News

Nabbed in Thailand, extradited... and now formally charged

A Russian citizen has been charged with defrauding US taxpayers out of at least $1.5m through a series of tax-return hacks.…

A scam version of the actor convinced a woman he was in love with her.

A recently-patched critical flaw in Oracle WebLogic is being actively exploited to peddle a new ransomware variant, which researchers call "Sodinokibi."

'Many companies pay us for our work, and we do not publish data and help them to eliminate vulnerabilities'

A service provider hired by the likes of Oracle, SAP, BT, and many others, to manage their IT systems has been hacked – and its client data held to ransom.…

A bug in the popular anti-piracy framework allows a side-channel attack on premium content.

An Ohio parish lost a whopping $1.75 million after attackers breached two employees' email accounts - and then tricked other employees into sending wire transfers to a fraudulent bank account.

We all want to see hard proof of espionage. This is absolutely not it

A claimed "backdoor" in Huawei routers used in the core of Vodafone Italy's 3G network was, in fact, a routine implementation of Telnet.…

Hapless soul repents 'unintentionally' sharing drone makers privates in repo

A Chinese software developer who previously expressed suicidal thoughts has been jailed after putting one of drone company DJI's AES private keys onto Github in plain text.…

...let us bring you up to date on infosec bits and bytes

Roundup  Here's your quick-fire summary of recent computer security news.…

Click to read to disappointingly logical answer

Comment  The President's son Donald Trump Jr broke the Computer Fraud and Abuse Act, a US federal law.…

Hardware that supports pirated video streaming content comes packed with malware.

The attack group shows a moderate level of sophistication, but the stage is set for MuddyWater to take things to the next level.

After facing criticism for removing or restricting several parental control apps over the past year, Apple cited security and privacy reasons.

Github and Bitbucket tokens for Docker autobuilds are also impacted.

Millions of security cameras, baby monitors and "smart" doorbells are open to hijack - and no solution is currently available.

Home of CRN UK, Computing and others warn remaining readers to update their freakin' passwords

UK events and publishing outfit Incisive Media today urged subscribers to change their account passwords after it found an open port on a server had left it exposed to a buffer overflow or another remotely exploitable vuln.…

Join the institute this June to up your cyber game

Promo  High-profile cases of successful attacks on critical industrial control systems show the growing importance of protecting your organization or facing a turbulent future. Malware delivered by ever more creative methods can find its way to plant floors, encrypting critical files or wiping them altogether.…

GCHQ offshoot shares infosec hair-raisers

CyberUK 2019  If your hair isn't already grey enough, GCHQ staff have revealed a handful of infosec incidents that, in their words, "surprised us".…

Yet another WordPress plugin vulnerability has put thousands of websites at risk.

On this week's Threatpost news wrap, the team discusses Facebook's FTC fine for its data security practices, a report that Amazon is collecting Echo users' geolocation data, and more.