CISA broke into a US federal agency, and no one noticed for a full 5 months Red team exercise revealed a score of security fails Security12 Jul 2024 | 17
IcedID henchman gets nine years in clanger for abusing malware to drain bank accounts The slippery Ukrainian national must also pay a hefty $74 million on top of the jail time Malware Month12 Jul 2024 | 7
Advance Auto Parts: 2.3M people's data accessed when crims broke into our Snowflake account Letters from CISO Ethan Steiger suggest the data related to job applications Cyber-crime11 Jul 2024 | 6
Snowflake lets admins make MFA mandatory across all user accounts Company announces intent following Ticketmaster, Santander break-ins Security10 Jul 2024 | 4
Malware that is 'not ransomware' wormed its way through Fujitsu Japan's systems Company says data exfiltration was extremely difficult to detect Malware Month10 Jul 2024 | 8
RADIUS networking protocol blasted into submission through MD5-based flaw If someone can do a little MITM'ing and hash cracking, they can log in with no valid password needed Research10 Jul 2024 | 9
Evolve Bank & Trust confirms LockBit stole 7.6 million people's data Making cyberattack among the largest ever recorded in finance industry Cyber-crime09 Jul 2024 | 6
Avast secretly gave DoNex ransomware decryptors to victims before crims vanished Updated Good riddance to another pesky tribe of miscreants Malware Month08 Jul 2024 | 9
Cancer patient forced to make terrible decision after Qilin attack on London hospitals Exclusive Skin-sparing mastectomy and breast reconstruction scrapped as result of ransomware at supplier Malware Month05 Jul 2024 | 69
Latest Ghostscript vulnerability haunts experts as the next big breach enabler There's also chatter about whether medium severity scare is actually code red nightmare Research05 Jul 2024 | 25
Europol says mobile roaming tech is making its job too hard Privacy measures apparently helping criminals evade capture Cyber-crime05 Jul 2024 | 36
Europol nukes nearly 600 IP addresses in Cobalt Strike crackdown Private sector helped out with week-long operation – but didn't touch China Malware Month04 Jul 2024 | 7
Traeger security bugs bad news for grillers with neighborly beef Never risk it when it comes to brisket – make sure those updates are applied Research03 Jul 2024 | 20
Patelco banking services AWOL amid ransomware ruckus Late fees? Don't worry, the credit union has you covered Malware Month03 Jul 2024 | 2
No rest for the wiry as Cisco Nexus switches flip out over latest zero-day Command injection bug being abused by suspected Chinese spies – patch up Malware Month02 Jul 2024 | 6
Affirm fears customer info pilfered during ransomware raid at Evolve Bank Number of partners acknowledging data theft continues to rise Malware Month02 Jul 2024 | 2
Nasty regreSSHion bug in OpenSSH puts roughly 700K Linux boxes at risk Full system takeovers on the cards, for those with enough patience to pull it off Patches01 Jul 2024 | 59
Juniper Networks flings out emergency patches for perfect 10 router vuln Get 'em while they're hot Patches01 Jul 2024 | 6
CISA director: US is 'not afraid' to shout about Big Tech's security failings Jen Easterly hopes CSRB's Microsoft report won't impede future private sector collaboration CSO01 Jul 2024 | 12
Google cuts ties with Entrust in Chrome over trust issues Move comes weeks after Mozilla blasted certificate authority for failings Security28 Jun 2024 | 24
US convicts crypto-robbing gang leader who kidnapped victims before draining their accounts Said to have zip tied elderly crypto investors, held them at gunpoint, and threatened to kill them Cyber-crime26 Jun 2024 | 13
Batten down the hatches, it's time to patch some more MOVEit bugs Exploit attempts for ‘devastating’ vulnerabilities already underway Patches26 Jun 2024 | 9
Crypto scammers circle back, pose as lawyers, steal an extra $10M in truly devious plan Business is more lucrative than you might think Cyber-crime25 Jun 2024 | 18
CISA says crooks used Ivanti bugs to snoop around high-risk chemical facilities Crafty crims broke in but encryption stopped any nastiness Cyber-crime25 Jun 2024 | 3
Car dealers stuck in the slow lane after cyber woes at software biz CDK More customers self-reporting to SEC as disruption carries into second week Cyber-crime24 Jun 2024 | 2
'Mirai-like' botnet observed attacking EOL Zyxel NAS devices Seems like as good a time as any to upgrade older hardware Research24 Jun 2024 | 3
Levi's and more affected in pants-dropping week of data breaches A busy few days for security teams Cyber-crime24 Jun 2024 | 5
Phoenix UEFI flaw puts long list of Intel chips in hot seat Researchers discuss it in same breath as BlackLotus and MosaicRegressor Research21 Jun 2024 | 21
Qilin cyber scum leak data they claim belongs to London hospitals’ pathology provider At least they didn’t get paid their $50M ransom demand Cyber-crime21 Jun 2024 | 11
Car dealer software bigshot CDK pulls systems offline twice amid 'cyber incident' Downtime set to crash into next week Cyber-crime20 Jun 2024 | 13
Russia's cyber spies still threatening French national security, democracy Publishing right before a major election is apparently just a coincidence Cyber-crime20 Jun 2024 | 9
Qilin: We knew our Synnovis attack would cause a healthcare crisis at London hospitals Interview Cybercriminals claim they used a zero-day to breach pathology provider’s systems Cyber-crime20 Jun 2024 | 25
Amtrak confirms crooks are breaking into accounts using creds swiped from other DBs Railco goes full steam ahead with notification letters to Rewards users about spilled card details and more Cyber-crime19 Jun 2024 | 12
Uncle Sam ends financial support to orgs hurt by Change Healthcare attack Billions of dollars made available but worst appears to be over Research18 Jun 2024 | 3
NHS boss says Scottish trust wouldn't give cyberattackers what they wanted CEO of Dumfries and Galloway admits circa 150K people should assume their details leaked Cyber-crime18 Jun 2024 | 13
Blackbaud has to cough up a few million dollars more over 2020 ransomware attack Four years on and it's still paying for what California attorney general calls 'unacceptable' practice Cyber-crime17 Jun 2024 | 3
Cops cuff 22-year-old Brit suspected of being Scattered Spider leader Spanish plod make arrest at airport before he jetted off to Italy Cyber-crime17 Jun 2024 | 22
UK's Total Fitness exposed nearly 500K images of members, staff through unprotected database Exclusive Health club chain headed for the spa on choose-a-password day Security17 Jun 2024 | 24
Ukraine busts SIM farms targeting soldiers with spyware Russia recruits local residents to support battlefield goals Cyber-crime14 Jun 2024 | 8
Ukrainian cops collar Kyiv programmer believed to be Conti, LockBit linchpin 28-year-old accused of major ransomware attacks across Europe Malware Month13 Jun 2024 | 13
Student's flimsy bin bags blamed for latest NHS data breach Confidential patient information found by member of the public Security13 Jun 2024 | 63
White House report dishes deets on all 11 major government breaches from 2023 The MOVEit breach and ransomware weren’t kind to the Feds last year CSO12 Jun 2024 | 1
China's FortiGate attacks more extensive than first thought Dutch intelligence says at least 20,000 firewalls pwned in just a few months Cyber-crime12 Jun 2024 | 13
Pure Storage pwned, claims data plundered by crims who broke into Snowflake workspace Secure storage company hasn't spilled details on how they got in Cyber-crime11 Jun 2024 | 1
Cylance clarifies data breach details, except where the data came from Customers, partners, operations remain uncompromised, BlackBerry says Security11 Jun 2024 | 2
UK and Canada's data chiefs join forces to investigate 23andMe mega-breach Three-pronged approach aims to uncover any malpractice at the Silicon Valley biotech biz Cyber-crime11 Jun 2024 | 14
Christie's confirms RansomHub crooks stole data on 45K clients A far cry from the half-million claim that crims originally boasted Cyber-crime10 Jun 2024 |
Two cuffed over suspected smishing campaign using 'text message blaster' Thousands of dodgy SMSes bypassed network filters in UK-first case, it is claimed Cyber-crime10 Jun 2024 | 23
Frontier Communications: 750k people's data stolen in April attack on systems Company says just names and SSNs affected, watering down RansomHub’s claims Cyber-crime07 Jun 2024 | 8
Cisco fixes WebEx flaw that allowed government, military meetings to be spied on Researchers were able to glean data from 10,000 meetings held by top Dutch gov officials Cyber-crime07 Jun 2024 | 12
Uncle Sam seeks to claw back $5M+ stolen from trade union through spoofed email Funds are currently seized after being sent to offshore accounts Cyber-crime06 Jun 2024 | 8
7-year-old Oracle WebLogic bug under active exploitation Experts say Big Red will probably re-release patch in an upcoming cycle Malware Month06 Jun 2024 | 6
Emergency patches released for critical vulns impacting EOL Zyxel NAS boxes That backdoor's not meant to be there? Patches05 Jun 2024 | 3
4 cuffed following probe into holiday scheme for cybercrooks Public officials allegedly bribed to allow extradition-dodging travel Cyber-crime05 Jun 2024 | 6
London hospitals left in critical condition after ransomware attack Pathology lab provider targeted, affecting blood transfusions and surgeries Cyber-crime04 Jun 2024 | 77
Christie's stolen data sold to highest bidder rather than leaked, RansomHub claims Experts say auctioning the auctioneer’s data is unlikely to have been genuinely successful Cyber-crime04 Jun 2024 | 9
Cybercrooks get cozy with BoxedApp to dodge detection Some of the biggest names in the game are hopping on the trend Research04 Jun 2024 | 2
Russia takes gold for disinformation as Olympics approach Featuring Tom Cruise deepfakes and multiple made-up terrorism threats Security03 Jun 2024 | 19
US senator claims UnitedHealth's CEO, board appointed 'unqualified' CISO Similar cases have resulted in serious sanctions, and they were on a far smaller scale CSO31 May 2024 | 26
Cyber cops plead for info on elusive Emotet mastermind Follows arrests and takedowns of recent days Cyber-crime31 May 2024 | 4