News

Security, not model performance, is what's stalling adoption

Interview  Before AI becomes commonplace in enterprises, corporate leaders have to commit to an ongoing security testing regime tuned to the nuances of AI models.…

OpenAI boots accounts linked to 10 malicious campaigns

Fake IT workers possibly linked to North Korea, Beijing-backed cyber operatives, and Russian malware slingers are among the baddies using ChatGPT for evil, according to OpenAI's latest threat report.…

Destructive malware has been a hallmark of Putin's multi-modal war

A new strain of wiper malware targeting Ukrainian infrastructure is being linked to pro-Russian hackers, in the latest sign of Moscow's evolving cyber tactics.…

The cash has been frozen for more than two years

The US is looking to finally capture the $7.74 million it froze over two years ago after indicting alleged money launderers it claims are behind North Korean IT worker schemes.…

Don't negotiate unless you must, and if so, drag it out as long as you can

Feature  So, the worst has happened. Computer screens all over your org are flashing up a warning that you've been infected by ransomware, or you've got a message that someone's been stealing information from your server.…

Any info on Maxim Rudometov and his associates? There's $$$ in it for you

The US government is offering up to $10 million for information on foreign government-backed threat actors linked to the RedLine malware, including its suspected developer, Maxim Alexandrovich Rudometov.…

Re-selling info from an earlier breach? Probably. But which one?

AT&T is investigating claims that millions of its customers' data are listed for sale on a cybercrime forum in what appears to be a re-release from an earlier hack.…

Trump-pardoned hacker Chris Wade will join the company as CTO

Cellebrite has announced a $170 million deal to buy Corellium, bringing together two companies that have made names for themselves by helping law enforcement break into encrypted devices.…

Plus: Plankey's confirmation process 'temporarily delayed'

Sean Cairncross, President Donald Trump's nominee to serve as national cyber director, doubled down on taking offensive cyber actions against foreign adversaries during a Senate homeland security committee nomination hearing on Thursday, and refused to condemn the president's proposed cuts to the main US cyber defense agency.…

Dark web crime platform raked in $17M+ over three years of operation

Uncle Sam has seized 145 domains tied to BidenCash, the notorious dark web market that trafficked in more than 15 million stolen credit cards.…

Someone went to great lengths to prey on the next generation of cybercrooks

Sophos thinks a single person or group called "ischhfd83" is behind more than a hundred backdoored malware variants targeting novice cybercriminals and video game cheaters looking to get their hands on malicious code.…

It’s definitely not a cyberattack though! Really!

The UK's tax collections agency says cyberbaddies defrauded it of £47 million ($63 million) late last year, but insists the criminal case was not a cyberattack.…

Researchers have come up with a fix for a path traversal bug first spotted in 2010

A security bug that surfaced fifteen years ago in a public post on GitHub has survived developers' attempts on its life.…

The authors who claimed America hacked itself to discredit Beijing are back with another report

Beijing complains it’s under relentless attack by the equivalent of an ant trying to shake a tree China’s National Computer Virus Emergency Response Center on Thursday published a report in which it claims Taiwan targeted it with a years-long but feeble cyber offensive, backed by the USA.…

To make matters worse, IBM's security software has a critical vuln caused by an exposed password

IBM isn’t having its best week after the company experienced another cloudy outage and a critical-rated vulnerability.…

Recompiled binaries and phone threats used to boost the pressure

Groups linked with the Play ransomware have exploited more than 900 organizations, the FBI said Wednesday, and have developed a number of new techniques in their double-extortion campaigns - including exploiting a security flaw in remote-access tool SimpleHelp if orgs haven't patched it.…

Drones are not enough

Following a daring drone attack on Russian airfields, Ukrainian military intelligence has reportedly also hacked the servers of Tupolev, the Kremlin's strategic bomber maker.…

Literally adding insult to injury

Kettering Health patients who had chemotherapy sessions and pre-surgery appointments canceled due to a ransomware attack in May now have to deal with the painful prospect that their personal info may have been leaked online.…

Victims include hospitality, retail and education sectors

A group of financially motivated cyberscammers who specialize in Scattered-Spider-like fake IT support phone calls managed to trick employees at about 20 organizations into installing a modified version of Salesforce's Data Loader that allows the crims to steal sensitive data.…

Did somebody say ransomware? Not the newspaper group, not even to deny it

Regional newspaper publisher Lee Enterprises says data belonging to around 40,000 people was stolen during an attack on its network earlier this year.…