News
Check your IP cameras: There's a new Mirai botnet on the rise
in brief A series of IP cameras still used all over the world, despite being well past their end of life, have been exploited to create a new Mirai botnet. …
RansomHub hits 210 victims in just 6 months
As RansomHub continues to scoop up top talent from the fallen LockBit and ALPHV operations while accruing a smorgasbord of victims, security and law enforcement agencies in the US feel it's time to issue an official warning about the group that's gunning for ransomware supremacy.…
Green Berets storm building after hacking its Wi-Fi
US Army Special Forces, aka the Green Berets, have been demonstrating their hacking chops in the recent Swift Response 24 military exercises in May, the military has now confirmed.…
Tired of airport security queues? SQL inject yourself into the cockpit, claim researchers
Updated Cybersecurity researchers say they've found a vulnerability that allowed them to skip US airport security checks and even fly in the cockpit on some scheduled flights.…
Iran hunts down double agents with fake recruiting sites, Mandiant reckons
Government-backed Iranian actors allegedly set up dozens of fake recruiting websites and social media accounts to hunt down double agents and dissidents suspected of collaborating with the nation’s enemies, including Israel.…
US indicts duo over alleged Swatting spree that targeted elected officials
The US government has indicted two men for allegedly reporting almost 120 fake emergencies or crimes in the hope of provoking action by armed law enforcement agencies.…
Oh, great. Attacks developed by spyware vendors are being re-used by Russia's Cozy Bear cretins
Google's Threat Analysis Group (TAG) has spotted a disturbing similarity in attack tactics used by commercial spyware vendors and Russia-linked attack gangs.…
Feds claim sinister sysadmin locked up thousands of Windows workstations, demanded ransom
A former infrastructure engineer who allegedly locked IT department colleagues out of their employer's systems, then threatened to shut down servers unless paid a ransom, has been arrested and charged after an FBI investigation.…
Rock Chrome hard enough and get paid half a million
Google's Chrome Vulnerability Rewards Program (VRP) is now significantly more rewarding – with a top payout that's at least twice as substantial.…
Brain Cipher claims attack on Olympic venue, promises 300 GB data leak
Nearly four weeks after the cyberattack on dozens of French national museums during the Olympic Games, the Brain Cipher ransomware group claims responsibility for the incident and says 300 GB of data will be leaked later today.…
CrowdStrike's meltdown didn't dent its market dominance … yet
CrowdStrike's major meltdown a month ago doesn't look like affecting the cyber security vendor's market dominance anytime soon, based on its earnings reported Wednesday.…
Microsoft hosts a security summit but no press, public allowed
op-ed Microsoft will host a security summit next month with CrowdStrike and other "key" endpoint security partners joining the fun — and during which the CrowdStrike-induced outage that borked millions of Windows machines will undoubtedly be a top-line agenda item. …
Proof-of-concept code released for zero-click critical Windows vuln
Windows users who haven't yet installed the latest fixes to their operating systems will need to get a move on, as code now exists to exploit a critical Microsoft vulnerability announced by Redmond two weeks ago.…
Iran's Pioneer Kitten hits US networks via buggy Check Point, Palo Alto gear
Iranian government-backed cybercriminals have been hacking into US and foreign networks as recently as this month to steal sensitive data and deploy ransomware, and they're breaking in via vulnerable VPN and firewall devices from Check Point, Citrix, Palo Alto Networks and other manufacturers, according to Uncle Sam.…
Dick's Sporting Goods discloses cyberattack
Dick's Sporting Goods, America's largest retail chain for outdoorsy types, has admitted that it suffered a cyberattack last week.…
From Copilot to Copirate: How data thieves could hijack Microsoft's chatbot
Microsoft has fixed flaws in Copilot that allowed attackers to steal users' emails and other personal data by chaining together a series of LLM-specific attacks, beginning with prompt injection.…
The ultimate dual-use tool for cybersecurity
Sponsored Feature Artificial intelligence: saviour for cyber defenders, or shiny new toy for online thieves? As with most things in tech, the answer is a bit of both.…
Woman uses AirTags to nab alleged parcel-pinching scum
Theft of packages is an ongoing problem, so one California woman tried a high tech solution to the problem – and her use of Apple’s consumer-grade AirTags tracking devices led to two arrests.…
Chinese broadband satellites may be Beijing's flying spying censors, think tank warns
The multiple constellations of broadband-beaming satellites planned by Chinese companies could conceivably run the nation's "Great Firewall" content censorship system, according to think tank The Australian Strategic Policy Institute. And if they do, using the services will be dangerous.…
Intel's Software Guard Extensions broken? Don't panic
Today's news that Intel's Software Guard Extensions (SGX) security system is open to abuse may be overstated.…