Viry a Červi
Iran cyberattacks against US biz more likely following air strikes
The US Department of Homeland Security has warned American businesses to guard their networks against Iranian government-sponsored cyberattacks along with "low-level" digital intrusions by pro-Iran hacktivists.…
Second attack on McLaren Health Care in a year affects 743k people
McLaren Health Care is in the process of writing to 743,131 individuals now that it fully understands the impact of its July 2024 cyberattack.…
Experts count staggering costs incurred by UK retail amid cyberattack hell
Britain's Cyber Monitoring Centre (CMC) estimates the total cost of the cyberattacks that crippled major UK retail organizations recently could be in the region of £270-440 million ($362-591 million).…
Former US Army Sergeant pleads guilty after amateurish attempt at selling secrets to China
Infosec in brief A former US Army sergeant has admitted he attempted to sell classified data to China.…
Netflix, Apple, BofA websites hijacked with fake help-desk numbers
Scammers are hijacking the search results of people needing 24/7 support from Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal in an attempt to trick victims into handing over personal or financial info, according to Malwarebytes senior director of research Jérôme Segura.…
Looks like Aflac is the latest insurance giant snagged in Scattered Spider’s web
Aflac is the latest insurance company to disclose a security breach following a string of others earlier this week, all of which appear to be part of Scattered Spider's most recent data theft campaign.…
Qilin ransomware top dogs treat their minions to on-call lawyers for fierier negotiations
The latest marketing ploy from the ransomware crooks behind the Qilin operation involves offering affiliates access to a crack team of lawyers to ramp up pressure in ransom negotiations.…
Attack on Oxford City Council exposes 21 years of election worker data
Oxford City Council says a cyberattack earlier this month resulted in 21 years of data being compromised.…
Boffins devise voice-altering tech to jam 'vishing' schemes
Researchers based in Israel and India have developed a defense against automated call scams.…
Uncle Sam seeks time in tower dump data grab case after judge calls it 'unconstitutional'
The United States is requesting [PDF] a month-long extension to the deadline for its final decision regarding an appeal against a judge's ruling that obtaining tower dumps is unconstitutional.…
Glazed and confused: Hole lotta highly sensitive data nicked from Krispy Kreme
Krispy Kreme finally revealed the number of people affected by its November cyberattack, and it's easy to see why analyzing the incident took the well-resourced company several months.…
UK gov asks university boffins to pinpoint cyber growth areas where it should splash cash
Cybersecurity experts have started a formal review into the UK cybersecurity market, at the government's request, to identify future growth opportunities as it looks to grow the industry that's core to the country's Industrial Strategy.…
Sneaky Serpentine#Cloud slithers through Cloudflare tunnels to inject orgs with Python-based malware
A sneaky malware campaign slithers through Cloudflare tunnel subdomains to execute in-memory malicious code and give unknown attackers long-term access to pwned machines.…
Iran’s internet goes offline for hours amid claims of ‘enemy abuse’
The government of Iran appears to have shut down the internet within its borders, perhaps in response to Israel-linked cyberattacks.…
Minecraft cheaters never win ... but they may get malware
Trojanized Minecraft cheat tools hosted on GitHub have secretly installed stealers that siphon credentials, crypto wallets, and other sensitive data when executed by players.…
Asana's cutting-edge AI feature ran into a little data leakage problem
Asana has fixed a bug in its Model Context Protocol (MCP) server that could have allowed users to view other organizations' data, and the experimental feature is back up and running after nearly two weeks of downtime to fix the issue.…
Veeam patches third critical RCE bug in Backup & Replication in space of a year
Veeam Backup & Replication users are urged to apply the latest patches that fix another critical bug leading to remote code execution (RCE) on backup servers.…
How to bridge the MFA gap
Sponsored feature What do flossing and multi-factor authentication (MFA) have in common? Each is highly beneficial, yet far too few people do them consistently. MFA helps protect organizations from credential-based attacks, but according to the Cyber Readiness Institute, only 35% of businesses globally bother with it.…
Amazon CISO: Iranian hacking crews ‘on high alert’ since Israel attack
Interview Iran's state-sponsored cyber operatives and hacktivists have all increased their activities since the military conflict with Israel erupted last week – but not necessarily in the way that Amazon chief information security officer CJ Moses expected.…
Trump administration set to waive TikTok sell-or-die deadline for a third time
The Trump administration is set to again waive the 2024 law that requires the made-in-China social network TikTok to either sell its US operations to a local company or stop operating on US soil.…
