Viry a Červi
US lawmakers press Trump admin to oppose UK's order for Apple iCloud backdoor
US lawmakers want newly confirmed Director of National Intelligence Tulsi Gabbard to back up her tough talk on backdoors. They're urging her to push back on the UK government's reported order for Apple to weaken iCloud security for government access.…
North Korea targets crypto developers via NPM supply chain attack
North Korea has changed tack: its latest campaign targets the NPM registry and owners of Exodus and Atomic cryptocurrency wallets.…
Mysterious Palo Alto firewall reboots? You're not alone
Administrators of Palo Alto Networks' firewalls have complained the equipment falls over unexpectedly, and while a fix has bee prepared, it's not yet generally available.…
Have I Been Pwned likely to ban resellers from buying subs, citing 'sh*tty behavior' and onerous support requests
Troy Hunt, proprietor of data breach lookup site Have I Been Pwned, is likely to ban resellers from the service.…
Feds want devs to stop coding 'unforgivable' buffer overflow vulnerabilities
US authorities have labelled buffer overflow vulnerabilities "unforgivable defects”, pointed to the presence of the holes in products from the likes of Microsoft and VMware, and urged all software developers to adopt secure-by-design practices to avoid creating more of them.…
Sophos sheds 6% of staff after swallowing Secureworks
Nine days after completing its $859 million acquisition of managed detection and response provider Secureworks, Sophos has laid off around six percent of its staff.…
Trump’s cyber chief pick has little experience in The Cyber
President Trump has reportedly chosen a candidate for National Cyber Director — another top tech appointee with no professional experience in that role.…
Arizona laptop farmer pleads guilty for funneling $17M to Kim Jong Un
An Arizona woman who created a "laptop farm" in her home to help fake IT workers pose as US-based employees has pleaded guilty in a scheme that generated over $17 million for herself... and North Korea.…
Ransomware isn't always about the money: Government spies have objectives, too
Feature Ransomware gangsters and state-sponsored online spies fall on opposite ends of the cyber-crime spectrum.…
Russia's Sandworm caught snarfing credentials, data from American and Brit orgs
An initial-access subgroup of Russia's Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing credentials and data from "a limited number of organizations," according to Microsoft.…
Crimelords and spies for rogue states are working together, says Google
Google says the the world's lawmakers must take action against the increasing links between criminal and state-sponsored cyber activity.…
February's Patch Tuesday sees Microsoft offer just 63 fixes
Patch Tuesday Microsoft’s February patch collection is mercifully smaller than January’s mega-dump. But don't get too relaxed – some deserve close attention, and other vendors have stepped in with plenty more fixes.…
Probe finds US Coast Guard has left maritime cybersecurity adrift
Despite the escalating cyber threats targeting America's maritime transportation system, the US Coast Guard still lacks a comprehensive strategy to secure this critical infrastructure - nor does it have reliable access to data on cybersecurity vulnerabilities and past attacks, the Government Accountability Office (GAO) warns.…
Yup, AMD's Elba and Giglio definitely sound like they work corporate security
Cisco is cramming into more of its switches Pensando data processing units (DPUs) from AMD, which will be dedicated to handling security, storage, and other tasks.…
'Key kernel maintainers' still back Rust in the Linux kernel, despite the doubters
The Rust for Linux project is alive and well, despite suggestions to the contrary, even if not every Linux kernel maintainer is an ally.…
Triplestrength hits victims with triple trouble: Ransomware, cloud hijacks, crypto-mining
A previously unknown gang dubbed Triplestrength poses a triple threat to organizations: It infects victims' computers with ransomware, and also hijacks their cloud accounts to illegally mine for cryptocurrency.…
UK, US, Oz blast holes in LockBit's bulletproof hosting provider Zservers
One of the bulletproof hosting (BPH) providers used by the LockBit ransomware operation has been hit with sanctions in the US, UK, and Australia (AUKUS), along with six of its key allies.…
Man who SIM-swapped the SEC's X account pleads guilty
An Alabama man is pleading guilty after being charged with SIM swapping the Securities and Exchange Commission's (SEC) X account in January last year.…
I'm a security expert, and I almost fell for a North Korea-style deepfake job applicant …Twice
Twice, over the past two months, Dawid Moczadło has interviewed purported job seekers only to discover that these "software developers" were scammers using AI-based tools — likely to get hired at a security company also using artificial intelligence, and then steal source code or other sensitive IP.…
Apple warns 'extremely sophisticated attack' may be targeting iThings
Apple has warned that some iPhones and iPads may have been targeted by an “extremely sophisticated attack” and has posted patches that hopefully prevent it.…
