Trump campaign cites Iran election phish claim as evidence leaked docs were stolen
Dots have been joined, but hard evidence is not apparent
Security12 Aug 2024 | 74
Security
The UN unanimously agrees that cybercrime is bad, mkay?
Infosec in brief Also: British nuke subs get code from Russia; and BlackSuit begs for $500M
Security12 Aug 2024 | 7
Raptor Lake microcode limits Intel chips to a mere 1.55 volts to prevent CPU destruction
Is that a lot? Depends on the context. GHz, no. Voltage, yes
Personal Tech09 Aug 2024 | 28
Pro-Iran groups lay groundwork for 'chaos and violence' as US election meddling attempts intensify
Political officials, advisors targeted in cyber attacks as fake news sites deliver lefty zingers
Security09 Aug 2024 | 23
It's 2024 and we're just getting round to stopping browsers insecurely accessing 0.0.0.0
Can't reach someone's private server on localhost from outside? No problem
Research09 Aug 2024 | 39
Hello? Are you talking on a Cisco SPA300 or SPA500 IP phone? Now's the time to junk 'em
Multiple critical flaws found and they won't be fixed
Security09 Aug 2024 | 31
Delta: CrowdStrike's offer to help in Falcon meltdown was too little, too late
Airline unimpressed with 'unhelpful and untimely' phone call from CEO, Falcon maker says claims untrue
CxO08 Aug 2024 | 32
US 'laptop farm' man accused of outsourcing his IT jobs to North Korea to fund weapons programs
American and Brit firms thought they were employing a Westerner, but not so, it's alleged
CSO08 Aug 2024 | 19
Using 1Password on Mac? Patch up if you don’t want your Vaults raided
Hundreds of thousands of users potentially vulnerable
Patches08 Aug 2024 | 23
US elections have never been more secure, says CISA chief
Black Hat Election tech is fine – it's all those idiots buying into the propaganda that's worrying Jen Easterly
Security08 Aug 2024 | 45
Report: Tech misconceptions plague the IT world
Just snapping the webcam shutter closed won't keep a user safe online
Personal Tech08 Aug 2024 | 74
Entrust faces years of groveling to regain browsers' trust, say rival chiefs
Sectigo bosses claim it's only a matter of time before Microsoft and Apple drop Big E from their root stores too
Security08 Aug 2024 | 4
Cloud storage lockers from Microsoft and Google used to store and spread state-sponsored malware
Black Hat Why run your own evil infrastructure when Big Tech offers robust tools hosted at trusted URLs?
Black Hat and DEF CON08 Aug 2024 | 2
Samsung boosts bug bounty to a cool million for cracks of the Knox Vault subsystem
Good luck, crackers: It's an isolated processor and storage enclave, and top dollar only comes from a remote attack
Security08 Aug 2024 | 5
Faulty instructions in Alibaba's T-Head C910 RISC-V CPUs blow away all security
Black Hat Let's get physical, physical ... I don't wanna hear your MMU talk
Black Hat and DEF CON07 Aug 2024 | 48
Small CSS tweaks can help nasty emails slip through Outlook's anti-phishing net
A simple HTML change and the warning is gone!
Research07 Aug 2024 | 13
Police take just 2 days to recover $40M stolen in business email scam
Timor-Leste is a known cybercrime hotspot
Cyber-crime07 Aug 2024 | 9
EQT buys majority share in Swiss cybersecurity biz Acronis
Went at equivalent of $3.5B+ valuation for entire firm, though portion sold not specified
Security07 Aug 2024 | 3
UK health services call-handling vendor faces $7.7M fine over 2022 ransomware attack
Nearly 83,000 people had their data stolen amid chaos that struck NHS healthcare
Cyber-crime07 Aug 2024 | 11
SharpRhino malware targets IT admins – Hunters International gang suspected
Fake Angry IP Scanner will make you furious - or maybe remind you of how the Hive gang went about its banal business
Security07 Aug 2024 |
Georgia's voter portal gets a crash course in client versus backend input validation
Trying to cancel a citizen's registration would be caught by humans no matter what the page said, officials say
Research07 Aug 2024 | 36
Microsoft punches back at Delta Air Lines and its legal threats
SatNad himself offered CrowdStrike recovery help, Redmond says, before suggesting airline's IT is in a mess
CxO07 Aug 2024 | 39
CrowdStrike hires outside security outfits to review troubled Falcon code
And reveals more and more about small mistake that bricked 8.5M Windows boxes
Security07 Aug 2024 | 55
Google splats device-hijacking exploited-in-the-wild Android kernel bug among others
And Qualcomm addresses 'permanent denial of service' flaw in its stuff
Patches06 Aug 2024 | 8
Sonic Automotive says ransomware-linked CDK software outage cost it $30M
Misery loves company – all of its competitors were also negatively impacted
Cyber-crime06 Aug 2024 | 2
Bad apps bypass Windows security alerts for six years using newly unveiled trick
Windows SmartScreen and Smart App Control both have weaknesses of which to be wary
Research06 Aug 2024 | 16
Users call on Microsoft to update Outlook's friendly name feature
That one weird thing in Outlook that gives phishers and scammers an in to an inbox
Security06 Aug 2024 | 76
Billion-dollar bust as international op shutters Cryptonator wallet
Chap named 'Roman Boss' accused of being just that at a cryptocash laundering outfit
Cyber-crime06 Aug 2024 | 13
MDM vendor Mobile Guardian attacked, leading to remote wiping of 13,000 devices
Singapore Ministry of Education orders software removed after string of snafus
Security06 Aug 2024 | 9
Illinois relaxes biometric privacy law so snafus won't cost businesses billions
Some scowl, some smile, as fines no longer apply every time your mugshot or fingerprint is shared
Security06 Aug 2024 | 4
NFL to begin using face scanning tech across all of its stadiums
Smile for the camera to get in, or buy a beer without lining up
Security06 Aug 2024 | 7
That cyber-heist of 2.9B personal records? There's a class-action lawsuit looming for that
Updated Background check biz accused of negligence
Cyber-crime05 Aug 2024 | 11
Sneaky SnakeKeylogger slithers into Windows inboxes to steal sensitive secrets
Malware logs users' keystrokes, pilfers credentials, exfiltrates data
Research05 Aug 2024 | 15
CrowdStrike unhappy about Delta's 'litigation threat,' claims airline refused 'free on-site help'
Vendor plans to aggressively defend its case before listing catalog of shortcomings at the airline
Security05 Aug 2024 | 67
China starts testing national cyber-ID before consultation on the idea closes
Eighty-one apps signed up to pilot facial recognition and real name ID system
Public Sector05 Aug 2024 | 12
Google gamed into advertising a malicious version of Authenticator
Infosec in brief Plus: CISA's AI hire; and claimed Canuck SIM swappers busted
Security05 Aug 2024 | 13
DARPA suggests turning old C code automatically into Rust – using AI, of course
Who wants to make a TRACTOR pull request?
Research03 Aug 2024 | 146
Israeli hacktivist group brags it took down Iran's internet
WeRedEvils alleges successful attack on infrastructure, including data theft
Cyber-crime02 Aug 2024 | 8
Fortune 50 biz coughed up record-breaking $75M ransom to halt leak of stolen data
They say crime doesn't pay. They're right – it's the victims doing the paying
Cyber-crime02 Aug 2024 | 12
UK plans to revamp national cyber defense tools are already in motion
Work aims to build on the success of NCSC's 2016 initiative – and private sector will play a part
Cyber-crime02 Aug 2024 | 8
UK crimebusters shut down global call-spoofing outfit that claimed 170K-plus victims
Suspected devs behind Russian Coms cuffed – now to find the users of the nastyware
Cyber-crime02 Aug 2024 | 11
Japan mandates app to ensure national ID cards aren't forged
First delays, then data leaks – now fraud detection needed at point of use
Security02 Aug 2024 | 36
India contemplates compulsory dynamic 2FA for digital payments
SMS OTPs are overused, so bring on the tokens and biometrics
Security02 Aug 2024 | 4
US sends cybercriminals back to Russia in prisoner swap that freed WSJ journo, others
Techno-crooks greeted by grinning Putin after landing
Cyber-crime02 Aug 2024 | 37
Too late now for canary test updates, says pension fund suing CrowdStrike
That horse has not just bolted, it's trampled all over kernel space
CSO01 Aug 2024 | 114
FBI, CISA remind US voters that DDoS attacks can't touch election systems
PSA comes amid multiple IT services crises in recent days
Cyber-crime01 Aug 2024 | 16
Firefox's Mozilla follows Google in losing trust in Entrust's TLS certificates
Compliance failures and unsatisfactory responses mount from the long-time certificate authority
CSO01 Aug 2024 | 15
Germany names China as source of attack on government geospatial agency
Meanwhile, US apparently considers further AI hardware sanctions
Cyber-crime01 Aug 2024 | 10
Ransomware infection cuts off blood supply to 250+ hospitals
Scumbags go for the jugular
Cyber-crime31 Jul 2024 | 39
More than 83K certs from nearly 7K DigiCert customers must be swapped out now
Small stay of execution in 'exceptional circumstances' promised – amid legal action to pause digital bonfire
CSO31 Jul 2024 | 18
Russia takes aim at Sitting Ducks domains, bags 30,000+
Eight-year-old domain hijacking technique still claiming victims
Research31 Jul 2024 |
Chrome adopts app-bound encryption to stymie cookie-stealing malware
Windows users now get macOS-grade secret security
CSO31 Jul 2024 | 4
'Error' in Microsoft's DDoS defenses amplified 8-hour Azure outage
A playbook full of strategies and someone fumbles the implementation
CSO31 Jul 2024 | 18
UK Electoral Commission slapped for basic cybersecurity fails
It took 13 months to notice 40 million voters' data was compromised
CSO31 Jul 2024 | 25
DigiCert gives unlucky folks 24 hours to replace doomed certificates after code blunder
For the want of an underscore
CSO31 Jul 2024 | 27
Delta Air Lines dials up Microsoft's legal nemesis over CrowdStrike losses
Oh, Boies, here we go again
CSO30 Jul 2024 | 17
'LockBit of phishing' EvilProxy used in more than a million attacks every month
Insight Leaves a trail of ransomware infections, data theft, business email compromise in its wake
Malware Month30 Jul 2024 | 7
Ransomware gangs are loving this dumb but deadly make-me-admin ESXi vulnerability
Get those patches applied – all the big dogs are abusing it
VMware Explore30 Jul 2024 | 18
Proofpoint phishing palaver plagues millions with 'perfectly spoofed' emails from IBM, Nike, Disney, others
They DKIM here, they DKIM there
Research30 Jul 2024 | 33
Malaysia is working on an internet 'kill switch', says minister
Follows requirement for social media and messaging platforms to get a license
Public Sector30 Jul 2024 | 21
Biting the hand that feeds IT
