News
Industry piles in on North Korea for sustained rampage on software supply chains
The national cybersecurity organizations of the UK and the Republic of Korea (ROK) have issued a joint advisory warning of an increased volume and sophistication of North Korean software supply chain attacks. …
Attack on direct debit provider London & Zurich leaves customers with 6-figure backlogs
A ransomware attack and resulting outages at direct debit collection company London & Zurich has forced at least one customer to take out a short-term loan as six-figure backlogs continue to cause cash flow mayhem.…
Stop social engineering at the IT help desk
Sponsored Post Ransomware can hit any organization at any time, and hackers are proving adept at social engineering techniques to gain access to sensitive data in any way they can.…
Mirai we go again: Zero-day flaws see routers and cameras co-opted into botnet
Akamai has uncovered two zero-day bugs capable of remote code execution, both being exploited to distribute the Mirai malware and built a botnet army for distributed denial of service (DDoS) attacks.…
New Relic warns customers it's experienced a cyber … something
Web tracking and analytics outfit New Relic has issued a scanty security advisory warning customers it has experienced a scary cyber something.…
North Korea makes finding a gig even harder by attacking candidates and employers
Palo Alto Networks' Unit 42 has detailed a pair of job market hacking schemes linked to state-sponsored actors in North Korea: one in which the threat actors pose as job seekers, the other as would-be employers.…
How to give Windows Hello the finger and login as someone on their stolen laptop
Hardware security hackers have detailed how it's possible to bypass Windows Hello's fingerprint authentication and login as someone else – if you can steal or be left alone with their vulnerable device.…
US nuke reactor lab hit by 'gay furry hackers' demanding cat-human mutants
The self-described "gay furry hackers" of SiegedSec are back: this time boasting they've broken into America's biggest nuclear power lab's IT environment and stolen records on thousands of employees. Some of that data has already been leaked, it appears.…
US cybercops take on 'pig butchering' org, return $9M in scammed crypto
The US has seized nearly $9 million in proceeds generated by exploiting more than 70 victims across the nation in so-called "pig butchering" scams.…
Microsoft's bug bounty turns 10. Are these kinds of rewards making code more secure?
Interview Microsoft's bug bounty program celebrated its tenth birthday this year, and has paid out $63 million to security researchers in that first decade – with $60 million awarded to bug hunters in the past five years alone, according to Redmond.…
UK's cookie crumble: Data watchdog serves up tougher recipe for consent banners
The UK's Information Commissioner's Office (ICO) is getting tough on website design, insisting that opting out of cookies must be as simple as opting in.…
Binance and CEO admit financial crimes, billions coughed up to US govt
The world's largest cryptocurrency exchange just got a little smaller, with the US Department of Justice announcing Binance and its CEO Changpeng Zhao have both pleaded guilty to a multitude of financial crimes. As a result Binance will fork out $10 billion to Uncle Sam in fines and settlements.…
Sumo Logic wrestles with security breach, pins down customer data
Sumo Logic has confirmed that no customer data was compromised as a result of the potential security breach it discovered on November 3.…
The XBOM vs SBOM debate
Webinar A Software Bill of Materials (SBOM) has become a non-negotiable requirement to meet regulatory and buyer requirements. But does this provide enough protection if it can give only a partial view into interconnected and ever-changing application attack surfaces?…
Third-party data breach affecting Canadian government could involve data from 1999
The government of Canada has confirmed its data was accessed after two of its third-party service providers were attacked.…
Maintaining a state of readiness to deal with cyber attacks
Sponsored Post You can never afford to drop your guard when it comes to cyber security – hackers never do. Any weakness in your organisation's defence is certain to be tested at some point.…
MOVEit victim count latest: 2.6K+ orgs hit, 77M+ people's data stolen
Quick show of hands: whose data hasn't been stolen in the mass exploitation of Progress Software's vulnerable MOVEit file transfer application? Anyone?…
Former infosec COO pleads guilty to attacking hospitals to drum up business
An Atlanta tech company's former COO has pleaded guilty to a 2018 incident in which he deliberately launched online attacks on two hospitals, later citing the incidents in sales pitches.…
Rhysida ransomware gang: We attacked the British Library
The Rhysida ransomware group says it's behind the highly disruptive October cyberattack on the British Library, leaking a snippet of stolen data in the process.…
Your password hygiene remains atrocious, says NordPass
Infosec in brief It's that time of year again – NordPass has released its annual list of the most common passwords. And while it seems some of you took last year's chiding to heart, most of you arguably swapped bad for worse.…
Pages
