News
FireScam infostealer poses as Telegram Premium app to surveil Android devices
Android malware dubbed FireScam tricks people into thinking they are downloading a Telegram Premium application that stealthily monitors victims' notifications, text messages, and app activity, while stealing sensitive information via Firebase services.…
MediaTek rings in the new year with a parade of chipset vulns
MediaTek kicked off the first full working week of the new year by disclosing a bevy of security vulnerabilities, including a critical remote code execution bug affecting 51 chipsets.…
After China's Salt Typhoon, the reconstruction starts now
Opinion When a typhoon devastates a land, it takes a while to understand the scale of the destruction. Disaster relief kicks in, communications rebuilt, and news flows out. Salt Typhoon is no different.…
Taiwan reportedly claims China-linked ship damaged one of its submarine cables
Taiwanese authorities have asserted that a China-linked ship entered its waters and damaged a submarine cable.…
Telemetry data from 800K VW Group EVs exposed online
Infosec in Brief Welcome to 2025: hopefully you enjoyed a pleasant holiday season and returned to the security operations center without incident - unlike Volkswagen, which last week admitted it exposed data describing journeys made by some of its electric vehicles, plus info about the vehicle’s owners.…
Encryption backdoor debate 'done and dusted,' former White House tech advisor says
interview In the wake of the Salt Typhoon hacks, which lawmakers and privacy advocates alike have called the worst telecoms breach in America's history, the US government agencies have reversed course on encryption.…
Atos denies Space Bears' ransomware claims – with a 'but'
French tech giant Atos today denied that Space Bears criminals breached its systems - but noted that third-party infrastructure was compromised by the ransomware crew, and that files accessed by the crooks included "data mentioning the Atos company name."…
CAPTCHAs now run Doom – on nightmare mode
Though the same couldn't be said for most of us mere mortals, Vercel CEO Guillermo Rauch had a productive festive period, resulting in a CAPTCHA that requires the user to kill three monsters in Doom – on nightmare mode.…
Boffins carve up C so code can be converted to Rust
Computer scientists affiliated with France's Inria and Microsoft have devised a way to automatically turn a subset of C code into safe Rust code, in an effort to meet the growing demand for memory safety.…
Chinese cyber-spies reportedly targeted sanctions intel in US Treasury raid
Chinese spies who compromised the US Treasury Department's workstations reportedly stole data belonging to a government office responsible for sanctions against organizations and individuals.…
Apple offers to settle 'snooping Siri' lawsuit for an utterly incredible $95M
Apple has filed a proposed settlement in California suggesting it will pay $95 million to settle claims that Siri recorded owners' conversations without consent and allowed contractors to listen in.…
Eight things that should not have happened last year, but did
Opinion Happy new year! Tradition says that this is when we boldly look forward to what may happen in the 12 months to come. Do you really want to know that? Didn’t think so.…
US Army soldier who allegedly stole Trump's AT&T call logs arrested
A US Army soldier has been arrested in Texas after being indicted on two counts of unlawful transfer of confidential phone records information. …
US Treasury Department outs the blast radius of BeyondTrust's key leak
The US Department of the Treasury has admitted that miscreants were in its systems, accessing documents in what has been called a "major incident."…
China's cyber intrusions took a sinister turn in 2024
The Chinese government's intrusions into America's telecommunications and other critical infrastructure networks this year appears to signal a shift from cyberspying as usual to prepping for destructive attacks.…
More telcos confirm Salt Typhoon breaches as White House weighs in
AT&T, Verizon, and Lumen Technologies confirmed that Chinese government-backed snoops accessed portions of their systems earlier this year, while the White House added another, yet-unnamed telecommunications company to the list of those breached by Salt Typhoon.…
It's only a matter of time before LLMs jump start supply-chain attacks
Interview Now that criminals have realized there's no need to train their own LLMs for any nefarious purposes - it's much cheaper and easier to steal credentials and then jailbreak existing ones - the threat of a large-scale supply chain attack using generative AI becomes more real.…
How cops taking down LockBit, ALPHV led to RansomHub's meteoric rise
RansomHub, the ransomware collective that emerged earlier this year, quickly gained momentum, outpacing its criminal colleagues and hitting its victims especially hard. The group named and shamed hundreds of organizations on its leak site, while demanding exorbitant payments across various industries.…
Microsoft adds another problem to the Windows 11 24H2 naughty list
The trickle of known issues with Windows 11 24H2 has continued with a new one just in time for festive season: installed the operating system using removable media? There's a chance it might stop receiving security updates.…
Former NSA cyberspy's not-so-secret hobby: Hacking Christmas lights
Video In 2018, Rob Joyce, then Donald Trump's White House Cybersecurity Coordinator, gave a surprise talk at the legendary hacking conference Shmoocon about his hobby.…
Pages
