We're not in e-Kansas anymore: State courts reel from 'unauthorized incursion' Fax, post, and human messengers can still be used for filing vital evidence Cyber-crime16 Oct 2023 | 4
Regulator, insurers and customers all coming for Progress after MOVEit breach Infosec in brief Also, CISA cataloging new ransomware data points, 17k WP sites hijacked by malware in Sept., and more critical vulns Security16 Oct 2023 | 3
CISOs' salary growth slows – with pay gap widening We still doubt any infosec leaders will be going without heating this winter Cybersecurity Month11 Oct 2023 | 1
Chinese smart TV boxes infected with malware in PEACHPIT ad fraud campaign Infosec in brief PLUS: Sony admits to MoveITbreach; Blackbaud fined again, Qakbot's sorta back from the dead; and more Security09 Oct 2023 | 7
US lawmakers want China export bans to include open tech like RISC-V ASIA IN BRIEF PLUS: South Korea to fine Apple, Google; Digital fraud booms in Hong Kong; Singtel slings TrustWave Legal08 Oct 2023 | 13
MGM Resorts attackers hit personal data jackpot, but house lost $100M Racecars and cyber insurance will balance its books in no time, though Cyber-crime06 Oct 2023 | 2
South Korea accuses North of Phish and Ships attack Kim Jong-un looks at industry's progress with green eyes, says South Korea's spy agency Cyber-crime05 Oct 2023 |
Red Cross lays down hacktivism law as Ukraine war rages on Rules apply to cyber vigilantes and their home nations, but experts cast doubt over potential benefits CSO04 Oct 2023 | 4
North Korea's Lazarus Group upgrades its main malware LightningCan evades infosec tools in new and interesting ways Cybersecurity Month04 Oct 2023 | 4
Japan drives for infosec self-sufficiency – at least in one layer of deep defenses CYNEX Alliance brings industry, government, and academia together to share info and devise tools Cybersecurity Month03 Oct 2023 |
US State Dept has no idea if its IT security actually works, say auditors Updated End-of-life systems still in use, poor inventory control, and China's hunting Cybersecurity Month02 Oct 2023 | 9
Security researchers believe mass exploitation attempts against WS_FTP have begun Updated Early signs emerge after Progress Software said there were no active attempts last week Cyber-crime02 Oct 2023 | 14
T-Mobile US exposes some customer data – but don't call it a breach Infosec in brief PLUS: Trojan hidden in PoC; cyber insurance surge; pig butchering's new cuts; and the week's critical vulns Security25 Sep 2023 | 9
Cisco spends $28B on data cruncher Splunk in cybersecurity push $157/share cash deal is the largest acquisition in networking titan's history Security21 Sep 2023 | 5
Pot calls the kettle hack as China claims Uncle Sam did digital sneak peek first Beijing accuses US of breaking into Huawei servers in 2009 Cyber-crime20 Sep 2023 | 14
Sysadmin and spouse admit to part in 'massive' pirated Avaya licenses scam Could spend 20 years in prison after selling $88M in ADI software keys Cyber-crime20 Sep 2023 | 21
Ransomware attack hits Sri Lanka government, causing data loss Running unsupported and unpatched versions of Exchange Server will do that to a country Cyber-crime13 Sep 2023 | 3
China caught – again – with its malware in another nation's power grid 'Obtaining a disruptive capability could be one possible motivation behind this surge in attacks' Research12 Sep 2023 | 17
Google warns infoseccers: Beware of North Korean spies sliding into your DMs Infosec in brief ALSO: Verizon turns self in for reduced fine, malvertising comes to macOS, and this week's critical vulnerabilities Security11 Sep 2023 | 2
Meatbag mishaps more menacing than malware? CISOs think so Company boards, on the other hand, aren't letting cybersecurity disturb their sleep as much Research06 Sep 2023 | 6
Apple opens annual applications for free hackable iPhones Infosec in brief ALSO: Brazilian stalkerware database ripped by the short hairs, a fast fashion breach, and this week's critical vulns Security04 Sep 2023 | 1
Whiffy malware stinks after tracking location via Wi-FI Infosec in Brief ALSO: Euro chip maker breached, crims plan to undermine cyber insurance, and this week's critical vulnerabilities Security28 Aug 2023 | 12
Leak of 75k employee records was insiders' fault, claims Tesla Identity Access Management? What's that? Security21 Aug 2023 | 11
Microsoft DNS boo-boo breaks Hotmail for users around the globe Infosec in brief ALSO: NYC says kthxbye to TikTok, slain Microsoft exec's wife indicted, and some ASAP patch warnings Security21 Aug 2023 | 11
Chinese media teases imminent exposé of seismic US spying scheme Again labels America a hacker empire over alleged backdoors found in earthquake monitoring kit Security15 Aug 2023 | 37
Ford SYNC 3 infotainment vulnerable to drive-by Wi-Fi hijacking Don't panic, says automaker, but if you do, just turn off wireless for now Security14 Aug 2023 | 13
US government to investigate China's Microsoft email breach Infosec in brief PLUS: Phishing campaign targets the C-suite; Cybercrime arrests in EU and Africa; and more Security14 Aug 2023 | 1
US Cyber Command boss says China's spooky cyber skills still behind Paul Nakasone rates the Middle Kingdom a 'pacing challenge' Security11 Aug 2023 | 9
Microsoft 365 guest accounts + Power Apps = security nightmare Black Hat A login, a PA trial license, and some good old hacking are all that's needed to nab SQL databases Black Hat and DEF CON10 Aug 2023 | 5
Cyber-extortionists pillage Colorado education dept Hey, breacher, leave those kids alone Cyber-crime08 Aug 2023 | 7
North Korean hackers had access to Russian missile maker for months, say researchers Kim Jong Un's cyber-goons aren't above attacking the regime's few friends Security08 Aug 2023 | 21
Boffins say they can turn typing sounds into text with 95% accuracy Your neighbor's clacking keys aren't just annoying - they're also exploitable AI + ML07 Aug 2023 | 47
Old-school hacktivism is back because it never went away Mysterious Team Bangladesh has carried out 846 attacks since June 2022, mostly DDoS Research03 Aug 2023 | 7
Mattress maker Tempur Sealy says it isolated tech system to contain cyber burglary Sleeping giant says no sign yet personal info was stolen Cyber-crime01 Aug 2023 | 9
Google Cloud shores up log permissions for builder bot Infosec in brief ALSO: Amazon's child-sized COPPA fine, smart tech security labels coming to the US, and this week's critical vulns Security24 Jul 2023 | 2
Under CISA pressure collab, Microsoft makes cloud security logs available for free In hindsight, it's probably good practice to give clients access to cloud logs Cyber-crime20 Jul 2023 | 7
Tech support scammers go analog, ask victims to mail bundles of cash The approach is the same, but never mind the crypto or gift cards Security19 Jul 2023 | 28
Typo watch: 'Millions of emails' for US military sent to .ml addresses in error Good thing Mali isn't best pals with Russia right no– oh, shoot Sysadmin Month18 Jul 2023 | 155
Beijing wants to make the Great Firewall of China even greater Also more fiery, with vague but firm orders to create a 'security barrier' Security17 Jul 2023 | 8
Boris Johnson pleads ignorance, which just might work Infosec in brief Also: More high-profile MOVEit victims; CVSS 4.0 coming soon; and a long list of critical vulnerabilities Security17 Jul 2023 | 79
Infosec watchers: TeamTNT crew may blast holes in Azure, Google Cloud users Why limit yourself to only stealing AWS credentials? Cyber-crime15 Jul 2023 |
Microsoft admits unauthorized access to Exchange Online, blames Chinese gang Storm-0558 had access to customer accounts and mail – maybe even for senior US officials Sysadmin Month13 Jul 2023 | 37
Miscreants exploit five Microsoft bugs as Windows giant addresses 130 flaws Patch Tuesday Plus: Apple bungles another rapid security response; important ICS updates land; and more Patches11 Jul 2023 | 14
Liberté, Égalité, Spyware: France okays cops snooping on phones Infosec in brief ALSO: Shell fails to learn from past leaks; hundreds of solar plants found open to Mirai; and this week's crit vulns Security10 Jul 2023 | 45
Russian military satellite comms provider offline after hack Infosec in brief ALSO: Ransomware hit on Mancunian Uni spills NHS patient deets, USPTO leaks inventor info, and this week's crit vulns Systems03 Jul 2023 | 6
Ex-FBI employee jailed for taking classified material home Infosec in brief Also: a PII harvest at Dole's server farm, military members mailed mystery smartwatches, and this week's critical vulns CSO26 Jun 2023 | 55
Over 100,000 compromised ChatGPT accounts found for sale on dark web UPDATED Cybercrooks hoping users have whispered employer secrets to chatbot Cyber-crime20 Jun 2023 | 26
Data leak at major law firm sets Australia's government and elites scrambling BlackCat attack sparks injunction preventing coverage of purloined docs Security20 Jun 2023 | 24
US government extends software security deadline because vendors aren't ready This from the Administration that made infosec a priority Software13 Jun 2023 | 4
China's cyber now aimed at infrastructure, warns CISA boss Resilience against threats needs a boost Security13 Jun 2023 | 2
Microsoft stole our stolen dark web data, says security outfit Suit claims Redmond took far more than allowed from Hold's 360M-credential database Security12 Jun 2023 | 8
Hold it – another vulnerability found in MOVEit file transfer software Infosec in brief Also, the FBI's $180k investment in AN0M keeps paying off, and this week's critical vulnerabilities Cyber-crime12 Jun 2023 | 7
Darkweb credit card marts in decline across Asia, researchers claim India tops the charts for document theft Security09 Jun 2023 | 1
Microsoft says share the wealth with cyber-info for business It's better to take action than wait for attacks Security08 Jun 2023 | 9
Australian cyber-op attacked ISIL with the terrifying power of Rickrolling Commanders in the field persuaded to give up, let their guard down, run around and desert their posts Security05 Jun 2023 | 10
Toyota admits to yet another cloud leak infosec in brief Also, hackers publish RaidForum user data, Google's $180k Chrome bug bounty, and this week's vulnerabilities Security05 Jun 2023 | 6
Meet TeamT5, the Taiwanese infosec outfit taking on Beijing and defeating its smears Living in the eye of the geopolitical storm is not easy, but is good for business Security05 Jun 2023 | 2
1. This crypto-coin is called Jimbo. 2. $8m was stolen from its devs in flash loan attack 3. It's asked for 90% of the digital dosh back, or else it'll beg the cops for help Cyber-crime30 May 2023 | 46
New York county still dealing with ransomware eight months after attack security in brief Also: iSpoof no more, Edmodo fined more than it can pay, UK is #1 (in CC theft), and the week's critical vulns Security29 May 2023 | 8
It's 2023 and Sri Lanka doesn't have a cyber security authority All should change this year as the country passes its Cyber Security Bill Security26 May 2023 | 2
Five Eyes and Microsoft accuse China of attacking US infrastructure again Defeating Volt Typhoon will be hard, because the attacks look like legit Windows admin activity Cyber-crime25 May 2023 | 10
US Dept of Transport security breach exposes info on a quarter-million people Not the first time Uncle Sam has had the wheels come off its IT systems Security16 May 2023 | 4