15 Jul

Google reportedly in talks to buy infosec outfit Wiz for $23 billion

Ask any techie to name who leads the market for OSes, databases, networks or ERP and the answers are clear: Microsoft, Oracle, Cisco, and SAP.

Author rabih
15 Jul

I spy another mSpy breach: Millions more stalkerware buyers exposed

Infosec in brief Commercial spyware maker mSpy has been breached – again – and millions of purchasers can be identified from the spilled records. mSpy

Author rabih
15 Jul

UK cyber-boss slams China’s bug-hoarding laws

ASIA IN BRIEF The interim CEO of the UK’s National Cyber Security Centre (NCSC) has criticized China’s approach to bug reporting. In a (paywalled) interview

Author rabih
13 Jul

Three words to send a chill down your spine: Snowflake. Intrusion. Alert

Kettle For this week’s Kettle episode, in which our journos as usual get together for an end-of-week chat about the news, it’s security, security, security.

Author rabih
13 Jul

Call, text logs for 110M AT&T customers stolen from compromised cloud storage

AT&T has admitted that cyberattackers grabbed a load of its data for the second time this year, and if you think the first haul was

Author rabih
13 Jul

Car dealer software slinger CDK Global said to have paid $25M ransom after cyberattack

CDK Global reportedly paid a $25 million ransom in Bitcoin after its servers were knocked offline by crippling ransomware. Last week, CDK restored services to

Author rabih
12 Jul

White House urged to double check Microsoft isn’t funneling AI to China via G42 deal

Two House committee chairs have sent a public letter to the White House asking it to look into a deal between AI R&D outfit G42

Author rabih
12 Jul

CISA broke into a US federal agency, and no one noticed for a full 5 months

The US Cybersecurity and Infrastructure Security Agency (CISA) says a red team exercise at a certain unnamed federal agency in 2023 revealed a string of

Author rabih
12 Jul

Identity: the new security perimeter

Webinar Threat actors are always looking for that easy way in by testing weak spots, and user identities are one of their favourite targets. Multi

Author rabih
12 Jul

Break-in at ‘third-party cloud platform’ leaked 110M customer records, says AT&T

AT&T has admitted that cyberattackers grabbed a load of its data for the second time this year, and if you think the first haul was

Author rabih
12 Jul

Should ransomware payments be banned? – Week in security with Tony Anscombe

Video The issue of whether to ban ransomware payments is a hotly debated topic in cybersecurity and policy circles. What are the implications of outlawing

Author rabih
12 Jul

Singapore’s banks to ditch texted one-time passwords

After around two decades of allowing one-time passwords (OTPs) delivered by text message to assist log ins to bank accounts in Singapore, the city-state will

Author rabih
12 Jul

China’s APT41 crew adds a stealthy malware loader and fresh backdoor to its toolbox

Chinese government-backed cyber espionage gang APT41 has very likely added a loader dubbed DodgeBox and a backdoor named MoonWalk to its malware toolbox, according to

Author rabih
12 Jul

‘Gay furry hackers’ say they’ve disbanded after raiding Project 2025’s Heritage Foundation

After claiming to break into a database belonging to The Heritage Foundation, and then leaking 2GB of files belonging to the ultra-conservative think tank, the

Author rabih
11 Jul

You had a year to patch this Veeam flaw – and now it’s going to hurt some more

Yet another new ransomware gang, this one dubbed EstateRansomware, is now exploiting a Veeam vulnerability that was patched more than a year ago to deploy

Author rabih
11 Jul

OpenSSH bug leaves RHEL 9 and the RHELatives vulnerable

The founder of Openwall has discovered a new signal handler race condition in the core sshd daemon used in RHEL 9.x and its various offshoots.

Author rabih
11 Jul

Advance Auto Parts: 2.3M people’s data accessed when crims broke into our Snowflake account

Advance Auto Parts’ CISO just revealed for the first time the number of individuals affected when criminals broke into its Snowflake instance – a hefty

Author rabih
11 Jul

Privacy expert put away for 9 years after ‘grotesque’ cyberstalking campaign

A scumbag who used to work as a privacy consultant has been put behind bars for nine years for a “grotesque” cyberstalking campaign against more

Author rabih
Load moreLoadingAll items loaded