News

A man, a plan, and Razzlekhan fought the law – and the law won

Ilya Lichtenstein and Heather Morgan on Thursday pleaded guilty to money-laundering charges related to the 2016 theft of some 120,000 Bitcoins from Hong Kong-based Bitfinex.…

Plus: Tenable CEO blasts Redmond's bug disclosure habits

An infamous Kremlin-backed gang has been using Microsoft Teams chats in attempts to phish marks in governments, NGOs, and IT businesses, according to the Windows giant.…

Mysterious Team Bangladesh has carried out 846 attacks since June 2022, mostly DDoS

Hacktivism may have dropped off of organization radars over the past few years, but it is now very visibly coming from what is believed to be Bangladesh, thanks to a group tracked by cybersecurity firm Group-IB.…

Time for a proper secure clinical image transfer system, perhaps?

Staff at NHS Lanarkshire - which serves over half a million Scottish residents - used WhatsApp to swap photos and personal info about patients, including children's names and addresses.…

Invaders already spent four or more months frolicking inside Norwegian government servers

Intruders who exploited a critical Ivanti bug to compromise 12 Norwegian government agencies spent at least four months looking around the organizations' systems and stealing data before the intrusion was discovered and stopped.…

WeChat accused of 'contempt for Parliament' as transparency rules floated for platforms

An Australian Senate Committee has recommended banning Chinese social media apps in the land down under, on grounds the Communist Party of China uses them to spread propaganda and misinformation.…

CEO, fresh with funds, lays out the dependency dilemma

Interview  Open source security biz Socket is extending its source code dependency checker, which previously addressed only JavaScript and Python, by adding support for checking Go code.…

Collide+Power vulnerability leaks secrets bit by bit - but could take months or years to learn a useful secret

Boffins in Austria and Germany have devised a power-monitoring side-channel attack on modern computer chips that exposes sensitive data, but very slowly.…

Mega memory foam bedding maker says no sign yet personal info was stolen

As if attacks from China weren't enough, one of the Air Force's own has reportedly gone rogue

The US government is fighting a pair of cyber security incidents, one involving Chinese spies who potentially gained access to crucial American computer networks and the other related to an Air Force engineer allegedly compromised communications security by stealing sensitive equipment and taking it home.…

Some say retaliation for sanctions, but Beijing says it just wants world peace

China introduced restrictions on Monday that mean would-be exporters will require a license to ship certain drones and related equipment out of the Middle Kingdom.…

As expert panel suggests some tweaks to boost public's confidence in FISA

The White House has weighed in on the Section 702 debate, urging lawmakers to reauthorize, "without new and operationally damaging restrictions," the controversial snooping powers before they expire at the end of the year.…

Chip giant washes its hands – but you can't stop secondary sales

Chinese video surveillance equipment maker Hikvision was reportedly paid $6 million by Beijing last year to provide technology that could identify members of the nation's Uyghur people, a Muslim ethnic majority, according to physical security monitoring org IPVM.…

Clue: Nothing like what’s on offer today

Opinion  "There seems to be something wrong with our bloody ships today," fumed Admiral David Beatty during 1916's Battle of Jutland. Fair enough: three of the Royal Navy's finest vessels had just blown up and sank.…

ALSO: China says US hacked it right back, BreachForums users have been pwned, and this week's critical vulns

Infosec in brief  US senator Ron Wyden (D-OR) thinks it's Microsoft's fault that Chinese hackers broke into Exchange Online, and he wants three separate government agencies to launch investigations and "hold Microsoft responsible for its negligent cyber security practices." …

Mar-a-Lago IT director told 'the boss wanted the server deleted'

Federal prosecutors have expanded their criminal case against a famous Floridian and his loyal minions for allegedly mishandling national security secrets and not being forthright about the storage and handling of hundreds of classified documents.…

IDORs of the storm

Personal, financial, and health information belonging to millions of folks has been stolen via a particular class of website vulnerability, say cybersecurity agencies in the US and Australia. They're urging developers to review their code and squish these bugs for good.…

Also: China's 'got a bigger hacking program than that of every major nation combined'

Nearly all of the FBI's technical intelligence on malicious "cyber actors" in the first half of this year was obtained via Section 702 searches, according to FBI Director Christopher Wray.…

PRC semiconductor exports curiously rose 19% y-o-y for first 9 months of 2022

Chinese companies, including state-owned defense companies, are evading tech sanctions and fueling Moscow’s war in Ukraine, according to a US report released on Thursday.…

'Gay furry hackers' say it's in response to 'attacks on human rights' and noooothing to do with Russia-Ukraine

NATO is investigating claims by miscreants that they broke into the military alliance's unclassified information-sharing and collaboration IT environment, stole information belonging to 31 nations, and leaked 845 MB of compressed data.…