News

‘Bulletproof’ hosts partly dodged the last attack of this sort

US, UK, Australia sanction Lockbit gang’s hosting provider ‘Bulletproof’ hosts partly dodged the last attack of this sort Cybercrime fighters in the US, UK, and Australia have imposed sanctions on several Russia-linked entities they claim provide hosting services to ransomware gangs Lockbit, BlackSuit, and Play.…

Attackers may be joining the dots to enable unauthenticated RCE

Fortinet has confirmed that another flaw in its FortiWeb web application firewall has been exploited as a zero-day and issued a patch, just days after disclosing a critical bug in the same product that attackers had found and abused a month earlier.…

And companies are getting caught in the crossfire

interview  Warfare has become a joint cyber-kinetic endeavor, with nations using cyber operations to scope out targets before launching missiles. And private companies, including shipping, transportation, and electronics manufacturers, are getting caught in the crossfire, according to Amazon.…

Two-day exploit opened up 3.5 billion users to myriad potential harms

Researchers in Austria used a flaw in WhatsApp to gather the personal data of more than 3.5 billion users in what they believe amounts to the "largest data leak in history."…

Researchers say attacks are laying the groundwork for stealthy espionage activity

Around 50,000 ASUS routers have been compromised in a sophisticated attack that researchers believe may be linked to China, according to findings released today by SecurityScorecard's STRIKE team.…

The C-suite will have zero interest in zero trust without a good business case

Partner Content  In today's enterprise environment, technology investments are no longer judged solely by their technical sophistication. Approval depends on their ability to support business goals, mitigate risk, and create value for shareholders. CIOs and CISOs are expected to present their strategies not as technical upgrades but as business enablers. The challenge is not just making the right investments, but framing them in ways that resonate at the boardroom level.…

MI5 sounds the alarm about attempts to source sensitive information

Chinese spies are using social media and fake recruitment agents to recruit sources with access to sensitive information in the UK.…

Using AI to attack AI

Malefactors are actively attacking internet-facing Ray clusters and abusing the open source AI framework to spread a self-replicating botnet that mines for cryptocurrency, steals data, and launches distributed denial of service (DDoS) attacks.…

Regulator sides with telcos that claimed new cybersecurity duties were too ‘burdensome’

The Federal Communications Commission (FCC) will vote this week on whether to scrap Biden-era cybersecurity rules, enacted after the Salt Typhoon attacks came to light in 2024, that required telecom carriers to adopt basic security controls.…

When? Sean Cairncross wouldn't say

America is fed up with being the prime target for foreign hackers. So US National Cyber Director Sean Cairncross says Uncle Sam is going on the offensive – he just isn't saying when.…

Seventh Chrome 0-day this year

Google pushed an emergency patch on Monday for a high-severity Chrome bug that attackers have already found and exploited in the wild.…

They can probably set up a printer faster, but look elsewhere for cryptography advice

Gen Z can get off their digital high horses because their passwords are no more secure than their grandparents'.…