sling malware, fraud Some useful indicators of compromise right here Cyber-crime10 Feb 2024 | 9
Ivanti discloses fifth vulnerability, doesn't credit researchers who found it Software company's claim of there being no active exploits also being questioned Security09 Feb 2024 | 5
Fortinet's week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim An orchestra of fails for the security vendor Cyber-crime09 Feb 2024 | 6
India to make its digital currency programmable Reserve Bank also wants a national 2FA framework Cyber-crime09 Feb 2024 | 26
Crime gang targeted jobseekers across Asia, looted two million email addresses That listing for a gig that looked too good to be true may have been carrying SQL injection code Cyber-crime09 Feb 2024 | 1
Uncle Sam sweetens the pot with $15M bounty on Hive ransomware gang members Honor among thieves about to be put to the test Cyber-crime09 Feb 2024 | 3
FBI: Give us warrantless Section 702 snooping powers – or China wins Analysis Never mind the court orders obtained to thwart Volt Typhoon botnet Security09 Feb 2024 | 22
Fake LastPass lookalike made it into Apple App Store No walled garden can keep out every weed, we suppose Cyber-crime08 Feb 2024 | 10
Raspberry Robin devs are buying exploits for faster attacks One of most important malware loaders to cybercrims who are jumping on vulnerabilities faster than ever Research08 Feb 2024 | 2
Cybercrime duo accused of picking $2.5M from Apple's orchard Security researcher buddies allegedly tag team a four-month virtual gift card heist at Cupertino tech giant Cyber-crime08 Feb 2024 | 2
Rust can help make software secure – but it's no cure-all Security is a process, not a product. Nor a language Security08 Feb 2024 | 36
IT suppliers hacked off with Uncle Sam's demands in aftermath of cyberattacks Plan says to hand over keys to networks – and report intrusions within eight hours of discovery Public Sector08 Feb 2024 | 36
Volt Typhoon not the only Chinese crew lurking in US energy, critical networks Presumably American TLAs are all over Beijing's infrastructure, too ... right? Public Sector07 Feb 2024 | 4
Half of polled infosec pros say their degree was less than useful for real-world work The other half paid attention in class? CSO07 Feb 2024 | 18
US says China's Volt Typhoon is readying destructive cyberattacks 12 international govt agencies sound the alarm, critical infrastructure at the heart of threats Security07 Feb 2024 | 10
Iran's cyber operations in Israel a potential prelude to US election interference Tactics are more sophisticated and supported in greater numbers Security07 Feb 2024 | 25
Raspberry Pi Pico cracks BitLocker in under a minute Windows encryption feature defeated by $10 and a YouTube tutorial Research07 Feb 2024 | 143
JetBrains urges swift patching of latest critical TeamCity flaw Cloud version is safe, but no assurances offered about possible on-prem exploits Patches07 Feb 2024 |
The spyware business is booming despite government crackdowns Updated 'Almost zero data being shared across the industry on this particular threat,' we're told Security07 Feb 2024 | 35