News

ICO makes example of outsourcing giant over sluggish cyber response

The UK's Information Commissioner's Office (ICO) has issued a £14 million ($18.6 million) penalty to outsourcing giant Capita following a catastrophic 2023 cyberattack that exposed the personal data of 6.6 million people.…

Japan's beer behemoth still mopping up after ransomware spill that disrupted deliveries and delayed results

Asahi's cyber hangover just got worse, with the brewer now admitting that personal information may have been tapped in last month's attack.…

Lucky few randomly selected to trial the feature, which won't fully roll out for several months

Mozilla is working on a built-in VPN for Firefox, with beta tests opening to select users shortly.…

Latest in a long line of EBS flaws leta miscreants remotely compromise enterprise systems to pinch sensitive data

Oracle is rushing out another emergency patch for its embattled E-Business Suite as the fallout from the Clop-linked attacks continues to spread.…

Warn businesses to act now as high-severity incidents keep climbing

Cyberattacks that meet upper severity thresholds set by the UK government's cyber agents have risen 50 percent in the last year, despite almost zero change in the volume of cases handled.…

Malfunctioning equipment and manual processing cause 90-minute waits

The European Union's new biometric Exit/Entry System (EES) got off to a chaotic start at Prague's international airport, with travelers facing lengthy queues and malfunctioning equipment forcing border staff to process arrivals manually.…

'We will never stop,' say crooks, despite retiring twice in the space of a month

The Scattered Lapsus$ Hunters (SLSH) cybercrime collective - compriseed primarily of teenagers and twenty-somethings - announced it will go dark until 2026 following the FBI's seizure of its clearweb site.…

Redmond argued schools, education authorities are responsible for GDPR

An Austrian digital privacy group has claimed victory over Microsoft after the country's data protection regulator ruled the software giant "illegally" tracked students via its 365 Education platform and used their data.…

Beijing insists it's business as usual – Washington might see it differently

China's competition regulator has launched an investigation into Qualcomm's purchase of Israeli firm Autotalks, the latest salvo in the escalating tech trade war between Washington and Beijing.…

Regulator warns penalties will pile up until internet toilet does its paperwork

Ofcom, the UK's Online Safety Act regulator, has fined online message board 4chan £20,000 ($26,680) for failing to protect children from harmful content.…

Minister invokes powers to stop firm shifting knowledge to China, citing governance shortcomings

The Dutch government has placed Nexperia - a Chinese-owned semiconductor company that previously operated Britain's Newport Wafer Fab — under special administrative measures, citing serious governance failures that threaten European tech security.…

Forescout's phony water plant fooled TwoNet into claiming a fake cyber victory – then it quietly shut up shop

Security researchers say they duped pro-Russia cybercriminals into targeting a fake critical infrastructure organization, which the crew later claimed - via their Telegram group - to be a real-world attack.…

Crooks phish campus staff, slip into HR systems, and quietly reroute paychecks

Microsoft's Threat Intelligence team has sounded the alarm over a new financially-motivated cybercrime spree that is raiding US university payroll systems.…

US and French fuzz pull the plug on Scattered Lapsus$ Hunters' latest leak shop targeting Salesforce

US authorities have seized the latest incarnation of BreachForums, the cybercriminal bazaar recently reborn under the stewardship of the so-called Scattered Lapsus$ Hunters, with help from French cyber cops and the Paris prosecutor's office.…

Prospect apologizes for cyber gaffe affecting up to 160K members

UK trade union Prospect is notifying members of a breach that involved data such as sexual orientation and disabilities.…

Just 250 malicious training documents can poison a 13B parameter model - that's 0.00016% of a whole dataset

Poisoning AI models might be way easier than previously thought if an Anthropic study is anything to go on. …

Affects users regardless of when their backups were created

SonicWall has admitted that all customers who used its cloud backup service to store firewall configuration files were affected by a cybersecurity incident first disclosed in mid-September, walking back earlier assurances that only a small fraction of users were impacted.…

CRM giant 'will not engage, negotiate with, or pay' the scumbags

Salesforce won't pay a ransom demand to criminals who claim to have stolen nearly 1 billion customer records and are threatening to leak the data if the CRM giant doesn't pony up some cash.…

Berlin's opposition likely kills off Brussels' bid to scan everyone's messages

Germany has committed to oppose the EU's controversial "Chat Control" regulations following huge pressure from multiple activists and major organizations.…

Microsoft Copilot, not so much

Employees could be opening up to OpenAI in ways that put sensitive data at risk. According to a study by security biz LayerX, a large number of corporate users paste Personally Identifiable Information (PII) or Payment Card Industry (PCI) numbers right into ChatGPT, even if they're using the bot without permission.…