News

Looks to be the same baddies attacking VMware hypervisors last year

Suspected Chinese spies have exploited a critical Fortinet bug, and used custom networking malware to steal credentials and maintain network access, according to Mandiant security researchers.…

SBF alone pocketed $2.2B, or so this bankruptcy paperwork goes

In fresh filings in the FTX bankruptcy case, the cryptocurrency-exchange-slash-hedge-fund's liquidators say they've uncovered $3.2 billion (£2.6b) in payments and loans made to disgraced FTX founder Sam Bankman-Fried and his inner circle. …

Kaspersky cracks the code, so get busy before the next update comes

Good news for ransomware victims: Kaspersky security researchers say they've cracked the Conti ransomware code and released a decryptor tool after uncovering leaked data belonging to the notorious Russian crime group.…

Gov staff using it on personal mobes just fine... it's not like ministers use WhatsApp etc for business ... oh wait

The United Kingdom government has banned use of Chinese social media platform TikTok among ministers and officials on their work devices as a “precautionary” measure over worries the app is used to snoop on Brits.…

Why patching matters: Everyone seemingly had a crack at security bug

Multiple criminals, including at least potentially one nation-state group, broke into a US federal government agency's Microsoft Internet Information Services web server by exploiting a critical three-year-old Telerik bug to achieve remote code execution.…

Victim offered two years of credit monitoring after highly sensitive records dumped online

A cancer patient whose nude medical photos and records were posted online after they were stolen by a ransomware gang, has sued her healthcare provider for allowing the "preventable" and "seriously damaging" leak.…

Teen arrested yesterday while another man suspected of being a ViLE crime group member still 'at large'

A 19-year-old suspected of belonging to the "ViLE" crime group told a man authorities think is in the same gang that he "jacked into a police officer's account" and "the portal had some fucking potent tools" according to a complaint unsealed today in the Eastern District of New York.…

Phishing, dodgy domain names, and sophisticated attacks already deployed

The collapse of Silicon Valley Bank (SVB) late last week sent tremors through the global financial system, creating opportunities for short-sellers – and numerous species of scammer.…

Outgoing president alleges Beijing is systematically bullying strategically located island paradise

The outgoing president of the Federated States of Micronesia (FSM), David Panuelo, penned a lengthy letter last week accusing Beijing of rampant bribery, spying and other tactics – including an attempt to take control of the nation's submarine cables and telecoms infrastructure.…

The outlook is grim for Outlook - and SAP, Adobe. Android, and Chrome - so get ready for a long update party

Patch Tuesday  Microsoft's March Patch Tuesday includes new fixes for 74 bugs, two of which are already being actively exploited, and nine that are rated critical. Let's start with the two that miscreants found before Redmond issued a fix.…

Not-so-smart SmartScreen flagged up by Googlers

Criminals are exploiting a Microsoft SmartScreen bug to deliver Magniber ransomware, potentially infecting hundreds of thousands of devices, without raising any security red flags, according to Google's Threat Analysis Group (TAG).…

A threat that needs two orgs to tackle it: the 'Integrated Security Fund' and the 'National Protective Security Agency'

Britain's domestic intelligence service MI5 will oversee a new agency tasked with helping local organizations combat Chinese cyber-spies and other threats]…

And also, Ring hit with ransomware, too?

Ransomware gang Lockbit has boasted it broke into Maximum Industries, which makes parts for SpaceX, and stole 3,000 proprietary schematics developed by Elon Musk's rocketeers.…

Names, addresses, SSNs all up for grabs

Medical device and software maker Zoll Medical says the personal and health information of more than a million people, including patients and employees, may have been stolen by crooks in January.…

Also, the FBI just admitted to bypassing warrants by buying cellphone location data, and this week's actionable items

in brief  Cybersecurity and Infrastructure Security Agency's director Jen Easterly has been outspoken in her drive to bring more women into the security industry, and this year for International Women's Day her agency formalized that pledge by announcing a partnership with nonprofit Women in CyberSecurity (WiCyS).…

Any sufficiently stupid technology is indistinguishable from magical thinking

Opinion  Around the world, a vital technology is failing. Just as massive solar flares fry satellites and climate-change superstorms overwhelm flood defences, so a new surge of ridiculous IT-related events is burning out irony meters across the globe.…

Ensuring cybersecurity defences do more with less

Webinar  It's like living in a fever dream out there in the world of cybersecurity. More and more sophisticated attacks, a tsunami of solutions offering a gilt-edged escape from the need to constantly reconfigure your defences, and relentless pressure to always stay one step ahead of the hackers.…

Consultation for the long-awaited Digital India Act is finally under way although the draft law's still not been revealed

India's government has started to consult some proposed details of its long-awaited Digital India Act, including a declaration that the bill needed a dedicated adjudicatory tool for offenses committed online.…

Times have changed and unwanted software on Windows is a rarity (unless you count Windows itself)

Google is bidding adieu to an application that enabled Chrome users on Windows systems to get rid of unwanted software.…

File under cost of doing business

Blackbaud has agreed to pay $3 million to settle charges that it made misleading disclosures about a 2020 ransomware infection in which crooks stole more than a million files on around 13,000 of the cloud software slinger's customers.…