News
Meta accused of snarfing people's Snapchat data via traffic decryption
To spy on rival Snapchat and get data on how the app was being used, Meta – when it was operating as Facebook – allegedly initiated a program called Project Ghostbusters, which intercepted data traffic from mobile apps. And it used that data to harm its competitors' ad business.…
Google reveals zero-day exploits in enterprise tech surged 64% last year
Zero-day exploits targeting enterprise-specific software and appliances are now outpacing zero-day bugs overall, according to Google's threat hunting teams.…
Street newspaper appears to have Big Issue with Qilin ransomware gang
The parent company of The Big Issue, a street newspaper and social enterprise for homeless people, is wrestling with a cybersecurity incident claimed by the Qilin ransomware gang.…
The easy road to pervasive DLP
Sponsored Post The coronavirus pandemic appears to have changed the employment landscape forever, with estimates suggesting that up to a quarter of staff still spend some of their working week outside of the office compared to just 6 percent prior to 2020.…
Uncle Sam's had it up to here with 'unforgivable' SQL injection flaws
The US has clearly had enough of software vendors shipping products with "unforgivable" vulnerabilities, and is now urging them to launch formal code reviews to stamp out SQL injection flaws.…
Ransomware can mean life or death at hospitals, but DEF CON hackers have a plan
Interview As ransomware gangs target critical infrastructure – especially hospitals and other healthcare organizations – DARPA has added another government agency partner to its Artificial Intelligence Cyber Challenge (AIxCC).…
FreeBSD Foundation hands out Beacon gongs for safer software
The inaugural Beacon Awards has handed three prizes to projects working on safer software for CHERI-enabled hardware running on the CheriBSD operating system.…
UK elections are unaffected by China's cyber-interference, says deputy PM
The UK's deputy prime minister, Oliver Dowden, says China has been unsuccessful in its attempts to undermine UK elections.…
Row breaks out over true severity of two DNSSEC flaws
Two DNSSEC vulnerabilities were disclosed last month with similar descriptions and the same severity score, but they are not the same issue.…
New Zealand to world: China attacked us, too!
The government of South Pacific island nation New Zealand has revealed that it, too, has been attacked by China.…
US charges Chinese nationals with cyber-spying on pretty much everyone for Beijing
The United States on Monday accused seven Chinese men of breaking into computer networks, email accounts, and cloud storage belonging to numerous critical infrastructure organizations, companies, and individuals, including US businesses, politicians, and their political parties.…
Over 170K users caught up in poisoned Python package ruse
More than 170,000 users are said to have been affected by an attack using fake Python infrastructure with "successful exploitation of multiple victims."…
Tech trade union confirms cyberattack behind IT, email outage
Exclusive The Communications Workers Union (CWU), which represents hundreds of thousands of employees in sectors across the UK economy including tech and telecoms, is currently working to mitigate a cyberattack.…
Mozilla fixes $100,000 Firefox zero-days following two-day hackathon
Mozilla has swiftly patched a pair of critical Firefox zero-days after a researcher debuted them at a Vancouver cybersec competition.…
GoFetch security exploit can't be disabled on M1 and M2 Apple chips
The GoFetch vulnerability found on Apple M-series and Intel Raptor Lake CPUs has been further unpacked by the researchers who first disclosed it.…
Time to examine the anatomy of the British Library ransomware nightmare
Opinion Quiz time: name one thing you know about the Library of Alexandria. Points deducted for "it’s a library. In Alexandria." Looking things up is cheating and you know it.…
That Asian meal you eat on holidays could launder money for North Korea
If you dine out at an Asian restaurant on your next holiday, the United Nations thinks your meal could help North Korea to launder money.…
Microsoft confirms memory leak in March Windows Server security update
Infosec in brief If your Windows domain controllers have been crashing since a security update was installed earlier this month, there's no longer any need to speculate why: Microsoft has admitted it introduced a memory leak in its March patches and fixed the issue.…
Some 300,000 IPs vulnerable to this Loop DoS attack
As many as 300,000 servers or devices on the public internet are thought to be vulnerable right now to the recently disclosed Loop Denial-of-Service technique that works against some UDP-based application-level services.…
Vans claims cyber crooks didn't run off with its customers' financial info
Clothing and footwear giant VF Corporation is letting 35.5 million of its customers know they may find themselves victims of identity theft following last year's security breach.…