News

This time criminals targeted partner’s third-party software

It's more bad news from Ascension Health which is informing some of its patients, potentially for the second time in the space of a year, that their medical data was compromised during a major cyberattack.…

Will the personal assistant shop for groceries? Or get hijacked by a teen?

RSAC  If Amazon's Alexa+ works as intended, it could show how an AI assistant helps with everyday tasks like making dinner reservations or arranging an oven repair. Or things could go terribly wrong: it might turn on the oven and turn dinner plans into a house fire.…

President's campaign continues against man he claims covered up evidence of electoral fraud in 2020

Chris Krebs, former CISA director and current political punching bag for the US President, says his Global Entry membership was revoked.…

No MFA? No problem – as long as you show you’ve learned your lesson

The UK's data protection overlord is not going to pursue any further investigation into the British Library's 2023 ransomware attack.…

For now it's a potential bug-finder and friend to defenders

RSAC  Former NSA cyber-boss Rob Joyce thinks today's artificial intelligence is dangerously close to becoming a top-tier vulnerability exploit developer.…

Cybersecurity is national security, says Jen Easterly

RSAC  America's top cyber-defense agency is "being undermined" by personnel and budget cuts under the Trump administration, some of which are being driven by an expectation of perfect loyalty to the President rather than the nation.…

Feds say $970k scheme defrauded 13+ companies

A Maryland man has pleaded guilty to fraud after landing a job with a contractor working on US government software, and then outsourcing the work to a self-described North Korean developer in China.…

No specific law against it yet, but that's set to change

A spate of high-profile swatting incidents in the US recently forced the FBI into action with its latest awareness campaign about the occasionally deadly practice.…

Go ahead, please do Bash static analysis

Shell scripting may finally get a proper bug-checker. A group of academics has proposed static analysis techniques aimed at improving the correctness and reliability of Unix shell programs.…

A cloud security platform that manages the attack surface and security vulnerabilities in AWS

Sponsored post  You’d be naïve to believe that the cloud is secure by default, and while most hosting services provide basic defenses, it’s not always clear what level of protection these provide.…

Google dumped io_uring after $1M in bug bounties

A proof-of-concept program has been released to demonstrate a so-called monitoring "blind spot" in how some Linux antivirus and other endpoint protection tools use the kernel's io_uring interface.…

As Big Tech gets used to the pain, smaller vendors urged to up their game

Former Rear Admiral calls for National Guard online deployment and corporates to be held accountable

RSAC  Russia used to be considered America's biggest adversary online, but over the past couple of years China has taken the role, and is proving highly effective at it.…

Top voices warn that political retaliation puts democracy and national defense at risk

The Electronic Frontier Foundation (EFF) and numerous infosec leaders are lobbying US President Donald Trump to drop his enduring investigation into Chris Krebs, claiming that targeting the former CISA boss amounts to bullying.…

Artificial intelligence is helping Beijing's goons break in faster and stay longer

RSAC  The biggest threat to US critical infrastructure, according to FBI Deputy Assistant Director Cynthia Kaiser, can be summed up in one word: "China."…

FBI and others list how to spot NK infiltrators, but AI will make it harder

RSAC  Concerned a new recruit might be a North Korean stooge out to steal intellectual property and then hit an org with malware? There is an answer, for the moment at least.…

They’re sorry/not sorry for testing if bots can change minds by pretending to be a trauma counselor or a victim of sexual abuse

Researchers from the University of Zurich have admitted to secretly posting AI-generated material to popular Subreddit r/changemyview in the name of science.…

Who could possibly be behind this attack on an ethnic minority China despises?

Researchers at Canada’s Citizen Lab have spotted a phishing campaign and supply chain attack directed at Uyghur people living outside China, and suggest it’s an example of Beijing’s attempts to target the ethnic minority group.…

Florida man altered allergen info, DoSed former colleagues

Former Disney employee Michael Scheuer was sentenced to 36 months in prison and fined almost $688,000 for screwing up a software application the entertainment giant used to cook up its restaurant menus.…

Sometimes, silence is the best option

An Oklahoma City cybersecurity professional accused of installing spyware on a hospital PC confirmed on LinkedIn key details of the drama.…