News
Industrial cybersecurity group gathers lobbying force
A number of the world's largest manufacturing and cybersecurity companies are getting behind a new consortium aimed at protecting industrial systems from threats.…
OpenSSH takes aim at 'capture now, decrypt later' quantum attacks
OpenSSH 9 is here, with updates aimed at dealing with cryptographically challenging quantum computers.…
Critical bug allows attacker to remotely control medical robot
Mobile robot maker Aethon has fixed a series of vulnerabilities in its Tug hospital robots that, if exploited, could allow a cybercriminal to remotely control thousands of medical machines.…
Singapore to license pentesters and managed infosec operators
Cybersecurity service providers must for licenses to operate in Singapore, under new regulations launched by the country’s Cyber Security Agency (CSA) on Monday.…
Defending the Endpoint with AI
Sponsored feature Remember the good old days, when the only devices a company had to worry about were the PCs on its own network? Today, security teams must yearn for those times as they struggle to protect endpoint devices everywhere.…
HCL and HP named in unflattering audit of India’s biometric ID system
India’s Comptroller and Auditor General has published a performance audit of the nation’s Unique Identification Authority and found big IT problems – some attributable to Indian services giant HCL and to HP, but others due to poor government decisions.…
European officials reportedly targeted by NSO spyware
Someone at least tried to use NSO Group's surveillance software to spy on European Commission officials last year, according to a Reuters report. …
Attackers exploit Spring4Shell flaw to let loose the Mirai botnet
There has been a land rush of sorts among threat groups trying to use the vulnerability discovered in the open-source Spring Framework last month, and now researchers at Trend Micro are saying it's being actively exploited to execute the Mirai botnet.…
There are few guarantees when it comes to ransomware, except that you’re a target
Webinar Are there any cast iron guarantees when it comes to ransomware? Well, you can guarantee that your organization will come under attack sooner or later. Probably sooner.…
Identity access management has a new price: $6.9 billion
A $6.9 billion acquisition is putting a hard number on the value of Identity and Access Management (IAM). …
Google Play pulls sneaky data-harvesting apps with 46m+ downloads
In brief Google pulled a slew of Android apps with more than 46 million downloads from its Google Play Store after security researchers notified the cloud giant that the code contained some sneaky data-harvesting code.…
Finnish govt websites knocked down as Ukraine President addresses MPs
Cyberattacks took down Finnish government websites on Friday while Ukrainian President Volodymyr Zelenskyy addressed Finland's members of parliament (MPs).…
Microsoft dogs Strontium domains to stop attacks on Ukraine
Microsoft this week seized seven internet domains run by Russia-linked threat group Strontium, which was using the infrastructure to target Ukrainian institutions as well as think tanks in the US and EU, apparently to support Russian's invasion of its neighbor.…
Zero days are for life, not just for Christmas. Here’s how to deal with them
Webinar The Log4j vulnerability put everyone in cybersecurity through the mill last December. So, is it OK to relax now?…
China accused of cyberattacks on Indian power grid
China has been accused of conducting a long-term cyber attack on India's power grid, and has been implicated in cyber attacks against targets in Ukraine.…
What’s it like on the cyber frontline? Find out in this online session
Paid post When’s the ideal time to reexamine your cybersecurity and data-protection guidelines?…
FIN7 crime-gang pen tester headed to US prison for five years
Another member of notorious cybercrime ring FIN7 is headed to jail after the gang breached major companies' networks across the US and stole more than $1 billion from these businesses' customers.…
Russia (still) trying to weaponize Facebook for spying, Ukraine-war disinfo
Facebook is fighting a surge in cyber-espionage attempts and misinformation campaigns related to the Russian invasion of Ukraine, according to a new report by parent group Meta.…
Adobe Creative Cloud Experience makes it easier to run malware
Adobe Creative Cloud Experience, a service installed via the Creative Cloud installer for Windows, includes a Node.js executable that can be abused to infect and compromise a victim's PC.…
Fintech platform flaw could have allowed bank transfers, exposed data
Salt Security spotted a vulnerability in a large fintech company's digital platform that would have granted attackers admin access to banking systems in addition to allowing them to transfer funds to their own accounts.…
Pages
