News
RansomHub-linked EDR-killing malware spotted in the wild
in brief Malware that kills endpoint detection and response (EDR) software has been spotted on the scene and, given it's deploying RansomHub, it could soon be prolific.…
After nearly 3B personal records leak online, Florida data broker confirms it was ransacked by cyber-thieves
A Florida firm has all but confirmed that millions of people's sensitive personal info was stolen from it by cybercriminals and publicly leaked.…
Unicoin hints at potential data meddling after G-Suite compromise
The cryptocurrency offshoot of reality TV and entrepreneurship show Unicorn Hunters has confirmed that an unknown attacker compromised its G-Suite, locking all staff out of their accounts.…
Navigating the future of cybersecurity
Webinar In a world where cyber threats are continually evolving, staying informed is critical for IT and security professionals.…
DARPA, ARPA-H award $14m to 7 AIxCC semifinalists, with a catch
One year after it began, the DARPA AI Cyber Challenge (AIxCC) has whittled its pool of contestants down to seven semifinalists.…
Google raps Iran's APT42 for raining down spear-phishing attacks
Google has joined Microsoft in publishing intel on Iranian cyber influence activity following a recent uptick in attacks that led to data being leaked from the Trump re-election campaign.…
Russian man who sold logins to nearly 3,000 accounts gets 40 months in jail
A Russian national is taking a trip to prison in the US after being found guilty of peddling stolen credentials on a popular dark web marketplace.…
Mad Liberator extortion crew emerges on the cyber-crook scene
A new extortion gang called Mad Liberator uses social engineering and the remote-access tool Anydesk to steal organizations' data and then demand a ransom payment, according to Sophos X-Ops.…
Over 40 million Kakao Pay users' data somehow ended up with Alipay
Kakao Pay, a subsidiary of Korea's WhatsApp analog Kakao, handed over data from more than 40 million users to the Singaporean arm of Chinese payment platform Alipay, without user consent, Korea's financial watchdog revealed Tuesday.…
China-linked cyber-spies infect Russian govt, IT sector
Cyber-spies suspected of connections with China have infected "dozens" of computers belonging to Russian government agencies and IT providers with backdoors and trojans since late July, according to Kaspersky.…
Russian cyber snoops linked to massive credential-stealing campaign
Russia's Federal Security Service (FSB) cyberspies, joined by a new digital snooping crew, have been conducting a massive online phishing espionage campaign via phishing against targets in the US and Europe over the past two years, according to the University of Toronto's Citizen Lab.…
Texas sues GM for selling driver data to analytics, insurance companies
Texas has sued General Motors for what it said is a years-long scheme to collect and sell drivers' data to third parties - including insurance companies - without their knowledge or consent. …
Enzo Biochem ordered to cough up $4.5 million over lousy security that led to ransomware disaster
Biotech biz Enzo Biochem is being forced to pay three state attorneys general a $4.5 million penalty following a 2023 ransomware attack that compromised the data of more than 2.4 million people.…
Palo Alto Networks execs apologize for 'hostesses' dressed as lamps at Black Hat booth
If you attended the Black Hat conference in Vegas last week and found yourself over in Palo Alto Networks' corner of the event, you may have encountered a marketing gimmick that has since been heavily criticized for misogyny.…
Is Lenovo a blind spot in US anti-China security measures?
Opinion Lenovo's participation in a cybersecurity initiative has reopened old questions over the company's China origins, especially in light of the growing mistrust between Washington and Beijing over technology.…
Indian telcos to cut off scammy, spammy, telemarketers for two whole years
India’s Telecom Regulatory Authority (TRAI) on Tuesday directed telcos to stop calls from unregistered telemarketers – and prevent them from using networks again for up to two years – as part of an effort to curb spam and scams.…
NIST finalizes trio of post-quantum encryption standards
The National Institute of Standards and Technology (NIST) today released the long-awaited post-quantum encryption standards, designed to protect electronic information long into the future – when quantum computers are expected to break existing cryptographic algorithms.…
Patch Tuesday brings 90 new Microsoft CVEs, six already under exploit
Patch Tuesday Microsoft has disclosed 90 flaws in its products – six of which have already been exploited – and four others that are listed as publicly known.…
Six ransomware gangs behind over 50% of 2024 attacks
Despite a law enforcement takedown six months ago, LockBit 3.0 remains the most prolific encryption and extortion gang, at least so far, this year, according to Palo Alto Networks' Unit 42.…
US accuses man of being 'elite' ransomware pioneer they've hunted for years
The US has charged a suspect they claim is a Belarusian-Ukrainian cybercriminal whose offenses date back to 2011.…