News

Don't worry, the crooks totally deleted the data and promised not to use it for evil

A ransomware gang has not only taken down WordFly, a mailing list provider for top arts organizations among others, but also siphoned data belonging to the US-based Smithsonian, Canada's Toronto Symphony Orchestra, and the Courtauld Institute of Art in London.…

Cool, another Rust project ... Oh

A new info-stealer malware is spreading rapidly in the wild as the developer behind it continues to add capabilities and recently released the source code on GitHub.…

Learn how to orchestrate your survival strategy here

Webinar  Ensuring your data is protected is the first step in dealing with cyber-attacks and outages. But that's only half the job. …

Be ready for a rebound, and protect yourself with patching and segmentation

SonicWall has published its latest threat report, showing a drop in ransomware but an increase in malware attacks in the first half of 2022.…

A flexible approach to cyber security training and certification from SANS & GIAC

Sponsored Post  Keeping the world safe from cyber threats requires both passion and skills. And you can grow both with training that makes you battle-ready as soon as you leave the classroom.…

Miscreants boast of 78GB haul, officials say everything's fine

The LockBit ransomware crew is claiming to have stolen 78GB of data from Italy's tax agency and is threatening to leak it if a ransom isn't paid by July 31.…

Boffins find common code constructs that may be exploitable to achieve remote code execution

Back in March, security researchers reported a critical command injection vulnerability in Parse Server, an open-source backend for Node.js environments.…

Oops, did the Un-carrier under-count by 29m punters?

T-Mobile US has agreed to pay about $550 million to end legal action against it and improve its security after crooks infiltrated the self-described Un-carrier last summer and harvested personal data belonging to almost 77 million customers.…

And yes, Musk is back in the headlines, denying another affair

Twitter is investigating claims that a near-seven-month-old vulnerability in its software has been exploited to obtain the phone numbers and email addresses of a reported 5.4 million users. …

Emerging threat group offers a broad range of attack services

An emerging and fast-growing threat group is using a unique business model to offer cybercriminals a broad range of services that span from leaked databases and distributed denial-of-service (DDoS) attacks to hacking scripts and, in the future, potentially ransomware.…

Plus: Ukrainian fake news and Uber admits covering up data breach

In Brief  Google's legally fraught journey to buy cybersecurity business Mandiant is in its final stretch, with the US Department of Justice closing its investigation and giving the go-ahead for the sale to proceed.…

Many of last week's security stories tell the same tale

Opinion  The calls are coming from inside the house! Lately, Outlook users have been getting their own version of this classic urban horror myth. The email system is alerting them to suspicious activity on their accounts, and helpfully providing the IP addresses responsible.…

How bad can it be? Find out with this webinar

Webinar  If you realized software you'd developed contained a vulnerability that left you – and your customers - open to cyber-attack what should your first priority be?…

Con man blew victims' cash on antiques, artwork, other riches

A crook who created a business called My Big Coin to cheat victims out of more than $6 million has been found guilty by a jury.…

Blockade against web-sourced VBA scripts is back on by default

Microsoft is shutting the door on a couple of routes cybercriminals have used to attack users and networks.…

Liquidity scams cost victims more than $70m, agents say

The FBI has warned cryptocurrency owners and would-be owners about a scam involving phony liquidity mining that the bureau says has cost victims more than $70 million in combined losses since 2019.…

Red Hat’s approach to locking down remote industrial networks and data processing facilities

Sponsored Feature  If you've ever wondered what edge computing looks like in action, you could do worse than study the orbiting multi-dimensional challenge that is the multi-agency International Space Station (ISS).…

Levy and Robinson are at it again

Comment  Two notorious characters from the British security services have published a paper that once again suggests breaking end-to-end encryption would be a good thing for society. …

Proposed working group would see Moscow's miltech conglomerate Rostec operate in Tehran

Iran's Communications Ministry joined in a pledge with Russian state-owned defence and technology conglomerate Rostec to explore future collaboration in e-government, information security, and other areas.…

Exec, his brother, and a pal raked in $1.5m in illicit gains, Feds claim

A now-former Coinbase manager, his brother, and a friend were today charged with wire fraud conspiracy and wire fraud in connection with the first-ever cryptocurrency insider trading scheme in the US.…