News

Sectigo bosses claim it's only a matter of time before Microsoft and Apple drop Big E from their root stores too

After falling down in the estimations of major browser makers Google and Mozilla, Entrust faces a lengthy fight on its hands to regain industry trust and once more issue trusted TLS certificates.…

Why run your own evil infrastructure when Big Tech offers robust tools hosted at trusted URLs?

Black Hat  State-sponsored cyber spies and criminals are increasingly using legitimate cloud services to attack their victims, according to Symantec's threat hunters who have spotted three such operations over recent months, plus new data theft and other malware tools in development by these goons.…

Good luck, crackers: It's an isolated processor and storage enclave, and top dollar only comes from a remote attack

Samsung has dangled its first $1 million bug bounty for anyone who successfully compromises Knox Vault – the isolated subsystem the Korean giant bakes into its smartphones to store info like credentials and run authentication routines.…

Let's get physical, physical ... I don't wanna hear your MMU talk

Black Hat  Computer security researchers at the CISPA Helmholtz Center for Information Security in Germany have found serious security flaws in some of Alibaba subsidiary T-Head Semiconductor's RISC-V processors.…

Palo Alto Networks reveals how AI can be harnessed to strengthen cyber security defenses David Gordon

Sponsored Post  Hackers and cyber criminals are busy finding new ways of using AI to launch attacks on businesses and organizations often unprepared to deal with the speed, scale and sophistication of the assaults directed against them.…

A simple HTML change and the warning is gone!

Researchers say cybercriminals can have fun bypassing one of Microsoft's anti-phishing measures in Outlook with some simple CSS tweaks.…

Timor-Leste is a known cybercrime hotspot

Two days is all it took for Interpol to recover more than $40 million worth of stolen funds in a recent business email compromise (BEC) heist, the international cop shop said this week.…

Went at equivalent of $3.5B+ valuation for entire firm, though portion sold not specified

Acronis, the Swiss disaster recovery turned cybersecurity firm and catch-all for managed service providers, has been majority acquired by Europe’s largest private equity firm, EQT.…

Nearly 83,000 people had their data stolen amid chaos that struck NHS healthcare

The UK's data protection watchdog says it plans to fine a managed software provider to the NHS £6.09 million ($7.7 million) for failings that led to a 2022 ransomware attack.…

Fake Angry IP Scanner will make you furious - or maybe remind you of how the Hive gang went about its banal business

The latest malware from upstart criminal gang Hunters International appears to be targeting network admins, using attack code disguised as the popular networking tool Angry IP Scanner.…

Trying to cancel a citizen's registration would be caught by humans no matter what the page said, officials say

The US state of Georgia has a website for cancelling voter registration, and it's had a bumpy start.…

SatNad himself offered CrowdStrike recovery help, Redmond says, before suggesting airline's IT is in a mess

Microsoft has labelled Delta Air Lines' accusations it's partly to blame for the outages caused by CrowdStrike’s buggy software "false" and "misleading" – and insulted the state of the carrier’s IT infrastructure.…

And reveals the small mistake that bricked 8.5M Windows boxes

CrowdStrike has hired two outside security firms to review the Falcon functionality that sparked a global IT outage last month – but it may not have an awful lot to find, because CrowdStrike has identified the simple mistake that caused the meltdown.…

And Qualcomm addresses 'permanent denial of service' flaw in its stuff

Google released 46 fixes for Android in its August security patch batch, including one for a Linux kernel flaw in the mobile OS that can lead to remote code execution (RCE).…

Misery loves company – all of its competitors were also negatively impacted

One of the US's largest car dealerships says the IT outage caused by CDK Global's June ransomware attack cost it approximately $30 million.…

Windows SmartScreen and Smart App Control both have weaknesses of which to be wary

Elastic Security Labs has lifted the lid on a slew of methods available to attackers who want to run malicious apps without triggering Windows' security warnings, including one in use for six years.…

That one weird thing in Outlook that gives phishers and scammers an in to an inbox

Users are urging Microsoft to rethink how it shows sender email addresses in Outlook because phishing criminals are taking advantage, using helpful, friendly names to serve up emails loaded with malicious intent.…

Chap named 'Roman Boss' accused of being just that at a cryptocash laundering outfit

Users of Cryptonator – an online digital wallet and cryptocurrency exchange – received an unpleasant surprise last weekend after the service was shuttered in a combined operation run by the FBI, the US Internal Revenue Service (IRS), and German police.…

Singapore Ministry of Education orders software removed after string of snafus

UK-based mobile device management vendor Mobile Guardian has admitted that on August 4 it suffered a security incident that involved unauthorized access to iOS and ChromeOS devices managed by its tools. In Singapore, the incident resulted in 13,000 devices being remotely wiped and saw the nation's Education Ministry cut ties with the vendor.…

Some scowl, some smile, as fines no longer apply every time your mugshot or fingerprint is shared

The US state of Illinois has reduced penalties for breaches of its tough Biometric Information Privacy Act (BIPA).…