News
Tsunami watch
Webinar It's sometimes easy to be lulled into a sense of false security and imagine that your organization or business will not become a target of highly professional cybercriminals, hacktivists and even nation-state actors. But the threat posed by DDoS attacks is very much on the rise.…
Northern Irish cops release 2 men after Terrorism Act arrests linked to data breach
Nearly four weeks after the Police Service of Northern Ireland (PSNI) published data on 10,000 employees in a botched response to a Freedom of Information request, another two men, aged 21 and 22, have been released on bail after being arrested under the Terrorism Act.…
Apple opens annual applications for free hackable iPhones
Infosec in brief The latest round of Apple's Security Research Device (SRD) program is open, giving security researchers a chance to get their hands on an unlocked device – and Apple's blessing to attack it and test its security capabilities.…
Cops drill into chat apps, sink plot to smuggle tons of coke into Europe
Video Efforts by cops to seize and shut down encrypted messaging apps favored by criminals, and then mine their conversations for evidence, appear to have led to more arrests — plus the seizure of about 2.7 tonnes of cocaine.…
More Okta customers trapped in Scattered Spider's web
Customers of cloudy identification vendor Okta are reporting social engineering attacks targeting their IT service desks in attempts to compromise user accounts with administrator permissions.…
Massive attack
Webinar Any organization can lose service, revenue, and reputation as a result. If you are particularly unlucky, a DDoS attack can defenestrate your network defences. You may find yourself facing an cyber criminal who wants to take your business for everything it's got - not an attractive prospect in anybody's book.…
Good news for Key Group ransomware victims: Free decryptor out now
Even ransomware operators make mistakes, and in the case of ransomware gang the Key Group, a cryptographic error allowed a team of security researchers to develop and release a decryption tool to restore scrambled files.…
Kremlin-backed Sandworm strikes Android devices with data-stealing Infamous Chisel
Russia's Sandworm crew is using an Android malware strain dubbed Infamous Chisel to remotely access Ukrainian soldiers' devices, monitor network traffic, access files, and steal sensitive information, according to a Five Eyes report published Thursday.…
Barracuda gateway attacks: How Chinese snoops keep a grip on victims' networks
Nearly a third of organizations compromised by Chinese cyberspies via a critical bug in some Barracuda Email Security Gateways were government units, according to Mandiant.…
Microsoft angry over Russian-led UN cybercrime treaty
A controversial United Nations proposal has a new foe, Microsoft, which has joined the growing number of organizations warning delegates that the draft version of the UN cybercrime treaty only succeeds in justifying state surveillance — not stopping criminals, as originally intended.…
Toyota Japan back on the road after probably-not-cyber attack halted production
Toyota Japan has recovered from what it's described as a "malfunction in the production order system" that halted production on 28 lines across 14 plants starting on Monday evening.…
Meta reckons China's troll farms could learn proper OpSec from Russia's fake news crews
Russia appears to be "better" at running online trolling campaigns aimed at pushing its political narratives than China, according to Meta's latest Adversarial Threat Report.…
University cuts itself off from internet after mystery security snafu
The University of Michigan has isolated itself from the internet but, hey, everything's fine!…
Apple security boss faces iPads-for-gun-permits bribery charge... again
An appeals court has reversed a 2021 decision to drop a bribery charge against Apple's head of global security, who is accused of donating iPads worth up to $80,000 to a sheriff's office in exchange for giving his Cupertino agents concealed carry weapon licenses.…
FBI-led Operation Duck Hunt shoots down Qakbot
Uncle Sam today said an international law enforcement effort dismantled Qakbot, aka QBot, a notorious botnet and malware loader responsible for losses totaling hundreds of millions of dollars worldwide, and seized more than $8.6 million in illicit cryptocurrency.…
More UK cops' names and photos exposed in supplier breach
London's Metropolitan Police has said a third-party data breach exposed staff and officers' names, ranks, photos, vetting levels, and salary information.…
Health, payment info for 1.2M people feared stolen from Purfoods in IT attack
Purfoods has notified more than 1.2 million people that their personal and medical data — including payment card and bank account numbers, security codes, and some protected health information — may have been stolen from its servers during what sounds like a ransomware infection earlier this year.…
Malware loader lowdown: The big 3 responsible for 80% of attacks so far this year
Three malware loaders — QBot, SocGholish, and Raspberry Robin — are responsible for 80 percent of observed attacks on computers and networks so far this year.…
Whiffy malware stinks after tracking location via Wi-FI
Infosec in Brief No one likes malware, but malicious code that tracks your location is particularly unlovable.…
Taiwanese infosec researchers challenge Microsoft's China espionage finding
Asia In Brief Taiwan-based infosec consultancy Team T5 has disputed Microsoft's alleged timeline of just when a Beijing-linked attack group named Flax Typhoon commenced its campaigns.…
Pages
