15 Jan

Crypto klepto North Korea stole $659M over just 5 heists last year

North Korean blockchain bandits stole more than half a billion dollars in cryptocurrency in 2024 alone, the US, Japan, and South Korea say. The sum

Author rabih
15 Jan

Cybersecurity and AI: What does 2025 have in store?

Digital Security In the hands of malicious actors, AI tools can enhance the scale and severity of all manner of scams, disinformation campaigns and other

Author rabih
15 Jan

Microsoft fixes under-attack privilege-escalation holes in Hyper-V

Patch Tuesday The first Patch Tuesday of 2025 has seen Microsoft address three under-attack privilege-escalation flaws in its Hyper-V hypervisor, plus plenty more problems that

Author rabih
14 Jan

FBI wipes Chinese PlugX malware from thousands of Windows PCs in America

The FBI, working with French cops, obtained nine warrants to remotely wipe PlugX malware from thousands of Windows-based computers that had been infected by Chinese

Author rabih
14 Jan

Snyk appears to deploy ‘malicious’ packages targeting Cursor for unknown reason

Developer security company Snyk is at the center of allegations concerning the possible targeting or testing of Cursor, an AI code editor company, using “malicious”

Author rabih
14 Jan

It’s not just Big Tech: The UK’s Online Safety Act applies across the board

Analysis A little more than two months out from its first legal deadline, the UK’s Online Safety Act is causing concern among smaller online forums

Author rabih
14 Jan

UK floats ransomware payout ban for public sector

A total ban on ransomware payments across the public sector might actually happen after the UK government opened a consultation on how to combat the

Author rabih
14 Jan

Protecting children online: Where Florida’s new law falls short

Kids Online Some of the state’s new child safety law can be easily circumvented. Should it have gone further? Tony Anscombe 14 Jan 2025  • 

Author rabih
14 Jan

Miscreants ‘mass exploited’ Fortinet firewalls, ‘highly probable’ zero-day used

Miscreants running a “mass exploitation campaign” against Fortinet firewalls, which peaked in December, may be using an unpatched zero-day vulnerability to compromise the equipment, according

Author rabih
13 Jan

Cryptojacking, backdoors abound as fiends abuse Aviatrix Controller bug

“Several cloud deployments” are already compromised following the disclosure of the maximum-severity vulnerability in Aviatrix Controller, researchers say. CVE-2024-50603 leads to remote code execution (RCE)

Author rabih
13 Jan

Microsoft sues ‘foreign-based’ cyber-crooks, seizes sites used to abuse AI

Microsoft has sued a group of unnamed cybercriminals who developed tools to bypass safety guardrails in its generative AI tools. The tools were used to

Author rabih
13 Jan

Azure, Microsoft 365 MFA outage locks out users across regions

Microsoft’s multi-factor authentication (MFA) for Azure and Microsoft 365 (M365) was offline for four hours during Monday’s busy start for European subscribers. “Multi-Factor Authentication (MFA)

Author rabih
13 Jan

NATO’s newest member comes out swinging following latest Baltic Sea cable attack

Sweden has committed to sending naval forces into the Baltic Sea following yet another suspected Russian attack on underwater cables in the region. The deployment

Author rabih
13 Jan

Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days

A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant’s own server-side encryption with customer provided keys (SSE-C) to lock

Author rabih
13 Jan

Nominet probes network intrusion linked to Ivanti zero-day exploit

UK domain registrar Nominet is investigating a potential intrusion into its network related to the latest Ivanti zero-day exploits. Nominet told customers via an email

Author rabih
13 Jan

Europe coughs up €400 to punter after breaking its own GDPR data protection rules

Infosec in brief Gravy Analytics, a vendor of location intelligence info for marketers which reached a settlement with US authorities last year over its alleged

Author rabih
10 Jan

Chinese cyber-spies peek over shoulder of officials probing real-estate deals near American military bases

Chinese cyber-spies who broke into the US Treasury Department also stole documents from officials investigating real-estate sales near American military bases, it’s reported. Citing three

Author rabih
10 Jan

Drug addiction treatment service admits attackers stole sensitive patient data

BayMark Health Services, one of the biggest drug addiction treatment facilities in the US, says it is notifying some patients this week that their sensitive

Author rabih
Load moreLoadingAll items loaded