News
Beijing-backed cyberspies attacked 70+ orgs across 23 countries
Chinese cyberspies have compromised at least 70 organizations, mostly government entities, and targeted more than 116 victims across the globe, according to security researchers.…
Crypto scams more costly to the US than ransomware, Feds say
The FBI says investment fraud was the form of cybercrime that incurred the greatest financial loss for Americans last year.…
Crypto wallet providers urged to rethink security as criminals drain them of millions
Infosec researchers are noting rising cryptocurrency attacks and have encouraged wallet security providers to up their collective game.…
Atos says Airbus flew off, no longer interested in infosec and big data biz
Atos' share price sank as much as 20 percent this morning on confirmation that Airbus is no longer interested in buying the big data and security (BDS) parts of the crumbling tech empire.…
Don't be like these 900+ websites and expose millions of passwords via Firebase
At least 900 websites built with Google's Firebase, a cloud database, have been misconfigured, leaving credentials, personal info, and other sensitive data inadvertently exposed to the public internet, according to security researchers.…
Fujitsu reveals malware installed on internal systems, risk of customer data spill
Fujitsu has confirmed that miscreants have compromised some of its internal computers, deployed malware, and may have stolen some customer information.…
More than 133,000 Fortinet appliances still vulnerable to month-old critical bug
The volume of Fortinet boxes exposed to the public internet and vulnerable to a month-old critical security flaw in FortiOS is still extremely high, despite a gradual increase in patching.…
Cyber baddies leak 70M+ files online, claim they're from AT&T
More than 70 million records, allegedly stolen from AT&T in 2021, were dumped on a cybercrime forum at the weekend.…
Cyberattack gifts esports pros with cheats, forcing Apex Legends to postpone tournament
Updated Esports pros competing in the Apex Legends Global Series (ALGS) Pro League tournament were forced to abandon their match today due to a suspected cyberattack.…
Infosec teams must be allowed to fail, argues Gartner
Zero tolerance of failure by information security professionals is unrealistic, and makes it harder for cyber security folk to do the essential part of their job: recovering fast from inevitable attacks, according to Gartner analysts Chris Mixter and Dennis Xiu.…
Filipino police free hundreds of slaves toiling in romance scam operation
Filipino police rescued 875 "workers" – including 504 foreigners – in a raid late last week on a firm that posed as an online gaming company but in reality operated a forced labor camp that housed romance scam operators.…
Protecting distributed branch office environments from ransomware
Sponsored Feature Ransomware gangs that steal and encrypt vital business data before extorting payment for its decryption and restoration are ramping up global attacks at an ever-increasing rate. In fact, cyber security experts agree that ransomware now represents one of - if not the most - serious cybersecurity threats currently facing governments, public/private sector organisations and enterprises around the world.…
ChatGPT side-channel attack has easy fix: token obfuscation
in brief Almost as quickly as a paper came out last week revealing an AI side-channel vulnerability, Cloudflare researchers have figured out how to solve it: just obscure your token size.…
In the rush to build AI apps, please, please don't leave security behind
Feature While in a rush to understand, build, and ship AI products, developers and data scientists are being urged to be mindful of security and not fall prey to supply-chain attacks.…
As if working at Helldesk weren't bad enough, IT helpers now targeted by cybercrims
IT helpdesk workers are increasingly the target of cybercriminals – a trend researchers have described as "the most noteworthy" of the past year.…
Cop shop rapped for 'completely avoidable' web form blunder
The London Mayor's Office for Policing and Crime is being rapped by regulators for untidy tech practices that made public the personal data of hundreds of people who filed complaints against the Metropolitan Police Service.…
Forget TikTok – Chinese spies want to steal IP by backdooring digital locks
There's another Chinese-manufactured product – joining the likes of TikTok, cars and semiconductors – that poses a national security risk to Americans: electronic locks, such as those used in safes.…
FTC goes undercover to probe suspected antivirus scam, scores $26M settlement
A pair of tech support businesses accused of swindling marks out of their hard-earned cash have agreed to cough up a $26 million settlement following an undercover probe by the FTC.…
LockBit ransomware kingpin gets 4 years behind bars
A LockBit ransomware kingpin has been sentenced to almost four years behind bars and ordered to pay more than CA$860,000 ($635,000, £500,000) in restitution to some of his victims by a Canadian court as he awaits extradition to the US.…
Google gooses Safe Browsing with real-time protection that doesn't leak to ad giant
Google has enhanced its Safe Browsing service to enable real-time protection in Chrome for desktop, iOS, and soon Android against risky websites, without sending browsing history data to the ad biz.…