The latest effort to reduce the number of ransom payments sent to cybercriminals in the UK involves the country's National Cyber Security Centre (NCSC) locking arms with insurance associations.β¦
Telegram CEO Pavel Durov issued a scathing criticism of Signal, alleging the messaging service is not secure and has ties to US intelligence agencies.β¦
Google and Apple are rolling out an anti-stalking feature for Android 6.0+ and iOS 17.5 that will issue an alert if some scumbag is using a gadget like an AirTag or similar to clandestinely track the user.β¦
Sponsored Post Defending against the cyber threats of today isn't dissimilar to protecting a medieval castle from attack a thousand years ago.β¦
The UK's NHS is warning of the possibility that vulnerabilities in Arcserve Unified Data Protection (UDP) software are being actively exploited.β¦
Christie's website remains offline as of Monday after a "technology security issue" shut it down Thursday night β just days before the venerable auction house planned to flog $840 million of art.β¦
US information security agencies have published advisories on how to detect and thwart the Black Basta ransomware gang β after the crew claimed responsibility for the recent attack on US healthcare provider Ascension.β¦
RSAC An unnamed tech business hired IBM's X-Force penetration-testing team to break into its network to test its security. With the help of AI automation, Big Blue said it was able to do so within hours.β¦
Europol is investigating a cybercriminal's claims that they stole confidential data from a number of the agency's sources.β¦
Sponsored Post There were hard words about the state of Britain's cyber security in parliament recently, but it's not just the country's critical national infrastructure which may be underprepared to tackle the army of hackers and nation state-backed cyber criminals intent on causing it disruption.β¦
Opinion If your cranky uncle was this fixated about anything, you'd always be somewhere else at Christmas. Yet here we are again. Europol has been sounding off at Meta for harming children. Not for the way it's actually harming children, but because β repeat after me β end-to-end encryption is hiding child sexual abuse material from the eyes of the law. "E2EE = CSAM" is the new slogan of fear.β¦
Sponsored Post Organizations across the Asia Pacific need to urgently ramp up their IT security infrastructures in response to a significantly increasing level of cyber threats, security experts have warned.β¦
Infosec in brief Encrypted email service Proton Mail is in hot water again from some quarters, and for the same thing that earned it flack before: Handing user data over to law enforcement.Β β¦
Interview Ransomware hit an all-time high last year, with more than 60 criminal gangs listing at least 4,500 victims β and these infections don't show any signs of slowing.β¦
Interview Take a glance at the cybersecurity headlines of late, and you'll see a familiar phrase that keeps cropping up: Critical infrastructure.Β β¦
Interview China remains the biggest cyber threat to the US government, America's critical infrastructure, and its private-sector networks, the nation's intelligence community has assessed.β¦
More than half a million gamblers with a penchant for powerballs will be receiving some fairly unwelcome news very soon, if not already, as cybercriminals have made off with their personal data.β¦
The US government wants to make Microsoft's vice chair and president, Brad Smith, the latest tech figurehead to field questions from a House committee on its recent cybersecurity failings.β¦
Six boffins mostly hailing from Singapore-based universities say they can prove it's possible to interfere with autonomous vehicles by exploiting the machines' reliance on camera-based computer vision and cause them to not recognize road signs.β¦
RSAC A malware-laced USB stick, inserted into a military laptop at a base in Afghanistan in 2008, led to what has been called the worst military breach in US history, and to the creation of the US Cyber Command.β¦
Interview Mick Baccio, global security advisor at Splunk, has watched the evolution of election security threats in real time.β¦
Healthcare organization Ascension is the latest of its kind in the US to say its network has been affected by what it believes to be a "cybersecurity event."β¦
Dell has confirmed information about its customers and their orders has been stolen from one of its portals. Though the thief claimed to have swiped 49 million records, which are now up for sale on the dark web, the IT giant declined to say how many people may be affected.β¦
RSAC Digital intruders from China, Russia, and Iran breaking into US water systems this year should be a "wake-up call," according to former National Security Agency cyber boss Rob Joyce.β¦
A crime ring dubbed BogusBazaar has scammed 850,000 people out of tens of millions of dollars via a network of dodgy shopping websites.β¦
Interview As undersea cables carry increasing amounts of information, cyber and physical attacks against them will cause a greater impact on the wider internet.β¦
RSAC There's a way to vastly reduce the scale and scope of ransomware attacks plaguing critical infrastructure, according to CISA director Jen Easterly: Make software secure by design.β¦
Just short of a year after the initial incident, the state of Georgia's higher education government agency has confirmed that it was the victim of an attack on its systems affecting the data of 800,000 people.β¦
UK Government has confirmed a cyberattack on the payroll system used by the Ministry of Defence (MoD) led to "malign" forces accessing data on current and a limited number of former armed forces personnel.β¦
Interview This year is an unfortunate anniversary for information security: We're told it's a decade since ransomware started infecting corporations.β¦
Interview The 33rd RSA Conference is underway this week, and no one feels that more acutely than the cybersecurity event's SVP Linda Gray Martin.β¦
Interview The cybersecurity practices that led up to the stunning Change Healthcare ransomware infection indicate "egregious negligence" on the part of parent company UnitedHealth, according to Tom Kellermann, SVP of cyber strategy at Contrast Security.β¦
RSAC AI is a double-edged sword in that the government can see ways in which the tech can protect and also be used to attack Americans, says US Homeland Security Secretary Alejandro Mayorkas.β¦
A newly discovered vulnerability undermines countless VPN clients in that their traffic can be quietly routed away from their encrypted tunnels and intercepted by snoops on the network.β¦
Interview As ransomware gangs step up their attacks against healthcare, schools, and other US critical infrastructure, CISA is ramping up a program to help these organizations fix flaws exploited by extortionists in the first place.β¦
TikTok and its China-based parent ByteDance sued the US government today to prevent the forced sale or shutdown of the video-sharing giant.β¦
Updated Police have finally named who they firmly believe is the kingpin of the LockBit ransomware ring: Dmitry Yuryevich Khoroshev.β¦
The deadlines associated with CISA's Known Exploited Vulnerabilities (KEV) catalog only apply to federal agencies, but fresh research shows they're having a positive impact on private organizations too.β¦
Exclusive A UK-based physical security business let its guard down, exposing nearly 1.3 million documents via a public-facing database, according to an infosec researcher.β¦
RSAC Ransomware infections have morphed into "a psychological attack against the victim organization," as criminals use increasingly personal and aggressive tactics to force victims to pay up, according to Google-owned Mandiant.β¦
Updated Last week, Apple began requiring iOS developers justify the use of a specific set of APIs that could be used for device fingerprinting.β¦
Updated Cops around the world have relaunched LockBit's website after they shut it down in February β and it's now counting down the hours to reveal documents that could unmask the ransomware group.β¦
Updated Mastodon has pushed back an update that's expected to fully address the issue of link previews sparking accidental distributed denial of service (DDoS) attacks.β¦
A cybersecurity expert could face a 20-year prison sentence after being accused of trying to extort a multinational IT infrastructure services biz to the tune of $1.5 million.β¦
CISA is calling on the software industry to stamp out directory traversal vulnerabilities following recent high-profile exploits of the 20-year-old class of bugs.β¦
Infosec in brief It was just around a year ago that a spate of allegedly Russian-orchestrated cyberattacks hit government agencies in Germany, and now German officials claim to know for a fact who did it: APT28, or Fancy Bear, a Russian threat actor linked to the GRU intelligence service.β¦
interview Police can complain all they like about strong end-to-end encryption making their jobs harder, but it doesn't matter because the technology is here and won't go away.Β β¦
Interview Dating apps ask people to disclose all kinds of personal information in the hope of finding them love, or at least a hook-up.β¦
AI built by Russian infosec firm Kaspersky was used in Russian drones for its war on Ukraine, volunteer intelligence gatherers claim.β¦
interview The more cybersecurity news you read, the more often you seem to see a familiar phrase: Software supply chain (SSC) vulnerabilities. Varun Badhwar, founder and CEO at security firm Endor Labs, doesn't believe that's by coincidence.Β β¦
A Europol-led operation dubbed βPandoraβ has shut down a dozen phone scam centers, and arrested 21 suspects. The cops reckon the action prevented criminals from bilking victims out of more than β¬10 million (Β£8.6 million, $11 million).β¦
Indonesia has acquired spyware and surveillance technologies through a "murky network" that extends into Israel, Greece, Singapore and Malaysia for equipment sourcing, according to Amnesty International.β¦
Exclusive Five Chinese researchers examined the configurations of nearly 14,000 government websites across the country and found worrying lapses that could lead to malicious attacks, according to a not-yet-peer-reviewed study released last week.β¦
Microsoft today said it will now let us common folk β not just commercial subscribers β signΒ into their Microsoft accounts and apps using passkeys with their face, fingerprint, or device PIN.β¦
Miami resident Onur Aksoy has been sentenced to six and a half years in prison for running a multi-million-dollar operation selling fake Cisco equipment that ended up in the US military.β¦
Network admins are being urged to patch a bundle of critical vulnerabilities in ArubaOS that lead to remote code execution as a privileged user.β¦
The US Cybersecurity and Infrastructure Security Agency (CISA) is forcing all federal agencies to patch a critical vulnerability in GitLab's Community and Enterprise editions, confirming it is very much under "active exploit."β¦
Chinese tech companies that serve as important links in the world's digital supply chains are helping Beijing to execute and refine its propaganda strategy, according to an Australian think tank.β¦
A Ukrainian man has been sentenced to almost 14 years in prison and ordered to pay more than $16 million in restitution for his role in infecting thousands of victims with REvil ransomware.β¦
Updated Over a million records describing Australians who visited local pubs and clubs have apparently been posted online.β¦