News

Ongoing investigation found evidence of stolen employee creds and social engineering

Nine days after issuing a vaguely worded warning about a possible cyber security incident, web tracking and analytics outfit New Relic has revealed a two-front attack.…

Supply chain attacks: The gift that keeps on giving

A ransomware infection at a cloud IT provider has disrupted services for 60 or so credit unions across the US, all of which were relying on the attacked vendor. …

Two CVEs can be abused to steal sensitive info or execute code

Apple has issued emergency fixes to plug security flaws in iPhones, iPads, and Macs that may already be under attack.…

Exploits bypass most secure boot solutions from the biggest chip vendors

Hundreds of consumer and enterprise devices are potentially vulnerable to bootkit exploits through unsecured BIOS image parsers.…

Hunt continues for the other elusive high-ranking members

Another member of the Trickbot malware crew now faces a lengthy prison sentence amid US law enforcement's ongoing search for its leading members.…

Scottish health group to tweak security checks, access authorization to avoid a repeat

NHS Fife is on the wrong end of a stern ticking off by Britain's data regulator after it made a howling privacy error that aided an as yet unknown person who had entered a hospital ward only to walk off with data on 14 patients.…

Global database of faces and fingerprints proves its worth

European police have for the first time made an arrest after remotely checking Interpol's trove of biometric data to identify a suspected smuggler.…

Zuck boots propagandists, Big G finds surge of action directed at Taiwan

Meta and Google have disclosed what they allege are offensive cyber ops conducted by China.…

Plus: 3 critical CVEs in Zyxel NAS devices

Google has rolled out six Chrome security fixes including one emergency patch for a bug for which exploit code is already out there. You're encouraged to thus grab the latest updates for the browser.…

24 million Americans thought to have had their personal data stolen and sold for pennies

A Ukrainian national is facing an eight year prison sentence for running an online marketplace that sold the personal data of approximately 24 million US citizens.…

Assumed Conti offshoot averages 7 figures for each successful attack but may have issues with, er, 'closing deals'

The Black Basta ransomware group has reportedly generated upwards of $100 million in revenue since it started operations in April 2022.…

SANS unveils online hub with valuable tools and information for cybersecurity professionals defending ICS

Sponsored Post  Industrial Control Systems (ICS) which can automate processes, increase productivity and reduce labour costs, are rapidly gaining worldwide enterprise traction.…

BLUFFS spying flaw present in iPhones, ThinkPad, plenty of chipsets

Multiple Bluetooth chips from major vendors such as Qualcomm, Broadcom, Intel, and Apple are vulnerable to a pair of security flaws that allow a nearby miscreant to impersonate other devices and intercept data.…

Amid fears Beijing could harvest spatial data, letter suggests Huawei-style bans may be needed

A US congressional committee has questioned whether Chinese-made Light Detection and Ranging (LiDAR) devices might have a negative impact on national security, and suggested they may therefore be worthy of the same bans that prevent stateside adoption of other tech.…

Pro tip: Don't use your new work email to phish your old firm

An ex-Motorola technician in the US has admitted he tried to fraudulently obtain a passport while awaiting trial for a cyberattack on his former employer.…

CISA calls for stronger IT defenses as Texas district also hit by ransomware crew

CISA is investigating a cyberattack against a Pennsylvania water authority by suspected Iranian miscreants. The intrusion forced operators to switch a pumping station to manual control.…

All customer support users told their info was accessed after analysis oversight

Okta has admitted that the number of customers affected by its October customer support system data breach is far greater than previously thought.…

CRM databases were accessed and library users are advised to change passwords

The Rhysida ransomware group has published most of the data it claimed to have stolen from the British Library a month after the attack was disclosed.…

Acts under the guise of protecting the public from fraud, yet history suggests Home Office has other motives

The UK government plans to introduce new legislation to ban SIM farms, which it views as a widely abused means for carrying out cyber fraud.…

Planning portal back online with a more secure connection

Reading Borough Council has securely restored its planning portal after facing criticism for recommending questionable tech security practices to users.…