News
Iranian charged over attacks against US defense contractors, government agencies
The US Department of Justice has unsealed an indictment accusing an Iranian national of a years-long campaign that compromised hundreds of thousands of accounts and attempting to infiltrate US defense contractors and multiple government agencies.…
In the vanguard of 21st century cyber threats
Webinar The quantum threat might seem futuristic, more like something you'd encounter in a science fiction film. But it's arguably already a danger to real cyber security defences.…
Cops visit school of 'wrong person’s child,' mix up victims and suspects in epic data fail
The UK's Information Commissioner's Office has put the West Midlands Police (WMP) on the naughty step after the force was found to have repeatedly mixed up two people's personal data for years.…
Keeping one step ahead of cyber security threats
Webinar Dealing with cyber security incidents is an expensive business. Each data breach costs an estimated $4.35 million on average and it's not as if the volume of cyber attacks is falling - last year, they rose by 38 percent according to Google Cloud.…
NTT boss takes early retirement to atone for data leak
NTT West president Masaaki Moribayashi announced his resignation on Thursday, effective at the end of March, in atonement for the leak of data pertaining to 9.28 million customers that came to light last October.…
GitHub struggles to keep up with automated malicious forks
A malware distribution campaign that began last May with a handful of malicious software packages uploaded to the Python Package Index (PyPI) has spread to GitHub and expanded to reach at least 100,000 compromised repositories.…
Turns out cops are super interested in subpoenaing suspects' push notifications
More than 130 petitions seeking access to push notification metadata have been filed in US courts, according to a Washington Post investigation – a finding that underscores the lack of privacy protection available to users of mobile devices.…
White House goes to court, not Congress, to renew warrantless spy powers
The Biden Administration has asked a court, rather than Congress, to renew controversial warrantless surveillance powers used by American intelligence and due to expire within weeks. It's a move that is either business as usual or an end-run around spying reforms, depending on who in Washington you believe.…
Chinese 'connected' cars are a national security threat, says Biden
Concerned over the chance that Chinese-made cars could pose a future threat to national security, Biden's administration is proposing plans to probe potential threats posed by "connected" vehicles made in the Middle Kingdom.…
Ransomware gangs are paying attention to infostealers, so why aren't you?
There appears to be an uptick in interest among cybercriminals in infostealers – malware designed to swipe online account passwords, financial info, and other sensitive data from infected PCs – as a relatively cheap and easy way to get a foothold in organizations' IT environments to deploy devastating ransomware.…
Meta's pay-or-consent model hides 'massive illegal data processing ops': lawsuit
Consumer groups are filing legal complaints in the EU in a coordinated attempt to use data protection law to stop Meta from giving local users a "fake choice" between paying up and consenting to data collection.…
Chinese PC-maker Acemagic customized its own machines to get infected with malware
Chinese PC maker Acemagic has admitted some of its products shipped with pre-installed malware.…
Australian spy chief fears sabotage of critical infrastructure
The director general of security at Australia's Security Intelligence Organisation (ASIO) has delivered his annual threat assessment, revealing ongoing attempts by adversaries to map digital infrastructure with a view to disrupting important services at delicate moments.…
ALPHV/BlackCat claims responsibility for Change Healthcare attack
The ALPHV/BlackCat cybercrime gang has taken credit – if that's the word – for a ransomware infection at Change Healthcare that has disrupted thousands of pharmacies and hospitals across the US, and also claimed that the amount of sensitive data stolen and affected health-care organizations is much larger than the victims initially disclosed.…
BEAST AI needs just a minute of GPU time to make an LLM fly over its guardrails
Computer scientists at the University of Maryland have developed an efficient way to craft prompts that elicit harmful responses from large language models (LLMs).…
Palo Alto investor sues over 28% share tumble
Palo Alto Networks (PAN) is facing a proposed class action lawsuit that alleges investors were deceived about the traction of its platform tactics and hurt by an unexpectedly low billings forecast that crashed the share price.…
Uncle Sam tells nosy nations to keep their hands off Americans' personal data
US President Joe Biden is expected to sign an executive order today that aims to prevent the sale or transfer of Americans' sensitive personal information and government-related data to adversarial countries including China and Russia.…
That home router botnet the Feds took down? Moscow's probably going to try again
Authorities from eleven nations have delivered a sequel to the January takedown of a botnet run by Russia on compromised Ubiquiti Edge OS routers – in the form of a warning that Russia may try again, so owners of the devices should take precautions.…
Sandvine put on America's export no-fly list after Egypt used network tech for spying
The US Commerce Department has blacklisted Sandvine for selling its networking monitoring technology to Egypt, where the Feds say the gear was used to spy on political and human-rights activists.…
NIST updates Cybersecurity Framework after a decade of lessons
After ten years operating under the original model, and two years working to revise it, the National Institute of Standards and Technology (NIST) has released version 2.0 of its Cybersecurity Framework (CSF).…