Cloudflare debuts one-click nuke of web-scraping AI Take that for ignoring robots.txt! Off-Prem03 Jul 2024 | 34
Polyfill.io claims reveal new cracks in supply chain, but how deep do they go? Opinion There will always be bad actors in the system. We can always learn from the drama they create Security01 Jul 2024 | 18
Police allege 'evil twin' of in-flight Wi-Fi used to steal passenger's credentials Fasten your seat belts, secure your tray table, and try not to give away your passwords Security01 Jul 2024 | 60
CISA looked at C/C++ projects and found a lot of C/C++ code. Wanna redo any of it in Rust? So, so many lines of memory-unsafe routines in crucial open source, and unsafe dependencies Research28 Jun 2024 | 77
'Skeleton Key' attack unlocks the worst of AI, says Microsoft Simple jailbreak prompt can bypass safety guardrails on major models AI + ML28 Jun 2024 | 113
Polyfill.io owner punches back at 'malicious defamation' amid domain shutdown Updated No supply-chain attacks to see over here! Research28 Jun 2024 | 28
TeamViewer can't bring itself to say someone broke into its network – but it happened Updated Claims customer data, prod environment not affected as NCC sounds alarm Cyber-crime28 Jun 2024 | 24
WhisperGate suspect indicted as US offers a $10M bounty for his capture Russian national accused of attacks in lead-up to the Ukraine war Public Sector27 Jun 2024 | 6
Feds put $5M bounty on 'CryptoQueen' Ruja Ignatova OneCoin co-founder allegedly bilked investors out of $4B Cyber-crime26 Jun 2024 | 20
If you're using Polyfill.io code on your site – like 100,000+ are – remove it immediately Scripts turn sus after mysterious CDN swallows domain CSO25 Jun 2024 | 61
Fiend touts stolen Neiman Marcus customer info for $150K Flash clobber chain fashionably late to Snowflake fiasco party Cyber-crime25 Jun 2024 | 2
UK and US cops band together to tackle Qilin's ransomware shakedowns Attacking the NHS is a very bad move Malware Month25 Jun 2024 | 26
Ollama drama as 'easy-to-exploit' critical flaw found in open source AI server About a thousand vulnerable instances still exposed online, we're told Patches24 Jun 2024 | 8
Risk of installing dodgy extensions from Chrome store way worse than Google's letting on, study suggests All depends on how you count it – Chocolate Factory claims 1% fail rate Research23 Jun 2024 | 34
Apple Intelligence won't be available in Europe because Tim's terrified of watchdogs These privacy rules might harm privacy! No, really, that's totally why we're doing this AI + ML21 Jun 2024 | 65
Change Healthcare finally spills the tea on what medical data was stolen by cyber-crew 'Substantial proportion' of America to get a little note from next month Cyber-crime21 Jun 2024 | 9
Uncle Sam sanctions Kaspersky's top bosses – but not Mr K himself Here's America's list of the supposedly dirty dozen CSO21 Jun 2024 | 16
Since joining NATO, Sweden claims Russia has been borking Nordic satellites If Putin likes jammin', we hope NATO likes jammin' too Security21 Jun 2024 | 56
Crooks get their hands on 500K+ radiology patients' records in cyber-attack Two ransomware gangs bragged of massive theft of personal info and medical files Cyber-crime20 Jun 2024 | 4
Biden bans Kaspersky: No more sales, updates in US Blockade begins July 20 on national security grounds as antivirus slinger vows to fight back CSO20 Jun 2024 | 111
That PowerShell 'fix' for your root cert 'problem' is a malware loader in disguise Control-C, Control-V, Enter ... Hell Research19 Jun 2024 | 18
Rogue uni IT director pleads guilty after fraudulently buying $2.1M of tech Two decades in the clink would be quite an education Cyber-crime18 Jun 2024 | 14
Dark-web kingpin puts 'stolen' internal AMD databases, source code up for sale Updated Chip designer really gonna need to channel some Zen right now Cyber-crime18 Jun 2024 |
EU attempt to sneak through new encryption-eroding law slammed by Signal, politicians If you call 'client-side scanning' something like 'upload moderation,' it still undermines privacy, security Security18 Jun 2024 | 75
VMware by Broadcom warns of two critical vCenter flaws, plus a nasty sudo bug Specially crafted network packet could allow remote code execution and access to VM fleets Patches18 Jun 2024 | 8
Arm security defense shattered by speculative execution 95% of the time 'TikTag' security folks find anti-exploit mechanism rather fragile Research18 Jun 2024 | 27
Shoddy infosec costs PwC spinoff and NMA $11.3M in settlement with Uncle Sam Updated Pen-testing tools didn't work – and personal info of folks hit by pandemic started appearing in search engines CSO17 Jun 2024 | 2
Suspected bosses of $430M dark-web Empire Market charged in US Cybercrime super-souk's Dopenugget and Zero Angel may face life behind bars if convicted Cyber-crime17 Jun 2024 | 1
AWS is pushing ahead with MFA for privileged accounts. What that means for you ... The clock is ticking – why not try a passkey? CSO17 Jun 2024 | 17
Can platform-wide AI ever fit into enterprise security? Opinion You know what they say about headlines that end in a question mark AI + ML17 Jun 2024 | 7
Notorious cyber gang UNC3944 attacks vSphere and Azure to run VMs inside victims' infrastructure Who needs ransomware when you can scare techies into coughing up their credentials? Security17 Jun 2024 | 5
Microsoft answered Congress' questions on security. Now the White House needs to act Feature Business as usual needs a real change Public Sector15 Jun 2024 | 44
Microsoft bigwig says the Feds catching Chinese spies in Exchange Online is the cloud working as intended 'It's not our job to find the culprits – That's what we're paying you for' lawmaker scolds Brad Smith CSO14 Jun 2024 | 57
Crooks crack customer info at tracking device vendor Tile, issue 'extortion' demands Who tracks the trackers? Cyber-crime13 Jun 2024 | 5
Google borrows from Android to make ChromeOS better 'Large portions' of droid tech stack going into laptop OS plumbing OSes12 Jun 2024 | 7
Ransomware crew may have exploited Windows make-me-admin bug as a zero-day Symantec suggests Black Basta crew beat Microsoft to the patch Malware Month12 Jun 2024 | 2
Let's kick off our summer with a pwn-me-by-Wi-Fi bug in Microsoft Windows Patch Tuesday Redmond splats dozens of bugs as does Adobe while Arm drivers and PHP under active attack CSO12 Jun 2024 | 7
Snowflake customers not using MFA are not unique – over 165 of them have been compromised Mandiant warns criminal gang UNC5537, which may be friendly with Scattered Spider, is on the rampage Security11 Jun 2024 | 13
Uber ex-CSO Joe Sullivan: We need security leaders running to work, not giving up Interview Lessons learned from the infosec chief convicted and punished for covering up theft of data from taxi app maker CSO08 Jun 2024 | 32
New York Times source code leaks online via 4chan Updated Breaking breaking-news news Cyber-crime07 Jun 2024 | 43
FCC takes some action against notorious BGP How's your RPKI-based security plan coming along? Feds want to know Networks07 Jun 2024 | 9
Defiant Microsoft pushes ahead with controversial Recall – tho as an opt-in Windows maker acknowledges 'clear signal' from everyone, then mostly ignores it OSes07 Jun 2024 | 82
Russian hacktivists vow mass attacks against EU elections But do they get to wear 'I DDoSed' stickers? Cyber-crime07 Jun 2024 | 56
Spam blocklist SORBS closed by its owner, Proofpoint Exclusive Spammers will probably bid to buy it, so community is trying to find a better home for decades-old service Security07 Jun 2024 | 60
POC exploit code published for 9.8-rated Apache HugeGraph RCE flaw You upgraded when this was fixed in April, right? Right?? Security07 Jun 2024 | 2
DuckDuckGo AI Chat promises privacy for bot conversations There's also an off switch AI + ML06 Jun 2024 | 16
AI PCs might solve a real problem: The 'friction' that sees users ignore security Computex Trend Micro says cloudy email scans trigger GDPR warnings that deter users. Local models that use NPUs don't AI + ML06 Jun 2024 | 17
Microsoft shows venerable and vulnerable NTLM security protocol the door Time to get moving if you still rely on this deprecated feature Security06 Jun 2024 | 17
Microsoft Research chief scientist has no issue with Windows Recall As tool emerges to probe OS feature's SQLite-based store of user activities OSes06 Jun 2024 | 114
TikTok confirms CNN, other high-profile accounts hijacked via zero-day vulnerability Beware of zero-click malware sliding into your DMs Cyber-crime05 Jun 2024 | 13
What is RansomHub? Looks like a Knight ransomware reboot Malware code potentially sold off, tweaked, back at it infecting victims Malware Month05 Jun 2024 | 1
Microsoft paid Tenable a bug bounty for an Azure flaw it says doesn't need a fix, just better documentation Let customers interfere with other tenants? That's our cloud working by design, Redmond seems to say CSO05 Jun 2024 | 9
Pentagon 'doubling down' on Microsoft despite 'massive hack,' senators complain Meanwhile Mr Smith goes to Washington to testify before Congress Public Sector04 Jun 2024 | 5
Hudson Rock yanks report fingering Snowflake employee creds snafu for mega-leak Analysis Cloud storage giant lawyers up against infosec house Cyber-crime04 Jun 2024 | 18
Crooks threaten to leak 3B personal records 'stolen from background check firm' Turns out opting out actually works? Cyber-crime03 Jun 2024 | 31
Twitter 'supersharers' of fake news tend to be older Republican women Tiny percentage of users make X miss the spot Personal Tech01 Jun 2024 | 210
Google to push ahead with Chrome's ad-blocker extension overhaul in earnest Starting Monday, users will gradually be warned the end is near Applications31 May 2024 | 77
FlyingYeti phishing crew grounded after abominable Ukraine attacks Kremlin-aligned gang used Cloudflare and GitHub resources, and they didn't like that one bit Cyber-crime31 May 2024 | 1
Mystery miscreant remotely bricked 600,000 SOHO routers with malicious firmware update Source and motive of 'Pumpkin Eclipse' assault unknown Security31 May 2024 | 29
OpenAI is very smug after thwarting five ineffective AI covert influence ops That said, use of generative ML to sway public opinion may not always be weak sauce AI + ML30 May 2024 | 11
IBM spin-off Kyndryl accused of discriminating on basis of age, race, disability Exclusive Five current and former employees file formal charges with US employment watchdog CSO30 May 2024 | 18
Miscreants claim they've snatched 560M people's info from Ticketmaster Updated All that data allegedly going for a song on revived BreachForums Cyber-crime29 May 2024 | 26