CISA broke into a US federal agency, and no one noticed for a full 5 months
Red team exercise revealed a score of security fails
Security12 Jul 2024 | 17
Connor is a cybersecurity journalist for The Register, reporting on what you need to know to keep your systems secure. Based in the UK, he has previously held positions ranging from news editor to staff writer.
IcedID henchman gets nine years in clanger for abusing malware to drain bank accounts
The slippery Ukrainian national must also pay a hefty $74 million on top of the jail time
Malware Month12 Jul 2024 | 7
Advance Auto Parts: 2.3M people's data accessed when crims broke into our Snowflake account
Letters from CISO Ethan Steiger suggest the data related to job applications
Cyber-crime11 Jul 2024 | 6
Snowflake lets admins make MFA mandatory across all user accounts
Company announces intent following Ticketmaster, Santander break-ins
Security10 Jul 2024 | 4
Malware that is 'not ransomware' wormed its way through Fujitsu Japan's systems
Company says data exfiltration was extremely difficult to detect
Malware Month10 Jul 2024 | 8
RADIUS networking protocol blasted into submission through MD5-based flaw
If someone can do a little MITM'ing and hash cracking, they can log in with no valid password needed
Research10 Jul 2024 | 9
Evolve Bank & Trust confirms LockBit stole 7.6 million people's data
Making cyberattack among the largest ever recorded in finance industry
Cyber-crime09 Jul 2024 | 6
Avast secretly gave DoNex ransomware decryptors to victims before crims vanished
Updated Good riddance to another pesky tribe of miscreants
Malware Month08 Jul 2024 | 9
Cancer patient forced to make terrible decision after Qilin attack on London hospitals
Exclusive Skin-sparing mastectomy and breast reconstruction scrapped as result of ransomware at supplier
Malware Month05 Jul 2024 | 69
Latest Ghostscript vulnerability haunts experts as the next big breach enabler
There's also chatter about whether medium severity scare is actually code red nightmare
Research05 Jul 2024 | 25
Europol says mobile roaming tech is making its job too hard
Privacy measures apparently helping criminals evade capture
Cyber-crime05 Jul 2024 | 36
Europol nukes nearly 600 IP addresses in Cobalt Strike crackdown
Private sector helped out with week-long operation – but didn't touch China
Malware Month04 Jul 2024 | 7
Traeger security bugs bad news for grillers with neighborly beef
Never risk it when it comes to brisket – make sure those updates are applied
Research03 Jul 2024 | 20
Patelco banking services AWOL amid ransomware ruckus
Late fees? Don't worry, the credit union has you covered
Malware Month03 Jul 2024 | 2
No rest for the wiry as Cisco Nexus switches flip out over latest zero-day
Command injection bug being abused by suspected Chinese spies – patch up
Malware Month02 Jul 2024 | 6
Affirm fears customer info pilfered during ransomware raid at Evolve Bank
Number of partners acknowledging data theft continues to rise
Malware Month02 Jul 2024 | 2
Nasty regreSSHion bug in OpenSSH puts roughly 700K Linux boxes at risk
Full system takeovers on the cards, for those with enough patience to pull it off
Patches01 Jul 2024 | 59
Juniper Networks flings out emergency patches for perfect 10 router vuln
Get 'em while they're hot
Patches01 Jul 2024 | 6
CISA director: US is 'not afraid' to shout about Big Tech's security failings
Jen Easterly hopes CSRB's Microsoft report won't impede future private sector collaboration
CSO01 Jul 2024 | 12
Google cuts ties with Entrust in Chrome over trust issues
Move comes weeks after Mozilla blasted certificate authority for failings
Security28 Jun 2024 | 24
US convicts crypto-robbing gang leader who kidnapped victims before draining their accounts
Said to have zip tied elderly crypto investors, held them at gunpoint, and threatened to kill them
Cyber-crime26 Jun 2024 | 13
Batten down the hatches, it's time to patch some more MOVEit bugs
Exploit attempts for ‘devastating’ vulnerabilities already underway
Patches26 Jun 2024 | 9
Crypto scammers circle back, pose as lawyers, steal an extra $10M in truly devious plan
Business is more lucrative than you might think
Cyber-crime25 Jun 2024 | 18
CISA says crooks used Ivanti bugs to snoop around high-risk chemical facilities
Crafty crims broke in but encryption stopped any nastiness
Cyber-crime25 Jun 2024 | 3
Car dealers stuck in the slow lane after cyber woes at software biz CDK
More customers self-reporting to SEC as disruption carries into second week
Cyber-crime24 Jun 2024 | 2
'Mirai-like' botnet observed attacking EOL Zyxel NAS devices
Seems like as good a time as any to upgrade older hardware
Research24 Jun 2024 | 3
Levi's and more affected in pants-dropping week of data breaches
A busy few days for security teams
Cyber-crime24 Jun 2024 | 5
Phoenix UEFI flaw puts long list of Intel chips in hot seat
Researchers discuss it in same breath as BlackLotus and MosaicRegressor
Research21 Jun 2024 | 21
Qilin cyber scum leak data they claim belongs to London hospitals’ pathology provider
At least they didn’t get paid their $50M ransom demand
Cyber-crime21 Jun 2024 | 11
Car dealer software bigshot CDK pulls systems offline twice amid 'cyber incident'
Downtime set to crash into next week
Cyber-crime20 Jun 2024 | 13
Russia's cyber spies still threatening French national security, democracy
Publishing right before a major election is apparently just a coincidence
Cyber-crime20 Jun 2024 | 9
Qilin: We knew our Synnovis attack would cause a healthcare crisis at London hospitals
Interview Cybercriminals claim they used a zero-day to breach pathology provider’s systems
Cyber-crime20 Jun 2024 | 25
Amtrak confirms crooks are breaking into accounts using creds swiped from other DBs
Railco goes full steam ahead with notification letters to Rewards users about spilled card details and more
Cyber-crime19 Jun 2024 | 12
Uncle Sam ends financial support to orgs hurt by Change Healthcare attack
Billions of dollars made available but worst appears to be over
Research18 Jun 2024 | 3
NHS boss says Scottish trust wouldn't give cyberattackers what they wanted
CEO of Dumfries and Galloway admits circa 150K people should assume their details leaked
Cyber-crime18 Jun 2024 | 13
Blackbaud has to cough up a few million dollars more over 2020 ransomware attack
Four years on and it's still paying for what California attorney general calls 'unacceptable' practice
Cyber-crime17 Jun 2024 | 3
Cops cuff 22-year-old Brit suspected of being Scattered Spider leader
Spanish plod make arrest at airport before he jetted off to Italy
Cyber-crime17 Jun 2024 | 22
UK's Total Fitness exposed nearly 500K images of members, staff through unprotected database
Exclusive Health club chain headed for the spa on choose-a-password day
Security17 Jun 2024 | 24
Ukraine busts SIM farms targeting soldiers with spyware
Russia recruits local residents to support battlefield goals
Cyber-crime14 Jun 2024 | 8
Ukrainian cops collar Kyiv programmer believed to be Conti, LockBit linchpin
28-year-old accused of major ransomware attacks across Europe
Malware Month13 Jun 2024 | 13
Student's flimsy bin bags blamed for latest NHS data breach
Confidential patient information found by member of the public
Security13 Jun 2024 | 63
White House report dishes deets on all 11 major government breaches from 2023
The MOVEit breach and ransomware weren’t kind to the Feds last year
CSO12 Jun 2024 | 1
China's FortiGate attacks more extensive than first thought
Dutch intelligence says at least 20,000 firewalls pwned in just a few months
Cyber-crime12 Jun 2024 | 13
Pure Storage pwned, claims data plundered by crims who broke into Snowflake workspace
Secure storage company hasn't spilled details on how they got in
Cyber-crime11 Jun 2024 | 1
Cylance clarifies data breach details, except where the data came from
Customers, partners, operations remain uncompromised, BlackBerry says
Security11 Jun 2024 | 2
UK and Canada's data chiefs join forces to investigate 23andMe mega-breach
Three-pronged approach aims to uncover any malpractice at the Silicon Valley biotech biz
Cyber-crime11 Jun 2024 | 14
Christie's confirms RansomHub crooks stole data on 45K clients
A far cry from the half-million claim that crims originally boasted
Cyber-crime10 Jun 2024 |
Two cuffed over suspected smishing campaign using 'text message blaster'
Thousands of dodgy SMSes bypassed network filters in UK-first case, it is claimed
Cyber-crime10 Jun 2024 | 23
Frontier Communications: 750k people's data stolen in April attack on systems
Company says just names and SSNs affected, watering down RansomHub’s claims
Cyber-crime07 Jun 2024 | 8
Cisco fixes WebEx flaw that allowed government, military meetings to be spied on
Researchers were able to glean data from 10,000 meetings held by top Dutch gov officials
Cyber-crime07 Jun 2024 | 12
Uncle Sam seeks to claw back $5M+ stolen from trade union through spoofed email
Funds are currently seized after being sent to offshore accounts
Cyber-crime06 Jun 2024 | 8
7-year-old Oracle WebLogic bug under active exploitation
Experts say Big Red will probably re-release patch in an upcoming cycle
Malware Month06 Jun 2024 | 6
Emergency patches released for critical vulns impacting EOL Zyxel NAS boxes
That backdoor's not meant to be there?
Patches05 Jun 2024 | 3
4 cuffed following probe into holiday scheme for cybercrooks
Public officials allegedly bribed to allow extradition-dodging travel
Cyber-crime05 Jun 2024 | 6
London hospitals left in critical condition after ransomware attack
Pathology lab provider targeted, affecting blood transfusions and surgeries
Cyber-crime04 Jun 2024 | 77
Christie's stolen data sold to highest bidder rather than leaked, RansomHub claims
Experts say auctioning the auctioneer’s data is unlikely to have been genuinely successful
Cyber-crime04 Jun 2024 | 9
Cybercrooks get cozy with BoxedApp to dodge detection
Some of the biggest names in the game are hopping on the trend
Research04 Jun 2024 | 2
Russia takes gold for disinformation as Olympics approach
Featuring Tom Cruise deepfakes and multiple made-up terrorism threats
Security03 Jun 2024 | 19
US senator claims UnitedHealth's CEO, board appointed 'unqualified' CISO
Similar cases have resulted in serious sanctions, and they were on a far smaller scale
CSO31 May 2024 | 26
Cyber cops plead for info on elusive Emotet mastermind
Follows arrests and takedowns of recent days
Cyber-crime31 May 2024 | 4
Biting the hand that feeds IT
