News
Blue Yonder ransomware termites claim credit
Infosec in brief Still smarting over that grocery disruption caused by a ransomware attack on supply chain SaaS vendor Blue Yonder? Well, now you have someone to point a finger at: the Termite ransomware gang.…
How Chinese insiders are stealing data scooped up by President Xi's national surveillance system
Feature Chinese tech company employees and government workers are siphoning off user data and selling it online - and even high-ranking Chinese Communist Party officials and FBI-wanted hackers' sensitive information is being peddled by the Middle Kingdom's thriving illegal data ecosystem.…
Micropatchers share 1-instruction fix for NTLM hash leak flaw in Windows 7+
Acros Security claims to have found an unpatched bug in Microsoft Windows 7 and onward that can be exploited to steal users' OS account credentials.…
Facing sale or ban, TikTok tossed under national security bus by appeals court
A US federal appeals court has rejected a challenge to the law that prevents popular apps that collect data on Americans from being controlled by a foreign adversary.…
Salt Typhoon forces FCC's hand on making telcos secure their networks
The head of America's Federal Communications Commission (FCC) wants to force telecoms operators to tighten network security in the wake of the Salt Typhoon revelations, and to submit an annual report detailing measures taken.…
Badass Russian techie outsmarts FSB, flees Putinland all while being tracked with spyware
A Russian programmer defied the Federal Security Service (FSB) by publicizing the fact his phone was infected with spyware after being confiscated by authorities.…
Protect your clouds
Sponsored Post According to the 2024 IBM Cost of the Data Breach Report 40 percent of data breaches identified between March 2023 and February 2024 involved data stored across multiple environments, including the cloud.…
PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files
A zero-day arbitrary file read vulnerability in Mitel MiCollab can be chained with a now-patched critical bug in the same platform to give attackers access to sensitive files on vulnerable instances. …
Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday'
A Chinese government-linked group that Microsoft tracks as Storm-0227 yesterday started targeting critical infrastructures organisations and US government agencies, according to Redmond's threat intel team.…
Solana blockchain's popular web3.js npm package backdoored to steal keys, funds
Malware-poisoned versions of the widely used JavaScript library @solana/web3.js were distributed via the npm package registry, according to an advisory issued Wednesday by project maintainer Steven Luscher.…
Explore strategies for effective endpoint control
Webinar Managing endpoints in today's dynamic IT environments is becoming increasingly complex.…
British hospitals hit by cyberattacks still battling to get systems back online
Both National Health Service trusts that oversee the various hospitals hit by separate cyberattacks last week have confirmed they're still in the process of restoring systems.…
BT Group confirms attackers tried to break into Conferencing division
BT Group confirmed it is dealing with an attempted attack on one of its legacy business units after the Black Basta ransomware group claimed they broke in.…
Shape the future of UK cyber security
Partner Content The opportunity to identify, foster and nurture talented young people towards a cyber security career should always be grabbed with both hands.…
Ransomware hangover, Putin grudge blamed for vodka maker's bankruptcy
Two US subsidiaries of alcohol giant Stoli Group filed for bankruptcy protection this week over financial difficulties exacerbated by an August ransomware attack.…
T-Mobile US CSO: Spies jumped from one telco to another in a way 'I've not seen in my career'
interview While Chinese-government-backed spies maintained access to US telecommunications providers' networks for months – and in some cases still haven't been booted out – T-Mobile US thwarted successful attacks on its systems "within a single-digit number of days," according to the carrier's security boss Jeff Simon.…
Cops arrest suspected admin of German-language crime bazaar
German authorities say they have again shut down the perhaps unwisely named Crimenetwork platform and arrested a suspected admin.…
Microsoft says premature patch could make Windows Recall forget how to work
Microsoft has pinned down why some eager Windows Insiders could not persuade the Recall preview to save any snapshots. It's all down to a pesky non-security preview.…
Eurocops take down 'secure' criminal chat system known as Matrix
French and Dutch police have taken down the Matrix chat app, which was designed by criminals for criminals to be a secure encrypted messaging tool.…
FTC scolds two data brokers for allegedly selling your location to the metre
The FTC has reached a settlement with two data brokerages over allegations they harvested precise location data that shows when people entered hospitals, places of worship, and even attended protests supporting the late George Floyd.…