News

Just in time for the midterms

The Feds have put up a $10 million reward for information about foreign interference in US elections in general, and more specifically a Russian oligarch and close friend of President Vladimir Putin accused of funding an organization that meddled in the 2016 presidential elections.…

P2P file system makes it more difficult to detect and take down malicious content

Threat groups are increasingly turning to InterPlanetary File System (IPFS) peer-to-peer data sites to host their phishing attacks because the decentralized nature of the sharing system means malicious content is more effective and easier to hide.…

Plenty of recent users appear to be from China, and hoping for more leaks of local data

The popularity of stolen data bazaar BreachForums surged after it was used to sell a giant database of stolen information describing Chinese citizens, threat intelligence firm Cybersixgill said on Thursday.…

Cover an average of $4.4 million per raid ourselves? No chance, mate

The costs incurred by organizations suffering data losses continue to go up, and 60 percent of companies surveyed by IBM said they were passing them onto customers.…

Effects still being felt today across US government

The United States' federal court system "faced an incredibly significant and sophisticated cyber security breach, one which has since had lingering impacts on the department and other agencies."…

SEC extracts pocket change from bankers, wags finger, sends them on their way

JPMorgan Securities, UBS Financial Services, and TradeStation Securities aren't doing enough to thwart crooks who want to steal customers' identity, says America's financial watchdog.…

You might say the police were in their element

Spain's national police say they have arrested two former government workers suspected of breaking into the computer network of the country's radioactivity alert system (RAR) and disabling more than a third of its sensors.…

This time local companies provide the images and there's no mention of national security worries

Google has brought its Street View service – which offers photographs of most locations on Google Maps – back to India, six years after the nation rejected it as an invasion of privacy and a threat to national security.…

Internet-connected MDM instances, each with an 'unrestricted number' of managed devices, were vulnerable

FileWave has fixed a couple vulnerabilities in its endpoint management software that could allow a remote attacker to bypass authentication and take full control of the deployment and associated devices.…

House intel chair raises snoop tool concerns as Google and others call for greater crack down

Google and internet rights groups have called on Congress to weigh in on spyware, asking for sanctions and increased enforcement against so-called legit surveillanceware makers.…

Kim will be shaking in his shoes

The US is offering up to $10 million for information on members of state-sponsored North Korean threat groups, double the amount that the State Department announced in April.…

Land of Putin capable of attacking routes in cyberspace as well as real world

Apple's internet traffic took an unwelcome detour through Russian networking equipment for about twelve hours between July 26 and July 27.…

Stretching its security software a bit further

Amazon’s cloud platform is extending security capabilities for a couple of its widely used services; Amazon Elastic Block Store (EBS) and Amazon Elastic Kubernetes Service (EKS).…

Reports seeing 'offensive actor' flinging SubZero malware

Microsoft has published an analysis of a Europe-based "private-sector offensive actor" with a view to helping its customers spot signs of attacks by money-hungry gangsters.…

Palo Alto Networks Unit 42 incident response team warns of patch speedups

Palo Alto Networks' annual Unit 42 incident response report is out, warning of an ever-decreasing gap between vulnerability disclosures and an increase in cybercrime.…

Details of adversarial tradecraft detailed, includes many email accounts

China's cyber espionage activities are extensive and sophisticated but when the Middle Kingdom tried to steal sensitive economic data from the US Fed, poor security meant its operatives didn't have to dip too far into their bags of tricks.…

Big Blue says it helped developed the algos, so knows what it's doing

IBM has started offering quantum-resistant crypto – using the quantum-resistant crypto recommended by the US National Institute of Standards and Technology (NIST).…

Session cookies and 2FA subversion allow takeover of biz and ad accounts, lead to unauthorized ad buys

Security vendor WithSecure, which was spun out in March 2022 as F-Secure’s enterprise security arm, claims it’s found malware that targets Facebook Business accounts.…

Broadband giant says it will appeal jury verdict in negligence case

Charter Communications must pay out $7 billion in damages after one of its Spectrum cable technicians robbed and killed an elderly woman, a jury decided Tuesday.…

Plus: Coinbase said to face SEC wrath, blockchain scam CEO admits using victims' millions to fund Hawaiian condo

The US government is reportedly investigating Kraken, a massive cryptocurrency exchange suspected of violating sanctions against Iran, and is expected to slap the crypto behemoth with a fine in the near future.…