News

Global tech companies' Bharat offices attract the wrong sort of interest

India is grappling with a three-and-a-half year surge in cyber crime, with analysis suggesting cities like Bengaluru and Gurgaon – centers of India's tech development – are also hubs of evil activity.…

Pizza Hut Australia warns 190,000 customers' data – including order history – has been accessed

Pizza Hut's Australian outpost has suffered a data breach.…

Invasion of the data snatchers

The Snatch ransomware crew has listed on its dark-web site the Florida Department of Veterans Affairs as one of its latest victims – as the Feds warn organizations to be on the lookout for indicators of compromise linked to the extortionist gang.…

X3DH readied for retirement as PQXDH is rolled out

Signal has adopted a new key agreement protocol in an effort to keep encrypted Signal chat messages protected from any future quantum computers.…

ICC admits breach in social media post, says response remains ongoing

The International Criminal Court said criminals breached its IT systems last week but it isn't over yet, with the ICC saying the "cybersecurity incident" is still ongoing.…

Beijing accuses US of breaking into Huawei servers in 2009

The ongoing face-off between Washington and Beijing over technology and security issues has taken a new twist, with China accusing the US of hacking into the servers of Huawei in 2009 and conducting other cyber-attacks to steal critical data.…

Part of network of crims who used 'trickery and threats' to target elderly, says US Attorney

Two Indian nationals each received 41-month prison sentences for their involvement in $1.2 million worth of robocall scams targeting the elderly, according to the district of New Jersey’s attorney's office on Tuesday.…

Could spend 20 years in prison after selling $88M in ADI software keys

A sysadmin and his partner pleaded guilty this week to being part of a "massive" international ring that sold software licenses worth $88 million for "significantly below the wholesale price."…

November’s two day conference sees experts from the cyber security community share their insight and knowledge

Sponsored Post  Cyber security remains a top three priority for most, if not all, organisations. The risks associated with failure to implement adequate defences were once again highlighted by the ransomware incident which impacted several hospital computer systems across the US last month.…

Won't someone please think of the banks?

Singapore officials announced on Monday that next month they will deliver a consultation paper detailing a split liability scheme that will mean both consumers and banks are on the hook for financial losses flowing from scams.…

Allegations date back a decade to leaked Snowden docs

Cavium, a maker of semiconductors acquired in 2018 by Marvell, was allegedly identified in documents leaked in 2013 by Edward Snowden as a vendor of semiconductors backdoored for US intelligence. Marvell denies it or Cavium placed backdoors in products at the behest of the US government.…

Feds claim sniper scope displays sold in sanctions-busting move

A Russian national helped smuggle, via shell companies in Hong Kong, more than $1.6 million in microelectronics to Moscow potentially to support its war against Ukraine, it is claimed.…

Back to 'manual' order processing for $7B household cleaning biz, financial impact will be 'material'

The Clorox Company, makers of bleach and other household cleaning products, doesn't expect operations to return to normal until near month end as it combs over "widescale disruption to operations" caused by cyber baddies.…

Local corporate regulator warns boards that cyber is totally a directorial duty

Australia will build "six cyber shields around our nation" declared home affairs minister Clare O'Neill yesterday, as part of a national cyber security strategy.…

Unauthenticated and remote code execution possible without dropping a file on disk

About 79 percent of public-facing Juniper SRX firewalls remain vulnerable to a single security flaw can allow an unauthenticated attacker to remotely execute code on the devices, according to threat intelligence platform provider VulnCheck.…

Now-NASA boffin not impressed

Last October, Pennsylvania State University (Penn State) was sued by a former chief information officer for allegedly falsifying government security compliance reports.…

Included secrets, private keys, passwords, 30,000+ internal Teams messages

A Microsoft employee accidentally exposed 38 terabytes of private data while publishing a bucket of open-source AI training data on GitHub, according to Wiz security researchers who spotted the leaky account and reported it to the Windows giant.…

Also, LockBit gets a new second stringer, AirTag owners find yet another illicit use, and this week's critical vulns

Infosec in brief  Californians may be on their way to the nation's first "do not broker" list with the passage of a bill that would create a one-stop service for residents of the Golden State who want to opt out of being tracked by data brokers. …

AMBERSQUID operation takes AWS's paths less travelled in search of compute

As cloud native computing continues to gain popularity, so does the risk posed by criminals seeking to exploit the unwary. One newly spotted method targets services on the AWS platform, but not necessarily the ones you might think.…

Oh s#!t, Sherlock

Israeli software maker Insanet has reportedly developed a commercial product called Sherlock that can infect devices via online adverts to snoop on targets and collect data about them for the biz's clients.…