News
Iran's Pioneer Kitten hits US networks via buggy Check Point, Palo Alto gear
Iranian government-backed cybercriminals have been hacking into US and foreign networks as recently as this month to steal sensitive data and deploy ransomware, and they're breaking in via vulnerable VPN and firewall devices from Check Point, Citrix, Palo Alto Networks and other manufacturers, according to Uncle Sam.…
Dick's Sporting Goods discloses cyberattack
Dick's Sporting Goods, America's largest retail chain for outdoorsy types, has admitted that it suffered a cyberattack last week.…
From Copilot to Copirate: How data thieves could hijack Microsoft's chatbot
Microsoft has fixed flaws in Copilot that allowed attackers to steal users' emails and other personal data by chaining together a series of LLM-specific attacks, beginning with prompt injection.…
The ultimate dual-use tool for cybersecurity
Sponsored Feature Artificial intelligence: saviour for cyber defenders, or shiny new toy for online thieves? As with most things in tech, the answer is a bit of both.…
Woman uses AirTags to nab alleged parcel-pinching scum
Theft of packages is an ongoing problem, so one California woman tried a high tech solution to the problem – and her use of Apple’s consumer-grade AirTags tracking devices led to two arrests.…
Chinese broadband satellites may be Beijing's flying spying censors, think tank warns
The multiple constellations of broadband-beaming satellites planned by Chinese companies could conceivably run the nation's "Great Firewall" content censorship system, according to think tank The Australian Strategic Policy Institute. And if they do, using the services will be dangerous.…
Intel's Software Guard Extensions broken? Don't panic
Today's news that Intel's Software Guard Extensions (SGX) security system is open to abuse may be overstated.…
Volt Typhoon suspected of exploiting Versa SD-WAN bug since June
It looks like China's Volt Typhoon has found a new way into American networks as Versa has disclosed a nation-state backed attacker has exploited a high-severity bug affecting all of its SD-WAN customers using Versa Director.…
Microsoft security tools questioned for treating employees as threats
Software designed to address legitimate business concerns about cyber security and compliance treats employees as threats, normalizing intrusive surveillance in the workplace, according to a report by Cracked Labs.…
Microsoft mistake blows up admins' inboxes with fake malware alerts
Updated Many administrators have had a trying Monday after getting spammed out with false malware reports by Microsoft.…
Watchdog warns FBI is sloppy on secure data storage and destruction
update The FBI has made serious slip-ups in how it processes and destroys electronic storage media seized as part of investigations, according to an audit by the Department of Justice Office of the Inspector General.…
Seattle airport 'possible cyberattack' snarls travel yet again
The Port of Seattle, which operates the Seattle-Tacoma International Airport, is investigating a "possible cyberattack" after computer outages disrupted the airport's operations and delayed flights.…
AMD internal data reportedly offered for sale
Digital data thieves have reportedly breached AMD's internal communications and are offering the allegedly stolen goods for sale. …
31.5M invoices, contracts, patient consent forms, and more exposed to the internet
Exclusive Nearly 2.7 TB of sensitive data — 31.5 million invoices, contracts, HIPPA patient consent forms, and other business documents regarding numerous companies across industries — has been exposed to the public internet in a non-password protected database for an unknown amount of time.…
Cognizant alleges Infosys swiped its trade secrets
A subsidiary of IT outsourcer Cognizant filed a lawsuit on Friday in Texas federal court alleging that rival Infosys was involved in stealing trade secrets and engaging in anticompetitive behavior.…
Alleged Karakut ransomware scumbag charged in US
Infosec in brief Deniss Zolotarjovs, a suspected member of the Russian Karakurt ransomware gang, has been charged in a US court with allegedly conspiring to commit money laundering, wire fraud and Hobbs Act extortion.…
US sues Georgia Tech over alleged cybersecurity failings as a Pentagon contractor
The US is suing one of its leading research universities over a litany of alleged failures to meet cybersecurity standards set by the Department of Defense (DoD) for contract awardees.…
Uniting the brightest minds in security, network and cloud
Partner Content Cloudflare is excited to present Immerse, our flagship event designed to connect attendees directly with the ideas, technologies and business leaders driving network and security transformation.…
SolarWinds left critical hardcoded credentials in its Web Help Desk product
SolarWinds left hardcoded credentials in its Web Help Desk product that can be used by remote, unauthenticated attackers to log into vulnerable instances, access internal functionality, and modify sensitive data…
CrowdStrike deja vu as 'performance issue' leaves systems sluggish
Some IT administrators suffered a moment of deja vu on Thursday morning as CrowdStrike blamed a cloud service issue for performance problems and lagging boot times affecting some of European customers.…