Malware crooks find an in with fake browser updates, in case real ones weren't bad enough Researchers say ransomware could be on the horizon if success continues Cybersecurity Month18 Oct 2023 |
We're not in e-Kansas anymore: State courts reel from 'unauthorized incursion' Fax, post, and human messengers can still be used for filing vital evidence Cyber-crime16 Oct 2023 | 4
Regulator, insurers and customers all coming for Progress after MOVEit breach Infosec in brief Also, CISA cataloging new ransomware data points, 17k WP sites hijacked by malware in Sept., and more critical vulns Security16 Oct 2023 | 3
Thwarted ransomware raid targeting WS_FTP servers demanded just 0.018 BTC Early attempt to exploit latest Progress Software bug spotted in the wild Cyber-crime13 Oct 2023 | 7
Everest cybercriminals offer corporate insiders cold, hard cash for remote access The ransomware gang changes identities more than Jason Bourne Research12 Oct 2023 | 9
US construction giant unearths concrete evidence of cyberattack Simpson Manufacturing yanks systems offline, warns of ongoing disruption Cyber-crime12 Oct 2023 | 11
Ransomwared health insurer wasn't using antivirus software PhilHealth blames government procurement rules for license expiry and issues phishing warnings Cybersecurity Month11 Oct 2023 | 14
Ransomware attacks register record speeds thanks to success of infosec industry Dwell times drop to hours rather than days for the first time Research10 Oct 2023 | 3
Chinese smart TV boxes infected with malware in PEACHPIT ad fraud campaign Infosec in brief PLUS: Sony admits to MoveITbreach; Blackbaud fined again, Qakbot's sorta back from the dead; and more Security09 Oct 2023 | 7
CDW data to be leaked next week after negotiations with LockBit break down Ransomware spokesperson scoffs at IT reseller's offer of payment Cyber-crime06 Oct 2023 | 15
BYOD should stand for bring your own disaster, according to Microsoft ransomware data Rising number of RaaS baddies drive global attack numbers up 200% CxO05 Oct 2023 | 9
Lorenz ransomware crew bungles blackmail blueprint by leaking two years of contacts Data leakers become data leakees Cyber-crime05 Oct 2023 | 10
Co-founder of collapsed crypto biz Three Arrows cuffed at airport Asia in brief Plus: Philippine state health insurance knocked offline by ransomware, China relaxes data export laws, and more Security03 Oct 2023 | 3
Feds hopelessly behind the times on ransomware trends in alert to industry Better late than never, we guess Cybersecurity Month02 Oct 2023 | 6
Now MOVEit maker Progress patches holes in WS_FTP Infosec in brief Plus: Johnson Controls hit by IT 'incident', Exim and Chrome security updates, and more Patches01 Oct 2023 | 9
T-Mobile US exposes some customer data – but don't call it a breach Infosec in brief PLUS: Trojan hidden in PoC; cyber insurance surge; pig butchering's new cuts; and the week's critical vulns Security25 Sep 2023 | 9
Feds raise alarm over Snatch ransomware as extortion crew brags of Veterans Affairs hit Invasion of the data snatchers Cyber-crime20 Sep 2023 | 3
California passes bill to set up one-stop data deletion shop Infosec in brief Also, LockBit gets a new second stringer, AirTag owners find yet another illicit use, and this week's critical vulns Security18 Sep 2023 | 13
Scattered Spider traps 100+ victims in its web as it moves into ransomware Mandiant warns casino raiders are doubling down on 'monetization strategies' Cyber-crime15 Sep 2023 | 7
Greater Manchester Police ransomware attack another classic demo of supply chain challenges Are you the weakest link? Cyber-crime15 Sep 2023 | 14
US-Canada water org confirms 'cybersecurity incident' after ransomware crew threatens leak NoEscape promises 'colossal wave of problems' if IJC doesn't pay up Cyber-crime15 Sep 2023 | 5
Airbus suffers data leak turbulence to cybercrooks' delight Ransomware group nicked info from employee of airline, say researchers Cyber-crime13 Sep 2023 | 1
Ransomware attack hits Sri Lanka government, causing data loss Running unsupported and unpatched versions of Exchange Server will do that to a country Cyber-crime13 Sep 2023 | 3
Save the Children hit by ransomware, 7TB stolen Updated A new low, even for these lowlifes Cyber-crime11 Sep 2023 | 11
Good news for Key Group ransomware victims: Free decryptor out now That's what we call a static shock CSO31 Aug 2023 | 5
Whiffy malware stinks after tracking location via Wi-FI Infosec in Brief ALSO: Euro chip maker breached, crims plan to undermine cyber insurance, and this week's critical vulnerabilities Security28 Aug 2023 | 12
Criminals go full Viking on CloudNordic, wipe all servers and customer data IT outfit says it can't — and won't — pay the ransom demand Cyber-crime23 Aug 2023 | 130
FYI: There's another BlackCat ransomware variant on the prowl Bad kitty, no catnip for you Cyber-crime18 Aug 2023 |
Microsoft OneDrive a willing and eager 'ransomware double agent' Black Hat No one will suspect such a trustworthy executable Black Hat and DEF CON10 Aug 2023 | 13
INTERPOL shutters '16shop' phishing-as-a-service outfit Alleged administrator cuffed in Indonesia, associate arrested in Japan, accused of selling fake Amazons for $60 Security09 Aug 2023 |
Cyber-extortionists pillage Colorado education dept Hey, breacher, leave those kids alone Cyber-crime08 Aug 2023 | 7
Medical files of 8M-plus people fall into hands of Clop via MOVEit mega-bug Maximus plus Deloitte and Chuck E. Cheese join 500+ victim orgs Security27 Jul 2023 | 9
Boris Johnson pleads ignorance, which just might work Infosec in brief Also: More high-profile MOVEit victims; CVSS 4.0 coming soon; and a long list of critical vulnerabilities Security17 Jul 2023 | 79
Barts NHS hack leaves folks on tenterhooks over extortion BlackCat pounces on 7TB of data and theatens to release it Black Hat and DEF CON11 Jul 2023 | 23
Liberté, Égalité, Spyware: France okays cops snooping on phones Infosec in brief ALSO: Shell fails to learn from past leaks; hundreds of solar plants found open to Mirai; and this week's crit vulns Security10 Jul 2023 | 45
LockBit louts unload ransomware at Japan’s most prolific cargo port Nagoya Harbor hit the rocks yesterday but looks to be afloat once more Black Hat and DEF CON06 Jul 2023 | 1
Russian military satellite comms provider offline after hack Infosec in brief ALSO: Ransomware hit on Mancunian Uni spills NHS patient deets, USPTO leaks inventor info, and this week's crit vulns Systems03 Jul 2023 | 6
Us, hacked by LockBit? No, says TSMC, that would be our IT supplier So, uh, who's gonna pay that $70M ransom? Black Hat and DEF CON30 Jun 2023 | 3
Ex-FBI employee jailed for taking classified material home Infosec in brief Also: a PII harvest at Dole's server farm, military members mailed mystery smartwatches, and this week's critical vulns CSO26 Jun 2023 | 55
UK cyberspies warn ransomware crews targeting law firms Nation states will use you to get to your friends, says NCSC CSO23 Jun 2023 | 8
Now BlackCat extortionists threaten to leak stolen plastic surgery pics Sharing a cancer patient's nude snaps earlier wasn't enough for these scumbags Cyber-crime22 Jun 2023 | 10
Reddit confirms BlackCat gang pinched some data Crooks demand $4.5m to keep '80GB' of corp info private – and no API price hikes Cyber-crime20 Jun 2023 | 4
LockBit suspect's arrest sheds more light on 'trustworthy' gang Plus: Accused is innocent until proven guilty, but is known to be an Apple fan Cyber-crime16 Jun 2023 | 10
US government hit by Russia's Clop in MOVEit mass attack CISA chief tells us exploitation 'largely opportunistic', not on same level of SolarWinds CSO15 Jun 2023 | 7
LockBit victims in the US alone paid over $90m in ransoms since 2020 As America, UK, Canada, Australia and friends share essential bible to detect and thwart infections CSO14 Jun 2023 | 2
Unsealed: Charges against Russians blamed for Mt Gox crypto-exchange collapse What a blast from the past, the past being a year before the pandemic Cyber-crime12 Jun 2023 | 7
Hold it – another vulnerability found in MOVEit file transfer software Infosec in brief Also, the FBI's $180k investment in AN0M keeps paying off, and this week's critical vulnerabilities Cyber-crime12 Jun 2023 | 7
Ransomware scum hit Japanese pharma giant Eisai Group Some servers encrypted in weekend attack, but product supply not affected Cyber-crime09 Jun 2023 | 1
Identity thieves can hunt us for 'rest of our lives,' claims suit after university data leak Crooks steal Social Security numbers and post them on dark web, victims blame holes in Mercer's security Cyber-crime06 Jun 2023 | 36
Qbot malware adapts to live another day … and another … Operators stay ahead of defenders with new access methods and C2 infrastructure Research05 Jun 2023 | 3
Ukraine war blurs lines between cyber-crims and state-sponsored attackers This RomCom is no laughing matter Cyber-crime01 Jun 2023 | 5
Criminals spent 10 days in US dental insurer's systems extracting data of 9 million LockBit gang claimed 'trophy' of spilling low income families' details. Their parents must be proud Cyber-crime31 May 2023 | 13
New York county still dealing with ransomware eight months after attack security in brief Also: iSpoof no more, Edmodo fined more than it can pay, UK is #1 (in CC theft), and the week's critical vulns Security29 May 2023 | 8
BlackByte ransomware crew lists city of Augusta after cyber 'incident' Mayor promises to comment on Friday Cyber-crime26 May 2023 | 2
Philly Inquirer says Cuba ransomware gang's data leak claims are fake news Now that's a Rocky relationship Cyber-crime24 May 2023 |
IT security analyst admits hijacking cyber attack to pocket ransom payments Ashley Liles altered blackmail emails in bid to make off with £300,000 in Bitcoin Cyber-crime24 May 2023 | 22
US bans North Korean outsourcer and its feisty freelancers They do your work – usually from Russia and China – then send their wages home to pay for missiles Cyber-crime24 May 2023 | 3
Dish confirms 300,000 people's data was exposed in February's attack But don't worry – we know it was deleted. Hmm. How would you know that? Cyber-crime23 May 2023 | 4
Microsoft decides it will be the one to choose which secure login method you use Certificate-based authentication comes first and phones last CSO18 May 2023 | 55
'Strictly limit' remote desktop – unless you like catching BianLian ransomware Do it or don't. We're not cops. But the FBI are, and they have this to say CSO17 May 2023 | 33
Ransomware-as-a-service groups rain money on their affiliates Qilin gang crims can earn up to 85 percent of extortion cash, or jail Cyber-crime17 May 2023 | 4
Feds offer $10m reward for info on alleged Russian ransomware crim Infecting cops' computers is one way to put a target on your back Cyber-crime17 May 2023 | 1