News
EquiLend back in the saddle as ransom payment rumors swirl
Global securities finance tech company EquiLend's systems are now back online after announcing a disruptive ransomware attack nearly two weeks ago.…
Double trouble for Fortinet customers as pair of critical vulns found in FortiSIEM
Fortinet's FortiSIEM product is vulnerable to two new maximum-severity security vulnerabilities that allow for remote code execution.…
New kids on the ransomware block in 2023: Akira and 8Base lead dozens of newbies
At least 25 new ransomware gangs emerged in 2023, with Akira and 8Base proving the most "successful," research reveals.…
Google throws $1M at Rust Foundation to build C++ bridges
Google on Monday donated $1 million to the Rust Foundation specifically to improve interoperability between the language and C++.…
Ivanti devices hit by wave of exploits for latest security hole
Various miscreants are attempting to exploit the latest Ivanti flaw, a server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 that can be used to hijack equipment.…
Ignore Uncle Sam's 'voluntary' cybersecurity goals for hospitals at your peril
Interview If you are responsible for infosec at a US hospital or other healthcare organization, and you treat the government's new "voluntary" cybersecurity performance goals (CPGs) as, well, voluntary, you're ignoring the writing on the wall. …
AnyDesk revokes signing certs, portal passwords after crooks sneak into systems
AnyDesk has copped to an IT security "incident" in which criminals broke into the remote-desktop software maker's production systems. The biz has told customers to expect disruption as it attempts to lock down its infrastructure.…
Lurie Children's Hospital back to pen and paper after cyberattack
For the second time in one week, cybercriminals have targeted a Chicago children's hospital, this time causing significant operational disruption.…
SBF likely off the hook for misplaced FTX funds after cops bust SIM swap ring
Infosec In Brief The recent indictment of a massive SIM-swapping ring may mean convicted crypto conman Sam Bankman-Fried is innocent of at least one allegation still hanging over his head: The theft of more than $400 million in crypto hacked from wallets belonging to his crypto firm, FTX, just before it declared bankruptcy.…
Researchers remotely exploit devices used to manage safe aircraft landings and takeoffs
Criminals could remotely tamper with the data that apps used by airplane pilots rely on to inform safe takeoff and landing procedures, according to fresh research.…
Blackbaud settles with FTC after that IT breach exposed millions of people's info
Blackbaud, which had data on millions of people stolen from it by one or more crooks, has promised to shore up its IT defenses in a proposed deal with the FTC.…
Critical vulnerability in Mastodon is pounced upon by fast-acting admins
Mastodon has called admins to action following the disclosure of a critical vulnerability affecting the decentralized social network favored by erstwhile Twitter lovers.…
Interpol's latest cybercrime intervention dismantles ransomware, banking malware servers
Interpol has arrested 31 people following a three-month operation to stamp out various types of cybercrime.…
Wikileaks source and former CIA worker Joshua Schulte sentenced to 40 years jail
Joshua Schulte, a former CIA employee and software engineer accused of sharing material with WikiLeaks, was sentenced to 40 years in prison by the US Southern District of New York on Thursday.…
Managing the hidden risks of shadow APIs
Partner Content Application programming interfaces (APIs) play a significant role in today's digital economy, but at the same time they can also represent a data security vulnerability.…
Cloudflare sheds more light on Thanksgiving security breach in which tokens, source code accessed by suspected spies
Cloudflare has just detailed how suspected government spies gained access to its internal Atlassian installation using credentials stolen via a security breach at Okta in October.…
Rise of deepfake threats means biometric security measures won't be enough
Cyber attacks using AI-generated deepfakes to bypass facial biometrics security will lead a third of organizations to doubt the adequacy of identity verification and authentication tools as standalone protections.…
Biden will veto attempts to rip up SEC breach reporting rule
The Biden administration has expressed to congressional representatives its strong opposition to undoing the Securities and Exchange Commission's (SEC) strict data breach reporting rule.…
LockBit shows no remorse for ransomware attack on children's hospital
Ransomware gang LockBit is claiming responsibility for an attack on a Chicago children's hospital in an apparent deviation from its previous policy of not targeting nonprofits.…
Congress told how Chinese attackers plan to incite 'societal chaos' in the US
Chinese attackers are preparing to "wreak havoc" on American infrastructure and "cause societal chaos" in the US, infosec, and law enforcement bosses told a US House committee on Wednesday.…