Viry a Červi

DoJ thinks it's found the folks that ran it, and some of the 'IT warriors' sent out to fleece employers

North Korea's fake IT worker scams netted the hermit kingdom $88 million over six years, according to the US Department of Justice, which thinks it's found the people who run them.…

More details released after devs allowed weeks to apply fixes

We now know the remote code execution vulnerability in Apache Struts 2 disclosed back in November carries a near-maximum severity rating following the publication of the CVE.…

Holiday cheer comes in the form of three arrests and 27 shuttered domains

The Europol-coordinated Operation PowerOFF struck again this week as cross-border cops pulled the plug on 27 more domains tied to distributed denial of service (DDoS) criminality.…

High-energy weapon proves its mettle in testing

The British Army has successfully destroyed flying drones for the first time using a high-energy laser mounted on an armored vehicle. If perfected, the technology could form an effective counter-measure against drone attacks.…

Few websites actually respect the option, says Mozilla

When Firefox 135 is released in February, it'll ship with one less feature: Mozilla plans to remove the Do Not Track toggle from its Privacy and Security settings. …

Acquires two companies that help those on the nice list keep naughty list types at bay

Citrix has gone on a European shopping trip, and come home with its bag of gifts bulging thanks to a pair of major buys: infosec outfits deviceTRUST and Strong Network.…

Sen. Wyden blasts FCC's 'failure' amid Salt Typhoon hacks

US telecoms carriers would be required to implement minimum cyber security standards and ensure their systems are not susceptible to hacks by nation-state attackers – like Salt Typhoon – under legislation proposed by senator Ron Wyden (D-OR).…

Belly-busting biz says it's been hit by cowardly custards

Doughnut slinger Krispy Kreme has admitted to an attack that has left many customers unable to order online.…

Patch up, everyone – that admin portal is mighty attractive to your friendly cyberattacker

Ivanti just put out a security advisory warning of three critical vulnerabilities in its Cloud Services Application (CSA), including a perfect 10.…

Also sanctions his employer – an outfit called Sichuan Silence linked to Ragnarok ransomware

The US Departments of Treasury and Justice have named a Chinese business and one of its employees as the actors behind the 2020 exploit of a zero-day flaw in Sophos firewalls…

Twas the night before Christmas, and all through the house, patching was done with the click of a mouse

Patch Tuesday  Microsoft hasn't added too much coal to the stocking this Patch Tuesday, with just 72 fixes, only one of which scored more than nine on the CVSS threat ranking scale.…

Boeing-Bell V-22 can't outfly its checkered past, it seems

The US Navy, Air Force, and Marine Corps have grounded their fleet of Boeing-Bell-made Osprey V-22s on safety grounds.…

Boffins devise BadRAM attack to pilfer secrets from SEV-SNP encrypted memory

Researchers have found that the security mechanism AMD uses to protect virtual machine memory can be bypassed with $10 of hardware – and perhaps not even that.…

Thousands of servers targeted while customers wait for patches

Researchers at security shop Huntress are seeing mass exploitation of a vulnerability affecting three Cleo file management products, even on patched systems.…

Sounds like th-aorta get this sorted quickly

A manufacturer of devices used in heart surgeries says it's dealing with "a cybersecurity incident" that bears all the hallmarks of a ransomware attack.…

Streamer's trademark dramatic style takes on Bitcoin Bonnie and Clyde

A documentary examining the 2016 Bitfinex burglars hits Netflix, bringing the curious case to living rooms for the first time.…

And it only took four months, tut

WhatsApp has fixed a problem with its View Once feature, designed to protect people's privacy with automatically disappearing pictures and videos.…

McDonald's worker called it in, cops swooped, found 'gun, suppressor, manifesto'

Police in Pennsylvania have arrested a man suspected of shooting dead the CEO of insurer UnitedHealthcare in New York City, thanks to a McDonald's employee who recognized the suspect in a burger joint – and largely without help from technology.…

No word yet on who was snooped on. Any bets?

Chinese cyberspies recorded "very senior" US political figures' calls, according to White House security boss Anne Neuberger.…

ShinyHunters-linked heist thought to have been ongoing since March

Exclusive  A massive online heist targeting AWS customers during which digital crooks abused misconfigurations in public websites and stole source code, thousands of credentials, and other secrets remains "ongoing to this day," according to security researchers.…